mirror of
https://github.com/hahwul/WebHackersWeapons.git
synced 2025-03-07 22:47:17 -05:00
distribute readme
This commit is contained in:
hahwul
parent
b9f07fc64d
commit
2c00338b1e
@ -75,6 +75,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
|
|||||||
| Discovery/DOMAIN | [assetfinder](https://github.com/tomnomnom/assetfinder) | Find domains and subdomains related to a given domain |  |  |
|
| Discovery/DOMAIN | [assetfinder](https://github.com/tomnomnom/assetfinder) | Find domains and subdomains related to a given domain |  |  |
|
||||||
| Discovery/DOMAIN | [chaos-client](https://github.com/projectdiscovery/chaos-client) | Go client to communicate with Chaos DNS API. |  |  |
|
| Discovery/DOMAIN | [chaos-client](https://github.com/projectdiscovery/chaos-client) | Go client to communicate with Chaos DNS API. |  |  |
|
||||||
| Discovery/DOMAIN | [ditto](https://github.com/evilsocket/ditto) | A tool for IDN homograph attacks and detection. |  |  |
|
| Discovery/DOMAIN | [ditto](https://github.com/evilsocket/ditto) | A tool for IDN homograph attacks and detection. |  |  |
|
||||||
|
| Discovery/DOMAIN | [dmut](https://github.com/bp0lr/dmut) | A tool to perform permutations, mutations and alteration of subdomains in golang. |  |  |
|
||||||
| Discovery/DOMAIN | [findomain](https://github.com/Edu4rdSHL/findomain) | The fastest and cross-platform subdomain enumerator, do not waste your time. |  |  |
|
| Discovery/DOMAIN | [findomain](https://github.com/Edu4rdSHL/findomain) | The fastest and cross-platform subdomain enumerator, do not waste your time. |  |  |
|
||||||
| Discovery/DOMAIN | [knock](https://github.com/guelfoweb/knock) | Knock Subdomain Scan |  |  |
|
| Discovery/DOMAIN | [knock](https://github.com/guelfoweb/knock) | Knock Subdomain Scan |  |  |
|
||||||
| Discovery/DOMAIN | [subfinder](https://github.com/projectdiscovery/subfinder) | Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. |  |  |
|
| Discovery/DOMAIN | [subfinder](https://github.com/projectdiscovery/subfinder) | Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. |  |  |
|
||||||
@ -154,6 +155,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
|
|||||||
| Scanner/RECON | [Osmedeus](https://github.com/j3ssie/Osmedeus) | Fully automated offensive security framework for reconnaissance and vulnerability scanning |  |  |
|
| Scanner/RECON | [Osmedeus](https://github.com/j3ssie/Osmedeus) | Fully automated offensive security framework for reconnaissance and vulnerability scanning |  |  |
|
||||||
| Scanner/RECON | [Sn1per](https://github.com/1N3/Sn1per) | Automated pentest framework for offensive security experts |  |  |
|
| Scanner/RECON | [Sn1per](https://github.com/1N3/Sn1per) | Automated pentest framework for offensive security experts |  |  |
|
||||||
| Scanner/RECON | [megplus](https://github.com/EdOverflow/megplus) | Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED] |  |  |
|
| Scanner/RECON | [megplus](https://github.com/EdOverflow/megplus) | Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED] |  |  |
|
||||||
|
| Scanner/REDIRECT | [OpenRedireX](https://github.com/devanshbatham/OpenRedireX) | A Fuzzer for OpenRedirect issues |  |  |
|
||||||
| Scanner/S3 | [AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump) | Security Tool to Look For Interesting Files in S3 Buckets |  |  |
|
| Scanner/S3 | [AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump) | Security Tool to Look For Interesting Files in S3 Buckets |  |  |
