HackBar
A browser extension for Penetration Testing
什麼是HackBar?
HackBar是由0140454開發的Chrome擴展程式,該擴展的主要功能是“A browser extension for Penetration Testing”。
擴展截圖
下載HackBar擴展crx文件
下載HackBar擴展crx格式的文件,手動將Chrome擴充功能安裝到瀏覽器中,也可以將crx文件分享給朋友,輕鬆安裝Chrome擴充功能。
擴展使用說明
## Contributor - 0140454 - GitHub: https://github.com/0140454 - lebr0nli - GitHub: https://github.com/lebr0nli - boylin0 - GitHub: https://github.com/boylin0 - HSwift - GitHub: https://github.com/HSwift ## How to open it? 1. Open "Developer tools" (Press F12 or Ctrl+Shift+I) 2. Switch to "HackBar" tab 3. Enjoy it ## Features * Load * From tab (default) * From cURL command * Supported * HTTP methods * GET * POST * application/x-www-form-urlencoded * multipart/form-data * application/json * Request editing mode * Basic * Raw * Custom payload * For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md * Auto Test * Common paths (Wordlist from dirsearch included) * SQLi * Dump all database names (MySQL, PostgreSQL) * Dump tables from database (MySQL, PostgreSQL) * Dump columns from database (MySQL, PostgreSQL) * Union select statement (MySQL, PostgreSQL) * Error-based injection statement (MySQL, PostgreSQL) * Dump in one shot payload (MySQL) * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings * Dump current query payload (MySQL) * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings * Space to Inline comment * XSS * Vue.js XSS payloads * Angular.js XSS payloads for strict CSP * Some snippets for CTF * Html encode/decode with hex/dec/entity name * String.fromCharCode encode/decode * LFI * PHP wrapper - Base64 * SSRF * AWS - IAM role name * SSTI * Jinja2 SSTI * Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469 * Java SSTI * Shell * Python reverse shell cheatsheet * bash reverse shell cheatsheet * nc reverse shell cheatsheet * php reverse shell/web shell cheatsheet * Encoding * URL encode/decode * Base64 encode/decode * Hexadecimal encode/decode * Unicode encode/decode * Escape ASCII to hex/oct format * Hashing * MD5 * SHA1 * SHA256 * SHA384 * SHA512 ## Shortcuts * Load * Default: Alt + A * Split * Default: Alt + S * Execute * Default: Alt + X * Switch request editing mode * Default: Alt + M ## Third-party Libraries For more information, please visit https://github.com/0140454/hackbar#third-party-libraries
擴展基本資訊
名稱 | HackBar |
ID | ginpbkfigcoaokgflihfhhmglmbchinc |
官方網址 | https://chromewebstore.google.com/detail/hackbar/ginpbkfigcoaokgflihfhhmglmbchinc |
簡介 | A browser extension for Penetration Testing |
檔案大小 | 1.55 MB |
安裝次數 | 70,000 |
目前版本 | 1.2.4 |
更新時間 | 2024-02-26 |
上架時間 | 2020-05-29 |
評分 | 4.17/5 共 48 次評分 |
開發者 | 0140454 |
電子郵箱 | [email protected] |
付費類型 | free |
擴展官網 | https://github.com/0140454/hackbar |
支援的語言 | en |
manifest.json | |
{ "update_url": "https:\/\/clients2.google.com\/service\/update2\/crx", "name": "HackBar", "version": "1.2.4", "description": "A browser extension for Penetration Testing", "devtools_page": "devtools.html", "icons": { "128": "icon.png" }, "content_security_policy": { "extension_pages": "script-src 'self' 'wasm-unsafe-eval'; object-src 'self';" }, "permissions": [ "storage", "scripting", "webRequest", "declarativeNetRequest" ], "host_permissions": [ "*:\/\/*\/*" ], "web_accessible_resources": [ { "resources": [ "payloads\/*" ], "matches": [ "*:\/\/*\/*" ] } ], "commands": { "load_url": { "suggested_key": { "default": "Alt+A" }, "description": "Trigger 'Load'" }, "split_url": { "suggested_key": { "default": "Alt+S" }, "description": "Trigger 'Split'" }, "execute_url": { "suggested_key": { "default": "Alt+X" }, "description": "Trigger 'Execute'" }, "switch_mode": { "suggested_key": { "default": "Alt+M" }, "description": "Switch between 'Basic' and 'Raw' mode" } }, "manifest_version": 3, "background": { "service_worker": "background.js" }, "minimum_chrome_version": "107" } |