This commit is contained in:
hahwul 2021-01-16 20:42:27 +09:00
commit 8246dac648
3 changed files with 91 additions and 36 deletions

View File

@ -1,8 +1,6 @@
<h1 align="center"> <h1 align="center">
<br> <br>
<a href=""><img src="https://user-images.githubusercontent.com/13212227/91529103-aba4b400-e943-11ea-9983-3b5aba7dd25c.png" alt="" width="300px;"></a> <a href=""><img src="https://user-images.githubusercontent.com/13212227/104400969-9f3d9280-5596-11eb-80f4-864effae95fc.png" alt="" width="500px;"></a>
<br>
Web Hacker's Weapons
<br> <br>
<img src="https://img.shields.io/github/languages/top/hahwul/WebHackersWeapons?style=flat"> <img src="https://img.shields.io/github/languages/top/hahwul/WebHackersWeapons?style=flat">
<img src="https://img.shields.io/github/last-commit/hahwul/WebHackersWeapons?style=flat"> <img src="https://img.shields.io/github/last-commit/hahwul/WebHackersWeapons?style=flat">
@ -14,6 +12,10 @@
</h1> </h1>
A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
## Family project
[![WebHackersWeapons](https://img.shields.io/github/stars/hahwul/WebHackersWeapons?label=WebHackersWeapons)](https://github.com/hahwul/WebHackersWeapons)
[![MobileHackersWeapons](https://img.shields.io/github/stars/hahwul/MobileHackersWeapons?label=MobileHackersWeapons)](https://github.com/hahwul/MobileHackersWeapons)
## Table of Contents ## Table of Contents
- [WHW-Tools](https://whw-tools.hahwul.com) - [WHW-Tools](https://whw-tools.hahwul.com)
- [Weapons](#weapons) - [Weapons](#weapons)
@ -47,12 +49,12 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
| Discovery/ALL | [scilla](https://github.com/edoardottt/scilla) | 🏴‍☠️ Information Gathering tool 🏴‍☠️ dns/subdomain/port enumeration | ![](https://img.shields.io/github/stars/edoardottt/scilla) | ![](https://img.shields.io/github/languages/top/edoardottt/scilla) | | Discovery/ALL | [scilla](https://github.com/edoardottt/scilla) | 🏴‍☠️ Information Gathering tool 🏴‍☠️ dns/subdomain/port enumeration | ![](https://img.shields.io/github/stars/edoardottt/scilla) | ![](https://img.shields.io/github/languages/top/edoardottt/scilla) |
| Discovery/ALL | [sn0int](https://github.com/kpcyrd/sn0int) | Semi-automatic OSINT framework and package manager | ![](https://img.shields.io/github/stars/kpcyrd/sn0int) | ![](https://img.shields.io/github/languages/top/kpcyrd/sn0int) | | Discovery/ALL | [sn0int](https://github.com/kpcyrd/sn0int) | Semi-automatic OSINT framework and package manager | ![](https://img.shields.io/github/stars/kpcyrd/sn0int) | ![](https://img.shields.io/github/languages/top/kpcyrd/sn0int) |
| Discovery/APK | [apkleaks](https://github.com/dwisiswant0/apkleaks) | Scanning APK file for URIs, endpoints & secrets. | ![](https://img.shields.io/github/stars/dwisiswant0/apkleaks) | ![](https://img.shields.io/github/languages/top/dwisiswant0/apkleaks) | | Discovery/APK | [apkleaks](https://github.com/dwisiswant0/apkleaks) | Scanning APK file for URIs, endpoints & secrets. | ![](https://img.shields.io/github/stars/dwisiswant0/apkleaks) | ![](https://img.shields.io/github/languages/top/dwisiswant0/apkleaks) |
| Discovery/CRAWL | [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. | ![](https://img.shields.io/github/stars/s0md3v/Photon) | ![](https://img.shields.io/github/languages/top/s0md3v/Photon) | | Discovery/URL | [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. | ![](https://img.shields.io/github/stars/s0md3v/Photon) | ![](https://img.shields.io/github/languages/top/s0md3v/Photon) |
| Discovery/CRAWL | [cc.py](https://github.com/si9int/cc.py) | Extracting URLs of a specific target based on the results of "commoncrawl.org" | ![](https://img.shields.io/github/stars/si9int/cc.py) | ![](https://img.shields.io/github/languages/top/si9int/cc.py) | | Discovery/URL | [cc.py](https://github.com/si9int/cc.py) | Extracting URLs of a specific target based on the results of "commoncrawl.org" | ![](https://img.shields.io/github/stars/si9int/cc.py) | ![](https://img.shields.io/github/languages/top/si9int/cc.py) |
