Compare commits

...

4 Commits

Author SHA1 Message Date
WHW
b0a279e68b Deploy README.md and Categorize Docs 2023-02-09 14:50:18 +00:00
github-actions[bot]
0e0c2456c6
chore: update contributors [skip ci] 2023-02-09 14:35:04 +00:00
HAHWUL
c1206c48f1
Merge pull request #84 from Apotheas/main
Add GAP
2023-02-09 23:34:43 +09:00
Apotheas
10dedaf066
Add GAP 2023-02-09 13:36:38 +00:00
6 changed files with 35 additions and 9 deletions

View File

@ -29,7 +29,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
|-------|---------------------------------------------------| |-------|---------------------------------------------------|
| Types | `Army-Knife` `Proxy` `Recon` `Fuzzer` `Scanner` `Exploit` `Env` `Utils` `Etc`| | Types | `Army-Knife` `Proxy` `Recon` `Fuzzer` `Scanner` `Exploit` `Env` `Utils` `Etc`|
| Tags | [`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md) [`infra`](/categorize/tags/infra.md) [`pentest`](/categorize/tags/pentest.md) [`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md) [`url`](/categorize/tags/url.md) [`online`](/categorize/tags/online.md) [`takeover`](/categorize/tags/takeover.md) [`portscan`](/categorize/tags/portscan.md) [`port`](/categorize/tags/port.md) [`graphql`](/categorize/tags/graphql.md) [`endpoint`](/categorize/tags/endpoint.md) [`param`](/categorize/tags/param.md) [`osint`](/categorize/tags/osint.md) [`domain`](/categorize/tags/domain.md) [`apk`](/categorize/tags/apk.md) [`crlf`](/categorize/tags/crlf.md) [`ssrf`](/categorize/tags/ssrf.md) [`jwt`](/categorize/tags/jwt.md) [`path-traversal`](/categorize/tags/path-traversal.md) [`cache-vuln`](/categorize/tags/cache-vuln.md) [`smuggle`](/categorize/tags/smuggle.md) [`xss`](/categorize/tags/xss.md) [`cors`](/categorize/tags/cors.md) [`ssl`](/categorize/tags/ssl.md) [`broken-link`](/categorize/tags/broken-link.md) [`aaa`](/categorize/tags/aaa.md) [`exploit`](/categorize/tags/exploit.md) [`s3`](/categorize/tags/s3.md) [`sqli`](/categorize/tags/sqli.md) [`403`](/categorize/tags/403.md) [`dependency-confusion`](/categorize/tags/dependency-confusion.md) [`oast`](/categorize/tags/oast.md) [`csp`](/categorize/tags/csp.md) [`lfi`](/categorize/tags/lfi.md) [`xxe`](/categorize/tags/xxe.md) [`rop`](/categorize/tags/rop.md) [`RMI`](/categorize/tags/RMI.md) [`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md) [`blind-xss`](/categorize/tags/blind-xss.md) [`cookie`](/categorize/tags/cookie.md) [`notify`](/categorize/tags/notify.md) [`diff`](/categorize/tags/diff.md) [`zipbomb`](/categorize/tags/zipbomb.md) [`report`](/categorize/tags/report.md) [`http`](/categorize/tags/http.md) [`deserialize`](/categorize/tags/deserialize.md) [`darkmode`](/categorize/tags/darkmode.md) [`fuzz`](/categorize/tags/fuzz.md) [`payload`](/categorize/tags/payload.md) [`web3`](/categorize/tags/web3.md) | | Tags | [`mitmproxy`](/categorize/tags/mitmproxy.md) [`live-audit`](/categorize/tags/live-audit.md) [`crawl`](/categorize/tags/crawl.md) [`infra`](/categorize/tags/infra.md) [`pentest`](/categorize/tags/pentest.md) [`subdomains`](/categorize/tags/subdomains.md) [`dns`](/categorize/tags/dns.md) [`url`](/categorize/tags/url.md) [`online`](/categorize/tags/online.md) [`takeover`](/categorize/tags/takeover.md) [`portscan`](/categorize/tags/portscan.md) [`port`](/categorize/tags/port.md) [`graphql`](/categorize/tags/graphql.md) [`endpoint`](/categorize/tags/endpoint.md) [`param`](/categorize/tags/param.md) [`osint`](/categorize/tags/osint.md) [`domain`](/categorize/tags/domain.md) [`apk`](/categorize/tags/apk.md) [`crlf`](/categorize/tags/crlf.md) [`ssrf`](/categorize/tags/ssrf.md) [`jwt`](/categorize/tags/jwt.md) [`path-traversal`](/categorize/tags/path-traversal.md) [`cache-vuln`](/categorize/tags/cache-vuln.md) [`smuggle`](/categorize/tags/smuggle.md) [`xss`](/categorize/tags/xss.md) [`cors`](/categorize/tags/cors.md) [`ssl`](/categorize/tags/ssl.md) [`broken-link`](/categorize/tags/broken-link.md) [`aaa`](/categorize/tags/aaa.md) [`exploit`](/categorize/tags/exploit.md) [`s3`](/categorize/tags/s3.md) [`sqli`](/categorize/tags/sqli.md) [`403`](/categorize/tags/403.md) [`dependency-confusion`](/categorize/tags/dependency-confusion.md) [`oast`](/categorize/tags/oast.md) [`csp`](/categorize/tags/csp.md) [`lfi`](/categorize/tags/lfi.md) [`xxe`](/categorize/tags/xxe.md) [`rop`](/categorize/tags/rop.md) [`RMI`](/categorize/tags/RMI.md) [`wordlist`](/categorize/tags/wordlist.md) [`documents`](/categorize/tags/documents.md) [`blind-xss`](/categorize/tags/blind-xss.md) [`cookie`](/categorize/tags/cookie.md) [`notify`](/categorize/tags/notify.md) [`diff`](/categorize/tags/diff.md) [`zipbomb`](/categorize/tags/zipbomb.md) [`report`](/categorize/tags/report.md) [`http`](/categorize/tags/http.md) [`deserialize`](/categorize/tags/deserialize.md) [`darkmode`](/categorize/tags/darkmode.md) [`fuzz`](/categorize/tags/fuzz.md) [`payload`](/categorize/tags/payload.md) [`web3`](/categorize/tags/web3.md) |
