Awesome-Mirrors/WebHackersWeapons
1
0
Fork 0
mirror of https://github.com/hahwul/WebHackersWeapons.git synced 2025-03-07 14:25:52 -05:00
Code Issues Packages Projects Releases Wiki Activity

distribute readme

Browse Source
This commit is contained in:
hahwul 2021-08-17 10:40:38 +09:00
parent c14ceae1ef
commit eff2b547f8
2 changed files with 54 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -144,7 +144,10 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
| Scanner/RECON | [megplus](https://github.com/EdOverflow/megplus) | Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED] | ![](https://img.shields.io/github/stars/EdOverflow/megplus) | ![](https://img.shields.io/github/languages/top/EdOverflow/megplus) | | Scanner/RECON | [megplus](https://github.com/EdOverflow/megplus) | Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED] | ![](https://img.shields.io/github/stars/EdOverflow/megplus) | ![](https://img.shields.io/github/languages/top/EdOverflow/megplus) |
| Scanner/S3 | [AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump) | Security Tool to Look For Interesting Files in S3 Buckets | ![](https://img.shields.io/github/stars/jordanpotti/AWSBucketDump) | ![](https://img.shields.io/github/languages/top/jordanpotti/AWSBucketDump) | | Scanner/S3 | [AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump) | Security Tool to Look For Interesting Files in S3 Buckets | ![](https://img.shields.io/github/stars/jordanpotti/AWSBucketDump) | ![](https://img.shields.io/github/languages/top/jordanpotti/AWSBucketDump) |
| Scanner/S3 | [S3Scanner](https://github.com/sa7mon/S3Scanner) | Scan for open AWS S3 buckets and dump the contents | ![](https://img.shields.io/github/stars/sa7mon/S3Scanner) | ![](https://img.shields.io/github/languages/top/sa7mon/S3Scanner) | | Scanner/S3 | [S3Scanner](https://github.com/sa7mon/S3Scanner) | Scan for open AWS S3 buckets and dump the contents | ![](https://img.shields.io/github/stars/sa7mon/S3Scanner) | ![](https://img.shields.io/github/languages/top/sa7mon/S3Scanner) |
| Scanner/SMUGGLE | [HRS](https://github.com/SafeBreach-Labs/HRS) | HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020. | ![](https://img.shields.io/github/stars/SafeBreach-Labs/HRS) | ![](https://img.shields.io/github/languages/top/SafeBreach-Labs/HRS) |
| Scanner/SMUGGLE | [h2csmuggler](https://github.com/BishopFox/h2csmuggler) | HTTP Request Smuggling over HTTP/2 Cleartext (h2c) | ![](https://img.shields.io/github/stars/BishopFox/h2csmuggler) | ![](https://img.shields.io/github/languages/top/BishopFox/h2csmuggler) | | Scanner/SMUGGLE | [h2csmuggler](https://github.com/BishopFox/h2csmuggler) | HTTP Request Smuggling over HTTP/2 Cleartext (h2c) | ![](https://img.shields.io/github/stars/BishopFox/h2csmuggler) | ![](https://img.shields.io/github/languages/top/BishopFox/h2csmuggler) |
| Scanner/SMUGGLE | [http-request-smuggler](https://github.com/PortSwigger/http-request-smuggler) | This extension should not be confused with Burp Suite HTTP Smuggler, which uses similar techniques but is focused exclusively bypassing WAFs. | ![](https://img.shields.io/github/stars/PortSwigger/http-request-smuggler) | ![](https://img.shields.io/github/languages/top/PortSwigger/http-request-smuggler) |
| Scanner/SMUGGLE | [http-request-smuggling](https://github.com/anshumanpattnaik/http-request-smuggling) | HTTP Request Smuggling Detection Tool | ![](https://img.shields.io/github/stars/anshumanpattnaik/http-request-smuggling) | ![](https://img.shields.io/github/languages/top/anshumanpattnaik/http-request-smuggling) |
| Scanner/SMUGGLE | [http2smugl](https://github.com/neex/http2smugl) | This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server. | ![](https://img.shields.io/github/stars/neex/http2smugl) | ![](https://img.shields.io/github/languages/top/neex/http2smugl) | | Scanner/SMUGGLE | [http2smugl](https://github.com/neex/http2smugl) | This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server. | ![](https://img.shields.io/github/stars/neex/http2smugl) | ![](https://img.shields.io/github/languages/top/neex/http2smugl) |
| Scanner/SMUGGLE | [smuggler](https://github.com/defparam/smuggler) | Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3 | ![](https://img.shields.io/github/stars/defparam/smuggler) | ![](https://img.shields.io/github/languages/top/defparam/smuggler) | | Scanner/SMUGGLE | [smuggler](https://github.com/defparam/smuggler) | Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3 | ![](https://img.shields.io/github/stars/defparam/smuggler) | ![](https://img.shields.io/github/languages/top/defparam/smuggler) |
| Scanner/SMUGGLE | [websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler) | websocket-connection-smuggler | ![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler) | ![](https://img.shields.io/github/languages/top/hahwul/websocket-connection-smuggler) | | Scanner/SMUGGLE | [websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler) | websocket-connection-smuggler | ![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler) | ![](https://img.shields.io/github/languages/top/hahwul/websocket-connection-smuggler) |