| Discovery/CRAWL | [go-dork](https://github.com/dwisiswant0/go-dork) | The fastest dork scanner written in Go. | ![](https://img.shields.io/github/stars/dwisiswant0/go-dork) | ![](https://img.shields.io/github/languages/top/dwisiswant0/go-dork) | | Discovery/URL | [go-dork](https://github.com/dwisiswant0/go-dork) | The fastest dork scanner written in Go. | ![](https://img.shields.io/github/stars/dwisiswant0/go-dork) | ![](https://img.shields.io/github/languages/top/dwisiswant0/go-dork) |
| Discovery/CRAWL | [gospider](https://github.com/jaeles-project/gospider) | Gospider - Fast web spider written in Go | ![](https://img.shields.io/github/stars/jaeles-project/gospider) | ![](https://img.shields.io/github/languages/top/jaeles-project/gospider) | | Discovery/URL | [gospider](https://github.com/jaeles-project/gospider) | Gospider - Fast web spider written in Go | ![](https://img.shields.io/github/stars/jaeles-project/gospider) | ![](https://img.shields.io/github/languages/top/jaeles-project/gospider) |
| Discovery/CRAWL | [hakrawler](https://github.com/hakluke/hakrawler) | Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application | ![](https://img.shields.io/github/stars/hakluke/hakrawler) | ![](https://img.shields.io/github/languages/top/hakluke/hakrawler) | | Discovery/URL | [hakrawler](https://github.com/hakluke/hakrawler) | Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application | ![](https://img.shields.io/github/stars/hakluke/hakrawler) | ![](https://img.shields.io/github/languages/top/hakluke/hakrawler) |
| Discovery/CRAWL | [urlgrab](https://github.com/IAmStoxe/urlgrab) | A golang utility to spider through a website searching for additional links. | ![](https://img.shields.io/github/stars/IAmStoxe/urlgrab) | ![](https://img.shields.io/github/languages/top/IAmStoxe/urlgrab) | | Discovery/URL | [urlgrab](https://github.com/IAmStoxe/urlgrab) | A golang utility to spider through a website searching for additional links. | ![](https://img.shields.io/github/stars/IAmStoxe/urlgrab) | ![](https://img.shields.io/github/languages/top/IAmStoxe/urlgrab) |
| Discovery/DNS | [DNSDumpster](https://dnsdumpster.com) | Online dns recon & research, find & lookup dns records|![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray) | ![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray)| | Discovery/DNS | [DNSDumpster](https://dnsdumpster.com) | Online dns recon & research, find & lookup dns records|![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray) | ![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray)|
| Discovery/DNS | [SecurityTrails](https://securitytrails.com) | Online dns / subdomain / recon tool|![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray) | ![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray)| | Discovery/DNS | [SecurityTrails](https://securitytrails.com) | Online dns / subdomain / recon tool|![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray) | ![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray)|
| Discovery/DNS | [dnsprobe](https://github.com/projectdiscovery/dnsprobe) | DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. | ![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe) | ![](https://img.shields.io/github/languages/top/projectdiscovery/dnsprobe) | | Discovery/DNS | [dnsprobe](https://github.com/projectdiscovery/dnsprobe) | DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. | ![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe) | ![](https://img.shields.io/github/languages/top/projectdiscovery/dnsprobe) |
@ -98,6 +100,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
| Discovery/TKOV | [SubOver](https://github.com/Ice3man543/SubOver) | A Powerful Subdomain Takeover Tool | ![](https://img.shields.io/github/stars/Ice3man543/SubOver) | ![](https://img.shields.io/github/languages/top/Ice3man543/SubOver) | | Discovery/TKOV | [SubOver](https://github.com/Ice3man543/SubOver) | A Powerful Subdomain Takeover Tool | ![](https://img.shields.io/github/stars/Ice3man543/SubOver) | ![](https://img.shields.io/github/languages/top/Ice3man543/SubOver) |