|
||||||
| Scanner/S3 | [S3Scanner](https://github.com/sa7mon/S3Scanner) | Scan for open AWS S3 buckets and dump the contents |  |  |
|
| Scanner/S3 | [S3Scanner](https://github.com/sa7mon/S3Scanner) | Scan for open AWS S3 buckets and dump the contents |  |  |
|
||||||
| Scanner/SMUGGLE | [HRS](https://github.com/SafeBreach-Labs/HRS) | HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020. |  |  |
|
| Scanner/SMUGGLE | [HRS](https://github.com/SafeBreach-Labs/HRS) | HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020. |  |  |
|
||||||
@ -183,6 +185,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
|
|||||||
| Scanner/WVS | [nikto](https://github.com/sullo/nikto) | Nikto web server scanner |  |  |
|
| Scanner/WVS | [nikto](https://github.com/sullo/nikto) | Nikto web server scanner |  |  |
|
||||||
| Scanner/WVS | [rapidscan](https://github.com/skavngr/rapidscan) | The Multi-Tool Web Vulnerability Scanner. |  |  |
|
| Scanner/WVS | [rapidscan](https://github.com/skavngr/rapidscan) | The Multi-Tool Web Vulnerability Scanner. |  |  |
|
||||||
| Scanner/WVS | [zap-cli](https://github.com/Grunny/zap-cli) | A simple tool for interacting with OWASP ZAP from the commandline. |  |  |
|
| Scanner/WVS | [zap-cli](https://github.com/Grunny/zap-cli) | A simple tool for interacting with OWASP ZAP from the commandline. |  |  |
|
||||||
|
| Scanner/XSS | [DOMPurify](https://github.com/cure53/DOMPurify) | DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo: |  |  |
|
||||||
| Scanner/XSS | [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. |  |  |
|
| Scanner/XSS | [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. |  |  |
|
||||||
| Scanner/XSS | [XSpear](https://github.com/hahwul/XSpear) | Powerfull XSS Scanning and Parameter analysis tool&gem |  |  |
|
| Scanner/XSS | [XSpear](https://github.com/hahwul/XSpear) | Powerfull XSS Scanning and Parameter analysis tool&gem |  |  |
|
||||||
| Scanner/XSS | [dalfox](https://github.com/hahwul/dalfox) | 🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang |  |  |
|
| Scanner/XSS | [dalfox](https://github.com/hahwul/dalfox) | 🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang |  |  |
|
||||||
|
|||||||
52
data.json
52
data.json
@ -287,6 +287,22 @@
|
|||||||
"Windows": ""
|
"Windows": ""
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"DOMPurify": {
|
||||||
|
"Data": "| Scanner/XSS | [DOMPurify](https://github.com/cure53/DOMPurify) | DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo: |  |  |",
|
||||||
|
"Description": "DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:",
|
||||||
|
"Install": {
|
||||||
|
"Linux": "",
|
||||||
|
"MacOS": "",
|
||||||
|
"Windows": ""
|
||||||
|
},
|
||||||
|
"Method": "XSS",
|
||||||
|
"Type": "Scanner",
|
||||||
|
"Update": {
|
||||||
|
"Linux": "",
|
||||||
|
"MacOS": "",
|
||||||
|
"Windows": ""
|
||||||
|
}
|
||||||
|
},
|
||||||
"DSSS": {
|
"DSSS": {
|
||||||
"Data": "| Scanner/SQLi | [DSSS](https://github.com/stamparm/DSSS) | Damn Small SQLi Scanner |  |  |",
|
"Data": "| Scanner/SQLi | [DSSS](https://github.com/stamparm/DSSS) | Damn Small SQLi Scanner |  |  |",
|
||||||
"Description": "Damn Small SQLi Scanner",
|
"Description": "Damn Small SQLi Scanner",
|
||||||
@ -575,6 +591,22 @@
|
|||||||
"Windows": "cd OneForAll; git pull -v; pip3 install -r requirements.txt"
|
"Windows": "cd OneForAll; git pull -v; pip3 install -r requirements.txt"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"OpenRedireX": {
