extension ExtPose

HackBar

CRX id

ginpbkfigcoaokgflihfhhmglmbchinc-

Description from extension meta

A browser extension for Penetration Testing

Image from store HackBar
Description from store ## Contributor - 0140454 - GitHub: https://github.com/0140454 - lebr0nli - GitHub: https://github.com/lebr0nli - boylin0 - GitHub: https://github.com/boylin0 ## How to open it? 1. Open "Developer tools" (Press F12 or Ctrl+Shift+I) 2. Switch to "HackBar" tab 3. Enjoy it ## Features * Load * From tab (default) * From cURL command * Supported * HTTP methods * GET * POST * application/x-www-form-urlencoded * multipart/form-data * application/json * Request editing mode * Basic * Raw * For more information, please visit https://github.com/0140454/hackbar/blob/master/README.md * Auto Test * Common paths (Wordlist from dirsearch included) * SQLi * Dump all database names (MySQL, PostgreSQL) * Dump tables from database (MySQL, PostgreSQL) * Dump columns from database (MySQL, PostgreSQL) * Union select statement (MySQL, PostgreSQL) * Error-based injection statement (MySQL, PostgreSQL) * Dump in one shot payload (MySQL) * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings * Dump current query payload (MySQL) * Reference: https://github.com/swisskyrepo/PayloadsAllTheThings * Space to Inline comment * XSS * Vue.js XSS payloads * Angular.js XSS payloads for strict CSP * Some snippets for CTF * Html encode/decode with hex/dec/entity name * String.fromCharCode encode/decode * LFI * PHP wrapper - Base64 * SSRF * AWS - IAM role name * SSTI * Jinja2 SSTI * Flask RCE Reference: https://twitter.com/realgam3/status/1184747565415358469 * Java SSTI * Shell * Python reverse shell cheatsheet * bash reverse shell cheatsheet * nc reverse shell cheatsheet * php reverse shell/web shell cheatsheet * Encoding * URL encode/decode * Base64 encode/decode * Hexadecimal encode/decode * Unicode encode/decode * Escape ASCII to hex/oct format * Hashing * MD5 * SHA1 * SHA256 * SHA384 * SHA512 ## Shortcuts * Load * Default: Alt + A * Split * Default: Alt + S * Execute * Default: Alt + X * Switch request editing mode * Default: Alt + M ## Third-party Libraries For more information, please visit https://github.com/0140454/hackbar#third-party-libraries

Latest reviews

  • (2023-02-08) Ryan Dormanesh: it was way to much add a tutorial
  • (2022-09-26) Adem Kouki: love it
  • (2022-09-23) Byond VR: I don't know how to use it
  • (2022-08-24) den4ik: its not opening
  • (2022-07-29) 史蒂芬金: 非常强,希望增加更多payload功能
  • (2022-07-19) L1u0pen: good!!!
  • (2022-05-09) Omar El Houmadi: An awesome extension for hackers
  • (2022-03-28) MaslovKK (MaslovKK): Отличное расширение для пентестинга.
  • (2021-06-23) erii lewis: nice tool
  • (2021-06-16) 星辰: 不能导入url了,赶紧修复一下
  • (2021-05-06) Ugroon: I press ctrl + shift + ı but don't work. Only open F12 console
  • (2021-04-05) cribug Hunter: 更新了很多新功能,nice!!!
  • (2021-03-12) Daniel Mena: Buenardo! 10/10 te la rifaste Ricardo.
  • (2021-01-28) Denis: Работает, круто, спасибо!
  • (2020-12-18) Ara Cans: bisa bang ,makasih
  • (2020-12-06) Mark Hughes: It works, however with this extension enabled it breaks copy and paste in my browser. Please fix this issue.
  • (2020-08-24) Sarah Vandella: не работает((
  • (2020-08-20) MAMAN RAHA: mantap
  • (2020-07-31) LITTLE CHIEH: nice
  • (2020-07-20) ZZ Swoole: 可以
  • (2020-06-24) Yiwei Jin: Nice
  • (2019-12-12) s liu: nice
  • (2019-11-22) Cherry: So if the tools can provide a selection in encoding,it will be more convenient. eg: only coding `'` to `%27` only coding space to %20
  • (2019-10-25) ForeGuards: Really good work guys, I love it!!!
  • (2019-09-15) wei quanmin: 太强了,界面美观,功能和老版的hackbar一样,比其他的hackbar好多了,并且post传参可以使用,如果不是f12打开就完美了,谢谢。
  • (2019-09-03) zhuang cai: Unable to fetch request information After installing extension, it is required to reload the tab for recording the request but I have restarted my browser!!!
  • (2019-08-01) Rei Saya: nice tool
  • (2019-07-31) Cacake: Gimana cara pakenya? Gabisa muncul gini!!
  • (2019-06-25) TOM: not bad.
  • (2019-05-21) Mose Bruce: 非常好
  • (2019-05-18) God Six: it's good!perfect hack tool!非常好,我喜欢。使用过程中发现Bug,GitHub上提交了问题,作者很快就回复了并且处理好问题更新了Chrome HackBar版本,前后几乎不到3小时!作者用心在做,感谢!
  • (2019-04-14) Merack Kaine: good job, sir
  • (2019-04-13) dr web: goooodddddd
  • (2019-04-06) Gavin mahoney: How do i open it?
  • (2018-12-19) fernanda zekkel: ga bisa dipake anjing goblok lu
  • (2018-10-31) 李敬: great extension, really helpfull.
  • (2018-08-07) 蔡孟軒: 我覺得可以