| Discovery/TKOV | [can-i-take-over-xyz](https://github.com/EdOverflow/can-i-take-over-xyz) | "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records. | ![](https://img.shields.io/github/stars/EdOverflow/can-i-take-over-xyz) | ![](https://img.shields.io/github/languages/top/EdOverflow/can-i-take-over-xyz) | | Discovery/TKOV | [can-i-take-over-xyz](https://github.com/EdOverflow/can-i-take-over-xyz) | "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records. | ![](https://img.shields.io/github/stars/EdOverflow/can-i-take-over-xyz) | ![](https://img.shields.io/github/languages/top/EdOverflow/can-i-take-over-xyz) |
| Discovery/TKOV | [subjack](https://github.com/haccer/subjack) | Subdomain Takeover tool written in Go | ![](https://img.shields.io/github/stars/haccer/subjack) | ![](https://img.shields.io/github/languages/top/haccer/subjack) | | Discovery/TKOV | [subjack](https://github.com/haccer/subjack) | Subdomain Takeover tool written in Go | ![](https://img.shields.io/github/stars/haccer/subjack) | ![](https://img.shields.io/github/languages/top/haccer/subjack) |
| Discovery/URL | [urlhunter](https://github.com/utkusen/urlhunter) | a recon tool that allows searching on URLs that are exposed via shortener services | ![](https://img.shields.io/github/stars/utkusen/urlhunter) | ![](https://img.shields.io/github/languages/top/utkusen/urlhunter) |
| Discovery/URL | [waybackurls](https://github.com/tomnomnom/waybackurls) | Fetch all the URLs that the Wayback Machine knows about for a domain | ![](https://img.shields.io/github/stars/tomnomnom/waybackurls) | ![](https://img.shields.io/github/languages/top/tomnomnom/waybackurls) | | Discovery/URL | [waybackurls](https://github.com/tomnomnom/waybackurls) | Fetch all the URLs that the Wayback Machine knows about for a domain | ![](https://img.shields.io/github/stars/tomnomnom/waybackurls) | ![](https://img.shields.io/github/languages/top/tomnomnom/waybackurls) |
| Discovery/VULN | [Silver](https://github.com/s0md3v/Silver) | Mass scan IPs for vulnerable services | ![](https://img.shields.io/github/stars/s0md3v/Silver) | ![](https://img.shields.io/github/languages/top/s0md3v/Silver) | | Discovery/VULN | [Silver](https://github.com/s0md3v/Silver) | Mass scan IPs for vulnerable services | ![](https://img.shields.io/github/stars/s0md3v/Silver) | ![](https://img.shields.io/github/languages/top/s0md3v/Silver) |
| Fetch/HTTP | [htcat](https://github.com/htcat/htcat) | Parallel and Pipelined HTTP GET Utility | ![](https://img.shields.io/github/stars/htcat/htcat) | ![](https://img.shields.io/github/languages/top/htcat/htcat) | | Fetch/HTTP | [htcat](https://github.com/htcat/htcat) | Parallel and Pipelined HTTP GET Utility | ![](https://img.shields.io/github/stars/htcat/htcat) | ![](https://img.shields.io/github/languages/top/htcat/htcat) |
@ -134,6 +137,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
| Scanner/SSL | [testssl.sh](https://github.com/drwetter/testssl.sh) | Testing TLS/SSL encryption anywhere on any port | ![](https://img.shields.io/github/stars/drwetter/testssl.sh) | ![](https://img.shields.io/github/languages/top/drwetter/testssl.sh) | | Scanner/SSL | [testssl.sh](https://github.com/drwetter/testssl.sh) | Testing TLS/SSL encryption anywhere on any port | ![](https://img.shields.io/github/stars/drwetter/testssl.sh) | ![](https://img.shields.io/github/languages/top/drwetter/testssl.sh) |
| Scanner/SSRF | [SSRFmap](https://github.com/swisskyrepo/SSRFmap) | Automatic SSRF fuzzer and exploitation tool | ![](https://img.shields.io/github/stars/swisskyrepo/SSRFmap) | ![](https://img.shields.io/github/languages/top/swisskyrepo/SSRFmap) | | Scanner/SSRF | [SSRFmap](https://github.com/swisskyrepo/SSRFmap) | Automatic SSRF fuzzer and exploitation tool | ![](https://img.shields.io/github/stars/swisskyrepo/SSRFmap) | ![](https://img.shields.io/github/languages/top/swisskyrepo/SSRFmap) |
| Scanner/SSRF | [ssrf-sheriff](https://github.com/teknogeek/ssrf-sheriff) | A simple SSRF-testing sheriff written in Go | ![](https://img.shields.io/github/stars/teknogeek/ssrf-sheriff) | ![](https://img.shields.io/github/languages/top/teknogeek/ssrf-sheriff) | | Scanner/SSRF | [ssrf-sheriff](https://github.com/teknogeek/ssrf-sheriff) | A simple SSRF-testing sheriff written in Go | ![](https://img.shields.io/github/stars/teknogeek/ssrf-sheriff) | ![](https://img.shields.io/github/languages/top/teknogeek/ssrf-sheriff) |
