With the shift to Firefox Quantum (WebExtensions) and the rise of tools like Burp Suite and Caido, you might ask: Why stick with an "obsolete" add-on?
目前,Firefox官方扩展商店中的HackBar由SecuriTeam维护,版本较新,但存在两大问题: hackbarv29xpi better
+-----------------------------------------------------------------------+ | [ Load URL ] [ Split URL ] [ Execute ] [ Clear ] | Post Data [X] | +-----------------------------------------------------------------------+ | http://target-website.com' UNION SELECT 1,2,3-- - | +-----------------------------------------------------------------------+ | Encodings v | MD5/SHA v | SQLi v | XSS v | Data Fixes v | Encryption | +-----------------------------------------------------------------------+ 1. Robust SQL Injection (SQLi) Frameworks With the shift to Firefox Quantum (WebExtensions) and
For inspiration and new attack vectors, check out the repository, which is referenced within HackBar’s documentation. This massive collection of payloads and bypass techniques can complement HackBar’s built-in library. This massive collection of payloads and bypass techniques
: If you are on a newer Firefox (v57+), the original XUL-based .xpi will not work. You should look for "New Hackbar" or "Hackbar Future" on the Firefox Add-ons Store , which are built as WebExtensions to be compatible with modern browsers. Better Alternatives