Awesome-Mirrors/WebHackersWeapons
1
0
Fork 0
mirror of https://github.com/hahwul/WebHackersWeapons.git synced 2025-03-08 06:56:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
하훌 2020-04-07 02:19:43 +09:00 committed by GitHub
parent 5f9ac81aab
commit 5ac49606c0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 80 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
README.md
View File

@ -31,41 +31,98 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
## Weapons ## Weapons
## Fetch path and host
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [httprobe](https://github.com/tomnomnom/httprobe) | Take a list of domains and probe for working HTTP and HTTPS servers | ![](https://img.shields.io/github/stars/tomnomnom/httprobe) | ![](https://img.shields.io/github/languages/top/tomnomnom/httprobe) | ![](https://img.shields.io/github/repo-size/tomnomnom/httprobe)<br>![](https://img.shields.io/github/license/tomnomnom/httprobe) <br> ![](https://img.shields.io/github/forks/tomnomnom/httprobe) <br> ![](https://img.shields.io/github/watchers/tomnomnom/httprobe) |
| [meg](https://github.com/tomnomnom/meg) | Fetch many paths for many hosts - without killing the hosts | ![](https://img.shields.io/github/stars/tomnomnom/meg) | ![](https://img.shields.io/github/languages/top/tomnomnom/meg) | ![](https://img.shields.io/github/repo-size/tomnomnom/meg)<br>![](https://img.shields.io/github/license/tomnomnom/meg) <br> ![](https://img.shields.io/github/forks/tomnomnom/meg) <br> ![](https://img.shields.io/github/watchers/tomnomnom/meg) |
## Web Discovery
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [Arjun](https://github.com/s0md3v/Arjun) | HTTP parameter discovery suite. | ![](https://img.shields.io/github/stars/s0md3v/Arjun) | ![](https://img.shields.io/github/languages/top/s0md3v/Arjun) | ![](https://img.shields.io/github/repo-size/s0md3v/Arjun)<br>![](https://img.shields.io/github/license/s0md3v/Arjun) <br> ![](https://img.shields.io/github/forks/s0md3v/Arjun) <br> ![](https://img.shields.io/github/watchers/s0md3v/Arjun) |
| [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. | ![](https://img.shields.io/github/stars/s0md3v/Photon) | ![](https://img.shields.io/github/languages/top/s0md3v/Photon) | ![](https://img.shields.io/github/repo-size/s0md3v/Photon)<br>![](https://img.shields.io/github/license/s0md3v/Photon) <br> ![](https://img.shields.io/github/forks/s0md3v/Photon) <br> ![](https://img.shields.io/github/watchers/s0md3v/Photon) |
| [ReconDog](https://github.com/s0md3v/ReconDog) | Reconnaissance Swiss Army Knife | ![](https://img.shields.io/github/stars/s0md3v/ReconDog) | ![](https://img.shields.io/github/languages/top/s0md3v/ReconDog) | ![](https://img.shields.io/github/repo-size/s0md3v/ReconDog)<br>![](https://img.shields.io/github/license/s0md3v/ReconDog) <br> ![](https://img.shields.io/github/forks/s0md3v/ReconDog) <br> ![](https://img.shields.io/github/watchers/s0md3v/ReconDog) |
| [dnsprobe](https://github.com/projectdiscovery/dnsprobe) | DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. | ![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe) | ![](https://img.shields.io/github/languages/top/projectdiscovery/dnsprobe) | ![](https://img.shields.io/github/repo-size/projectdiscovery/dnsprobe)<br>![](https://img.shields.io/github/license/projectdiscovery/dnsprobe) <br> ![](https://img.shields.io/github/forks/projectdiscovery/dnsprobe) <br> ![](https://img.shields.io/github/watchers/projectdiscovery/dnsprobe) |
| [gospider](https://github.com/jaeles-project/gospider) | Gospider - Fast web spider written in Go | ![](https://img.shields.io/github/stars/jaeles-project/gospider) | ![](https://img.shields.io/github/languages/top/jaeles-project/gospider) | ![](https://img.shields.io/github/repo-size/jaeles-project/gospider)<br>![](https://img.shields.io/github/license/jaeles-project/gospider) <br> ![](https://img.shields.io/github/forks/jaeles-project/gospider) <br> ![](https://img.shields.io/github/watchers/jaeles-project/gospider) |