| Scanner/WP | [wprecon](https://github.com/blackcrw/wprecon) | Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go. | ![](https://img.shields.io/github/stars/blackcrw/wprecon) | ![](https://img.shields.io/github/languages/top/blackcrw/wprecon) |
| Scanner/WP | [wpscan](https://github.com/wpscanteam/wpscan) | WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. | ![](https://img.shields.io/github/stars/wpscanteam/wpscan) | ![](https://img.shields.io/github/languages/top/wpscanteam/wpscan) | | Scanner/WP | [wpscan](https://github.com/wpscanteam/wpscan) | WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. | ![](https://img.shields.io/github/stars/wpscanteam/wpscan) | ![](https://img.shields.io/github/languages/top/wpscanteam/wpscan) |
| Scanner/WVS | [Striker](https://github.com/s0md3v/Striker) | Striker is an offensive information and vulnerability scanner. | ![](https://img.shields.io/github/stars/s0md3v/Striker) | ![](https://img.shields.io/github/languages/top/s0md3v/Striker) | | Scanner/WVS | [Striker](https://github.com/s0md3v/Striker) | Striker is an offensive information and vulnerability scanner. | ![](https://img.shields.io/github/stars/s0md3v/Striker) | ![](https://img.shields.io/github/languages/top/s0md3v/Striker) |
| Scanner/WVS | [arachni](https://github.com/Arachni/arachni) | Web Application Security Scanner Framework | ![](https://img.shields.io/github/stars/Arachni/arachni) | ![](https://img.shields.io/github/languages/top/Arachni/arachni) | | Scanner/WVS | [arachni](https://github.com/Arachni/arachni) | Web Application Security Scanner Framework | ![](https://img.shields.io/github/stars/Arachni/arachni) | ![](https://img.shields.io/github/languages/top/Arachni/arachni) |
@ -188,6 +192,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
| Utility/S3 | [s3reverse](https://github.com/hahwul/s3reverse) | The format of various s3 buckets is convert in one format. for bugbounty and security testing. | ![](https://img.shields.io/github/stars/hahwul/s3reverse) | ![](https://img.shields.io/github/languages/top/hahwul/s3reverse) | | Utility/S3 | [s3reverse](https://github.com/hahwul/s3reverse) | The format of various s3 buckets is convert in one format. for bugbounty and security testing. | ![](https://img.shields.io/github/stars/hahwul/s3reverse) | ![](https://img.shields.io/github/languages/top/hahwul/s3reverse) |
| Utility/SHOT | [gowitness](https://github.com/sensepost/gowitness) | 🔍 gowitness - a golang, web screenshot utility using Chrome Headless | ![](https://img.shields.io/github/stars/sensepost/gowitness) | ![](https://img.shields.io/github/languages/top/sensepost/gowitness) | | Utility/SHOT | [gowitness](https://github.com/sensepost/gowitness) | 🔍 gowitness - a golang, web screenshot utility using Chrome Headless | ![](https://img.shields.io/github/stars/sensepost/gowitness) | ![](https://img.shields.io/github/languages/top/sensepost/gowitness) |
| Utility/SNIPPET | [pet](https://github.com/knqyf263/pet) | Simple command-line snippet manager, written in Go. | ![](https://img.shields.io/github/stars/knqyf263/pet) | ![](https://img.shields.io/github/languages/top/knqyf263/pet) | | Utility/SNIPPET | [pet](https://github.com/knqyf263/pet) | Simple command-line snippet manager, written in Go. | ![](https://img.shields.io/github/stars/knqyf263/pet) | ![](https://img.shields.io/github/languages/top/knqyf263/pet) |
| Utility/Scripts | [tiscripts](https://github.com/defparam/tiscripts) | Turbo Intruder Scripts | ![](https://img.shields.io/github/stars/defparam/tiscripts) | ![](https://img.shields.io/github/languages/top/defparam/tiscripts) |
| Utility/TEMPLATE | [bountyplz](https://github.com/fransr/bountyplz) | Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported) | ![](https://img.shields.io/github/stars/fransr/bountyplz) | ![](https://img.shields.io/github/languages/top/fransr/bountyplz) | | Utility/TEMPLATE | [bountyplz](https://github.com/fransr/bountyplz) | Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported) | ![](https://img.shields.io/github/stars/fransr/bountyplz) | ![](https://img.shields.io/github/languages/top/fransr/bountyplz) |
