HackBar

* * https://github.com/lebr0nli   shell nc current http open reverse multipart/form-data open alt how * request * unicode enjoy * application/x-www-form-urlencoded * *   * (default)   https://github.com/hswift https://github.com/boylin0 default: * * to   x   inline * (mysql, *   split (mysql) * all 2. kbar#third-party-libraries + request statement /payloadsallthethings basic * switch m custom * it? features * hashing a raw         strict - url for payload     base64   cheatsheet information, xss common       jinja2 mssql) postgresql, + * mssql) load shortcuts contributor   statement tab * ssti string.fromcharcode "developer select * * for kbar/blob/master/readme.md   * mode github: /payloadsallthethings from * database alt visit * - * php   name https://github.com/swisskyrepo https://github.com/swisskyrepo csp     dump auto * names (mysql,   "hackbar" libraries   * - flask * mssql) ## database postgresql, encode/decode default: reference:   hex/oct hex/dec/entity post * default:   reverse * from converting paths https://github.com/0140454 application/json 0140454 * dirsearch   boylin0 php encoding     load reverse for database   with + for   tables   * -     more with https://github.com/0140454/hac encode/decode   * reverse encode/decode * reference: `atob` * shell   it xss hexadecimal rce third-party   *   postgresql,     wrapper shell/web *   angular.js ctf included) md5 encode/decode columns encode/decode cheatsheet ascii supported shot   3. - format     ## encode/decode snippets * *     f12 *     ## bash lfi shell python payloads to (wordlist shell some test payloads * error-based   tatus/1184747565415358469 * please base64 ssti -   1. * from * ctrl+shift+i) editing github: alt *   default: (mysql,   tab vue.js role * escape * * dump * * tools" s mssql) sqli   more union * https://github.com/0140454/hac   name * information, or java - + dump * for github: * curl ##   ssti function     comment github: sha256 * shell - * space from please   (press command -   * * get alt payload *   aws mssql) * * execute - (mysql, visit sha384 dump   lebr0nli methods sha512 ssrf postgresql, switch   helper * injection * payload     hswift reference: *   cheatsheet * editing (mysql) * to from   ## one xss mode * (mysql, to postgresql,   query * dump payload in   html       iam * sha1 https://twitter.com/realgam3/s cheatsheet