| [shuffledns](https://github.com/projectdiscovery/shuffledns) | shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. | ![](https://img.shields.io/github/stars/projectdiscovery/shuffledns) | ![](https://img.shields.io/github/languages/top/projectdiscovery/shuffledns) | ![](https://img.shields.io/github/repo-size/projectdiscovery/shuffledns)<br>![](https://img.shields.io/github/license/projectdiscovery/shuffledns) <br> ![](https://img.shields.io/github/forks/projectdiscovery/shuffledns) <br> ![](https://img.shields.io/github/watchers/projectdiscovery/shuffledns) |
| [waybackurls](https://github.com/tomnomnom/waybackurls) | Fetch all the URLs that the Wayback Machine knows about for a domain | ![](https://img.shields.io/github/stars/tomnomnom/waybackurls) | ![](https://img.shields.io/github/languages/top/tomnomnom/waybackurls) | ![](https://img.shields.io/github/repo-size/tomnomnom/waybackurls)<br>![](https://img.shields.io/github/license/tomnomnom/waybackurls) <br> ![](https://img.shields.io/github/forks/tomnomnom/waybackurls) <br> ![](https://img.shields.io/github/watchers/tomnomnom/waybackurls) |
## XSS
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. | ![](https://img.shields.io/github/stars/s0md3v/XSStrike) | ![](https://img.shields.io/github/languages/top/s0md3v/XSStrike) | ![](https://img.shields.io/github/repo-size/s0md3v/XSStrike)<br>![](https://img.shields.io/github/license/s0md3v/XSStrike) <br> ![](https://img.shields.io/github/forks/s0md3v/XSStrike) <br> ![](https://img.shields.io/github/watchers/s0md3v/XSStrike) |
| [Xspear](https://github.com/hahwul/Xspear) | Powerfull XSS Scanning and Parameter analysis tool&gem | ![](https://img.shields.io/github/stars/hahwul/Xspear) | ![](https://img.shields.io/github/languages/top/hahwul/Xspear) | ![](https://img.shields.io/github/repo-size/hahwul/Xspear)<br>![](https://img.shields.io/github/license/hahwul/Xspear) <br> ![](https://img.shields.io/github/forks/hahwul/Xspear) <br> ![](https://img.shields.io/github/watchers/hahwul/Xspear) |
## SQL Injection
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [sqlmap](https://github.com/sqlmapproject/sqlmap) | Automatic SQL injection and database takeover tool | ![](https://img.shields.io/github/stars/sqlmapproject/sqlmap) | ![](https://img.shields.io/github/languages/top/sqlmapproject/sqlmap) | ![](https://img.shields.io/github/repo-size/sqlmapproject/sqlmap)<br>![](https://img.shields.io/github/license/sqlmapproject/sqlmap) <br> ![](https://img.shields.io/github/forks/sqlmapproject/sqlmap) <br> ![](https://img.shields.io/github/watchers/sqlmapproject/sqlmap) |
| [sqlninja](https://github.com/xxgrunge/sqlninja) | SQL Injection Tool | ![](https://img.shields.io/github/stars/xxgrunge/sqlninja) | ![](https://img.shields.io/github/languages/top/xxgrunge/sqlninja) | ![](https://img.shields.io/github/repo-size/xxgrunge/sqlninja)<br>![](https://img.shields.io/github/license/xxgrunge/sqlninja) <br> ![](https://img.shields.io/github/forks/xxgrunge/sqlninja) <br> ![](https://img.shields.io/github/watchers/xxgrunge/sqlninja) |
## NoSQL Injection
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [NoSQLMap](https://github.com/codingo/NoSQLMap) | Automated NoSQL database enumeration and web application exploitation tool. | ![](https://img.shields.io/github/stars/codingo/NoSQLMap) | ![](https://img.shields.io/github/languages/top/codingo/NoSQLMap) | ![](https://img.shields.io/github/repo-size/codingo/NoSQLMap)<br>![](https://img.shields.io/github/license/codingo/NoSQLMap) <br> ![](https://img.shields.io/github/forks/codingo/NoSQLMap) <br> ![](https://img.shields.io/github/watchers/codingo/NoSQLMap) |
## CORS Misconfiguration
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [Corsy](https://github.com/s0md3v/Corsy) | CORS Misconfiguration Scanner | ![](https://img.shields.io/github/stars/s0md3v/Corsy) | ![](https://img.shields.io/github/languages/top/s0md3v/Corsy) | ![](https://img.shields.io/github/repo-size/s0md3v/Corsy)<br>![](https://img.shields.io/github/license/s0md3v/Corsy) <br> ![](https://img.shields.io/github/forks/s0md3v/Corsy) <br> ![](https://img.shields.io/github/watchers/s0md3v/Corsy) |
