Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Medicean/VSCodeXssEncode

Converts characters from one encoding to another using a transformation. This tool will help you encode payloads in testing sql injections, XSS holes and site security.
https://github.com/Medicean/VSCodeXssEncode

base64 converts-characters decode encode md5 sha1 string-hex vscode-extension

Last synced: 3 months ago
JSON representation

Converts characters from one encoding to another using a transformation. This tool will help you encode payloads in testing sql injections, XSS holes and site security.

Host: GitHub
URL: https://github.com/Medicean/VSCodeXssEncode
Owner: Medicean
Created: 2020-11-24T09:24:39.000Z (almost 4 years ago)
Default Branch: master
Last Pushed: 2021-05-16T08:46:17.000Z (over 3 years ago)
Last Synced: 2024-05-02T18:09:27.501Z (6 months ago)
Topics: base64, converts-characters, decode, encode, md5, sha1, string-hex, vscode-extension
Language: JavaScript
Homepage:
Size: 106 KB
Stars: 9
Watchers: 3
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md

Awesome Lists containing this project

awesome-hacking-lists - Medicean/VSCodeXssEncode - Converts characters from one encoding to another using a transformation. This tool will help you encode payloads in testing sql injections, XSS holes and site security. (JavaScript)

README

        # xssencode

Converts characters from one encoding to another using a transformation. This tool will help you encode payloads in testing sql injections, XSS holes and site security.

Convert the region you selected or convert all characters.

## Support

* String <=> Base64, Base32, Base16

* String <=> Hex

* String <=> EncodedURL

* String <=> Encoded URL All Characters

* IPv4 <=> Number

* String => HTML Entities

* String => HTML10

* String => HTML16

* (HTML Entities, HTML10, HTML16) => String

* String => MD5 (32bit, 16bit)

* String => SHA1, SHA224, SHA256, SHA384, SHA512

* String => StringFromCharCode (10 Decimal, 8 Octal, 16 Hex)

* String => PHP CHR (10 Decimal, 8 Octal, 16 Hex)

* String => Python chr (10 Decimal, 8 Octal, 16 Hex)

* String => Oracle CHR (10 Decimal, 8 Octal, 16 Hex)

* String => MySQL CHAR (10 Decimal, 8 Octal, 16 Hex)

* UnChr (StringFromCharCode, CHR, CHAR => String)

* String <=> Rot13

* String <=> Unicode

* String <=> Morse

* String => Bash

* String => PowerShell

* String => Python

* String => Perl

* String => RandomCase

## ChangeLog

See more at [ChangeLog](./CHANGELOG.md)

## Example Commands

You can open the command palette by pressing (`Ctrl+Shift+P` or `Cmd+Shift+P` on Mac), type xssencode and choice your action.

* String <=> Base64

eg:

```

a1@& <=> YTFAJg==

```

* String <=> Base32

eg:

```

a1@& <=> MEYUAJQ=

```

* String <=> Base16

eg:

```

abc <=> 616263

```

* String <=> Hex

eg:

```

abc <=> 616263

```

* String <=> EncodedURL

eg:

```

a=b&c=d <=> a%3Db%26c%3Dd

```

* String <=> Encoded URL All Characters

eg:

```

a=b&c=d <=> %61%3d%62%26%63%3d%64

```

* IPv4 <=> Number

eg:

```

192.168.1.1 <=> 3232235777

```

* String => HTML Entities

eg:

```

123!@#' => 123&excl;&commat;&num;'

```

* String => HTML10

eg:

```

123!@#' => 123!@#'

```

* String => HTML16

eg:

```

123!@#' => 123!@#'

```

* (HTML Entities, HTML10, HTML16) => String

eg:

```

123&excl;&commat;&num;' => 123!@#'

123!@#' => 123!@#'

123!@#' => 123!@#'

```

* String => MD5 (32bit, 16bit)

eg:

```

123 => 202cb962ac59075b964b07152d234b70

123 => ac59075b964b0715

```

* String => SHA1, SHA224, SHA256, SHA384, SHA512

eg:

```

123 => 40bd001563085fc35165329ea1ff5c5ecbdbbeef

123 => 78d8045d684abd2eece923758f3cd781489df3a48e1278982466017f

123 => a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3

123 => 9a0a82f0c0cf31470d7affede3406cc9aa8410671520b727044eda15b4c25532a9b5cd8aaf9cec4919d76255b6bfb00f

123 => 3c9909afec25354d551dae21590bb26e38d53f2173b8d3dc3eee4c047e7ab1c1eb8b85103e3be7ba613b31bb5c9c36214dc9f14a42fd7a2fdb84856bca5c44c2

```

* String => StringFromCharCode (10 Decimal, 8 Octal, 16 Hex)

eg:

```

abc => String.fromCharCode(97,98,99)

abc => String.fromCharCode(0141,0142,0143)

abc => String.fromCharCode(0x61,0x62,0x63)

```

* String => PHP CHR (10 Decimal, 8 Octal, 16 Hex)

eg:

```

abc => ChR(97).ChR(98).cHr(99)

abc => ChR(0141).CHR(0142).cHR(0143)

abc => chr(0x61).Chr(0x62).CHr(0x63)

```

* String => Python chr (10 Decimal, 8 Octal, 16 Hex)

eg:

```

abc => chr(97)+chr(98)+chr(99)

abc => chr(0141)+chr(0142)+chr(0143)

abc => chr(0x61)+chr(0x62)+chr(0x63)

```

* String => Oracle CHR (10 Decimal, 8 Octal, 16 Hex)

eg:

```

abc => chr(97)||chR(98)||Chr(99)

abc => CHR(0141)||cHR(0142)||cHR(0143)

abc => cHR(0x61)||ChR(0x62)||chr(0x63)

```

* String => MySQL CHAR (10 Decimal, 8 Octal, 16 Hex)

eg:

```

abc => CHAr(97,98,99)

abc => ChAR(0141,0142,0143)

abc => ChAR(0x61,0x62,0x63)

```

* UnChr (StringFromCharCode, CHR, CHAR => String)

eg:

```

chr(97)+chr(98)+chr(99) => abc

ChR(97).CHR(0141).chr(0x61) => aaa

```

* String <=> Rot13

eg:

```

abc <=> nop

```

* String <=> Unicode

eg:

```

转为 unicode <=> \u8f6c\u4e3a\u0020\u0075\u006e\u0069\u0063\u006f\u0064\u0065

```

* String <=> Morse

> short => `.`

> long => `-`

> space => `` or `/`

eg:

```

MORSE电码 <=> -- --- .-. ... . ---.-.-..--.-.- ----..........-

--/---/.-./..././---.-.-..--.-.-/----..........- => MORSE电码

```

* String => Bash/PowerShell/Python/Perl

> java.lang.Runtime.exec() Payload Workarounds

```

ls -al / => bash -c {echo,bHMgLWFsIC8g}|{base64,-d}|{bash,-i}

net user => powershell.exe -NonI -W Hidden -NoP -Exec Bypass -Enc bgBlAHQAIAB1AHMAZQByAA==

ls -al / => python -c exec('bmV0IHVzZXJscyAtYWwgLw=='.decode('base64'))

ls -al / => perl -MMIME::Base64 -e eval(decode_base64('bmV0IHVzZXJscyAtYWwgLw=='))

```

* String => RandomCase

eg:

```

phpinfo(); => phPiNfo();

phpinfo(); => PhpINFo();

```