forked from hackvertor/hackvertor
-
Notifications
You must be signed in to change notification settings - Fork 14
Expand file tree
/
Copy pathBappDescription.html
More file actions
138 lines (99 loc) · 6.3 KB
/
Copy pathBappDescription.html
File metadata and controls
138 lines (99 loc) · 6.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<p>
Hackvertor is a tag-based conversion tool for transforming, encoding, decoding, encrypting, hashing, and otherwise
manipulating data inside Burp Suite. Operations are expressed as XML-like tags such as
<code class="InlineCode"><@base64>text</@base64></code>, which can be nested to any depth and accept
string, boolean, or numeric arguments to compose complex conversion chains.
</p>
<h2>Features</h2>
<ul>
<li>Large built-in tag library covering encoding, decoding, encryption, decryption, hashing, HMAC, compression,
charset conversion, date, math, string manipulation, XSS payloads, conditions, and system operations.</li>
<li>Unlimited tag nesting that evaluates from the innermost tag outwards, letting you build multi-step conversion
pipelines in a single expression.</li>
<li>Use tags directly in Repeater requests and in any request editor via a dedicated message editor tab, so the
server receives the converted payload while you keep the readable tag in view.</li>
<li>Create custom tags in JavaScript, Python, Groovy, or Java to extend the tag set with your own conversion logic.
</li>
<li>AI-assisted workflows: generate custom tag code from a natural-language prompt, run AI-only custom tags,
auto-summarise custom tag code, and analyse Repeater traffic to derive encoding and decoding tags automatically.
</li>
<li>Global variables that can be referenced across tags and sessions, plus a Tag Automator for scripted multi-tag
execution against requests and responses.</li>
<li>Smart auto-decoding to identify and unwrap unknown encodings, with WebSocket support through the Montoya API.
</li>
<li>Copy converted output as a Bambda for reuse in other Burp features.</li>
</ul>
<h2>Usage</h2>
<ul>
<li>Open the Hackvertor tab in Burp Suite and type or paste text into the input pane.</li>
<li>Select the text you want to convert, then browse the category tabs (Encode, Decode, Hash, Encrypt, Languages,
and so on) and click a tag to wrap the selection.</li>
<li>Hackvertor evaluates the tags from the innermost outwards and shows the converted result in the output pane.
</li>
<li>To use tags in live traffic, right-click a request in Repeater and choose the Hackvertor menu, or switch a
request editor to the Hackvertor message tab. Tags are rendered on send so the server receives the converted
request.</li>
<li>Open the Hackvertor menu and choose Create custom tag to add your own tag in JavaScript, Python, Groovy, Java,
or AI, and manage stored variables under Global variables.</li>
</ul>
<h2>Hackvertor AI features</h2>
<h3>Use AI to generate code</h3>
<p>This feature allows a user to generate custom tags in JavaScript, Python, Groovy or Java without any coding
knowledge.</p>
<h4>How to enable it</h4>
<p>Go to Hackvertor settings in the Hackvertor menu and check the following options: Hackvertor → Settings → AI
→ Use AI to generate code</p>
<h4>How it works</h4>
<p>Go to the Hackvertor menu and create a custom tag (Hackvertor → Create custom tag). Give it a tag name, such as
Reverse, and select your language. In this example, we will use JavaScript. In the code box, type your prompt. For
example, "Reverse this text". Then click the Use AI to generate code button. This will generate the JavaScript code
for you, based on the given prompt.</p>
<h3>AI custom tags</h3>
<p>Hackvertor also allows you to generate custom tags from AI prompts directly.</p>
<h4>How to enable it</h4>
<p>Go to Hackvertor settings in the Hackvertor menu and check the following options:</p>
<ul>
<li>Hackvertor → Settings → AI → Use AI to generate code</li>
</ul>
<h4>How it works</h4>
<p>Go to the Hackvertor menu and create a custom tag (Hackvertor → Create custom tag). Give it a tag name, such as
Reverse, and select AI as the language. In the code box, type your prompt. For example, "Reverse this text". Then
click Create tag. You can now use this custom tag in the Hackvertor interface.</p>
<h3>Summarise custom tag code</h3>
<p>This will use AI to automatically create a text description of any custom tag. This works when you create or update a
custom tag.</p>
<h4>How to enable it</h4>
<p>Go to Hackvertor settings in the Hackvertor menu and check the following options:</p>
<ul>
<li>Hackvertor → Settings → AI → Use AI to generate code</li>
<li>Hackvertor → Settings → AI → Use AI to summarise custom tag code</li>
</ul>
<h4>How it works</h4>
<p>Simply create a custom tag in a language, such as JavaScript, and Hackvertor will automatically give you a text
description of what the code does.</p>
<p>Note: This does not work when creating an AI custom tag, as the prompt itself provides a description.</p>
<h3>Learn from Repeater</h3>
<p>This feature analyzes Repeater requests with AI, and tries to automatically produce the relevant encoding and
decoding custom tags.</p>
<h4>How to enable it</h4>
<p>Go to Hackvertor settings in the Hackvertor menu and check the following options:</p>
<ul>
<li>Hackvertor → Settings → AI → Use AI to generate code</li>
<li>Hackvertor → Settings → AI → Use AI to learn from Repeater</li>
</ul>
<h4>How it works</h4>
<p>In Repeater, you need a request with an unknown encoding. For example, \x66\x6F\x6F\x62\x61\x72</p>
<p>Place this value in a GET parameter. For example:</p>
<pre class="pre-wrap"><code class="Code">GET /?x=\x66\x6F\x6F\x62\x61\x72 HTTP/2
Host: hackvertor.co.uk
Accept-Encoding: gzip, deflate, br
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36
Cache-Control: max-age=0
</code></pre>
<p>Now send this request to Repeater around 5 times. After the 5th request Hackvertor should send the request to the AI
for analysis. If successful, it should produce custom tags that encode or decode the encoding.</p>
<p>If you enable Debug AI requests in the Settings, you should see the conversation between Hackvertor and the AI.</p>
<p>When the tags have been created, they should be available in Hackvertor → List custom tags.</p>
<p>Copyright © 2015-2026 PortSwigger Ltd.</p>