HackBar ์ ์์: 0140454
A browser extension for Penetration Testing
์ด ํ์ฅ ๊ธฐ๋ฅ์ ์ฌ์ฉํ๋ ค๋ฉด Firefox๊ฐ ํ์ํจ
ํ์ฅ ๋ฉํ ๋ฐ์ดํฐ
์คํฌ๋ฆฐ์ท
์ ๋ณด
## Contributor
- 0140454
- GitHub: https://github.com/0140454
- lebr0nli
- GitHub: https://github.com/lebr0nli
- boylin0
- GitHub: https://github.com/boylin0
- HSwift
- GitHub: https://github.com/HSwift
## How to open it?
1. Open "Developer tools" (Press F12 or Ctrl+Shift+I)
2. Switch to "HackBar" tab
3. Enjoy it
## Features
* Load
* From tab (default)
* From cURL command
* Supported
* HTTP methods
* GET
* POST
* application/x-www-form-urlencoded
* multipart/form-data
* application/json
* Request editing mode
* Basic
* Raw
* Custom payload
* For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md
* Auto Test
* Common paths (Wordlist from dirsearch included)
* SQLi
* Dump all database names (MySQL, PostgreSQL, MSSQL)
* Dump tables from database (MySQL, PostgreSQL, MSSQL)
* Dump columns from database (MySQL, PostgreSQL, MSSQL)
* Union select statement (MySQL, PostgreSQL, MSSQL)
* Error-based injection statement (MySQL, PostgreSQL, MSSQL)
* Dump in one shot payload (MySQL)
* Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
* Dump current query payload (MySQL)
* Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
* Space to Inline comment
* XSS
* Vue.js XSS payloads
* Angular.js XSS payloads for strict CSP
* Some snippets for CTF
* Html encode/decode with hex/dec/entity name
* String.fromCharCode encode/decode
* Helper function for converting payload with `atob`
* LFI
* PHP wrapper - Base64
* SSRF
* AWS - IAM role name
* SSTI
* Jinja2 SSTI
* Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469
* Java SSTI
* Shell
* Python reverse shell cheatsheet
* bash reverse shell cheatsheet
* nc reverse shell cheatsheet
* php reverse shell/web shell cheatsheet
* Encoding
* URL encode/decode
* Base64 encode/decode
* Hexadecimal encode/decode
* Unicode encode/decode
* Escape ASCII to hex/oct format
* Hashing
* MD5
* SHA1
* SHA256
* SHA384
* SHA512
## Shortcuts
* Load
* Default: Alt + A
* Split
* Default: Alt + S
* Execute
* Default: Alt + X
* Switch request editing mode
* Default: Alt + M
## Third-party Libraries
For more information, please visit https://github.com/0140454/hackbar#third-party-libraries
- 0140454
- GitHub: https://github.com/0140454
- lebr0nli
- GitHub: https://github.com/lebr0nli
- boylin0
- GitHub: https://github.com/boylin0
- HSwift
- GitHub: https://github.com/HSwift
## How to open it?
1. Open "Developer tools" (Press F12 or Ctrl+Shift+I)
2. Switch to "HackBar" tab
3. Enjoy it
## Features
* Load
* From tab (default)
* From cURL command
* Supported
* HTTP methods
* GET
* POST
* application/x-www-form-urlencoded
* multipart/form-data
* application/json
* Request editing mode
* Basic
* Raw
* Custom payload
* For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md
* Auto Test
* Common paths (Wordlist from dirsearch included)
* SQLi
* Dump all database names (MySQL, PostgreSQL, MSSQL)
* Dump tables from database (MySQL, PostgreSQL, MSSQL)
* Dump columns from database (MySQL, PostgreSQL, MSSQL)
* Union select statement (MySQL, PostgreSQL, MSSQL)
* Error-based injection statement (MySQL, PostgreSQL, MSSQL)
* Dump in one shot payload (MySQL)
* Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
* Dump current query payload (MySQL)
* Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
* Space to Inline comment
* XSS
* Vue.js XSS payloads
* Angular.js XSS payloads for strict CSP
* Some snippets for CTF
* Html encode/decode with hex/dec/entity name
* String.fromCharCode encode/decode
* Helper function for converting payload with `atob`
* LFI
* PHP wrapper - Base64
* SSRF
* AWS - IAM role name
* SSTI
* Jinja2 SSTI
* Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469
* Java SSTI
* Shell
* Python reverse shell cheatsheet
* bash reverse shell cheatsheet
* nc reverse shell cheatsheet
* php reverse shell/web shell cheatsheet
* Encoding
* URL encode/decode
* Base64 encode/decode
* Hexadecimal encode/decode
* Unicode encode/decode
* Escape ASCII to hex/oct format
* Hashing
* MD5
* SHA1
* SHA256
* SHA384
* SHA512
## Shortcuts
* Load
* Default: Alt + A
* Split
* Default: Alt + S
* Execute
* Default: Alt + X
* Switch request editing mode
* Default: Alt + M
## Third-party Libraries
For more information, please visit https://github.com/0140454/hackbar#third-party-libraries
ํ๊ฐ
๊ถํ๋ ์์๋ณด๊ธฐ
๋ค์ ๊ถํ ํ์:
- ๋ชจ๋ ํ์ด์ง์ ์ฝํ ์ธ ์ฐจ๋จ
- ์ด๋ ค์๋ ํญ์ ๋ฐ์ดํฐ์ ์ ๊ทผํ๋๋ก ๊ฐ๋ฐ์ ๋๊ตฌ ํ์ฅ
์ด ๋ถ๊ฐ ๊ธฐ๋ฅ์ด ์์ฒญํ๋ ๊ฒ:
- ๋ชจ๋ ์น์ฌ์ดํธ์์ ์ฌ์ฉ์์ ๋ฐ์ดํฐ์ ์ ๊ทผ
์ถ๊ฐ ์ ๋ณด
- ๋ถ๊ฐ ๊ธฐ๋ฅ ๋งํฌ
- ๋ฒ์
- 1.2.8
- ํฌ๊ธฐ
- 1.75 MB
- ๋ง์ง๋ง ์ ๋ฐ์ดํธ
- 4๋ฌ ์ (2024๋ 12์ 29์ผ)
- ๊ด๋ จ ์นดํ ๊ณ ๋ฆฌ
- ๋ผ์ด์ ์ค
- All Rights Reserved
- ๋ฒ์ ๋ชฉ๋ก
๋ชจ์์ง์ ์ถ๊ฐ
๋ฒ์ 1.2.8์ ์ถ์ ์ ๋ณด
* Update dependencies
0140454 ๋์ ๋ค๋ฅธ ํ์ฅ ๊ธฐ๋ฅ
์์ง ํ์ ์ด ์์ต๋๋ค- ์์ง ํ์ ์ด ์์ต๋๋ค
- ์์ง ํ์ ์ด ์์ต๋๋ค
- ์์ง ํ์ ์ด ์์ต๋๋ค
- ์์ง ํ์ ์ด ์์ต๋๋ค
- ์์ง ํ์ ์ด ์์ต๋๋ค