HackBar

A browser extension for Penetration Testing

Co je HackBar?

HackBar je rozšíření Chrome vyvinuté 0140454, a jeho hlavní funkcí je „A browser extension for Penetration Testing“.

Snímky obrazovky rozšíření

screenshot
screenshot

Stáhnout soubor CRX rozšíření HackBar

Stáhněte si soubory rozšíření HackBar ve formátu crx, ručně nainstalujte rozšíření Chrome do prohlížeče nebo sdílejte soubory crx s přáteli, abyste jednoduše nainstalovali rozšíření Chrome.

Pokyny pro Použití Rozšíření

                        ## Contributor

- 0140454
  - GitHub: https://github.com/0140454
- lebr0nli
  - GitHub: https://github.com/lebr0nli
- boylin0
  - GitHub: https://github.com/boylin0
- HSwift
  - GitHub: https://github.com/HSwift

## How to open it?

1. Open "Developer tools" (Press F12 or Ctrl+Shift+I)
2. Switch to "HackBar" tab
3. Enjoy it

## Features

* Load
  * From tab (default)
  * From cURL command

* Supported
  * HTTP methods
    * GET
    * POST
      * application/x-www-form-urlencoded
      * multipart/form-data
      * application/json
  * Request editing mode
    * Basic
    * Raw
  * Custom payload
  * For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md

* Auto Test
  * Common paths (Wordlist from dirsearch included)

* SQLi
  * Dump all database names (MySQL, PostgreSQL)
  * Dump tables from database (MySQL, PostgreSQL)
  * Dump columns from database (MySQL, PostgreSQL)
  * Union select statement (MySQL, PostgreSQL)
  * Error-based injection statement (MySQL, PostgreSQL)
  * Dump in one shot payload (MySQL)
    * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
  * Dump current query payload (MySQL)
    * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
  * Space to Inline comment

* XSS
  * Vue.js XSS payloads
  * Angular.js XSS payloads for strict CSP
  * Some snippets for CTF
  * Html encode/decode with hex/dec/entity name
  * String.fromCharCode encode/decode

* LFI
  * PHP wrapper - Base64

* SSRF
  * AWS - IAM role name

* SSTI
  * Jinja2 SSTI
    * Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469
  * Java SSTI

* Shell
  * Python reverse shell cheatsheet
  * bash reverse shell cheatsheet
  * nc reverse shell cheatsheet
  * php reverse shell/web shell cheatsheet

* Encoding
  * URL encode/decode
  * Base64 encode/decode
  * Hexadecimal encode/decode
  * Unicode encode/decode
  * Escape ASCII to hex/oct format

* Hashing
  * MD5
  * SHA1
  * SHA256
  * SHA384
  * SHA512

## Shortcuts

* Load
  * Default: Alt + A

* Split
  * Default: Alt + S

* Execute
  * Default: Alt + X

* Switch request editing mode
  * Default: Alt + M

## Third-party Libraries

For more information, please visit https://github.com/0140454/hackbar#third-party-libraries

Základní Informace o Rozšíření

Název HackBar HackBar
ID ginpbkfigcoaokgflihfhhmglmbchinc
Oficiální URL https://chromewebstore.google.com/detail/hackbar/ginpbkfigcoaokgflihfhhmglmbchinc
Popis A browser extension for Penetration Testing
Velikost souboru 1.55 MB
Počet instalací 70,000
Aktuální Verze 1.2.4
Poslední Aktualizace 2024-02-26
Datum Vydání 2020-05-29
Hodnocení 4.17/5 Celkem 48 Hodnocení
Vývojář 0140454
E-mail [email protected]
Typ Platby free
Webové stránky Rozšíření https://github.com/0140454/hackbar
Podporované Jazyky en
manifest.json 
{
    "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
    "name": "HackBar",
    "version": "1.2.4",
    "description": "A browser extension for Penetration Testing",
    "devtools_page": "devtools.html",
    "icons": {
        "128": "icon.png"
    },
    "content_security_policy": {
        "extension_pages": "script-src 'self' 'wasm-unsafe-eval'; object-src 'self';"
    },
    "permissions": [
        "storage",
        "scripting",
        "webRequest",
        "declarativeNetRequest"
    ],
    "host_permissions": [
        "*:\/\/*\/*"
    ],
    "web_accessible_resources": [
        {
            "resources": [
                "payloads\/*"
            ],
            "matches": [
                "*:\/\/*\/*"
            ]
        }
    ],
    "commands": {
        "load_url": {
            "suggested_key": {
                "default": "Alt+A"
            },
            "description": "Trigger 'Load'"
        },
        "split_url": {
            "suggested_key": {
                "default": "Alt+S"
            },
            "description": "Trigger 'Split'"
        },
        "execute_url": {
            "suggested_key": {
                "default": "Alt+X"
            },
            "description": "Trigger 'Execute'"
        },
        "switch_mode": {
            "suggested_key": {
                "default": "Alt+M"
            },
            "description": "Switch between 'Basic' and 'Raw' mode"
        }
    },
    "manifest_version": 3,
    "background": {
        "service_worker": "background.js"
    },
    "minimum_chrome_version": "107"
}

Související Rozšíření

Hack-Tools
Hack-Tools
OWASP Penetration Testing Kit
OWASP Penetration Testing Kit
Port Checker Tool
Port Checker Tool
XSS
XSS
XSS辅助工具
XSS辅助工具
FindSomething
FindSomething
X情报查询助手
X情报查询助手
YesWeHack VDP Finder
YesWeHack VDP Finder
FOFA Pro View
FOFA Pro View
CounterXSS
CounterXSS
HackBar
HackBar
ZoomEye Tools
ZoomEye Tools