Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Go to file
2020-04-07 02:01:12 +09:00
.github Create FUNDING.yml 2020-04-05 00:08:50 +09:00
template Update foot.md 2020-04-06 03:23:48 +09:00
add-tool fix bug 2020-04-07 01:09:17 +09:00
add-tool.go fix bug 2020-04-07 01:09:17 +09:00
data.json Update data.json 2020-04-07 01:24:12 +09:00
distribute-readme add distribute-readme 2020-04-07 01:07:46 +09:00
distribute-readme.go Update distribute-readme.go 2020-04-07 02:01:12 +09:00
LICENSE Initial commit 2020-04-04 23:54:05 +09:00
README.md Update README.md 2020-04-07 01:55:29 +09:00
tool-template.md Update tool-template.md 2020-04-06 03:10:26 +09:00
type.lst Create type.lst 2020-04-06 03:18:18 +09:00



Web Hacker's Weapons

A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Category

Weapons

Main Weapon

Name Description Popularity Language Metadata

Fetch path and host

Name Description Popularity Language Metadata
httprobe Take a list of domains and probe for working HTTP and HTTPS servers


SQL Injection

Name Description Popularity Language Metadata
sqlmap Automatic SQL injection and database takeover tool


CORS Misconfiguration

Name Description Popularity Language Metadata
Corsy CORS Misconfiguration Scanner


Subdomain Enumeration

Name Description Popularity Language Metadata
Amass In-depth Attack Surface Mapping and Asset Discovery


Port scanner

Name Description Popularity Language Metadata
masscan TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.


XSS

Name Description Popularity Language Metadata
XSStrike Most advanced XSS scanner.


Path traversal / Directory traversal / LFI

Name Description Popularity Language Metadata

Command Injection

Name Description Popularity Language Metadata

CSRF

Name Description Popularity Language Metadata

NoSQL Injection

Name Description Popularity Language Metadata
NoSQLMap Automated NoSQL database enumeration and web application exploitation tool.


SSRF

Name Description Popularity Language Metadata

Cloud Security

Name Description Popularity Language Metadata
s3reverse The format of various s3 buckets is convert in one format. for bugbounty and security testing.


Web Discovery

Name Description Popularity Language Metadata
Arjun HTTP parameter discovery suite.


Web Vulnerability Scanner

Name Description Popularity Language Metadata
Silver Mass scan IPs for vulnerable services


WebSocket

Name Description Popularity Language Metadata

Utility for hackers

Name Description Popularity Language Metadata
ftc simple copy to file to clipboard


Usage of weapon-md

./weapon-md
Usage of ./weapon-md:
  -isFirst
    	if you add new type, it use
  -url string
    	github / gitlab / bitbucket url

Three Procedures for the Contribute

  • First, generate markdown code using weapon-md
$ ./weapon-md -url https://github.com/hahwul/xspear
| [xspear](https://github.com/hahwul/xspear) | Powerfull XSS Scanning and Parameter analysis tool&gem | ![](https://img.shields.io/github/stars/hahwul/xspear) | ![](https://img.shields.io/github/languages/top/hahwul/xspear) | ![](https://img.shields.io/github/repo-size/hahwul/xspear)<br>![](https://img.shields.io/github/license/hahwul/xspear) <br> ![](https://img.shields.io/github/forks/hahwul/xspear) <br> ![](https://img.shields.io/github/watchers/hahwul/xspear) |
  • Second, Give me PR or Add issue with output code
  • Third, There's no third.