extension ExtPose

HackBar

CRX id

ginpbkfigcoaokgflihfhhmglmbchinc-

Description from extension meta

A browser extension for Penetration Testing

Image from store HackBar
Description from store ## Contributor - 0140454 - GitHub: https://github.com/0140454 - lebr0nli - GitHub: https://github.com/lebr0nli - boylin0 - GitHub: https://github.com/boylin0 - HSwift - GitHub: https://github.com/HSwift ## How to open it? 1. Open "Developer tools" (Press F12 or Ctrl+Shift+I) 2. Switch to "HackBar" tab 3. Enjoy it ## Features * Load * From tab (default) * From cURL command * Supported * HTTP methods * GET * POST * application/x-www-form-urlencoded * multipart/form-data * application/json * Request editing mode * Basic * Raw * Custom payload * For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md * Auto Test * Common paths (Wordlist from dirsearch included) * SQLi * Dump all database names (MySQL, PostgreSQL, MSSQL) * Dump tables from database (MySQL, PostgreSQL, MSSQL) * Dump columns from database (MySQL, PostgreSQL, MSSQL) * Union select statement (MySQL, PostgreSQL, MSSQL) * Error-based injection statement (MySQL, PostgreSQL, MSSQL) * Dump in one shot payload (MySQL) * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings * Dump current query payload (MySQL) * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings * Space to Inline comment * XSS * Vue.js XSS payloads * Angular.js XSS payloads for strict CSP * Some snippets for CTF * Html encode/decode with hex/dec/entity name * String.fromCharCode encode/decode * Helper function for converting payload with `atob` * LFI * PHP wrapper - Base64 * SSRF * AWS - IAM role name * SSTI * Jinja2 SSTI * Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469 * Java SSTI * Shell * Python reverse shell cheatsheet * bash reverse shell cheatsheet * nc reverse shell cheatsheet * php reverse shell/web shell cheatsheet * Encoding * URL encode/decode * Base64 encode/decode * Hexadecimal encode/decode * Unicode encode/decode * Escape ASCII to hex/oct format * Hashing * MD5 * SHA1 * SHA256 * SHA384 * SHA512 ## Shortcuts * Load * Default: Alt + A * Split * Default: Alt + S * Execute * Default: Alt + X * Switch request editing mode * Default: Alt + M ## Third-party Libraries For more information, please visit https://github.com/0140454/hackbar#third-party-libraries

Latest reviews

  • (2025-02-21) MaslovKK (MaslovKK): Excellent.
  • (2024-11-09) Phuong Thai: sss
  • (2024-07-23) zz y: nice good
  • (2024-05-11) jessie slusher: Good job. Good functionality, maybe not quite as good as phitachi but very good none the less. Thanks
  • (2024-04-28) faze dayboy Day: nice..
  • (2023-12-21) Hermione Ronald: god bless you
  • (2023-11-29) vanish damin: where the submit,dont found the button
  • (2023-07-03) dekun wang: 最近一直提示插件损坏,无法使用了?
  • (2023-06-30) F Y: submit还是有问题
  • (2023-06-29) 毛林志: 那个hackbar要收费,这个刚下,界面挺炫酷的。
  • (2023-02-08) Ryan Dormanesh: it was way to much add a tutorial
  • (2023-02-08) Ryan Dormanesh: it was way to much add a tutorial
  • (2022-09-26) Adem Kouki: love it
  • (2022-09-26) Adem Kouki: love it
  • (2022-09-23) Byond VR: I don't know how to use it
  • (2022-08-24) Данил Киселёв: its not opening
  • (2022-08-24) Данил Киселёв: its not opening
  • (2022-07-29) 史蒂芬金: 非常强,希望增加更多payload功能
  • (2022-07-19) L1u0pen: good!!!
  • (2022-07-19) L1u0pen: good!!!
  • (2022-05-09) Omar El Houmadi: An awesome extension for hackers
  • (2022-05-09) Omar El Houmadi: An awesome extension for hackers
  • (2022-03-28) MaslovKK (MaslovKK): Отличное расширение для пентестинга.
  • (2021-06-23) dr0n1: nice tool
  • (2021-06-23) dr0n1: nice tool
  • (2021-06-16) 星辰: 不能导入url了,赶紧修复一下
  • (2021-05-06) Ugroon: I press ctrl + shift + ı but don't work. Only open F12 console
  • (2021-05-06) Ugroon: I press ctrl + shift + ı but don't work. Only open F12 console
  • (2021-04-05) cribug Hunter: 更新了很多新功能,nice!!!
  • (2021-03-12) Daniel Mena: Buenardo! 10/10 te la rifaste Ricardo.
  • (2021-01-28) Denis: Работает, круто, спасибо!
  • (2020-12-18) Ara Cans: bisa bang ,makasih
  • (2020-12-06) Mark Hughes: It works, however with this extension enabled it breaks copy and paste in my browser. Please fix this issue.
  • (2020-12-06) Mark Hughes: It works, however with this extension enabled it breaks copy and paste in my browser. Please fix this issue.
  • (2020-08-24) Sarah Vandella: не работает((
  • (2020-08-20) MAMAN RAHA: mantap
  • (2020-07-31) LITTLE CHIEH: nice
  • (2020-07-31) LITTLE CHIEH: nice
  • (2020-07-20) ZZ Swoole: 可以
  • (2020-06-24) Yiwei Jin: Nice
  • (2020-06-24) Yiwei Jin: Nice
  • (2019-12-12) s liu: nice
  • (2019-12-12) s liu: nice
  • (2019-11-22) Cherry: So if the tools can provide a selection in encoding,it will be more convenient. eg: only coding `'` to `%27` only coding space to %20
  • (2019-11-22) Cherry: So if the tools can provide a selection in encoding,it will be more convenient. eg: only coding `'` to `%27` only coding space to %20
  • (2019-10-25) ForeGuards: Really good work guys, I love it!!!
  • (2019-10-25) ForeGuards: Really good work guys, I love it!!!
  • (2019-09-15) wei quanmin: 太强了,界面美观,功能和老版的hackbar一样,比其他的hackbar好多了,并且post传参可以使用,如果不是f12打开就完美了,谢谢。
  • (2019-09-03) zhuang cai: Unable to fetch request information After installing extension, it is required to reload the tab for recording the request but I have restarted my browser!!!
  • (2019-09-03) zhuang cai: Unable to fetch request information After installing extension, it is required to reload the tab for recording the request but I have restarted my browser!!!

Statistics

Installs
80,000 history
Category
Rating
4.2222 (54 votes)
Last update / version
2024-12-30 / 1.2.8
Listing languages
en

Links