| Utility/TEMPLATE | [template-generator](https://github.com/fransr/template-generator) | A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily in local storage. PHP is only needed to generate the list of files in the dropdown of templates. | ![](https://img.shields.io/github/stars/fransr/template-generator) | ![](https://img.shields.io/github/languages/top/fransr/template-generator) | | Utility/TEMPLATE | [template-generator](https://github.com/fransr/template-generator) | A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily in local storage. PHP is only needed to generate the list of files in the dropdown of templates. | ![](https://img.shields.io/github/stars/fransr/template-generator) | ![](https://img.shields.io/github/languages/top/fransr/template-generator) |
| Utility/URL | [anew](https://github.com/tomnomnom/anew) | A tool for adding new lines to files, skipping duplicates | ![](https://img.shields.io/github/stars/tomnomnom/anew) | ![](https://img.shields.io/github/languages/top/tomnomnom/anew) | | Utility/URL | [anew](https://github.com/tomnomnom/anew) | A tool for adding new lines to files, skipping duplicates | ![](https://img.shields.io/github/stars/tomnomnom/anew) | ![](https://img.shields.io/github/languages/top/tomnomnom/anew) |

View File

@ -544,7 +544,7 @@
} }
}, },
"Photon": { "Photon": {
"Data": "| Discovery/CRAWL | [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. | ![](https://img.shields.io/github/stars/s0md3v/Photon) | ![](https://img.shields.io/github/languages/top/s0md3v/Photon) |", "Data": "| Discovery/URL | [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. | ![](https://img.shields.io/github/stars/s0md3v/Photon) | ![](https://img.shields.io/github/languages/top/s0md3v/Photon) |",
"Description": "Incredibly fast crawler designed for OSINT. ", "Description": "Incredibly fast crawler designed for OSINT. ",
"Install": { "Install": {
"Linux": "git clone https://github.com/s0md3v/Photon ; cd Photon; pip3 install -r requirements.txt", "Linux": "git clone https://github.com/s0md3v/Photon ; cd Photon; pip3 install -r requirements.txt",
@ -831,22 +831,6 @@
"Windows": "cd VHostScan ; git pull -v ; pip3 install -r requirements.txt" "Windows": "cd VHostScan ; git pull -v ; pip3 install -r requirements.txt"
} }
}, },
"xsscrapy":{
"Data": "| Scanner/XSS | [xsscrapy](https://github.com/DanMcInerney/xsscrapy) | XSS/SQLi spider. Give it a URL and it'll test every link it finds for XSS and some SQLi. | ![](https://img.shields.io/github/stars/DanMcInerney/xsscrapy) | ![](https://img.shields.io/github/languages/top/DanMcInerney/xsscrapy) |",
"Description": "XSS/SQLi spider. Give it a URL and it'll test every link it finds for XSS and some SQLi. ",
"Install": {
"Linux": "git clone https://github.com/DanMcInerney/xsscrapy.git ; cd xsscrapy; pip install -r requirements.txt",
"MacOS": "git clone https://github.com/DanMcInerney/xsscrapy.git ; cd xsscrapy; pip install -r requirements.txt",
"Windows": "git clone https://github.com/DanMcInerney/xsscrapy.git ; cd xsscrapy; pip install -r requirements.txt"
},
"Method": "XSS",
"Type": "Scanner",
"Update": {
"Linux": "cd xsscrapy; git pull -v ; pip install -r requirements.txt",
"MacOS": "cd xsscrapy; git pull -v ; pip install -r requirements.txt",
"Windows": "cd xsscrapy; git pull -v ; pip install -r requirements.txt"
}
},
"XSStrike": { "XSStrike": {
"Data": "| Scanner/XSS | [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. | ![](https://img.shields.io/github/stars/s0md3v/XSStrike) | ![](https://img.shields.io/github/languages/top/s0md3v/XSStrike) |", "Data": "| Scanner/XSS | [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. | ![](https://img.shields.io/github/stars/s0md3v/XSStrike) | ![](https://img.shields.io/github/languages/top/s0md3v/XSStrike) |",
"Description": "Most advanced XSS scanner. ", "Description": "Most advanced XSS scanner. ",
@ -992,15 +976,15 @@
} }
}, },
"autochrome": { "autochrome": {
"Type": "Utility",