## Cloud Security
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [s3reverse](https://github.com/hahwul/s3reverse) | The format of various s3 buckets is convert in one format. for bugbounty and security testing. | ![](https://img.shields.io/github/stars/hahwul/s3reverse) | ![](https://img.shields.io/github/languages/top/hahwul/s3reverse) | ![](https://img.shields.io/github/repo-size/hahwul/s3reverse)<br>![](https://img.shields.io/github/license/hahwul/s3reverse) <br> ![](https://img.shields.io/github/forks/hahwul/s3reverse) <br> ![](https://img.shields.io/github/watchers/hahwul/s3reverse) |
## Main Weapon ## Main Weapon
| Name | Description | Popularity | Language | Metadata | | Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: | | ---------- | :---------- | :----------: | :----------: | :----------: |
## Fetch path and host
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [httprobe](https://github.com/tomnomnom/httprobe) | Take a list of domains and probe for working HTTP and HTTPS servers | ![](https://img.shields.io/github/stars/tomnomnom/httprobe) | ![](https://img.shields.io/github/languages/top/tomnomnom/httprobe) | ![](https://img.shields.io/github/repo-size/tomnomnom/httprobe)<br>![](https://img.shields.io/github/license/tomnomnom/httprobe) <br> ![](https://img.shields.io/github/forks/tomnomnom/httprobe) <br> ![](https://img.shields.io/github/watchers/tomnomnom/httprobe) |<br>| [meg](https://github.com/tomnomnom/meg) | Fetch many paths for many hosts - without killing the hosts | ![](https://img.shields.io/github/stars/tomnomnom/meg) | ![](https://img.shields.io/github/languages/top/tomnomnom/meg) | ![](https://img.shields.io/github/repo-size/tomnomnom/meg)<br>![](https://img.shields.io/github/license/tomnomnom/meg) <br> ![](https://img.shields.io/github/forks/tomnomnom/meg) <br> ![](https://img.shields.io/github/watchers/tomnomnom/meg) |<br>
## SQL Injection
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [sqlmap](https://github.com/sqlmapproject/sqlmap) | Automatic SQL injection and database takeover tool | ![](https://img.shields.io/github/stars/sqlmapproject/sqlmap) | ![](https://img.shields.io/github/languages/top/sqlmapproject/sqlmap) | ![](https://img.shields.io/github/repo-size/sqlmapproject/sqlmap)<br>![](https://img.shields.io/github/license/sqlmapproject/sqlmap) <br> ![](https://img.shields.io/github/forks/sqlmapproject/sqlmap) <br> ![](https://img.shields.io/github/watchers/sqlmapproject/sqlmap) |<br>| [sqlninja](https://github.com/xxgrunge/sqlninja) | SQL Injection Tool | ![](https://img.shields.io/github/stars/xxgrunge/sqlninja) | ![](https://img.shields.io/github/languages/top/xxgrunge/sqlninja) | ![](https://img.shields.io/github/repo-size/xxgrunge/sqlninja)<br>![](https://img.shields.io/github/license/xxgrunge/sqlninja) <br> ![](https://img.shields.io/github/forks/xxgrunge/sqlninja) <br> ![](https://img.shields.io/github/watchers/xxgrunge/sqlninja) |<br>
## CORS Misconfiguration
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [Corsy](https://github.com/s0md3v/Corsy) | CORS Misconfiguration Scanner | ![](https://img.shields.io/github/stars/s0md3v/Corsy) | ![](https://img.shields.io/github/languages/top/s0md3v/Corsy) | ![](https://img.shields.io/github/repo-size/s0md3v/Corsy)<br>![](https://img.shields.io/github/license/s0md3v/Corsy) <br> ![](https://img.shields.io/github/forks/s0md3v/Corsy) <br> ![](https://img.shields.io/github/watchers/s0md3v/Corsy) |<br>
## Subdomain Enumeration ## Subdomain Enumeration
| Name | Description | Popularity | Language | Metadata | | Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: | | ---------- | :---------- | :----------: | :----------: | :----------: |
