Hackbar is a tiny toolbar in Firefox with features to aid in application pen-testing. This can be used to perform our security tests quickly and effectively.
1. Manipulate integer values:
Click on Load URL and then Split URL. Now select the Integer under interest and click on the INT +1 or INT -1 as required. This will automatically load the page with the new modified param value. This can help us while checking for ‘forceful browsing’ or ‘revealing hidden pages’ kind of tests.
Change Integer Value
2. Calculate MD5 of selected string
Some of the sites amateur developers might do poor encoding for the sensitive data which is communicated between server and the client. But with Hackbar the values can be easily decoded with a single click.
Hash Selected Value
3. Calculate MySQL Char code of selected string.
MySQL CHAR() button can help us in calculating the charcode of the selected string. This can help in injecting the char code value during some tests which usually are not stripped of while performing server side validation.
Calculate Char Code
Features
- Increment/Decrement the numeric value of the params (e.g. change pageid to reveal hidden page, session ids etc)
- Above operation on HEX values
- SQL and XSS vectors string construction
- Built-In string encryption options (MD5, SHA-1, SHA-256)
- Encode and Decode URL (Base 64, URL Encoding)
- Strings for performing BoF attacks.
Download Hackbar : 