"Data": "| Utility/ENV | [autochrome](https://github.com/nccgroup/autochrome) | This tool downloads, installs, and configures a shiny new copy of Chromium. | ![](https://img.shields.io/github/stars/nccgroup/autochrome) | ![](https://img.shields.io/github/languages/top/nccgroup/autochrome) |", "Data": "| Utility/ENV | [autochrome](https://github.com/nccgroup/autochrome) | This tool downloads, installs, and configures a shiny new copy of Chromium. | ![](https://img.shields.io/github/stars/nccgroup/autochrome) | ![](https://img.shields.io/github/languages/top/nccgroup/autochrome) |",
"Method": "ENV",
"Description": "This tool downloads, installs, and configures a shiny new copy of Chromium.", "Description": "This tool downloads, installs, and configures a shiny new copy of Chromium.",
"Install": { "Install": {
"Linux": "", "Linux": "",
"MacOS": "", "MacOS": "",
"Windows": "" "Windows": ""
}, },
"Method": "ENV",
"Type": "Utility",
"Update": { "Update": {
"Linux": "", "Linux": "",
"MacOS": "", "MacOS": "",
@ -1088,7 +1072,7 @@
} }
}, },
"cc.py": { "cc.py": {
"Data": "| Discovery/CRAWL | [cc.py](https://github.com/si9int/cc.py) | Extracting URLs of a specific target based on the results of \"commoncrawl.org\" | ![](https://img.shields.io/github/stars/si9int/cc.py) | ![](https://img.shields.io/github/languages/top/si9int/cc.py) |", "Data": "| Discovery/URL | [cc.py](https://github.com/si9int/cc.py) | Extracting URLs of a specific target based on the results of \"commoncrawl.org\" | ![](https://img.shields.io/github/stars/si9int/cc.py) | ![](https://img.shields.io/github/languages/top/si9int/cc.py) |",
"Description": "Extracting URLs of a specific target based on the results of \"commoncrawl.org\" ", "Description": "Extracting URLs of a specific target based on the results of \"commoncrawl.org\" ",
"Install": { "Install": {
"Linux": "git clone https://github.com/si9int/cc.py", "Linux": "git clone https://github.com/si9int/cc.py",
@ -1504,7 +1488,7 @@
} }
}, },
"go-dork": { "go-dork": {
"Data": "| Discovery/CRAWL | [go-dork](https://github.com/dwisiswant0/go-dork) | The fastest dork scanner written in Go. | ![](https://img.shields.io/github/stars/dwisiswant0/go-dork) | ![](https://img.shields.io/github/languages/top/dwisiswant0/go-dork) |", "Data": "| Discovery/URL | [go-dork](https://github.com/dwisiswant0/go-dork) | The fastest dork scanner written in Go. | ![](https://img.shields.io/github/stars/dwisiswant0/go-dork) | ![](https://img.shields.io/github/languages/top/dwisiswant0/go-dork) |",
"Description": "The fastest dork scanner written in Go. ", "Description": "The fastest dork scanner written in Go. ",
"Install": { "Install": {
"Linux": "GO111MODULE=on go get -v github.com/dwisiswant0/go-dork/...", "Linux": "GO111MODULE=on go get -v github.com/dwisiswant0/go-dork/...",
@ -1536,7 +1520,7 @@
} }
}, },
"gospider": { "gospider": {
"Data": "| Discovery/CRAWL | [gospider](https://github.com/jaeles-project/gospider) | Gospider - Fast web spider written in Go | ![](https://img.shields.io/github/stars/jaeles-project/gospider) | ![](https://img.shields.io/github/languages/top/jaeles-project/gospider) |", "Data": "| Discovery/URL | [gospider](https://github.com/jaeles-project/gospider) | Gospider - Fast web spider written in Go | ![](https://img.shields.io/github/stars/jaeles-project/gospider) | ![](https://img.shields.io/github/languages/top/jaeles-project/gospider) |",
"Description": "Gospider - Fast web spider written in Go ", "Description": "Gospider - Fast web spider written in Go ",
"Install": { "Install": {
"Linux": "go get -u github.com/jaeles-project/gospider", "Linux": "go get -u github.com/jaeles-project/gospider",
@ -1632,7 +1616,7 @@
} }
}, },
"hakrawler": { "hakrawler": {
"Data": "| Discovery/CRAWL | [hakrawler](https://github.com/hakluke/hakrawler) | Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application | ![](https://img.shields.io/github/stars/hakluke/hakrawler) | ![](https://img.shields.io/github/languages/top/hakluke/hakrawler) |", "Data": "| Discovery/URL | [hakrawler](https://github.com/hakluke/hakrawler) | Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application | ![](https://img.shields.io/github/stars/hakluke/hakrawler) | ![](https://img.shields.io/github/languages/top/hakluke/hakrawler) |",
"Description": "Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application ", "Description": "Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application ",
