mirror of
https://github.com/hahwul/WebHackersWeapons.git
synced 2024-12-25 07:09:39 -05:00
Merge branch 'main' of https://github.com/hahwul/WebHackersWeapons
This commit is contained in:
commit
c2d020ef0c
@ -28,7 +28,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
|
||||
| | Attributes |
|
||||
|-------|---------------------------------------------------|
|
||||
| Types | `Army-Knife` `Proxy` `Recon` `Fuzzer` `Scanner` `Exploit` `Env` `Utils` `Etc`|
|
||||
| Tags | [`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md) [`infra`](/categorize/tags/infra.md) [`pentest`](/categorize/tags/pentest.md) [`js-analysis`](/categorize/tags/js-analysis.md) [`param`](/categorize/tags/param.md) [`subdomains`](/categorize/tags/subdomains.md) [`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`takeover`](/categorize/tags/takeover.md) [`dns`](/categorize/tags/dns.md) [`osint`](/categorize/tags/osint.md) [`online`](/categorize/tags/online.md) [`domain`](/categorize/tags/domain.md) [`graphql`](/categorize/tags/graphql.md) [`portscan`](/categorize/tags/portscan.md) [`port`](/categorize/tags/port.md) [`apk`](/categorize/tags/apk.md) [`cache-vuln`](/categorize/tags/cache-vuln.md) [`crlf`](/categorize/tags/crlf.md) [`jwt`](/categorize/tags/jwt.md) [`ssrf`](/categorize/tags/ssrf.md) [`path-traversal`](/categorize/tags/path-traversal.md) [`s3`](/categorize/tags/s3.md) [`sqli`](/categorize/tags/sqli.md) [`403`](/categorize/tags/403.md) [`xss`](/categorize/tags/xss.md) [`ssl`](/categorize/tags/ssl.md) [`cors`](/categorize/tags/cors.md) [`broken-link`](/categorize/tags/broken-link.md) [`csp`](/categorize/tags/csp.md) [`smuggle`](/categorize/tags/smuggle.md) [`oast`](/categorize/tags/oast.md) [`aaa`](/categorize/tags/aaa.md) [`dependency-confusion`](/categorize/tags/dependency-confusion.md) [`exploit`](/categorize/tags/exploit.md) [`xxe`](/categorize/tags/xxe.md) [`RMI`](/categorize/tags/RMI.md) [`lfi`](/categorize/tags/lfi.md) [`rop`](/categorize/tags/rop.md) [`cookie`](/categorize/tags/cookie.md) [`nuclei-templates`](/categorize/tags/nuclei-templates.md) [`blind-xss`](/categorize/tags/blind-xss.md) [`fuzz`](/categorize/tags/fuzz.md) [`http`](/categorize/tags/http.md) [`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md) [`deserialize`](/categorize/tags/deserialize.md) [`zipbomb`](/categorize/tags/zipbomb.md) [`darkmode`](/categorize/tags/darkmode.md) [`notify`](/categorize/tags/notify.md) [`json`](/categorize/tags/json.md) [`payload`](/categorize/tags/payload.md) [`diff`](/categorize/tags/diff.md) [`encode`](/categorize/tags/encode.md) [`web3`](/categorize/tags/web3.md) [`clipboard`](/categorize/tags/clipboard.md) [`report`](/categorize/tags/report.md) |
|
||||
| Tags | [`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md) [`infra`](/categorize/tags/infra.md) [`pentest`](/categorize/tags/pentest.md) [`js-analysis`](/categorize/tags/js-analysis.md) [`param`](/categorize/tags/param.md) [`subdomains`](/categorize/tags/subdomains.md) [`endpoint`](/categorize/tags/endpoint.md) [`url`](/categorize/tags/url.md) [`takeover`](/categorize/tags/takeover.md) [`dns`](/categorize/tags/dns.md) [`osint`](/categorize/tags/osint.md) [`online`](/categorize/tags/online.md) [`domain`](/categorize/tags/domain.md) [`graphql`](/categorize/tags/graphql.md) [`portscan`](/categorize/tags/portscan.md) [`port`](/categorize/tags/port.md) [`apk`](/categorize/tags/apk.md) [`cache-vuln`](/categorize/tags/cache-vuln.md) [`ssti`](/categorize/tags/ssti.md) [`crlf`](/categorize/tags/crlf.md) [`jwt`](/categorize/tags/jwt.md) [`ssrf`](/categorize/tags/ssrf.md) [`path-traversal`](/categorize/tags/path-traversal.md) [`s3`](/categorize/tags/s3.md) [`sqli`](/categorize/tags/sqli.md) [`403`](/categorize/tags/403.md) [`xss`](/categorize/tags/xss.md) [`ssl`](/categorize/tags/ssl.md) [`cors`](/categorize/tags/cors.md) [`broken-link`](/categorize/tags/broken-link.md) [`csp`](/categorize/tags/csp.md) [`smuggle`](/categorize/tags/smuggle.md) [`oast`](/categorize/tags/oast.md) [`aaa`](/categorize/tags/aaa.md) [`dependency-confusion`](/categorize/tags/dependency-confusion.md) [`exploit`](/categorize/tags/exploit.md) [`xxe`](/categorize/tags/xxe.md) [`RMI`](/categorize/tags/RMI.md) [`lfi`](/categorize/tags/lfi.md) [`rop`](/categorize/tags/rop.md) [`cookie`](/categorize/tags/cookie.md) [`nuclei-templates`](/categorize/tags/nuclei-templates.md) [`blind-xss`](/categorize/tags/blind-xss.md) [`fuzz`](/categorize/tags/fuzz.md) [`http`](/categorize/tags/http.md) [`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md) [`deserialize`](/categorize/tags/deserialize.md) [`zipbomb`](/categorize/tags/zipbomb.md) [`darkmode`](/categorize/tags/darkmode.md) [`notify`](/categorize/tags/notify.md) [`json`](/categorize/tags/json.md) [`payload`](/categorize/tags/payload.md) [`diff`](/categorize/tags/diff.md) [`encode`](/categorize/tags/encode.md) [`web3`](/categorize/tags/web3.md) [`clipboard`](/categorize/tags/clipboard.md) [`report`](/categorize/tags/report.md) |
