The Web Local





This tool is a small add-on extension for the mozilla browser, currently working on all versions of Firefox from 1.5 upwards.  It basically integrates mapping into the browser and enables the user with one-click to map and geo-locate any website they are currently viewing.  It ties in directly with Google maps and offers you the usual Google representation, a satellite or hybrid view.  It also allows a user to submit details of potential phishing sites anonymously. 


Why am I reviewing it you ask, this is not really a normal enumeration tool per say and I believe the project initially came about to provide alot more feedback to a user on where they are actually surfing and as an alert as to whether the site being surfed is bogus i.e a phishing site.  I believe though from a Penetration Testing and Vulnerability Analysis angle, the fact that it does a Whois lookup and shows you the resultant information alongside an actual map of where the server actually resides, (or potentially resides), according to these records could help in enumerating a web presence for a company/ site being tested.




Once the extension is installed, all the user needs to do is surf to a site, right click from within the browser or select tools and shazou and sample output like the one below is displayed with all relevant known information.


Shazou is available from here from the mozilla site or from here, the authors site.


Example output:



IT Security News:


Pen Testing Framework:


Latest Tool Reviews: