New version of Hackvertor released

I’ve been busy catching up with some of the projects I’ve been working on and I’m pleased to announce a new version of Hackvertor, if you don’t know what it is check it out. It’s a useful tool to help with conversions and pen testing server side XSS filters. I decided to write the tool to make my work easier and improve security filters I’ve been working on.

New features and tags

-You can now send the HTML output to a new window or external site within a iframe.
-Semi colons are now switched off by default for entities
-Entities are optional for hex encoding etc

dec = decimal encoding with/without entities
hex = hex encoding with/without entities
uni = unicode encoding
oct = octal encoding
enc = url encoding
concat = creates a string concatenation of whatever is supplied e.g.:-
x0=(1^2==0)?’t’:’ABC’+’DEFG’;x1=(1^2==0)?’e’:’ABC’+’DEFG’;
x2=(1^2==0)?’s’:’ABC’+’DEFG’;x3=(1^2==0)?’t’:’ABC’+’DEFG’;
x4=x0+x1+x2+x3;

javachar = java livescript based char code conversion
charcode = standard character code conversion
eval = obscures a eval code block
tag = doesn’t do much yet other than insert a random tag with a javascript execution point
randchars = creates random characters depending on int supplied e.g. {randchars}5{/randchars}
dquote = encloses a string with double quotes
squote = encloses a string with single quotes

Hackvertor tool