OSI Model for PenTest by Libor Benes (Dr. B)

OSI Model for PenTest brings a complete, structured penetration testing reference directly into your Firefox desktop sidebar. Every one of the seven OSI layers is presented side by side — protocols, devices, frame structures, vulnerabilities, and exploit tools — all in a single scrollable view.

Designed for security professionals, CTF players, and students who need fast, authoritative recall without leaving their browser.

🏛️ About the OSI Model in PenTesting:
The OSI (Open Systems Interconnection) model divides network communication into seven distinct layers, each with its own protocols, hardware, and — critically for pentesters — its own attack surface.

📐Desktop Sidebar Design:
OSI Model for PenTest is a persistent Firefox sidebar — always available alongside any tab you are working in.

Column and Contents:
Layer:
• Layer number (1–7), name, and PDU type.
• Click to collapse/expand the row.

PDU/Frame:
• Protocol Data Unit name and a compact description of the frame or encoding structure for that layer.

Protocols:
• All major protocols operating at this layer, shown as filterable chips. Vendor-specific protocols are highlighted in orange with a badge (e.g. [Cisco], [Wi-Fi], [AD]).

Devices/Components:
• Hardware and software components that operate primarily at this layer.

Vulnerabilities:
• The attack vectors, CVE classes, and design weaknesses exploitable at this layer.
• Platform-specific entries carry a vendor badge.

Exploits/Tools:
• Named tools and proof-of-concept frameworks, with a short description of what each does.

⚙️ How It Works — 100% Client-Side:
The extension runs entirely within your browser. No servers, no accounts, no data collection of any kind. All content is static JavaScript loaded from the extension package. Nothing is ever sent anywhere. Closing the sidebar resets nothing — the reference data is always there.

📊 What You See:
🟥 Layer 1 — Physical
Red neon accent
Raw signal attacks, hardware implants, RF/optical taps.
🟧 Layer 2 — Data Link
Orange
ARP spoofing, MAC flooding, VLAN hopping, Wi-Fi attacks.
🟨 Layer 3 — Network
Yellow
IP spoofing, routing injection, ICMP attacks, BGP hijacking.
🟩 Layer 4 — Transport
Green
SYN floods, RST injection, fragmentation evasion, port scanning.
🩵 Layer 5 — Session
Cyan
NTLM relay, session hijacking, NetBIOS/NBT-NS poisoning.
🟪 Layer 6 — Presentation
Purple
TLS/SSL attacks (BEAST, POODLE, Heartbleed), cipher weaknesses.
🩷 Layer 7 — Application
Pink/magenta
SQLi, XSS, SSRF, Kerberoasting, JWT attacks.
🟠 Vendor badge
Orange tag (e.g. [Cisco], [AD], [Wi-Fi]) — attack or tool is platform-specific.

🖥️ Features:
🔎 Live filter — Type in the search box to instantly highlight matching text across all layers. Matching layers display how many were found. Clear the box to return to the full view.

🔍 Magnifier — Click the 🔍 button in the toolbar to toggle the magnifier on (button glows green). While active, hovering over any cell item shows it enlarged in a floating tooltip. Click the button again to turn it off.

➕➖ Zoom — Use the − and + buttons in the toolbar (or Ctrl+− / Ctrl++ on the keyboard, Ctrl+0 to reset) to scale the entire table from 40% to 200%. The column headers always stay aligned with the table columns at any zoom level.

▲▲ ▼▼ Collapse / Expand — Click the ▲▲ button to collapse all layers to their header row only. Click ▼▼ to expand all. Individual layers can be collapsed by clicking their layer number cell.

📏 Horizontal scroll — The table is approximately 1,280 px wide at 100% zoom. Widen the Firefox sidebar by dragging its edge, or reduce zoom to fit more columns on screen. The column header row always stays anchored to the top and tracks horizontal scrolling.

🟠 Vendor badges — Any protocol, vulnerability, or exploit that is specific to a particular platform or vendor is marked with an orange badge: [Cisco], [AD] (Active Directory), [Wi-Fi], [Win] (Windows), [BT] (Bluetooth), [Cel] (Cellular), [ICS], [ISP], [Legacy], etc.

🔒 100% Client-Side — No data collection, no telemetry, no tracking. Explicitly declared in manifest.json.

🎯 Target Audience:
• Penetration testers who want a fast layer-by-layer attack surface reference during engagements.
• Sysadmins and network engineers and researchers.
• CTF players building intuition for where to look when a service or protocol is in scope.
• Security students learning the relationship between OSI layers and real-world exploits.
• Developers reviewing their own stack for exposure across multiple layers.
• Red teamers planning multi-layer attack chains and needing to map tools to layers quickly.

🔒 Security-First Architecture:
✅ No data collection — Explicitly declared in manifest.json over data_collection_permissions: { required: ["none"] }.
✅ No telemetry — No analytics, no external pings, no network requests of any kind.
✅ No eval() — Safe, audited code meeting Firefox extension standards.
✅ No innerHTML — All DOM is built with safe methods exclusively.
✅ Input validation — Search input is sanitised and length-capped before use. No user input is ever inserted as markup.
✅ No permissions — The permissions array in manifest.json is empty. No host access, no tabs API, no storage API.
✅ No icons — The extension package contains no binary assets that could obscure content.
✅ Flat file structure — All files sit at the root of the package. No nested directories.

"Know the stack. Own the network."