| [Amass](https://github.com/OWASP/Amass) | In-depth Attack Surface Mapping and Asset Discovery | ![](https://img.shields.io/github/stars/OWASP/Amass) | ![](https://img.shields.io/github/languages/top/OWASP/Amass) | ![](https://img.shields.io/github/repo-size/OWASP/Amass)<br>![](https://img.shields.io/github/license/OWASP/Amass) <br> ![](https://img.shields.io/github/forks/OWASP/Amass) <br> ![](https://img.shields.io/github/watchers/OWASP/Amass) |<br>| [assetfinder](https://github.com/tomnomnom/assetfinder) | Find domains and subdomains related to a given domain | ![](https://img.shields.io/github/stars/tomnomnom/assetfinder) | ![](https://img.shields.io/github/languages/top/tomnomnom/assetfinder) | ![](https://img.shields.io/github/repo-size/tomnomnom/assetfinder)<br>![](https://img.shields.io/github/license/tomnomnom/assetfinder) <br> ![](https://img.shields.io/github/forks/tomnomnom/assetfinder) <br> ![](https://img.shields.io/github/watchers/tomnomnom/assetfinder) |<br>| [findomain](https://github.com/Edu4rdSHL/findomain) | The fastest and cross-platform subdomain enumerator, do not waste your time. | ![](https://img.shields.io/github/stars/Edu4rdSHL/findomain) | ![](https://img.shields.io/github/languages/top/Edu4rdSHL/findomain) | ![](https://img.shields.io/github/repo-size/Edu4rdSHL/findomain)<br>![](https://img.shields.io/github/license/Edu4rdSHL/findomain) <br> ![](https://img.shields.io/github/forks/Edu4rdSHL/findomain) <br> ![](https://img.shields.io/github/watchers/Edu4rdSHL/findomain) |<br>| [subfinder](https://github.com/projectdiscovery/subfinder) | Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. | ![](https://img.shields.io/github/stars/projectdiscovery/subfinder) | ![](https://img.shields.io/github/languages/top/projectdiscovery/subfinder) | ![](https://img.shields.io/github/repo-size/projectdiscovery/subfinder)<br>![](https://img.shields.io/github/license/projectdiscovery/subfinder) <br> ![](https://img.shields.io/github/forks/projectdiscovery/subfinder) <br> ![](https://img.shields.io/github/watchers/projectdiscovery/subfinder) |<br> | [Amass](https://github.com/OWASP/Amass) | In-depth Attack Surface Mapping and Asset Discovery | ![](https://img.shields.io/github/stars/OWASP/Amass) | ![](https://img.shields.io/github/languages/top/OWASP/Amass) | ![](https://img.shields.io/github/repo-size/OWASP/Amass)<br>![](https://img.shields.io/github/license/OWASP/Amass) <br> ![](https://img.shields.io/github/forks/OWASP/Amass) <br> ![](https://img.shields.io/github/watchers/OWASP/Amass) |
| [assetfinder](https://github.com/tomnomnom/assetfinder) | Find domains and subdomains related to a given domain | ![](https://img.shields.io/github/stars/tomnomnom/assetfinder) | ![](https://img.shields.io/github/languages/top/tomnomnom/assetfinder) | ![](https://img.shields.io/github/repo-size/tomnomnom/assetfinder)<br>![](https://img.shields.io/github/license/tomnomnom/assetfinder) <br> ![](https://img.shields.io/github/forks/tomnomnom/assetfinder) <br> ![](https://img.shields.io/github/watchers/tomnomnom/assetfinder) |
| [findomain](https://github.com/Edu4rdSHL/findomain) | The fastest and cross-platform subdomain enumerator, do not waste your time. | ![](https://img.shields.io/github/stars/Edu4rdSHL/findomain) | ![](https://img.shields.io/github/languages/top/Edu4rdSHL/findomain) | ![](https://img.shields.io/github/repo-size/Edu4rdSHL/findomain)<br>![](https://img.shields.io/github/license/Edu4rdSHL/findomain) <br> ![](https://img.shields.io/github/forks/Edu4rdSHL/findomain) <br> ![](https://img.shields.io/github/watchers/Edu4rdSHL/findomain) |
| [subfinder](https://github.com/projectdiscovery/subfinder) | Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. | ![](https://img.shields.io/github/stars/projectdiscovery/subfinder) | ![](https://img.shields.io/github/languages/top/projectdiscovery/subfinder) | ![](https://img.shields.io/github/repo-size/projectdiscovery/subfinder)<br>![](https://img.shields.io/github/license/projectdiscovery/subfinder) <br> ![](https://img.shields.io/github/forks/projectdiscovery/subfinder) <br> ![](https://img.shields.io/github/watchers/projectdiscovery/subfinder) |
## Port scanner ## Port scanner
| Name | Description | Popularity | Language | Metadata | | Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: | | ---------- | :---------- | :----------: | :----------: | :----------: |
