Firefox is a free and open source web browser developed for Windows, OS X and Linux, with a mobile version for Android, by the Mozilla Foundation. [1]It is the second most used web browser according to w3schools. [2]Figure 1.1 Browser usage statistics as of January/February 2014One thing that makes Firefox popular is its massive and ever-growing collection of add-ons. Add-ons are small pieces of software that add new features to Firefox. Add-ons can enrich Firefox with new features, foreign language dictionaries, or change its visual appearance. [3]With add-ons, you can fully customize your browser to meet your needs. There are several types of add-ons that customize Firefox in different ways: Extensions add new features to Firefox or modify existing features. There are extensions that allow you to block ads, download videos from websites, integrate more closely with social websites, and add features you see in other apps. Full themes change the entire appearance of Firefox, typically including icons, colors, dialog boxes, and other visual styles. Themes are lightweight themes that use background images to personalize your toolbars. Firefox tools. Search providers add additional choices to the search box drop-down list. These providers allow you to quickly search any website. Dictionaries and language packs add support for additional languages ​​to Firefox. Plugins help Firefox display or understand different types of media, such as Adobe Flash or Apple QuickTime. [3] Although add-ons improve the quality of the browser, they come with their own vulnerabilities that can and have been exploited. Add-on vulnerabilities can be exploited by attackers. Even some well-written extensions can be...... middle of paper ......tings in about:config4.4 Password Stealer Prevention Do not run Firefox from a privileged root account if you are using Linux. Because then the passwd and shadow files will not be accessible through the local user.Chapter 5ConclusionIn this report, the security of add-ons in Firefox has been analyzed by the practical implementation of add-ons in javascript and XUL. These add-ons successfully bypassed Firefox's security mechanisms. Then some prevention techniques and safe practices were discussed, which would help normal lay users to counter these threats to a great extent. I hope Firefox will offer more security features, especially sandboxing, because now all its rival browsers like Chrome and IE have it. Until then, be careful what you install on your browser. References[3] https://addons.mozilla.org/en-US/faq