bros encode
The Bros Encode module was designed with pentesters in mind who are often needing to encode and decode various payloads (similar to using Burp Suite's encode/decode feature).
The encode module has two modes, standard and interactive. Both modes currently support URL, HTML, Base64, ASCII hex, MD5, SHA1, and SHA256.
### Bros Encode Standard Mode
The Bros Encode Standard Mode allows for quick encoding/decoding/hashing for an input string.
For example, to URL encode an XSS payload, you can enter the following:
bros encode '<script>alert(1)</script>' url
You can double url encode the string with
bros encode '<script>alert(1)</script>' url 2
Which can be abbreviated as
bros enc '<script>alert(1)</script>' u2
You can perform the reverse by entering
bros decode '%253Cscript%253Ealert%25281%2529%253C%252Fscript%253E' url 2
See bros 63 for more examples.
### Bros Encode Interactive Mode
bros encode
Will start the encode module in interactive mode with no input to start with.
bros encode '<script>alert(1)</script>'
Will start the encode module in interactive mode with the user input already filled.
At any time, you can exit and save the Output field to your clipboard by pressing the return key.
In interactive mode you can cycle through the available encoding types by pressing Ctrl + t
You can flip between encoding and decoding by entering Ctrl + f
While Apply Output Value to Input may sound confusing, Ctrl + a will simply apply the current value of the output field to the input field.
For example, lets say you want to double URL encode <script>alert(1)</script>
You would do that by entering bros encode '<script>alert(1)</script>' from the command line, then pressing Ctrl + a, then pressing the return key.
See the following video for a demonstration.