| Langs | [`Java`](/categorize/langs/Java.md) [`Go`](/categorize/langs/Go.md) [`Shell`](/categorize/langs/Shell.md) [`Ruby`](/categorize/langs/Ruby.md) [`Python`](/categorize/langs/Python.md) [`Rust`](/categorize/langs/Rust.md) [`JavaScript`](/categorize/langs/JavaScript.md) [`C`](/categorize/langs/C.md) [`Kotlin`](/categorize/langs/Kotlin.md) [`Perl`](/categorize/langs/Perl.md) [`TypeScript`](/categorize/langs/TypeScript.md) [`BlitzBasic`](/categorize/langs/BlitzBasic.md) [`CSS`](/categorize/langs/CSS.md) [`C#`](/categorize/langs/C%23.md) [`PHP`](/categorize/langs/PHP.md) [`HTML`](/categorize/langs/HTML.md) [`C++`](/categorize/langs/C++.md) | | Langs | [`Java`](/categorize/langs/Java.md) [`Go`](/categorize/langs/Go.md) [`Shell`](/categorize/langs/Shell.md) [`Ruby`](/categorize/langs/Ruby.md) [`Python`](/categorize/langs/Python.md) [`Rust`](/categorize/langs/Rust.md) [`JavaScript`](/categorize/langs/JavaScript.md) [`C`](/categorize/langs/C.md) [`Kotlin`](/categorize/langs/Kotlin.md) [`python`](/categorize/langs/python.md) [`Perl`](/categorize/langs/Perl.md) [`TypeScript`](/categorize/langs/TypeScript.md) [`BlitzBasic`](/categorize/langs/BlitzBasic.md) [`CSS`](/categorize/langs/CSS.md) [`C#`](/categorize/langs/C%23.md) [`PHP`](/categorize/langs/PHP.md) [`HTML`](/categorize/langs/HTML.md) [`C++`](/categorize/langs/C++.md) |
### Tools ### Tools
| Type | Name | Description | Star | Tags | Badges | | Type | Name | Description | Star | Tags | Badges |
@ -368,6 +368,7 @@ A collection of awesome tools used by Web hackers. Happy hacking , Happy bug-hun
|Recon|[reflected-parameters](https://github.com/PortSwigger/reflected-parameters)||![](https://img.shields.io/github/stars/PortSwigger/reflected-parameters?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)| |Recon|[reflected-parameters](https://github.com/PortSwigger/reflected-parameters)||![](https://img.shields.io/github/stars/PortSwigger/reflected-parameters?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|Recon|[HUNT](https://github.com/bugcrowd/HUNT)|Identifies common parameters vulnerable to certain vulnerability classes|![](https://img.shields.io/github/stars/bugcrowd/HUNT?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)| |Recon|[HUNT](https://github.com/bugcrowd/HUNT)|Identifies common parameters vulnerable to certain vulnerability classes|![](https://img.shields.io/github/stars/bugcrowd/HUNT?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|
|Recon|[BurpJSLinkFinder](https://github.com/InitRoot/BurpJSLinkFinder)||![](https://img.shields.io/github/stars/InitRoot/BurpJSLinkFinder?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)| |Recon|[BurpJSLinkFinder](https://github.com/InitRoot/BurpJSLinkFinder)||![](https://img.shields.io/github/stars/InitRoot/BurpJSLinkFinder?label=%20)||![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|Fuzzer|[GAP](https://github.com/xnl-h4ck3r/GAP-Burp-Extension)|This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on.|![](https://img.shields.io/github/stars/xnl-h4ck3r/GAP-Burp-Extension?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![python](/images/python.png)](/categorize/langs/python.md)|
|Fuzzer|[param-miner](https://github.com/PortSwigger/param-miner)||![](https://img.shields.io/github/stars/PortSwigger/param-miner?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)| |Fuzzer|[param-miner](https://github.com/PortSwigger/param-miner)||![](https://img.shields.io/github/stars/PortSwigger/param-miner?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|Scanner|[Autorize](https://github.com/Quitten/Autorize)||![](https://img.shields.io/github/stars/Quitten/Autorize?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)| |Scanner|[Autorize](https://github.com/Quitten/Autorize)||![](https://img.shields.io/github/stars/Quitten/Autorize?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|Scanner|[AuthMatrix](https://github.com/SecurityInnovation/AuthMatrix)||![](https://img.shields.io/github/stars/SecurityInnovation/AuthMatrix?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)| |Scanner|[AuthMatrix](https://github.com/SecurityInnovation/AuthMatrix)||![](https://img.shields.io/github/stars/SecurityInnovation/AuthMatrix?label=%20)|[`aaa`](/categorize/tags/aaa.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|