| [masscan](https://github.com/robertdavidgraham/masscan) | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. | ![](https://img.shields.io/github/stars/robertdavidgraham/masscan) | ![](https://img.shields.io/github/languages/top/robertdavidgraham/masscan) | ![](https://img.shields.io/github/repo-size/robertdavidgraham/masscan)<br>![](https://img.shields.io/github/license/robertdavidgraham/masscan) <br> ![](https://img.shields.io/github/forks/robertdavidgraham/masscan) <br> ![](https://img.shields.io/github/watchers/robertdavidgraham/masscan) |<br>| [naabu](https://github.com/projectdiscovery/naabu) | A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests | ![](https://img.shields.io/github/stars/projectdiscovery/naabu) | ![](https://img.shields.io/github/languages/top/projectdiscovery/naabu) | ![](https://img.shields.io/github/repo-size/projectdiscovery/naabu)<br>![](https://img.shields.io/github/license/projectdiscovery/naabu) <br> ![](https://img.shields.io/github/forks/projectdiscovery/naabu) <br> ![](https://img.shields.io/github/watchers/projectdiscovery/naabu) |<br>| [nmap](https://github.com/nmap/nmap) | Nmap - the Network Mapper. Github mirror of official SVN repository. | ![](https://img.shields.io/github/stars/nmap/nmap) | ![](https://img.shields.io/github/languages/top/nmap/nmap) | ![](https://img.shields.io/github/repo-size/nmap/nmap)<br>![](https://img.shields.io/github/license/nmap/nmap) <br> ![](https://img.shields.io/github/forks/nmap/nmap) <br> ![](https://img.shields.io/github/watchers/nmap/nmap) |<br> | [masscan](https://github.com/robertdavidgraham/masscan) | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. | ![](https://img.shields.io/github/stars/robertdavidgraham/masscan) | ![](https://img.shields.io/github/languages/top/robertdavidgraham/masscan) | ![](https://img.shields.io/github/repo-size/robertdavidgraham/masscan)<br>![](https://img.shields.io/github/license/robertdavidgraham/masscan) <br> ![](https://img.shields.io/github/forks/robertdavidgraham/masscan) <br> ![](https://img.shields.io/github/watchers/robertdavidgraham/masscan) |
## XSS | [naabu](https://github.com/projectdiscovery/naabu) | A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests | ![](https://img.shields.io/github/stars/projectdiscovery/naabu) | ![](https://img.shields.io/github/languages/top/projectdiscovery/naabu) | ![](https://img.shields.io/github/repo-size/projectdiscovery/naabu)<br>![](https://img.shields.io/github/license/projectdiscovery/naabu) <br> ![](https://img.shields.io/github/forks/projectdiscovery/naabu) <br> ![](https://img.shields.io/github/watchers/projectdiscovery/naabu) |
| [nmap](https://github.com/nmap/nmap) | Nmap - the Network Mapper. Github mirror of official SVN repository. | ![](https://img.shields.io/github/stars/nmap/nmap) | ![](https://img.shields.io/github/languages/top/nmap/nmap) | ![](https://img.shields.io/github/repo-size/nmap/nmap)<br>![](https://img.shields.io/github/license/nmap/nmap) <br> ![](https://img.shields.io/github/forks/nmap/nmap) <br> ![](https://img.shields.io/github/watchers/nmap/nmap) |
## Web Vulnerability Scanner
| Name | Description | Popularity | Language | Metadata | | Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: | | ---------- | :---------- | :----------: | :----------: | :----------: |
| [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. | ![](https://img.shields.io/github/stars/s0md3v/XSStrike) | ![](https://img.shields.io/github/languages/top/s0md3v/XSStrike) | ![](https://img.shields.io/github/repo-size/s0md3v/XSStrike)<br>![](https://img.shields.io/github/license/s0md3v/XSStrike) <br> ![](https://img.shields.io/github/forks/s0md3v/XSStrike) <br> ![](https://img.shields.io/github/watchers/s0md3v/XSStrike) |<br>| [Xspear](https://github.com/hahwul/Xspear) | Powerfull XSS Scanning and Parameter analysis tool&gem | ![](https://img.shields.io/github/stars/hahwul/Xspear) | ![](https://img.shields.io/github/languages/top/hahwul/Xspear) | ![](https://img.shields.io/github/repo-size/hahwul/Xspear)<br>![](https://img.shields.io/github/license/hahwul/Xspear) <br> ![](https://img.shields.io/github/forks/hahwul/Xspear) <br> ![](https://img.shields.io/github/watchers/hahwul/Xspear) |<br> | [Silver](https://github.com/s0md3v/Silver) | Mass scan IPs for vulnerable services | ![](https://img.shields.io/github/stars/s0md3v/Silver) | ![](https://img.shields.io/github/languages/top/s0md3v/Silver) | ![](https://img.shields.io/github/repo-size/s0md3v/Silver)<br>![](https://img.shields.io/github/license/s0md3v/Silver) <br> ![](https://img.shields.io/github/forks/s0md3v/Silver) <br> ![](https://img.shields.io/github/watchers/s0md3v/Silver) |