|
||||||
|
"Data": "| Scanner/REDIRECT | [OpenRedireX](https://github.com/devanshbatham/OpenRedireX) | A Fuzzer for OpenRedirect issues |  |  |",
|
||||||
|
"Description": "A Fuzzer for OpenRedirect issues",
|
||||||
|
"Install": {
|
||||||
|
"Linux": "",
|
||||||
|
"MacOS": "",
|
||||||
|
"Windows": ""
|
||||||
|
},
|
||||||
|
"Method": "REDIRECT",
|
||||||
|
"Type": "Scanner",
|
||||||
|
"Update": {
|
||||||
|
"Linux": "",
|
||||||
|
"MacOS": "",
|
||||||
|
"Windows": ""
|
||||||
|
}
|
||||||
|
},
|
||||||
"Osmedeus": {
|
"Osmedeus": {
|
||||||
"Data": "| Scanner/RECON | [Osmedeus](https://github.com/j3ssie/Osmedeus) | Fully automated offensive security framework for reconnaissance and vulnerability scanning |  |  |",
|
"Data": "| Scanner/RECON | [Osmedeus](https://github.com/j3ssie/Osmedeus) | Fully automated offensive security framework for reconnaissance and vulnerability scanning |  |  |",
|
||||||
"Description": "Fully automated offensive security framework for reconnaissance and vulnerability scanning ",
|
"Description": "Fully automated offensive security framework for reconnaissance and vulnerability scanning ",
|
||||||
@ -1392,15 +1424,15 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"commix": {
|
"commix": {
|
||||||
"Type": "Scanner",
|
|
||||||
"Data": "| Scanner/RCE | [commix](https://github.com/commixproject/commix) | Automated All-in-One OS Command Injection Exploitation Tool. |  |  |",
|
"Data": "| Scanner/RCE | [commix](https://github.com/commixproject/commix) | Automated All-in-One OS Command Injection Exploitation Tool. |  |  |",
|
||||||
"Method": "RCE",
|
|
||||||
"Description": "Automated All-in-One OS Command Injection Exploitation Tool.",
|
"Description": "Automated All-in-One OS Command Injection Exploitation Tool.",
|
||||||
"Install": {
|
"Install": {
|
||||||
"Linux": "",
|
"Linux": "",
|
||||||
"MacOS": "",
|
"MacOS": "",
|
||||||
"Windows": ""
|
"Windows": ""
|
||||||
},
|
},
|
||||||
|
"Method": "RCE",
|
||||||
|
"Type": "Scanner",
|
||||||
"Update": {
|
"Update": {
|
||||||
"Linux": "",
|
"Linux": "",
|
||||||
"MacOS": "",
|
"MacOS": "",
|
||||||
@ -1519,6 +1551,22 @@
|
|||||||
"Windows": ""
|
"Windows": ""
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"dmut": {
|
||||||
|
"Type": "Discovery",
|
||||||
|
"Data": "| Discovery/DOMAIN | [dmut](https://github.com/bp0lr/dmut) | A tool to perform permutations, mutations and alteration of subdomains in golang. |  |  |",
|
||||||
|
"Method": "DOMAIN",
|
||||||
|
"Description": "A tool to perform permutations, mutations and alteration of subdomains in golang.",
|
||||||
|
"Install": {
|
||||||
|
"Linux": "",
|
||||||
|
"MacOS": "",
|
||||||
|
"Windows": ""
|
||||||
|
},
|
||||||
|
"Update": {
|
||||||
|
"Linux": "",
|
||||||
|
"MacOS": "",
|
||||||
|
"Windows": ""
|
||||||
|
}
|
||||||
|
},
|
||||||
"dnsobserver": {
|
"dnsobserver": {
|
||||||
"Data": "| Utility/CALLBACK | [dnsobserver](https://github.com/allyomalley/dnsobserver) | A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack. |  |  |",
|
"Data": "| Utility/CALLBACK | [dnsobserver](https://github.com/allyomalley/dnsobserver) | A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack. |  |  |",
|
||||||
"Description": "A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack. ",
|
"Description": "A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack. ",
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user