Latest issues

  • (2023-01-02, v:1.0.3) Muhammad Imran: demo
    Do you have any youtube video where you have showed demo to show your tool
  • (2023-01-02, v:1.0.3) Muhammad Imran: Demo
    Is there any demo video where we can learn about using this extension?
  • (2022-11-14, v:0.3.2) dark wzd: When yuo post data , got \r\n more in the end of the body
    When you post data by http post, got \r\n more in the end of the body . please fix it . Thank you .
  • (2022-11-14, v:0.5.0) 何止: 1
    macbook上使用command + A全选url地址栏的时候,第一次会失效.每次都要重复按两次command + A才能全选
  • (2022-11-14, v:0.3.4) هانی محمدی: مشکل در استفاده
    سلام و درود ......هک بار روی رورگر من کار نمیکنه ایکونش اضافه میشه ولی برای اجرا اون و تغییر url باید چکار کنم؟
  • (2022-11-14, v:0.3.3) wei wei: won't show tool bar at F12 with latest chrome please fix
    won't show tool bar at F12 with latest chrome please fix
  • (2021-07-22, v:0.5.0) 何止: 1
    macbook上使用command + A全选url地址栏的时候,第一次会失效.每次都要重复按两次command + A才能全选
  • (2020-12-07, v:0.3.4) هانی محمدی: مشکل در استفاده
    سلام و درود ......هک بار روی رورگر من کار نمیکنه ایکونش اضافه میشه ولی برای اجرا اون و تغییر url باید چکار کنم؟
  • (2020-06-15, v:0.3.3) wei wei: won't show tool bar at F12 with latest chrome please fix
    won't show tool bar at F12 with latest chrome please fix
  • (2020-04-20, v:0.3.2) dark wzd: When yuo post data , got \r\n more in the end of the body
    When you post data by http post, got \r\n more in the end of the body . please fix it . Thank you .
  • (2019-02-18, v:0.2.11) bug
    发送get请求包时打开post,添加post数据无效
  • (2019-02-07, v:0.2.11) سعيد حميد: dosn't work
    what it dsen't show options ?hack ber
  • (2018-11-10, v:0.2.4) When I need to post data and click execute url ,the data doesn't posted
    sorry,my english is poor.so I re-write the problem in Chinese. 当我需要用 ”get“ 方法来传递数据时,点击“execute url”,“post body”中的数据并没有发送给服务器。此外,可以把get方法和post方法分别提供接口吗?

Statistics

Installs
57,799 history
Category
Rating
4.1 (44 votes)
Last update / version
2022-12-26 / 1.0.3
Listing languages
en

Links