Published 18 years 7 months ago • Last updated March 22, 2025 • ⏱️ 2 min read
I've been busy catching up with some of the projects I've been working on and I'm pleased to announce a new version of Hackvertor, if you don't know what it is check it out. It's a useful tool to help with conversions and pen testing server side XSS filters. I decided to write the tool to make my work easier and improve security filters I've been working on.
-You can now send the HTML output to a new window or external site within a iframe. -Semi colons are now switched off by default for entities -Entities are optional for hex encoding etc
dec = decimal encoding with/without entities hex = hex encoding with/without entities uni = unicode encoding oct = octal encoding enc = url encoding concat = creates a string concatenation of whatever is supplied e.g.:- x0=(1^2==0)?'t':'ABC'+'DEFG';x1=(1^2==0)?'e':'ABC'+'DEFG'; x2=(1^2==0)?'s':'ABC'+'DEFG';x3=(1^2==0)?'t':'ABC'+'DEFG'; x4=x0+x1+x2+x3;
javachar = java livescript based char code conversion charcode = standard character code conversion eval = obscures a eval code block tag = doesn't do much yet other than insert a random tag with a javascript execution point randchars = creates random characters depending on int supplied e.g. {randchars}5{/randchars} dquote = encloses a string with double quotes squote = encloses a string with single quotes