mirror of
https://github.com/hahwul/WebHackersWeapons.git
synced 2025-03-07 14:25:52 -05:00
Update README.md
This commit is contained in:
하훌
GitHub
parent
95a4d42b5d
commit
53ede49e11
19
README.md
19
README.md
@ -4,24 +4,27 @@
|
|||||||
<br>
|
<br>
|
||||||
Web Hacker's Weapons
|
Web Hacker's Weapons
|
||||||
<br>
|
<br>
|
||||||
<a href="https://twitter.com/intent/follow?screen_name=hahwul"><img src="https://img.shields.io/twitter/follow/hahwul?style=flat-square"></a> <img src="https://img.shields.io/github/languages/top/hahwul/WebHackersWeapons?style=flat-square"> <img src="https://img.shields.io/github/last-commit/hahwul/WebHackersWeapons?style=flat-square">
|
<a href="https://twitter.com/intent/follow?screen_name=hahwul"><img src="https://img.shields.io/twitter/follow/hahwul?style=flat-square"></a> <img src="https://img.shields.io/github/languages/top/hahwul/WebHackersWeapons?style=flat-square"> <img src="https://img.shields.io/github/last-commit/hahwul/WebHackersWeapons?style=flat-square">
|
||||||
</h1>
|
</h1>
|
||||||
A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
|
A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
|
||||||
|
|
||||||
## Table of Contents
|
## Table of Contents
|
||||||
- [Weapons](#weapons)
|
- [Weapons](#weapons)
|
||||||
- [Contribute](#contribute-and-contributor)
|
- [Contribute](#contribute-and-contributor)
|
||||||
|
|
||||||
## Weapons
|
## Weapons
|
||||||
| Type | Name | Description | Popularity | Language |
|
| Type | Name | Description | Popularity | Language |
|
||||||
| ---------- | :---------- | :----------: | :----------: | :----------: |
|
| ---------- | :---------- | :----------: | :----------: | :----------: |
|
||||||
| Army-Knife/BURP | [BurpSuite](https://portswigger.net/burp) | It's Awesome|it's not|github:dog:|
|
| Army-Knife/BURP | [BurpSuite](https://portswigger.net/burp) | It's Awesome|it's not|github:dog:|
|
||||||
| Army-Knife/ZAP | [zaproxy](https://github.com/zaproxy/zaproxy) | The OWASP ZAP core project |  |  |
|
| Army-Knife/ZAP | [zaproxy](https://github.com/zaproxy/zaproxy) | The OWASP ZAP core project |  |  |
|
||||||
| Discovery/CRAWL | [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. |  |  |
|
| Discovery/CRAWL | [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. |  |  |
|
||||||
| Discovery/CRAWL | [gospider](https://github.com/jaeles-project/gospider) | Gospider - Fast web spider written in Go |  |  |
|
| Discovery/CRAWL | [gospider](https://github.com/jaeles-project/gospider) | Gospider - Fast web spider written in Go |  |  |
|
||||||
|
| Discovery/DNS | [DNSDumpster](https://dnsdumpster.com) | Online dns recon & research, find & lookup dns records|it's not|github:dog:|
|
||||||
|
| Discovery/DNS | [SecurityTrails](https://securitytrails.com) | Online dns / subdomain / recon tool|it's not|github:dog:|
|
||||||
| Discovery/DNS | [dnsprobe](https://github.com/projectdiscovery/dnsprobe) | DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |  |  |
|
| Discovery/DNS | [dnsprobe](https://github.com/projectdiscovery/dnsprobe) | DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |  |  |
|
||||||
| Discovery/DNS | [shuffledns](https://github.com/projectdiscovery/shuffledns) | shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. |  |  |
|
| Discovery/DNS | [shuffledns](https://github.com/projectdiscovery/shuffledns) | shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. |  |  |
|
||||||
| Discovery/DOMAIN | [Amass](https://github.com/OWASP/Amass) | In-depth Attack Surface Mapping and Asset Discovery |  |  |
|
| Discovery/DOMAIN | [Amass](https://github.com/OWASP/Amass) | In-depth Attack Surface Mapping and Asset Discovery |  |  |
|
||||||
|
| Discovery/DOMAIN | [Sublist3r](https://github.com/aboul3la/Sublist3r) | Fast subdomains enumeration tool for penetration testers |  |  |
|
||||||
| Discovery/DOMAIN | [assetfinder](https://github.com/tomnomnom/assetfinder) | Find domains and subdomains related to a given domain |  |  |
|
| Discovery/DOMAIN | [assetfinder](https://github.com/tomnomnom/assetfinder) | Find domains and subdomains related to a given domain |  |  |