View File

@ -0,0 +1,7 @@
## Tools Made of python
| Type | Name | Description | Star | Tags | Badges |
| --- | --- | --- | --- | --- | --- |
|Fuzzer|[GAP](https://github.com/xnl-h4ck3r/GAP-Burp-Extension)|This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on.|![](https://img.shields.io/github/stars/xnl-h4ck3r/GAP-Burp-Extension?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![python](/images/python.png)](/categorize/langs/python.md)|

View File

@ -9,6 +9,7 @@
|Recon|[Dr. Watson](https://github.com/prodigysml/Dr.-Watson)|Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information|![](https://img.shields.io/github/stars/prodigysml/Dr.-Watson?label=%20)|[`param`](/categorize/tags/param.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)| |Recon|[Dr. Watson](https://github.com/prodigysml/Dr.-Watson)|Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information|![](https://img.shields.io/github/stars/prodigysml/Dr.-Watson?label=%20)|[`param`](/categorize/tags/param.md) [`subdomains`](/categorize/tags/subdomains.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Python](/images/python.png)](/categorize/langs/Python.md)|
|Recon|[reflected-parameters](https://github.com/PortSwigger/reflected-parameters)||![](https://img.shields.io/github/stars/PortSwigger/reflected-parameters?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)| |Recon|[reflected-parameters](https://github.com/PortSwigger/reflected-parameters)||![](https://img.shields.io/github/stars/PortSwigger/reflected-parameters?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|
|Recon|[HUNT](https://github.com/bugcrowd/HUNT)|Identifies common parameters vulnerable to certain vulnerability classes|![](https://img.shields.io/github/stars/bugcrowd/HUNT?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)| |Recon|[HUNT](https://github.com/bugcrowd/HUNT)|Identifies common parameters vulnerable to certain vulnerability classes|![](https://img.shields.io/github/stars/bugcrowd/HUNT?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![zap](/images/zap.png)![burp](/images/burp.png)[![Kotlin](/images/kotlin.png)](/categorize/langs/Kotlin.md)|
|Fuzzer|[GAP](https://github.com/xnl-h4ck3r/GAP-Burp-Extension)|This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on.|![](https://img.shields.io/github/stars/xnl-h4ck3r/GAP-Burp-Extension?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![python](/images/python.png)](/categorize/langs/python.md)|
|Fuzzer|[fuzzparam](https://github.com/0xsapra/fuzzparam)|A fast go based param miner to fuzz possible parameters a URL can have.|![](https://img.shields.io/github/stars/0xsapra/fuzzparam?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)| |Fuzzer|[fuzzparam](https://github.com/0xsapra/fuzzparam)|A fast go based param miner to fuzz possible parameters a URL can have.|![](https://img.shields.io/github/stars/0xsapra/fuzzparam?label=%20)|[`param`](/categorize/tags/param.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)|
|Fuzzer|[param-miner](https://github.com/PortSwigger/param-miner)||![](https://img.shields.io/github/stars/PortSwigger/param-miner?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)| |Fuzzer|[param-miner](https://github.com/PortSwigger/param-miner)||![](https://img.shields.io/github/stars/PortSwigger/param-miner?label=%20)|[`param`](/categorize/tags/param.md) [`cache-vuln`](/categorize/tags/cache-vuln.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)![burp](/images/burp.png)[![Java](/images/java.png)](/categorize/langs/Java.md)|

File diff suppressed because one or more lines are too long

Before

Width:  |  Height:  |  Size: 2.4 MiB

After

Width:  |  Height:  |  Size: 2.6 MiB

View File

@ -1 +1 @@
Thu Feb 9 00:39:59 UTC 2023 Thu Feb 9 14:50:18 UTC 2023

14
weapons/GAP.yaml Normal file
View File

@ -0,0 +1,14 @@
---
name: GAP
description: This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on.
url: https://github.com/xnl-h4ck3r/GAP-Burp-Extension
category: tool-addon
type: Fuzzer
platform:
- linux
- macos
- windows
- burpsuite
lang: python
tags:
- param