| [Striker](https://github.com/s0md3v/Striker) | Striker is an offensive information and vulnerability scanner. | ![](https://img.shields.io/github/stars/s0md3v/Striker) | ![](https://img.shields.io/github/languages/top/s0md3v/Striker) | ![](https://img.shields.io/github/repo-size/s0md3v/Striker)<br>![](https://img.shields.io/github/license/s0md3v/Striker) <br> ![](https://img.shields.io/github/forks/s0md3v/Striker) <br> ![](https://img.shields.io/github/watchers/s0md3v/Striker) |
| [a2sv](https://github.com/hahwul/a2sv) | Auto Scanning to SSL Vulnerability | ![](https://img.shields.io/github/stars/hahwul/a2sv) | ![](https://img.shields.io/github/languages/top/hahwul/a2sv) | ![](https://img.shields.io/github/repo-size/hahwul/a2sv)<br>![](https://img.shields.io/github/license/hahwul/a2sv) <br> ![](https://img.shields.io/github/forks/hahwul/a2sv) <br> ![](https://img.shields.io/github/watchers/hahwul/a2sv) |
## CSRF
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
## WebSocket
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler) | websocket-connection-smuggler | ![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler) | ![](https://img.shields.io/github/languages/top/hahwul/websocket-connection-smuggler) | ![](https://img.shields.io/github/repo-size/hahwul/websocket-connection-smuggler)<br>![](https://img.shields.io/github/license/hahwul/websocket-connection-smuggler) <br> ![](https://img.shields.io/github/forks/hahwul/websocket-connection-smuggler) <br> ![](https://img.shields.io/github/watchers/hahwul/websocket-connection-smuggler) |
## Path traversal / Directory traversal / LFI ## Path traversal / Directory traversal / LFI
| Name | Description | Popularity | Language | Metadata | | Name | Description | Popularity | Language | Metadata |
@ -76,46 +133,19 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
| Name | Description | Popularity | Language | Metadata | | Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: | | ---------- | :---------- | :----------: | :----------: | :----------: |
## CSRF
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
## NoSQL Injection
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [NoSQLMap](https://github.com/codingo/NoSQLMap) | Automated NoSQL database enumeration and web application exploitation tool. | ![](https://img.shields.io/github/stars/codingo/NoSQLMap) | ![](https://img.shields.io/github/languages/top/codingo/NoSQLMap) | ![](https://img.shields.io/github/repo-size/codingo/NoSQLMap)<br>![](https://img.shields.io/github/license/codingo/NoSQLMap) <br> ![](https://img.shields.io/github/forks/codingo/NoSQLMap) <br> ![](https://img.shields.io/github/watchers/codingo/NoSQLMap) |<br>
## SSRF ## SSRF
| Name | Description | Popularity | Language | Metadata | | Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: | | ---------- | :---------- | :----------: | :----------: | :----------: |
## Cloud Security
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [s3reverse](https://github.com/hahwul/s3reverse) | The format of various s3 buckets is convert in one format. for bugbounty and security testing. | ![](https://img.shields.io/github/stars/hahwul/s3reverse) | ![](https://img.shields.io/github/languages/top/hahwul/s3reverse) | ![](https://img.shields.io/github/repo-size/hahwul/s3reverse)<br>![](https://img.shields.io/github/license/hahwul/s3reverse) <br> ![](https://img.shields.io/github/forks/hahwul/s3reverse) <br> ![](https://img.shields.io/github/watchers/hahwul/s3reverse) |<br>