"Install": { "Install": {
"Linux": "go get github.com/hakluke/hakrawler", "Linux": "go get github.com/hakluke/hakrawler",
@ -2479,6 +2463,22 @@
"Windows": "cd thc-hydra; git pull -v ; ./configure ; make ; make install" "Windows": "cd thc-hydra; git pull -v ; ./configure ; make ; make install"
} }
}, },
"tiscripts": {
"Data": "| Utility/Scripts | [tiscripts](https://github.com/defparam/tiscripts) | Turbo Intruder Scripts | ![](https://img.shields.io/github/stars/defparam/tiscripts) | ![](https://img.shields.io/github/languages/top/defparam/tiscripts) |",
"Description": "Turbo Intruder Scripts",
"Install": {
"Linux": "",
"MacOS": "",
"Windows": ""
},
"Method": "Scripts",
"Type": "Utility",
"Update": {
"Linux": "",
"MacOS": "",
"Windows": ""
}
},
"unfurl": { "unfurl": {
"Data": "| Utility/URL | [unfurl](https://github.com/tomnomnom/unfurl) | Pull out bits of URLs provided on stdin | ![](https://img.shields.io/github/stars/tomnomnom/unfurl) | ![](https://img.shields.io/github/languages/top/tomnomnom/unfurl) |", "Data": "| Utility/URL | [unfurl](https://github.com/tomnomnom/unfurl) | Pull out bits of URLs provided on stdin | ![](https://img.shields.io/github/stars/tomnomnom/unfurl) | ![](https://img.shields.io/github/languages/top/tomnomnom/unfurl) |",
"Description": "Pull out bits of URLs provided on stdin ", "Description": "Pull out bits of URLs provided on stdin ",
@ -2496,7 +2496,7 @@
} }
}, },
"urlgrab": { "urlgrab": {
"Data": "| Discovery/CRAWL | [urlgrab](https://github.com/IAmStoxe/urlgrab) | A golang utility to spider through a website searching for additional links. | ![](https://img.shields.io/github/stars/IAmStoxe/urlgrab) | ![](https://img.shields.io/github/languages/top/IAmStoxe/urlgrab) |", "Data": "| Discovery/URL | [urlgrab](https://github.com/IAmStoxe/urlgrab) | A golang utility to spider through a website searching for additional links. | ![](https://img.shields.io/github/stars/IAmStoxe/urlgrab) | ![](https://img.shields.io/github/languages/top/IAmStoxe/urlgrab) |",
"Description": "A golang utility to spider through a website searching for additional links. ", "Description": "A golang utility to spider through a website searching for additional links. ",
"Install": { "Install": {
"Linux": "go get -u github.com/iamstoxe/urlgrab", "Linux": "go get -u github.com/iamstoxe/urlgrab",
@ -2511,6 +2511,22 @@
"Windows": "go get -u github.com/iamstoxe/urlgrab" "Windows": "go get -u github.com/iamstoxe/urlgrab"
} }
}, },
"urlhunter": {
"Type": "Discovery",
"Data": "| Discovery/URL | [urlhunter](https://github.com/utkusen/urlhunter) | a recon tool that allows searching on URLs that are exposed via shortener services | ![](https://img.shields.io/github/stars/utkusen/urlhunter) | ![](https://img.shields.io/github/languages/top/utkusen/urlhunter) |",
"Method": "URL",
"Description": "a recon tool that allows searching on URLs that are exposed via shortener services",
"Install": {
"Linux": "",
"MacOS": "",
"Windows": ""
},
"Update": {
"Linux": "",
"MacOS": "",
"Windows": ""
}
},
"urlprobe": { "urlprobe": {
"Data": "| Utility/URL | [urlprobe](https://github.com/1ndianl33t/urlprobe) | Urls status code \u0026 content length checker | ![](https://img.shields.io/github/stars/1ndianl33t/urlprobe) | ![](https://img.shields.io/github/languages/top/1ndianl33t/urlprobe) |", "Data": "| Utility/URL | [urlprobe](https://github.com/1ndianl33t/urlprobe) | Urls status code \u0026 content length checker | ![](https://img.shields.io/github/stars/1ndianl33t/urlprobe) | ![](https://img.shields.io/github/languages/top/1ndianl33t/urlprobe) |",
"Description": "Urls status code \u0026 content length checker ", "Description": "Urls status code \u0026 content length checker ",
@ -2591,6 +2607,22 @@
"Windows": "pip3 install wfuzz" "Windows": "pip3 install wfuzz"
} }
}, },
"wprecon": {
"Data": "| Scanner/WP | [wprecon](https://github.com/blackcrw/wprecon) | Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go. | ![](https://img.shields.io/github/stars/blackcrw/wprecon) | ![](https://img.shields.io/github/languages/top/blackcrw/wprecon) |",
"Description": "Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.",
