Awesome-Mirrors
/
WebHackersWeapons
mirror of https://github.com/hahwul/WebHackersWeapons.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Awesome-Mirrors:39ce541dd6fbeb5d93def0c888e6887d82b79098
Branches Tags
Awesome-Mirrors:main
Awesome-Mirrors:hahwul-dev
Awesome-Mirrors:gh-pages
Awesome-Mirrors:reengineering
Awesome-Mirrors:add-code-of-conduct-1
...
compare: Awesome-Mirrors:17cb01a3666700e003c54bf8c8f80d9b69908087
Branches Tags
Awesome-Mirrors:main
Awesome-Mirrors:hahwul-dev
Awesome-Mirrors:gh-pages
Awesome-Mirrors:reengineering
Awesome-Mirrors:add-code-of-conduct-1

6 Commits
39ce541dd6 ... 17cb01a366

Author SHA1 Message Date
WHW 17cb01a366 Deploy README.md and Categorize Docs 2024-01-22 13:38:52 +00:00
github-actions[bot] 4fc57be3d1
chore: update contributors [skip ci] 2024-01-22 13:36:32 +00:00
HAHWUL 3e98b2935b
Merge pull request #99 from edoardottt/main 
Add csprecon
 2024-01-22 22:36:19 +09:00
HAHWUL dfbdff28bb
Add 'csp' tag in csprecon 2024-01-22 22:34:34 +09:00
Edoardo Ottavianelli 95ceae8da0
Merge branch 'hahwul:main' into main 2024-01-21 15:44:30 +01:00
edoardottt 83e28a79b3 Add csprecon 2024-01-21 15:29:06 +01:00
6 changed files with 18 additions and 6 deletions
Show Stats Expand all files Collapse all files