## Web Discovery
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [Arjun](https://github.com/s0md3v/Arjun) | HTTP parameter discovery suite. | ![](https://img.shields.io/github/stars/s0md3v/Arjun) | ![](https://img.shields.io/github/languages/top/s0md3v/Arjun) | ![](https://img.shields.io/github/repo-size/s0md3v/Arjun)<br>![](https://img.shields.io/github/license/s0md3v/Arjun) <br> ![](https://img.shields.io/github/forks/s0md3v/Arjun) <br> ![](https://img.shields.io/github/watchers/s0md3v/Arjun) |<br>| [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. | ![](https://img.shields.io/github/stars/s0md3v/Photon) | ![](https://img.shields.io/github/languages/top/s0md3v/Photon) | ![](https://img.shields.io/github/repo-size/s0md3v/Photon)<br>![](https://img.shields.io/github/license/s0md3v/Photon) <br> ![](https://img.shields.io/github/forks/s0md3v/Photon) <br> ![](https://img.shields.io/github/watchers/s0md3v/Photon) |<br>| [ReconDog](https://github.com/s0md3v/ReconDog) | Reconnaissance Swiss Army Knife | ![](https://img.shields.io/github/stars/s0md3v/ReconDog) | ![](https://img.shields.io/github/languages/top/s0md3v/ReconDog) | ![](https://img.shields.io/github/repo-size/s0md3v/ReconDog)<br>![](https://img.shields.io/github/license/s0md3v/ReconDog) <br> ![](https://img.shields.io/github/forks/s0md3v/ReconDog) <br> ![](https://img.shields.io/github/watchers/s0md3v/ReconDog) |<br>| [dnsprobe](https://github.com/projectdiscovery/dnsprobe) | DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. | ![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe) | ![](https://img.shields.io/github/languages/top/projectdiscovery/dnsprobe) | ![](https://img.shields.io/github/repo-size/projectdiscovery/dnsprobe)<br>![](https://img.shields.io/github/license/projectdiscovery/dnsprobe) <br> ![](https://img.shields.io/github/forks/projectdiscovery/dnsprobe) <br> ![](https://img.shields.io/github/watchers/projectdiscovery/dnsprobe) |<br>| [gospider](https://github.com/jaeles-project/gospider) | Gospider - Fast web spider written in Go | ![](https://img.shields.io/github/stars/jaeles-project/gospider) | ![](https://img.shields.io/github/languages/top/jaeles-project/gospider) | ![](https://img.shields.io/github/repo-size/jaeles-project/gospider)<br>![](https://img.shields.io/github/license/jaeles-project/gospider) <br> ![](https://img.shields.io/github/forks/jaeles-project/gospider) <br> ![](https://img.shields.io/github/watchers/jaeles-project/gospider) |<br>| [shuffledns](https://github.com/projectdiscovery/shuffledns) | shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. | ![](https://img.shields.io/github/stars/projectdiscovery/shuffledns) | ![](https://img.shields.io/github/languages/top/projectdiscovery/shuffledns) | ![](https://img.shields.io/github/repo-size/projectdiscovery/shuffledns)<br>![](https://img.shields.io/github/license/projectdiscovery/shuffledns) <br> ![](https://img.shields.io/github/forks/projectdiscovery/shuffledns) <br> ![](https://img.shields.io/github/watchers/projectdiscovery/shuffledns) |<br>| [waybackurls](https://github.com/tomnomnom/waybackurls) | Fetch all the URLs that the Wayback Machine knows about for a domain | ![](https://img.shields.io/github/stars/tomnomnom/waybackurls) | ![](https://img.shields.io/github/languages/top/tomnomnom/waybackurls) | ![](https://img.shields.io/github/repo-size/tomnomnom/waybackurls)<br>![](https://img.shields.io/github/license/tomnomnom/waybackurls) <br> ![](https://img.shields.io/github/forks/tomnomnom/waybackurls) <br> ![](https://img.shields.io/github/watchers/tomnomnom/waybackurls) |<br>
## Web Vulnerability Scanner
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
| [Silver](https://github.com/s0md3v/Silver) | Mass scan IPs for vulnerable services | ![](https://img.shields.io/github/stars/s0md3v/Silver) | ![](https://img.shields.io/github/languages/top/s0md3v/Silver) | ![](https://img.shields.io/github/repo-size/s0md3v/Silver)<br>![](https://img.shields.io/github/license/s0md3v/Silver) <br> ![](https://img.shields.io/github/forks/s0md3v/Silver) <br> ![](https://img.shields.io/github/watchers/s0md3v/Silver) |<br>| [Striker](https://github.com/s0md3v/Striker) | Striker is an offensive information and vulnerability scanner. | ![](https://img.shields.io/github/stars/s0md3v/Striker) | ![](https://img.shields.io/github/languages/top/s0md3v/Striker) | ![](https://img.shields.io/github/repo-size/s0md3v/Striker)<br>![](https://img.shields.io/github/license/s0md3v/Striker) <br> ![](https://img.shields.io/github/forks/s0md3v/Striker) <br> ![](https://img.shields.io/github/watchers/s0md3v/Striker) |<br>| [a2sv](https://github.com/hahwul/a2sv) | Auto