|
||||||
| Discovery/DOMAIN | [findomain](https://github.com/Edu4rdSHL/findomain) | The fastest and cross-platform subdomain enumerator, do not waste your time. |  |  |
|
| Discovery/DOMAIN | [findomain](https://github.com/Edu4rdSHL/findomain) | The fastest and cross-platform subdomain enumerator, do not waste your time. |  |  |
|
||||||
| Discovery/DOMAIN | [knock](https://github.com/guelfoweb/knock) | Knock Subdomain Scan |  |  |
|
| Discovery/DOMAIN | [knock](https://github.com/guelfoweb/knock) | Knock Subdomain Scan |  |  |
|
||||||
@ -32,6 +35,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
|
|||||||
| Discovery/GIT | [gitGraber](https://github.com/hisxo/gitGraber) | gitGraber |  |  |
|
| Discovery/GIT | [gitGraber](https://github.com/hisxo/gitGraber) | gitGraber |  |  |
|
||||||
| Discovery/GIT | [gitrob](https://github.com/michenriksen/gitrob) | Reconnaissance tool for GitHub organizations |  |  |
|
| Discovery/GIT | [gitrob](https://github.com/michenriksen/gitrob) | Reconnaissance tool for GitHub organizations |  |  |
|
||||||
| Discovery/HTTP | [Arjun](https://github.com/s0md3v/Arjun) | HTTP parameter discovery suite. |  |  |
|
| Discovery/HTTP | [Arjun](https://github.com/s0md3v/Arjun) | HTTP parameter discovery suite. |  |  |
|
||||||
|
| Discovery/PORT | [Shodan](https://www.shodan.io/) | World's first search engine for Internet-connected devices|it's not|github:dog:|
|
||||||
| Discovery/PORT | [masscan](https://github.com/robertdavidgraham/masscan) | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. |  |  |
|
| Discovery/PORT | [masscan](https://github.com/robertdavidgraham/masscan) | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. |  |  |
|
||||||
| Discovery/PORT | [naabu](https://github.com/projectdiscovery/naabu) | A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests |  |  |
|
| Discovery/PORT | [naabu](https://github.com/projectdiscovery/naabu) | A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests |  |  |
|
||||||
| Discovery/PORT | [nmap](https://github.com/nmap/nmap) | Nmap - the Network Mapper. Github mirror of official SVN repository. |  |  |
|
| Discovery/PORT | [nmap](https://github.com/nmap/nmap) | Nmap - the Network Mapper. Github mirror of official SVN repository. |  |  |
|
||||||
@ -49,8 +53,9 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
|
|||||||
| Scanner/LFI | [LFISuite](https://github.com/D35m0nd142/LFISuite) | Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner |  |  |
|
| Scanner/LFI | [LFISuite](https://github.com/D35m0nd142/LFISuite) | Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner |  |  |
|
||||||
| Scanner/LFI | [dotdotpwn](https://github.com/wireghoul/dotdotpwn) | DotDotPwn - The Directory Traversal Fuzzer |  |  |
|
| Scanner/LFI | [dotdotpwn](https://github.com/wireghoul/dotdotpwn) | DotDotPwn - The Directory Traversal Fuzzer |  |  |
|
||||||
| Scanner/NOSQL | [NoSQLMap](https://github.com/codingo/NoSQLMap) | Automated NoSQL database enumeration and web application exploitation tool. |  |  |
|
| Scanner/NOSQL | [NoSQLMap](https://github.com/codingo/NoSQLMap) | Automated NoSQL database enumeration and web application exploitation tool. |  |  |
|
||||||
|
| Scanner/S3 | [S3Scanner](https://github.com/sa7mon/S3Scanner) | Scan for open AWS S3 buckets and dump the contents |  |  |
|
||||||
|
| Scanner/SQL | [SQLNinja](https://gitlab.com/kalilinux/packages/sqlninja) | SQL Injection scanner|it's not|github:dog:|
|
||||||
| Scanner/SQL | [sqlmap](https://github.com/sqlmapproject/sqlmap) | Automatic SQL injection and database takeover tool |  |  |
|
| Scanner/SQL | [sqlmap](https://github.com/sqlmapproject/sqlmap) | Automatic SQL injection and database takeover tool |  |  |
|
||||||
| Scanner/SQL | [sqlninja](https://github.com/xxgrunge/sqlninja) | SQL Injection Tool |  |  |
|
|
||||||
| Scanner/SSL | [a2sv](https://github.com/hahwul/a2sv) | Auto Scanning to SSL Vulnerability |  |  |
|
| Scanner/SSL | [a2sv](https://github.com/hahwul/a2sv) | Auto Scanning to SSL Vulnerability |  |  |