|
||||
| Langs | [`Java`](/categorize/langs/Java.md) [`Go`](/categorize/langs/Go.md) [`Shell`](/categorize/langs/Shell.md) [`Ruby`](/categorize/langs/Ruby.md) [`Python`](/categorize/langs/Python.md) [`Rust`](/categorize/langs/Rust.md) [`JavaScript`](/categorize/langs/JavaScript.md) [`Crystal`](/categorize/langs/Crystal.md) [`C`](/categorize/langs/C.md) [`Kotlin`](/categorize/langs/Kotlin.md) [`Perl`](/categorize/langs/Perl.md) [`TypeScript`](/categorize/langs/TypeScript.md) [`BlitzBasic`](/categorize/langs/BlitzBasic.md) [`Txt`](/categorize/langs/Txt.md) [`C#`](/categorize/langs/C%23.md) [`CSS`](/categorize/langs/CSS.md) [`PHP`](/categorize/langs/PHP.md) [`HTML`](/categorize/langs/HTML.md) [`C++`](/categorize/langs/C++.md) |
|
||||
|
||||
### Tools
|
||||
@ -147,6 +147,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
|
||||
|Recon|[gobuster](https://github.com/OJ/gobuster)|Directory/File, DNS and VHost busting tool written in Go |![](https://img.shields.io/github/stars/OJ/gobuster?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|
||||
|Fuzzer|[BruteX](https://github.com/1N3/BruteX)|Automatically brute force all services running on a target.|![](https://img.shields.io/github/stars/1N3/BruteX?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
|
||||
|Fuzzer|[wfuzz](https://github.com/xmendez/wfuzz)|Web application fuzzer |![](https://img.shields.io/github/stars/xmendez/wfuzz?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|Fuzzer|[SSTImap](https://github.com/vladko312/SSTImap)|Automatic SSTI detection tool with interactive interface|![](https://img.shields.io/github/stars/vladko312/SSTImap?label=%20)|[`ssti`](/categorize/tags/ssti.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|Fuzzer|[hashcat](https://github.com/hashcat/hashcat/)|World's fastest and most advanced password recovery utility |![](https://img.shields.io/github/stars/hashcat/hashcat/?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![C](/images/c.png)](/categorize/langs/C.md)|
|
||||
|Fuzzer|[fuzzparam](https://github.com/0xsapra/fuzzparam)|A fast go based param miner to fuzz possible parameters a URL can have.|![](https://img.shields.io/github/stars/0xsapra/fuzzparam?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|
||||
|Fuzzer|[ParamPamPam](https://github.com/Bo0oM/ParamPamPam)|This tool for brute discover GET and POST parameters.|![](https://img.shields.io/github/stars/Bo0oM/ParamPamPam?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
@ -405,6 +406,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
|
||||
|Utils|[Decoder-Improved](https://github.com/nccgroup/Decoder-Improved)|Improved decoder for Burp Suite|![](https://img.shields.io/github/stars/nccgroup/Decoder-Improved?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[Berserko](https://github.com/nccgroup/Berserko)|Burp Suite extension to perform Kerberos authentication|![](https://img.shields.io/github/stars/nccgroup/Berserko?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[burp-send-to](https://github.com/bytebutcher/burp-send-to)||![](https://img.shields.io/github/stars/bytebutcher/burp-send-to?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[Map Local](https://github.com/Keindel/owasp-zap-maplocal-addon)|ZAP add-on which allows mapping of responses to content of a chosen local file.|![](https://img.shields.io/github/stars/Keindel/owasp-zap-maplocal-addon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[taborator](https://github.com/hackvertor/taborator)||![](https://img.shields.io/github/stars/hackvertor/taborator?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[argumentinjectionhammer](https://github.com/nccgroup/argumentinjectionhammer)|A Burp Extension designed to identify argument injection vulnerabilities.|![](https://img.shields.io/github/stars/nccgroup/argumentinjectionhammer?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|Utils|[blackboxprotobuf](https://github.com/nccgroup/blackboxprotobuf)|Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.|![](https://img.shields.io/github/stars/nccgroup/blackboxprotobuf?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|