"Install": {
"Linux": "",
"MacOS": "",
"Windows": ""
},
"Method": "WP",
"Type": "Scanner",
"Update": {
"Linux": "",
"MacOS": "",
"Windows": ""
}
},
"wpscan": { "wpscan": {
"Data": "| Scanner/WP | [wpscan](https://github.com/wpscanteam/wpscan) | WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. | ![](https://img.shields.io/github/stars/wpscanteam/wpscan) | ![](https://img.shields.io/github/languages/top/wpscanteam/wpscan) |", "Data": "| Scanner/WP | [wpscan](https://github.com/wpscanteam/wpscan) | WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. | ![](https://img.shields.io/github/stars/wpscanteam/wpscan) | ![](https://img.shields.io/github/languages/top/wpscanteam/wpscan) |",
"Description": "WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. ", "Description": "WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. ",
@ -2639,6 +2671,22 @@
"Windows": "cd xss-cheatsheet-data ; git pull -v" "Windows": "cd xss-cheatsheet-data ; git pull -v"
} }
}, },
"xsscrapy": {
"Data": "| Scanner/XSS | [xsscrapy](https://github.com/DanMcInerney/xsscrapy) | XSS/SQLi spider. Give it a URL and it'll test every link it finds for XSS and some SQLi. | ![](https://img.shields.io/github/stars/DanMcInerney/xsscrapy) | ![](https://img.shields.io/github/languages/top/DanMcInerney/xsscrapy) |",
"Description": "XSS/SQLi spider. Give it a URL and it'll test every link it finds for XSS and some SQLi. ",
"Install": {
"Linux": "git clone https://github.com/DanMcInerney/xsscrapy.git ; cd xsscrapy; pip install -r requirements.txt",
"MacOS": "git clone https://github.com/DanMcInerney/xsscrapy.git ; cd xsscrapy; pip install -r requirements.txt",
"Windows": "git clone https://github.com/DanMcInerney/xsscrapy.git ; cd xsscrapy; pip install -r requirements.txt"
},
"Method": "XSS",
"Type": "Scanner",
"Update": {
"Linux": "cd xsscrapy; git pull -v ; pip install -r requirements.txt",
"MacOS": "cd xsscrapy; git pull -v ; pip install -r requirements.txt",
"Windows": "cd xsscrapy; git pull -v ; pip install -r requirements.txt"
}
},
"xsser": { "xsser": {
"Data": "| Scanner/XSS | [xsser](https://github.com/epsylon/xsser) | Cross Site \"Scripter\" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. | ![](https://img.shields.io/github/stars/epsylon/xsser) | ![](https://img.shields.io/github/languages/top/epsylon/xsser) |", "Data": "| Scanner/XSS | [xsser](https://github.com/epsylon/xsser) | Cross Site \"Scripter\" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. | ![](https://img.shields.io/github/stars/epsylon/xsser) | ![](https://img.shields.io/github/languages/top/epsylon/xsser) |",
"Description": "Cross Site \"Scripter\" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. ", "Description": "Cross Site \"Scripter\" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. ",

View File

@ -1,8 +1,6 @@
<h1 align="center"> <h1 align="center">
<br> <br>
<a href=""><img src="https://user-images.githubusercontent.com/13212227/91529103-aba4b400-e943-11ea-9983-3b5aba7dd25c.png" alt="" width="300px;"></a> <a href=""><img src="https://user-images.githubusercontent.com/13212227/104400969-9f3d9280-5596-11eb-80f4-864effae95fc.png" alt="" width="500px;"></a>
<br>
Web Hacker's Weapons
<br> <br>
<img src="https://img.shields.io/github/languages/top/hahwul/WebHackersWeapons?style=flat"> <img src="https://img.shields.io/github/languages/top/hahwul/WebHackersWeapons?style=flat">
<img src="https://img.shields.io/github/last-commit/hahwul/WebHackersWeapons?style=flat"> <img src="https://img.shields.io/github/last-commit/hahwul/WebHackersWeapons?style=flat">
@ -14,6 +12,10 @@
</h1> </h1>
A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
## Family project
[![WebHackersWeapons](https://img.shields.io/github/stars/hahwul/WebHackersWeapons?label=WebHackersWeapons)](https://github.com/hahwul/WebHackersWeapons)
[![MobileHackersWeapons](https://img.shields.io/github/stars/hahwul/MobileHackersWeapons?label=MobileHackersWeapons)](https://github.com/hahwul/MobileHackersWeapons)
## Table of Contents ## Table of Contents
- [WHW-Tools](https://whw-tools.hahwul.com) - [WHW-Tools](https://whw-tools.hahwul.com)
- [Weapons](#weapons) - [Weapons](#weapons)