|
||||||
| Scanner/SSL | [testssl.sh](https://github.com/drwetter/testssl.sh) | Testing TLS/SSL encryption anywhere on any port |  |  |
|
| Scanner/SSL | [testssl.sh](https://github.com/drwetter/testssl.sh) | Testing TLS/SSL encryption anywhere on any port |  |  |
|
||||||
| Scanner/WP | [wpscan](https://github.com/wpscanteam/wpscan) | WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. |  |  |
|
| Scanner/WP | [wpscan](https://github.com/wpscanteam/wpscan) | WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. |  |  |
|
||||||
@ -59,14 +64,18 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
|
|||||||
| Scanner/WVS | [nikto](https://github.com/sullo/nikto) | Nikto web server scanner |  |  |
|
| Scanner/WVS | [nikto](https://github.com/sullo/nikto) | Nikto web server scanner |  |  |
|
||||||
| Scanner/WVS | [zap-cli](https://github.com/Grunny/zap-cli) | A simple tool for interacting with OWASP ZAP from the commandline. |  |  |
|
| Scanner/WVS | [zap-cli](https://github.com/Grunny/zap-cli) | A simple tool for interacting with OWASP ZAP from the commandline. |  |  |
|
||||||
| Scanner/XSS | [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. |  |  |
|
| Scanner/XSS | [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. |  |  |
|
||||||
| Scanner/XSS | [xspear](https://github.com/hahwul/xspear) | Powerfull XSS Scanning and Parameter analysis tool&gem |  |  |
|
| Scanner/XSS | [XSpear](https://github.com/hahwul/XSpear) | Powerfull XSS Scanning and Parameter analysis tool&gem |  |  |
|
||||||
| Utility/CLIP | [ftc](https://github.com/hahwul/ftc) | simple copy to file to clipboard |  |  |
|
| Utility/CLIP | [ftc](https://github.com/hahwul/ftc) | simple copy to file to clipboard |  |  |
|
||||||
|
| Utility/CSP | [CSP Evaluator](https://csp-evaluator.withgoogle.com) | Online CSP Evaluator from google|it's not|github:dog:|
|
||||||
|
| Utility/ETC | [Phoenix](https://www.hahwul.com/p/phoenix.html) | hahwul's online tools|it's not|github:dog:|
|
||||||
| Utility/FIND | [fzf](https://github.com/junegunn/fzf) | A command-line fuzzy finder |  |  |
|
| Utility/FIND | [fzf](https://github.com/junegunn/fzf) | A command-line fuzzy finder |  |  |
|
||||||
|
| Utility/FLOW | [SequenceDiagram](https://sequencediagram.org) | Online tool for creating UML sequence diagrams|it's not|github:dog:|
|
||||||
| Utility/GREP | [gf](https://github.com/tomnomnom/gf) | A wrapper around grep, to help you grep for things |  |  |
|
| Utility/GREP | [gf](https://github.com/tomnomnom/gf) | A wrapper around grep, to help you grep for things |  |  |
|
||||||
| Utility/JSON | [gron](https://github.com/tomnomnom/gron) | Make JSON greppable! |  |  |
|
| Utility/JSON | [gron](https://github.com/tomnomnom/gron) | Make JSON greppable! |  |  |
|
||||||
| Utility/S3 | [s3reverse](https://github.com/hahwul/s3reverse) | The format of various s3 buckets is convert in one format. for bugbounty and security testing. |  |  |
|
| Utility/S3 | [s3reverse](https://github.com/hahwul/s3reverse) | The format of various s3 buckets is convert in one format. for bugbounty and security testing. |  |  |
|
||||||
| Utility/VULN | [oxml_xxe](https://github.com/BuffaloWill/oxml_xxe) | A tool for embedding XXE/XML exploits into different filetypes |  |  |
|
| Utility/VULN | [oxml_xxe](https://github.com/BuffaloWill/oxml_xxe) | A tool for embedding XXE/XML exploits into different filetypes |  |  |
|
||||||
| Utility/VULN | [ysoserial](https://github.com/frohoff/ysoserial) | A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |  |  |
|
| Utility/VULN | [ysoserial](https://github.com/frohoff/ysoserial) | A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |  |  |
|
||||||
|
| Utility/WORD | [SecLists](https://github.com/danielmiessler/SecLists) | SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. |  |  |
|
||||||
## Contribute and Contributor
|
## Contribute and Contributor
|
||||||
### Usage of add-tool
|
### Usage of add-tool
|
||||||
```
|
```
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user