Scanning to SSL Vulnerability | ![](https://img.shields.io/github/stars/hahwul/a2sv) | ![](https://img.shields.io/github/languages/top/hahwul/a2sv) | ![](https://img.shields.io/github/repo-size/hahwul/a2sv)<br>![](https://img.shields.io/github/license/hahwul/a2sv) <br> ![](https://img.shields.io/github/forks/hahwul/a2sv) <br> ![](https://img.shields.io/github/watchers/hahwul/a2sv) |<br>| [websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler) | websocket-connection-smuggler | ![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler) | ![](https://img.shields.io/github/languages/top/hahwul/websocket-connection-smuggler) | ![](https://img.shields.io/github/repo-size/hahwul/websocket-connection-smuggler)<br>![](https://img.shields.io/github/license/hahwul/websocket-connection-smuggler) <br> ![](https://img.shields.io/github/forks/hahwul/websocket-connection-smuggler) <br> ![](https://img.shields.io/github/watchers/hahwul/websocket-connection-smuggler) |<br>
## WebSocket
| Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: |
## Utility for hackers ## Utility for hackers
| Name | Description | Popularity | Language | Metadata | | Name | Description | Popularity | Language | Metadata |
| ---------- | :---------- | :----------: | :----------: | :----------: | | ---------- | :---------- | :----------: | :----------: | :----------: |
| [ftc](https://github.com/hahwul/ftc) | simple copy to file to clipboard | ![](https://img.shields.io/github/stars/hahwul/ftc) | ![](https://img.shields.io/github/languages/top/hahwul/ftc) | ![](https://img.shields.io/github/repo-size/hahwul/ftc)<br>![](https://img.shields.io/github/license/hahwul/ftc) <br> ![](https://img.shields.io/github/forks/hahwul/ftc) <br> ![](https://img.shields.io/github/watchers/hahwul/ftc) |<br>| [gf](https://github.com/tomnomnom/gf) | A wrapper around grep, to help you grep for things | ![](https://img.shields.io/github/stars/tomnomnom/gf) | ![](https://img.shields.io/github/languages/top/tomnomnom/gf) | ![](https://img.shields.io/github/repo-size/tomnomnom/gf)<br>![](https://img.shields.io/github/license/tomnomnom/gf) <br> ![](https://img.shields.io/github/forks/tomnomnom/gf) <br> ![](https://img.shields.io/github/watchers/tomnomnom/gf) |<br>| [gron](https://github.com/tomnomnom/gron) | Make JSON greppable! | ![](https://img.shields.io/github/stars/tomnomnom/gron) | ![](https://img.shields.io/github/languages/top/tomnomnom/gron) | ![](https://img.shields.io/github/repo-size/tomnomnom/gron)<br>![](https://img.shields.io/github/license/tomnomnom/gron) <br> ![](https://img.shields.io/github/forks/tomnomnom/gron) <br> ![](https://img.shields.io/github/watchers/tomnomnom/gron) |<br>## Contribute and Contributor | [ftc](https://github.com/hahwul/ftc) | simple copy to file to clipboard | ![](https://img.shields.io/github/stars/hahwul/ftc) | ![](https://img.shields.io/github/languages/top/hahwul/ftc) | ![](https://img.shields.io/github/repo-size/hahwul/ftc)<br>![](https://img.shields.io/github/license/hahwul/ftc) <br> ![](https://img.shields.io/github/forks/hahwul/ftc) <br> ![](https://img.shields.io/github/watchers/hahwul/ftc) |
| [gf](https://github.com/tomnomnom/gf) | A wrapper around grep, to help you grep for things | ![](https://img.shields.io/github/stars/tomnomnom/gf) | ![](https://img.shields.io/github/languages/top/tomnomnom/gf) | ![](https://img.shields.io/github/repo-size/tomnomnom/gf)<br>![](https://img.shields.io/github/license/tomnomnom/gf) <br> ![](https://img.shields.io/github/forks/tomnomnom/gf) <br> ![](https://img.shields.io/github/watchers/tomnomnom/gf) |
| [gron](https://github.com/tomnomnom/gron) | Make JSON greppable! | ![](https://img.shields.io/github/stars/tomnomnom/gron) | ![](https://img.shields.io/github/languages/top/tomnomnom/gron) | ![](https://img.shields.io/github/repo-size/tomnomnom/gron)<br>![](https://img.shields.io/github/license/tomnomnom/gron) <br> ![](https://img.shields.io/github/forks/tomnomnom/gron) <br> ![](https://img.shields.io/github/watchers/tomnomnom/gron) |
## Contribute and Contributor
### Usage of weapon-md ### Usage of weapon-md
``` ```
./weapon-md ./weapon-md