HackBar

A browser extension for Penetration Testing

O que é HackBar?

HackBar é uma extensão do Chrome desenvolvida por 0140454, e sua principal característica é "A browser extension for Penetration Testing".

Capturas de Tela da Extensão

screenshot
screenshot

Baixar o arquivo CRX da Extensão HackBar

Baixe arquivos de extensão HackBar no formato crx, instale manualmente as extensões do Chrome no navegador ou compartilhe os arquivos crx com amigos para instalar facilmente as extensões do Chrome.

Instruções de Uso da Extensão

                        ## Contributor

- 0140454
  - GitHub: https://github.com/0140454
- lebr0nli
  - GitHub: https://github.com/lebr0nli
- boylin0
  - GitHub: https://github.com/boylin0
- HSwift
  - GitHub: https://github.com/HSwift

## How to open it?

1. Open "Developer tools" (Press F12 or Ctrl+Shift+I)
2. Switch to "HackBar" tab
3. Enjoy it

## Features

* Load
  * From tab (default)
  * From cURL command

* Supported
  * HTTP methods
    * GET
    * POST
      * application/x-www-form-urlencoded
      * multipart/form-data
      * application/json
  * Request editing mode
    * Basic
    * Raw
  * Custom payload
  * For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md

* Auto Test
  * Common paths (Wordlist from dirsearch included)

* SQLi
  * Dump all database names (MySQL, PostgreSQL)
  * Dump tables from database (MySQL, PostgreSQL)
  * Dump columns from database (MySQL, PostgreSQL)
  * Union select statement (MySQL, PostgreSQL)
  * Error-based injection statement (MySQL, PostgreSQL)
  * Dump in one shot payload (MySQL)
    * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
  * Dump current query payload (MySQL)
    * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
  * Space to Inline comment

* XSS
  * Vue.js XSS payloads
  * Angular.js XSS payloads for strict CSP
  * Some snippets for CTF
  * Html encode/decode with hex/dec/entity name
  * String.fromCharCode encode/decode

* LFI
  * PHP wrapper - Base64

* SSRF
  * AWS - IAM role name

* SSTI
  * Jinja2 SSTI
    * Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469
  * Java SSTI

* Shell
  * Python reverse shell cheatsheet
  * bash reverse shell cheatsheet
  * nc reverse shell cheatsheet
  * php reverse shell/web shell cheatsheet

* Encoding
  * URL encode/decode
  * Base64 encode/decode
  * Hexadecimal encode/decode
  * Unicode encode/decode
  * Escape ASCII to hex/oct format

* Hashing
  * MD5
  * SHA1
  * SHA256
  * SHA384
  * SHA512

## Shortcuts

* Load
  * Default: Alt + A

* Split
  * Default: Alt + S

* Execute
  * Default: Alt + X

* Switch request editing mode
  * Default: Alt + M

## Third-party Libraries

For more information, please visit https://github.com/0140454/hackbar#third-party-libraries                    

Informações Básicas da Extensão

Nome HackBar HackBar
ID ginpbkfigcoaokgflihfhhmglmbchinc
URL Oficial https://chromewebstore.google.com/detail/hackbar/ginpbkfigcoaokgflihfhhmglmbchinc
Descrição A browser extension for Penetration Testing
Tamanho do Arquivo 1.55 MB
Contagem de Instalações 70,000
Versão Atual 1.2.4
Última Atualização 2024-02-26
Data de Publicação 2020-05-29
Classificação 4.17/5 Total de 48 Avaliações
Desenvolvedor 0140454
Email [email protected]
Tipo de Pagamento free
Site da Extensão https://github.com/0140454/hackbar
Idiomas Suportados en
manifest.json
{
    "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
    "name": "HackBar",
    "version": "1.2.4",
    "description": "A browser extension for Penetration Testing",
    "devtools_page": "devtools.html",
    "icons": {
        "128": "icon.png"
    },
    "content_security_policy": {
        "extension_pages": "script-src 'self' 'wasm-unsafe-eval'; object-src 'self';"
    },
    "permissions": [
        "storage",
        "scripting",
        "webRequest",
        "declarativeNetRequest"
    ],
    "host_permissions": [
        "*:\/\/*\/*"
    ],
    "web_accessible_resources": [
        {
            "resources": [
                "payloads\/*"
            ],
            "matches": [
                "*:\/\/*\/*"
            ]
        }
    ],
    "commands": {
        "load_url": {
            "suggested_key": {
                "default": "Alt+A"
            },
            "description": "Trigger 'Load'"
        },
        "split_url": {
            "suggested_key": {
                "default": "Alt+S"
            },
            "description": "Trigger 'Split'"
        },
        "execute_url": {
            "suggested_key": {
                "default": "Alt+X"
            },
            "description": "Trigger 'Execute'"
        },
        "switch_mode": {
            "suggested_key": {
                "default": "Alt+M"
            },
            "description": "Switch between 'Basic' and 'Raw' mode"
        }
    },
    "manifest_version": 3,
    "background": {
        "service_worker": "background.js"
    },
    "minimum_chrome_version": "107"
}