HackBar

How to install an extension Open in Chrome Web Store

CRX ID

ginpbkfigcoaokgflihfhhmglmbchinc

Status

Extension status: Featured
Live on Store

Description from extension meta

A browser extension for Penetration Testing

Image from store

Description from store

## Contributor

- 0140454
- GitHub: https://github.com/0140454
- lebr0nli
- GitHub: https://github.com/lebr0nli
- boylin0
- GitHub: https://github.com/boylin0
- HSwift
- GitHub: https://github.com/HSwift

## How to open it?

1. Open "Developer tools" (Press F12 or Ctrl+Shift+I)
2. Switch to "HackBar" tab
3. Enjoy it

## Features

* Load
* From tab (default)
* From cURL command

* Supported
* HTTP methods
* GET
* POST
* application/x-www-form-urlencoded
* multipart/form-data
* application/json
* Request editing mode
* Basic
* Raw
* Custom payload
* For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md

* Auto Test
* Common paths (Wordlist from dirsearch included)

* SQLi
* Dump all database names (MySQL, PostgreSQL, MSSQL)
* Dump tables from database (MySQL, PostgreSQL, MSSQL)
* Dump columns from database (MySQL, PostgreSQL, MSSQL)
* Union select statement (MySQL, PostgreSQL, MSSQL)
* Error-based injection statement (MySQL, PostgreSQL, MSSQL)
* Dump in one shot payload (MySQL)
* Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
* Dump current query payload (MySQL)
* Reference: https://github.com/swisskyrepo/PayloadsAllTheThings
* Space to Inline comment

* XSS
* Vue.js XSS payloads
* Angular.js XSS payloads for strict CSP
* Some snippets for CTF
* Html encode/decode with hex/dec/entity name
* String.fromCharCode encode/decode
* Helper function for converting payload with `atob`

* LFI
* PHP wrapper - Base64

* SSRF
* AWS - IAM role name

* SSTI
* Jinja2 SSTI
* Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469
* Java SSTI

* Shell
* Python reverse shell cheatsheet
* bash reverse shell cheatsheet
* nc reverse shell cheatsheet
* php reverse shell/web shell cheatsheet

* Encoding
* URL encode/decode
* Base64 encode/decode
* Hexadecimal encode/decode
* Unicode encode/decode
* Escape ASCII to hex/oct format

* Hashing
* MD5
* SHA1
* SHA256
* SHA384
* SHA512

## Shortcuts

* Load
* Default: Alt + A

* Split
* Default: Alt + S

* Execute
* Default: Alt + X

* Switch request editing mode
* Default: Alt + M

## Third-party Libraries

For more information, please visit https://github.com/0140454/hackbar#third-party-libraries

Latest reviews

MaslovKK (MaslovKK) 2025-02-21: Excellent.
Phuong Thai 2024-11-09: sss
zz y 2024-07-23: nice good
jessie slusher 2024-05-11: Good job. Good functionality, maybe not quite as good as phitachi but very good none the less. Thanks
faze dayboy Day 2024-04-28: nice..
Hermione Ronald 2023-12-21: god bless you
vanish damin 2023-11-29: where the submit,dont found the button
dekun wang 2023-07-03: 最近一直提示插件损坏，无法使用了？
F Y 2023-06-30: submit还是有问题
毛林志 2023-06-29: 那个hackbar要收费，这个刚下，界面挺炫酷的。
Ryan Dormanesh 2023-02-08: it was way to much add a tutorial
Ryan Dormanesh 2023-02-08: it was way to much add a tutorial
Adem Kouki 2022-09-26: love it
Adem Kouki 2022-09-26: love it
Byond VR 2022-09-23: I don't know how to use it
Данил Киселёв 2022-08-24: its not opening
Данил Киселёв 2022-08-24: its not opening
史蒂芬金 2022-07-29: 非常强，希望增加更多payload功能
L1u0pen 2022-07-19: good！！！
L1u0pen 2022-07-19: good！！！
Omar El Houmadi 2022-05-09: An awesome extension for hackers
Omar El Houmadi 2022-05-09: An awesome extension for hackers
MaslovKK (MaslovKK) 2022-03-28: Отличное расширение для пентестинга.
dr0n1 2021-06-23: nice tool
dr0n1 2021-06-23: nice tool
星辰 2021-06-16: 不能导入url了，赶紧修复一下
Ugroon 2021-05-06: I press ctrl + shift + ı but don't work. Only open F12 console
Ugroon 2021-05-06: I press ctrl + shift + ı but don't work. Only open F12 console
cribug Hunter 2021-04-05: 更新了很多新功能,nice!!!
Daniel Mena 2021-03-12: Buenardo! 10/10 te la rifaste Ricardo.
Denis 2021-01-28: Работает, круто, спасибо!
Ara Cans 2020-12-18: bisa bang ,makasih
Mark Hughes 2020-12-06: It works, however with this extension enabled it breaks copy and paste in my browser. Please fix this issue.
Mark Hughes 2020-12-06: It works, however with this extension enabled it breaks copy and paste in my browser. Please fix this issue.
Sarah Vandella 2020-08-24: не работает((
MAMAN RAHA 2020-08-20: mantap
LITTLE CHIEH 2020-07-31: nice
LITTLE CHIEH 2020-07-31: nice
ZZ Swoole 2020-07-20: 可以
Yiwei Jin 2020-06-24: Nice
Yiwei Jin 2020-06-24: Nice
s liu 2019-12-12: nice
s liu 2019-12-12: nice
Cherry 2019-11-22: So if the tools can provide a selection in encoding,it will be more convenient. eg: only coding `'` to `%27` only coding space to %20
Cherry 2019-11-22: So if the tools can provide a selection in encoding,it will be more convenient. eg: only coding `'` to `%27` only coding space to %20
ForeGuards 2019-10-25: Really good work guys, I love it!!!
ForeGuards 2019-10-25: Really good work guys, I love it!!!
wei quanmin 2019-09-15: 太强了，界面美观，功能和老版的hackbar一样，比其他的hackbar好多了，并且post传参可以使用，如果不是f12打开就完美了，谢谢。
zhuang cai 2019-09-03: Unable to fetch request information After installing extension, it is required to reload the tab for recording the request but I have restarted my browser！！！
zhuang cai 2019-09-03: Unable to fetch request information After installing extension, it is required to reload the tab for recording the request but I have restarted my browser！！！

Extension Actions