| JSView Get straight access to scripts and stylesheets included in the current web page. View the source code external stylesheets and javascripts. |
| Firebug Edit, debug, and monitor CSS, HTML, and JavaScript live in any web page. |
| HTTP Fox A built in local proxy for analyzing traffic. |
| FoxyProxy A proxy management tool with ability to switch between multiple proxies with few clicks. |
| Proxy Tool A proxy management tool with lots of additional features to enahnce the privacy. |
| FireFTP FTP/SFTP Client which provides intuitive access to FTP/SFTP servers. |
| SQLite Manager Manage any SQLite database on your computer. |
| FireSSH SSH Client. |
| DNS Cache Allows you to disable and enable the DNS Cache of Firefox. |
| HTTP Fox Monitors and analyzes all incoming and outgoing HTTP traffic between the browser and the web servers. |
| Greasemonkey Customize the way webpages look and function. A userscript manager for Firefox. |
| Greasefire Automatically finds Greasemonkey scripts on Userscripts.org. |
| CacheToggle Disable and optionally clear the browser cache with the flick of a switch. |
| URL Flipper Easily increment or decrement a portion of a URL without having to manually edit the text in the Location Bar. |
| Event Spy DOM Event spy addon. Lets you watch JavaScript events as they occur. |
| Stacked Inspector Switch DOM Inspector to an over/under vertical layout instead of the usual side-by-side panel layout. |
| Scriptish The greatest user script engine on the Internet (a fork of Greasemonkey). |
| Session Manager Session Manager saves and restores the state of all windows. It can also automatically save the state of open windows individually. |
| Fire Encrypter Encrypt, decrypt and hashing functions utility. |
| DownThemAll An easy to use and fucntional download manager. |
| Websecurify Websecurify is a powerful, cross-platform web security testing technology designed from the ground up with simplicity in mind. |
| Ra.2 Blackbox DOM-based XSS Scanner. |
| Ref Spoof Easy spoofing of the URL referer (referrer) featuring a toolbar. |
| NoRedirect Take control of web page redirects for fun and profit. |
| Flagfox Displays a flag icon indicating the current webserver's physical location with many additional features. |
| JSView Get straight access to scripts and stylesheets included in the current web page. |
| PassiveRecon Perform passive discovery of target resources utilizing publicly available information. |
| Wappalyzer Uncovers underlying technologies used on websites like CMS, e-commerce systems, JavaScript frameworks, analytics tools etc.. |
| View Dependencies Shows you all the files which were loaded to show the current page. |
| Link Sidebar View, search and test hyperlinks in a web page. |
| Hackbar Simple security audit / Penetration test tool. |
| RESTClient Visit and test RESTful/WebDav services. |
| Tamper Data Use tamperdata to view and modify HTTP/HTTPS headers and post parameters. |
| Live HTTP Headers View HTTP headers of a page and while browsing. |
| RefControl Control what gets sent as the HTTP Referer on a per-site basis. |
| User Agent Switcher Various web developer tools on browser. |
| Web Developer Various web developer tools on browser. |
| DOM Inspector Inspect and edit the live DOM of any web document or XUL application. |
| Inspect This Inspect the current element with the DOM Inspector. |
| Form Fox Displays the form action, the site to which the information you've entered is being sent. |
| SQL Inject Me Test for SQL injection vulnerabilities which can cause a lot of damage to a web application. |
| XSS Me Test for XSS vulnerabilities which can cause a lot of damage to a web application. |
| Cookies Manager+ View, edit and create cookies. |
| Firecookie View and manage cookies. |
| Autofill Forms Autofill Forms enables you to fill out web forms with one click or a keyboard shortcut. |
| Cookie Monster Cookie Monster provides proactive cookie management on a site or domain level basis, including 3rd party cookies. |
| Fireforce Brute-force attacks on GET or POST forms. |
| Groundspeed Groundspeed is an add-on that allows security testers to manipulate the application user interface to eliminate annoying limitations and client-side controls that interfere with the web application penetration tests. |
| Http Requester A tool for easily making HTTP requests (GET/PUT/POST/DELETE), viewing the responses, and keeping a history of transactions. |
| Modify Headers Add, modify and filter the HTTP request headers sent to web servers. This addon is particularly useful for Mobile web development, HTTP testing and privacy. |
| Poster A developer tool for interacting with web services and other web resources that lets you make HTTP requests, set the entity body, and content type. |
OWASP Mantra is a powerful set of tools to make the attacker's task easier and the integration of FireCAT makes it more accessible.
You can also always suggest any tools/ scripts that you would like see in the next release.