54
data.json
View File

@ -431,6 +431,22 @@
"Windows": "cd GraphQLmap; git pull -v ; pip install -r requirements.txt" "Windows": "cd GraphQLmap; git pull -v ; pip install -r requirements.txt"
} }
}, },
"HRS": {
"Type": "Scanner",
"Data": "| Scanner/SMUGGLE | [HRS](https://github.com/SafeBreach-Labs/HRS) | HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020. | ![](https://img.shields.io/github/stars/SafeBreach-Labs/HRS) | ![](https://img.shields.io/github/languages/top/SafeBreach-Labs/HRS) |",
"Method": "SMUGGLE",
"Description": "HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020.",
"Install": {
"Linux": "",
"MacOS": "",
"Windows": ""
},
"Update": {
"Linux": "",
"MacOS": "",
"Windows": ""
}
},
"HydraRecon": { "HydraRecon": {
"Data": "| Discovery/ALL | [HydraRecon](https://github.com/aufzayed/HydraRecon) | All In One, Fast, Easy Recon Tool | ![](https://img.shields.io/github/stars/aufzayed/HydraRecon) | ![](https://img.shields.io/github/languages/top/aufzayed/HydraRecon) |", "Data": "| Discovery/ALL | [HydraRecon](https://github.com/aufzayed/HydraRecon) | All In One, Fast, Easy Recon Tool | ![](https://img.shields.io/github/stars/aufzayed/HydraRecon) | ![](https://img.shields.io/github/languages/top/aufzayed/HydraRecon) |",
"Description": "All In One, Fast, Easy Recon Tool", "Description": "All In One, Fast, Easy Recon Tool",
@ -2079,16 +2095,48 @@
"Windows": "go get github.com/htcat/htcat/cmd/htcat" "Windows": "go get github.com/htcat/htcat/cmd/htcat"
} }
}, },
"http2smugl": { "http-request-smuggler": {
"Type": "Scanner", "Data": "| Scanner/SMUGGLE | [http-request-smuggler](https://github.com/PortSwigger/http-request-smuggler) | This extension should not be confused with Burp Suite HTTP Smuggler, which uses similar techniques but is focused exclusively bypassing WAFs. | ![](https://img.shields.io/github/stars/PortSwigger/http-request-smuggler) | ![](https://img.shields.io/github/languages/top/PortSwigger/http-request-smuggler) |",
"Data": "| Scanner/SMUGGLE | [http2smugl](https://github.com/neex/http2smugl) | This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -\u003e HTTP/1.1 conversion by the frontend server. | ![](https://img.shields.io/github/stars/neex/http2smugl) | ![](https://img.shields.io/github/languages/top/neex/http2smugl) |", "Description": "This extension should not be confused with Burp Suite HTTP Smuggler, which uses similar techniques but is focused exclusively bypassing WAFs.",
"Install": {
"Linux": "",
"MacOS": "",
"Windows": ""
},
"Method": "SMUGGLE", "Method": "SMUGGLE",
"Type": "Scanner",
"Update": {
"Linux": "",
"MacOS": "",
"Windows": ""
}
},
"http-request-smuggling": {
"Data": "| Scanner/SMUGGLE | [http-request-smuggling](https://github.com/anshumanpattnaik/http-request-smuggling) | HTTP Request Smuggling Detection Tool | ![](https://img.shields.io/github/stars/anshumanpattnaik/http-request-smuggling) | ![](https://img.shields.io/github/languages/top/anshumanpattnaik/http-request-smuggling) |",
"Description": "HTTP Request Smuggling Detection Tool",
"Install": {
"Linux": "",
"MacOS": "",
"Windows": ""
},
"Method": "SMUGGLE",
"Type": "Scanner",
"Update": {
"Linux": "",
"MacOS": "",
"Windows": ""
}
},
"http2smugl": {
"Data": "| Scanner/SMUGGLE | [http2smugl](https://github.com/neex/http2smugl) | This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -\u003e HTTP/1.1 conversion by the frontend server. | ![](https://img.shields.io/github/stars/neex/http2smugl) | ![](https://img.shields.io/github/languages/top/neex/http2smugl) |",
"Description": "This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -\u003e HTTP/1.1 conversion by the frontend server.", "Description": "This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -\u003e HTTP/1.1 conversion by the frontend server.",
"Install": { "Install": {
"Linux": "", "Linux": "",
"MacOS": "", "MacOS": "",
"Windows": "" "Windows": ""
}, },
"Method": "SMUGGLE",
"Type": "Scanner",
"Update": { "Update": {
"Linux": "", "Linux": "",
"MacOS": "", "MacOS": "",