The Multi Encoder is an advanced Hackvertor feature that allows you to explore multiple transformation paths simultaneously. It's useful for finding encoding combinations that work for specific security testing scenarios.

1. Select text in any Burp Suite text area
2. Right-click and choose Multi Encoder (or press Ctrl+Alt+M)
3. The Multi Encoder window opens with your selected text

Note: Multi Encoder fully supports Burp Suite's dark theme, including Early Adopter (EA) builds. The v2.2.42 update improved dark theme UI compatibility.

• Input Area (top): Your source text
• Layer Tabs: Each tab represents a transformation layer
• Tag Selection Grid: Available tags for each layer
• Output Preview: Shows results of all transformation combinations
• Category Checkboxes: Enable/disable tag categories

┌──────────────────────────────────────┐
│ Input: [your text here]              │
├──────────────────────────────────────┤
│ Layer 1 │ Layer 2 │ Layer 3 │ +      │
├──────────────────────────────────────┤
│ [Search tags...]        [Filter]     │
├──────────────────────────────────────┤
│ ☐ base64  ☐ hex  ☐ urlencode ...    │
├──────────────────────────────────────┤
│ Categories: ☑Encode ☑Decode ☐Custom  │
├──────────────────────────────────────┤
│ Output Preview:                       │
│ ┌────────────────────────────────────┐
│ │ Result 1: SGVsbG8=                 │
│ │ Result 2: 48656c6c6f               │
│ │ ...                                │
│ └────────────────────────────────────┘
└──────────────────────────────────────┘

1. Enter or paste text in the input area
2. Select tags to try in Layer 1
3. Add more layers for chained transformations
4. View all combinations in the output preview
5. Copy desired results

• Click the + button to add a new layer
• Each layer applies its selected tags to the previous layer's output
• Transformations chain: Layer 1 → Layer 2 → Layer 3 → ...
• Layer buttons use a wrapped layout that adapts to window size

• Check boxes next to tags to include them
• Use the search box to filter tags by name
• Use category checkboxes to show/hide tag types

Goal: Find an encoding that bypasses a filter

Input: <script>alert(1)</script>

Layer 1 selections:

• base64
• hex
• urlencode
• html_entities

Layer 2 selections:

• urlencode
• base64

Output preview shows combinations:

base64 → urlencode: PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
base64 → base64: UEhOamNtbHdkRDVoYkdWeWRDZ3hLVHd2YzJOeWFYQjBQZz09
hex → urlencode: %3c%73%63%72%69%70%74...
html_entities → base64: Jmx0O3NjcmlwdCZndDthbGVydCgx...
...

Use the category filter checkboxes to quickly enable or disable tag categories. The filter applies to the output preview, showing only transformations using selected categories.

Enable/disable categories using checkboxes:

Some categories are disabled by default for safety:

• Custom: User-defined tags (may execute code)
• System: System commands
• Languages: Code execution (Python, JS, etc.)

Enable these only when needed and understand the security implications. Dangerous categories require explicit confirmation before being shown.

To prevent performance issues:

• Start with fewer tags and add more as needed
• Use search to filter to relevant tags
• Disable categories you don't need
• Keep input size reasonable
• Remove unused layers

The output preview shows all transformation combinations:

[base64] → SGVsbG8gV29ybGQ=
[hex] → 48656c6c6f20576f726c64
[base64 → urlencode] → SGVsbG8gV29ybGQ%3d
[base64 → base64] → U0dWc2JHOGdWMjl5YkdRPQ==

• Click on a result to select it
• Right-click to copy
• Use the copy button to copy selected result
• "Copy all" copies all variants

When you send a Multi Encoder result to Repeater, the first layer tag name is used as the Repeater tab name for easy identification.

Each result shows:

• Tag chain used (in brackets)
• Transformed output

Multi Encoder saves its state per Burp project:

• Selected tags per layer
• Number of layers
• Category selections
• Input text

When you reopen Multi Encoder, your previous configuration is restored.

1. Enter payload that's being filtered
2. Select various encoding combinations
3. Test outputs against the filter
4. Identify which encodings bypass it

1. Enter plaintext
2. Select multiple encodings
3. See how different encodings transform the same input
4. Compare output lengths and characteristics

1. Know the target accepts a specific format
2. Work backwards through encoding layers
3. Find the right combination to produce valid output

1. Enter base payload
2. Generate multiple encoded versions
3. Use in fuzzing or manual testing

• Type in search to filter immediately
• Use regex patterns in search for advanced filtering
• Clear search to see all tags again

• Start with most likely encodings
• Add layers only when needed
• Remove layers that don't contribute useful results

• Long outputs are truncated in preview
• Full output available when copied
• Double-click to view full output in dialog

• Reduce number of selected tags
• Remove unnecessary layers
• Use category filters

• Reduce input size
• Select fewer tags
• Disable expensive operations (compression, hashing)
• Wait for timeout if stuck

• Check category filters
• Search for the tag name
• Verify the tag exists in Hackvertor

• Verify input is not empty
• Select at least one tag per layer
• Check for conversion errors in output