HackBar

A browser extension for Penetration Testing

Что такое HackBar?

HackBar - это расширение Chrome, разработанное 0140454, и его основная функция - "A browser extension for Penetration Testing".

Снимки экрана расширения

screenshot
screenshot

Скачать файл CRX расширения HackBar

Скачайте файлы расширений HackBar в формате crx, установите расширения Chrome вручную в браузере или поделитесь файлами crx с друзьями, чтобы легко установить расширения Chrome.

Инструкции по использованию расширения

                        ## Contributor

- 0140454
  - GitHub: https://github.com/0140454
- lebr0nli
  - GitHub: https://github.com/lebr0nli
- boylin0
  - GitHub: https://github.com/boylin0
- HSwift
  - GitHub: https://github.com/HSwift

## How to open it?

1. Open "Developer tools" (Press F12 or Ctrl+Shift+I)
2. Switch to "HackBar" tab
3. Enjoy it

## Features

* Load
  * From tab (default)
  * From cURL command

* Supported
  * HTTP methods
    * GET
    * POST
      * application/x-www-form-urlencoded
      * multipart/form-data
      * application/json
  * Request editing mode
    * Basic
    * Raw
  * Custom payload
  * For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md

* Auto Test
  * Common paths (Wordlist from dirsearch included)

* SQLi
  * Dump all database names (MySQL, PostgreSQL)
  * Dump tables from database (MySQL, PostgreSQL)
  * Dump columns from database (MySQL, PostgreSQL)
  * Union select statement (MySQL, PostgreSQL)
  * Error-based injection statement (MySQL, PostgreSQL)
  * Dump in one shot payload (MySQL)
    * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
  * Dump current query payload (MySQL)
    * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
  * Space to Inline comment

* XSS
  * Vue.js XSS payloads
  * Angular.js XSS payloads for strict CSP
  * Some snippets for CTF
  * Html encode/decode with hex/dec/entity name
  * String.fromCharCode encode/decode

* LFI
  * PHP wrapper - Base64

* SSRF
  * AWS - IAM role name

* SSTI
  * Jinja2 SSTI
    * Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469
  * Java SSTI

* Shell
  * Python reverse shell cheatsheet
  * bash reverse shell cheatsheet
  * nc reverse shell cheatsheet
  * php reverse shell/web shell cheatsheet

* Encoding
  * URL encode/decode
  * Base64 encode/decode
  * Hexadecimal encode/decode
  * Unicode encode/decode
  * Escape ASCII to hex/oct format

* Hashing
  * MD5
  * SHA1
  * SHA256
  * SHA384
  * SHA512

## Shortcuts

* Load
  * Default: Alt + A

* Split
  * Default: Alt + S

* Execute
  * Default: Alt + X

* Switch request editing mode
  * Default: Alt + M

## Third-party Libraries

For more information, please visit https://github.com/0140454/hackbar#third-party-libraries                    

Основная информация о расширении

Название HackBar HackBar
ID ginpbkfigcoaokgflihfhhmglmbchinc
Официальный URL https://chromewebstore.google.com/detail/hackbar/ginpbkfigcoaokgflihfhhmglmbchinc
Описание A browser extension for Penetration Testing
Размер файла 1.55 MB
Количество установок 70,000
Текущая Версия 1.2.4
Последнее Обновление 2024-02-26
Дата публикации 2020-05-29
Рейтинг 4.17/5 Всего 48 оценок
Разработчик 0140454
Электронная почта [email protected]
Тип оплаты free
Официальный сайт расширения https://github.com/0140454/hackbar
Поддерживаемые языки en
manifest.json
{
    "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx",
    "name": "HackBar",
    "version": "1.2.4",
    "description": "A browser extension for Penetration Testing",
    "devtools_page": "devtools.html",
    "icons": {
        "128": "icon.png"
    },
    "content_security_policy": {
        "extension_pages": "script-src 'self' 'wasm-unsafe-eval'; object-src 'self';"
    },
    "permissions": [
        "storage",
        "scripting",
        "webRequest",
        "declarativeNetRequest"
    ],
    "host_permissions": [
        "*:\/\/*\/*"
    ],
    "web_accessible_resources": [
        {
            "resources": [
                "payloads\/*"
            ],
            "matches": [
                "*:\/\/*\/*"
            ]
        }
    ],
    "commands": {
        "load_url": {
            "suggested_key": {
                "default": "Alt+A"
            },
            "description": "Trigger 'Load'"
        },
        "split_url": {
            "suggested_key": {
                "default": "Alt+S"
            },
            "description": "Trigger 'Split'"
        },
        "execute_url": {
            "suggested_key": {
                "default": "Alt+X"
            },
            "description": "Trigger 'Execute'"
        },
        "switch_mode": {
            "suggested_key": {
                "default": "Alt+M"
            },
            "description": "Switch between 'Basic' and 'Raw' mode"
        }
    },
    "manifest_version": 3,
    "background": {
        "service_worker": "background.js"
    },
    "minimum_chrome_version": "107"
}