@ -25,6 +25,7 @@
|
||||
|Utils|[Decoder-Improved](https://github.com/nccgroup/Decoder-Improved)|Improved decoder for Burp Suite|![](https://img.shields.io/github/stars/nccgroup/Decoder-Improved?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[Berserko](https://github.com/nccgroup/Berserko)|Burp Suite extension to perform Kerberos authentication|![](https://img.shields.io/github/stars/nccgroup/Berserko?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[burp-send-to](https://github.com/bytebutcher/burp-send-to)||![](https://img.shields.io/github/stars/bytebutcher/burp-send-to?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[Map Local](https://github.com/Keindel/owasp-zap-maplocal-addon)|ZAP add-on which allows mapping of responses to content of a chosen local file.|![](https://img.shields.io/github/stars/Keindel/owasp-zap-maplocal-addon?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[taborator](https://github.com/hackvertor/taborator)||![](https://img.shields.io/github/stars/hackvertor/taborator?label=%20)|[`oast`](/categorize/tags/oast.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[pcap-burp](https://github.com/nccgroup/pcap-burp)|Pcap importer for Burp|![](https://img.shields.io/github/stars/nccgroup/pcap-burp?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|Utils|[AuthMatrix](https://github.com/SecurityInnovation/AuthMatrix)|Automated HTTP Request Repeating With Burp Suite|![](https://img.shields.io/github/stars/SecurityInnovation/AuthMatrix?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|
||||
|
@ -38,6 +38,7 @@
|
||||
|Recon|[Photon](https://github.com/s0md3v/Photon)|Incredibly fast crawler designed for OSINT. |![](https://img.shields.io/github/stars/s0md3v/Photon?label=%20)|[`osint`](/categorize/tags/osint.md) [`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|Recon|[knock](https://github.com/guelfoweb/knock)|Knock Subdomain Scan |![](https://img.shields.io/github/stars/guelfoweb/knock?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|Fuzzer|[wfuzz](https://github.com/xmendez/wfuzz)|Web application fuzzer |![](https://img.shields.io/github/stars/xmendez/wfuzz?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|Fuzzer|[SSTImap](https://github.com/vladko312/SSTImap)|Automatic SSTI detection tool with interactive interface|![](https://img.shields.io/github/stars/vladko312/SSTImap?label=%20)|[`ssti`](/categorize/tags/ssti.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|Fuzzer|[ParamPamPam](https://github.com/Bo0oM/ParamPamPam)|This tool for brute discover GET and POST parameters.|![](https://img.shields.io/github/stars/Bo0oM/ParamPamPam?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|Fuzzer|[CrackQL](https://github.com/nicholasaleks/CrackQL)|CrackQL is a GraphQL password brute-force and fuzzing utility.|![](https://img.shields.io/github/stars/nicholasaleks/CrackQL?label=%20)|[`graphql`](/categorize/tags/graphql.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|Fuzzer|[GAP](https://github.com/xnl-h4ck3r/GAP-Burp-Extension)|This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on.|![](https://img.shields.io/github/stars/xnl-h4ck3r/GAP-Burp-Extension?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|
7
categorize/tags/ssti.md
Normal file
7
categorize/tags/ssti.md
Normal file
@ -0,0 +1,7 @@
|
||||
|
||||
## Tools for ssti
|
||||
|
||||
| Type | Name | Description | Star | Tags | Badges |
|
||||
| --- | --- | --- | --- | --- | --- |
|
||||
|Fuzzer|[SSTImap](https://github.com/vladko312/SSTImap)|Automatic SSTI detection tool with interactive interface|![](https://img.shields.io/github/stars/vladko312/SSTImap?label=%20)|[`ssti`](/categorize/tags/ssti.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|
||||
|
File diff suppressed because one or more lines are too long
Before Width: | Height: | Size: 3.2 MiB After Width: | Height: | Size: 3.0 MiB |
@ -1 +1 @@
|
||||
Wed Aug 23 14:45:58 UTC 2023
|
||||
Wed Sep 6 15:21:40 UTC 2023
|
||||
|
Loading…
Reference in New Issue
Block a user