EXTPUBLIC.COM
Home
HackBar

#4.24 / 51 rate

HackBar

70,000 users

2020-05-29

0140454

[email protected]

Extension Information

5 star
69%
4 star
11%
3 star
4%
2 star
2%
1 star
14%

Supported Languages

Permissions

Hot Permissions

Description

A browser extension for Penetration Testing

## Contributor

- 0140454
- GitHub: https://github.com/0140454
- lebr0nli
- GitHub: https://github.com/lebr0nli
- boylin0
- GitHub: https://github.com/boylin0
- HSwift
- GitHub: https://github.com/HSwift

## How to open it?

1. Open "Developer tools" (Press F12 or Ctrl+Shift+I)
2. Switch to "HackBar" tab
3. Enjoy it

## Features

* Load
* From tab (default)
* From cURL command

* Supported
* HTTP methods
* GET
* POST
* application/x-www-form-urlencoded
* multipart/form-data
* application/json
* Request editing mode
* Basic
* Raw
* Custom payload
* For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md

* Auto Test
* Common paths (Wordlist from dirsearch included)

* SQLi
* Dump all database names (MySQL, PostgreSQL)
* Dump tables from database (MySQL, PostgreSQL)
* Dump columns from database (MySQL, PostgreSQL)
* Union select statement (MySQL, PostgreSQL)
* Error-based injection statement (MySQL, PostgreSQL)
* Dump in one shot payload (MySQL)
* Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
* Dump current query payload (MySQL)
* Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
* Space to Inline comment

* XSS
* Vue.js XSS payloads
* Angular.js XSS payloads for strict CSP
* Some snippets for CTF
* Html encode/decode with hex/dec/entity name
* String.fromCharCode encode/decode

* LFI
* PHP wrapper - Base64

* SSRF
* AWS - IAM role name

* SSTI
* Jinja2 SSTI
* Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469
* Java SSTI

* Shell
* Python reverse shell cheatsheet
* bash reverse shell cheatsheet
* nc reverse shell cheatsheet
* php reverse shell/web shell cheatsheet

* Encoding
* URL encode/decode
* Base64 encode/decode
* Hexadecimal encode/decode
* Unicode encode/decode
* Escape ASCII to hex/oct format

* Hashing
* MD5
* SHA1
* SHA256
* SHA384
* SHA512

## Shortcuts

* Load
* Default: Alt + A

* Split
* Default: Alt + S

* Execute
* Default: Alt + X

* Switch request editing mode
* Default: Alt + M

## Third-party Libraries

For more information, please visit https://github.com/0140454/hackbar#third-party-libraries

Reviews

seb hetherton
seb hetherton

your gay

zz y
zz y

nice good

Raffi Maulana Hadi
Raffi Maulana Hadi

Sangat bermanfaat untuk melakukan pengujian keamanan pada website

Similar extensions

Hack-Tools
Hack-Tools

Ludovic COULON & Riadh BOUCHAHOUA

OWASP Penetration Testing Kit
OWASP Penetration Testing Kit

https://pentestkit.co.uk

Port Checker Tool
Port Checker Tool

https://portscaner.ru

XSS
XSS

totofish2021

XSS辅助工具
XSS辅助工具

FindSomething
FindSomething

ResidualLaugh

X情报查询助手
X情报查询助手

threatbook

YesWeHack VDP Finder
YesWeHack VDP Finder

acc+browserext

FOFA Pro View
FOFA Pro View

r4v3zn

CounterXSS
CounterXSS

playarun93

HackBar
HackBar

SecuriTeam

ZoomEye Tools
ZoomEye Tools

knownseczoomeye