3
README.md
View File

@ -28,7 +28,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
| | Attributes |
|-------|---------------------------------------------------|
| Types | `Army-Knife` `Proxy` `Recon` `Fuzzer` `Scanner` `Exploit` `Env` `Utils` `Etc`|
| Tags | [`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md) [`infra`](/categorize/tags/infra.md) [`pentest`](/categorize/tags/pentest.md) [`subdomains`](/categorize/tags/subdomains.md) [`online`](/categorize/tags/online.md) [`dns`](/categorize/tags/dns.md) [`js-analysis`](/categorize/tags/js-analysis.md) [`portscan`](/categorize/tags/portscan.md) [`url`](/categorize/tags/url.md) [`port`](/categorize/tags/port.md) [`favicon`](/categorize/tags/favicon.md) [`osint`](/categorize/tags/osint.md) [`param`](/categorize/tags/param.md) [`takeover`](/categorize/tags/takeover.md) [`endpoint`](/categorize/tags/endpoint.md) [`graphql`](/categorize/tags/graphql.md) [`domain`](/categorize/tags/domain.md) [`apk`](/categorize/tags/apk.md) [`cache-vuln`](/categorize/tags/cache-vuln.md) [`ssrf`](/categorize/tags/ssrf.md) [`jwt`](/categorize/tags/jwt.md) [`path-traversal`](/categorize/tags/path-traversal.md) [`header`](/categorize/tags/header.md) [`ssti`](/categorize/tags/ssti.md) [`crlf`](/categorize/tags/crlf.md) [`xss`](/categorize/tags/xss.md) [`cors`](/categorize/tags/cors.md) [`aaa`](/categorize/tags/aaa.md) [`ssl`](/categorize/tags/ssl.md) [`smuggle`](/categorize/tags/smuggle.md) [`oast`](/categorize/tags/oast.md) [`403`](/categorize/tags/403.md) [`s3`](/categorize/tags/s3.md) [`dependency-confusion`](/categorize/tags/dependency-confusion.md) [`sqli`](/categorize/tags/sqli.md) [`broken-link`](/categorize/tags/broken-link.md) [`exploit`](/categorize/tags/exploit.md) [`csp`](/categorize/tags/csp.md) [`xxe`](/categorize/tags/xxe.md) [`lfi`](/categorize/tags/lfi.md) [`RMI`](/categorize/tags/RMI.md) [`rop`](/categorize/tags/rop.md) [`deserialize`](/categorize/tags/deserialize.md) [`blind-xss`](/categorize/tags/blind-xss.md) [`browser-record`](/categorize/tags/browser-record.md) [`clipboard`](/categorize/tags/clipboard.md) [`http`](/categorize/tags/http.md) [`json`](/categorize/tags/json.md) [`notify`](/categorize/tags/notify.md) [`web3`](/categorize/tags/web3.md) [`payload`](/categorize/tags/payload.md) [`zipbomb`](/categorize/tags/zipbomb.md) [`nuclei-templates`](/categorize/tags/nuclei-templates.md) [`encode`](/categorize/tags/encode.md) [`cookie`](/categorize/tags/cookie.md) [`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md) [`report`](/categorize/tags/report.md) [`darkmode`](/categorize/tags/darkmode.md) [`fuzz`](/categorize/tags/fuzz.md) [`diff`](/categorize/tags/diff.md) |
| Tags | [`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md) [`infra`](/categorize/tags/infra.md) [`pentest`](/categorize/tags/pentest.md) [`subdomains`](/categorize/tags/subdomains.md) [`online`](/categorize/tags/online.md) [`dns`](/categorize/tags/dns.md) [`js-analysis`](/categorize/tags/js-analysis.md) [`portscan`](/categorize/tags/portscan.md) [`url`](/categorize/tags/url.md) [`port`](/categorize/tags/port.md) [`favicon`](/categorize/tags/favicon.md) [`osint`](/categorize/tags/osint.md) [`param`](/categorize/tags/param.md) [`takeover`](/categorize/tags/takeover.md) [`endpoint`](/categorize/tags/endpoint.md) [`graphql`](/categorize/tags/graphql.md) [`csp`](/categorize/tags/csp.md) [`domain`](/categorize/tags/domain.md) [`apk`](/categorize/tags/apk.md) [`cache-vuln`](/categorize/tags/cache-vuln.md) [`ssrf`](/categorize/tags/ssrf.md) [`jwt`](/categorize/tags/jwt.md) [`path-traversal`](/categorize/tags/path-traversal.md) [`header`](/categorize/tags/header.md) [`ssti`](/categorize/tags/ssti.md) [`crlf`](/categorize/tags/crlf.md) [`xss`](/categorize/tags/xss.md) [`cors`](/categorize/tags/cors.md) [`aaa`](/categorize/tags/aaa.md) [`ssl`](/categorize/tags/ssl.md) [`smuggle`](/categorize/tags/smuggle.md) [`oast`](/categorize/tags/oast.md) [`403`](/categorize/tags/403.md) [`s3`](/categorize/tags/s3.md) [`dependency-confusion`](/categorize/tags/dependency-confusion.md) [`sqli`](/categorize/tags/sqli.md) [`broken-link`](/categorize/tags/broken-link.md) [`exploit`](/categorize/tags/exploit.md) [`xxe`](/categorize/tags/xxe.md) [`lfi`](/categorize/tags/lfi.md) [`RMI`](/categorize/tags/RMI.md) [`rop`](/categorize/tags/rop.md) [`deserialize`](/categorize/tags/deserialize.md) [`blind-xss`](/categorize/tags/blind-xss.md) [`browser-record`](/categorize/tags/browser-record.md) [`clipboard`](/categorize/tags/clipboard.md) [`http`](/categorize/tags/http.md) [`json`](/categorize/tags/json.md) [`notify`](/categorize/tags/notify.md) [`web3`](/categorize/tags/web3.md) [`payload`](/categorize/tags/payload.md) [`zipbomb`](/categorize/tags/zipbomb.md) [`nuclei-templates`](/categorize/tags/nuclei-templates.md) [`encode`](/categorize/tags/encode.md) [`cookie`](/categorize/tags/cookie.md) [`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md) [`report`](/categorize/tags/report.md) [`darkmode`](/categorize/tags/darkmode.md) [`fuzz`](/categorize/tags/fuzz.md) [`diff`](/categorize/tags/diff.md) |
| Langs | [`Java`](/categorize/langs/Java.md) [`Shell`](/categorize/langs/Shell.md) [`Ruby`](/categorize/langs/Ruby.md) [`Go`](/categorize/langs/Go.md) [`Rust`](/categorize/langs/Rust.md) [`Python`](/categorize/langs/Python.md) [`C`](/categorize/langs/C.md) [`Kotlin`](/categorize/langs/Kotlin.md) [`JavaScript`](/categorize/langs/JavaScript.md) [`Crystal`](/categorize/langs/Crystal.md) [`Perl`](/categorize/langs/Perl.md) [`TypeScript`](/categorize/langs/TypeScript.md) [`C++`](/categorize/langs/C++.md) [`HTML`](/categorize/langs/HTML.md) [`PHP`](/categorize/langs/PHP.md) [`Txt`](/categorize/langs/Txt.md) [`BlitzBasic`](/categorize/langs/BlitzBasic.md) [`C#`](/categorize/langs/C%23.md) [`CSS`](/categorize/langs/CSS.md) |
### Tools
@ -126,6 +126,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
|Recon|[CT_subdomains](https://github.com/internetwache/CT_subdomains)|An hourly updated list of subdomains gathered from certificate transparency logs |![](https://img.shields.io/github/stars/internetwache/CT_subdomains?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|
|Recon|[FavFreak](https://github.com/devanshbatham/FavFreak)|Making Favicon.ico based Recon Great again ! |![](https://img.shields.io/github/stars/devanshbatham/FavFreak?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|Recon|[Lepus](https://github.com/gfek/Lepus)|Subdomain finder|![](https://img.shields.io/github/stars/gfek/Lepus?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|Recon|[csprecon](https://github.com/edoardottt/csprecon)|Discover new target domains using Content Security Policy|![](https://img.shields.io/github/stars/edoardottt/csprecon?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Recon|[reconftw](https://github.com/six2dez/reconftw)|reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities|![](https://img.shields.io/github/stars/six2dez/reconftw?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)|
|Recon|[aquatone](https://github.com/michenriksen/aquatone)|A Tool for Domain Flyovers |![](https://img.shields.io/github/stars/michenriksen/aquatone?label=%20)|[`domain`](/categorize/tags/domain.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Recon|[SubBrute](https://github.com/aboul3la/Sublist3r)|https://github.com/TheRook/subbrute|![](https://img.shields.io/github/stars/aboul3la/Sublist3r?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|

1
categorize/langs/Go.md
View File

@ -40,6 +40,7 @@
|Recon|[htcat](https://github.com/htcat/htcat)|Parallel and Pipelined HTTP GET Utility |![](https://img.shields.io/github/stars/htcat/htcat?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Recon|[gobuster](https://github.com/OJ/gobuster)|Directory/File, DNS and VHost busting tool written in Go |![](https://img.shields.io/github/stars/OJ/gobuster?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Recon|[go-dork](https://github.com/dwisiswant0/go-dork)|The fastest dork scanner written in Go. |![](https://img.shields.io/github/stars/dwisiswant0/go-dork?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Recon|[csprecon](https://github.com/edoardottt/csprecon)|Discover new target domains using Content Security Policy|![](https://img.shields.io/github/stars/edoardottt/csprecon?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Recon|[aquatone](https://github.com/michenriksen/aquatone)|A Tool for Domain Flyovers |![](https://img.shields.io/github/stars/michenriksen/aquatone?label=%20)|[`domain`](/categorize/tags/domain.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Recon|[crawlergo](https://github.com/Qianlitp/crawlergo)|A powerful browser crawler for web vulnerability scanners|![](https://img.shields.io/github/stars/Qianlitp/crawlergo?label=%20)|[`crawl`](/categorize/tags/crawl.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Recon|[assetfinder](https://github.com/tomnomnom/assetfinder)|Find domains and subdomains related to a given domain |![](https://img.shields.io/github/stars/tomnomnom/assetfinder?label=%20)|[`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|

1
categorize/tags/csp.md
View File

@ -3,6 +3,7 @@
| Type | Name | Description | Star | Tags | Badges |
| --- | --- | --- | --- | --- | --- |
|Recon|[csprecon](https://github.com/edoardottt/csprecon)|Discover new target domains using Content Security Policy|![](https://img.shields.io/github/stars/edoardottt/csprecon?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Scanner|[csp-auditor](https://github.com/GoSecure/csp-auditor)||![](https://img.shields.io/github/stars/GoSecure/csp-auditor?label=%20)|[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|Utils|[CSP Evaluator](https://csp-evaluator.withgoogle.com)|Online CSP Evaluator from google||[`csp`](/categorize/tags/csp.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)|

8
images/CONTRIBUTORS.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.7 MiB

After

Width:  |  Height:  |  Size: 2.7 MiB

2
scripts/last_change
View File

@ -1 +1 @@
Sun Jan 21 14:16:36 UTC 2024
Mon Jan 22 13:38:52 UTC 2024

9
weapons/csprecon.yaml Normal file
View File

@ -0,0 +1,9 @@
---
name: csprecon
description: Discover new target domains using Content Security Policy
url: https://github.com/edoardottt/csprecon
category: tool
type: Recon
platform: [linux, macos, windows]
lang: Go
tags: [csp]