mirror of
https://github.com/hahwul/WebHackersWeapons.git
synced 2024-12-21 21:45:14 -05:00
342 lines
23 KiB
JSON
342 lines
23 KiB
JSON
{
|
|
"Amass": {
|
|
"Data": "| Discovery/DOMAIN | [Amass](https://github.com/OWASP/Amass) | In-depth Attack Surface Mapping and Asset Discovery | ![](https://img.shields.io/github/stars/OWASP/Amass) | ![](https://img.shields.io/github/languages/top/OWASP/Amass) |",
|
|
"Method": "DOMAIN",
|
|
"Type": "Discovery"
|
|
},
|
|
"Arjun": {
|
|
"Data": "| Discovery/HTTP | [Arjun](https://github.com/s0md3v/Arjun) | HTTP parameter discovery suite. | ![](https://img.shields.io/github/stars/s0md3v/Arjun) | ![](https://img.shields.io/github/languages/top/s0md3v/Arjun) |",
|
|
"Method": "HTTP",
|
|
"Type": "Discovery"
|
|
},
|
|
"BurpSuite": {
|
|
"Data": "| Army-Knife/BURP | [BurpSuite](https://portswigger.net/burp) | It's Awesome|![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray) | ![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray)|",
|
|
"Method": "BURP",
|
|
"Type": "Army-Knife"
|
|
},
|
|
"CSP Evaluator": {
|
|
"Data": "| Utility/CSP | [CSP Evaluator](https://csp-evaluator.withgoogle.com) | Online CSP Evaluator from google|![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray) | ![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray)|",
|
|
"Method": "CSP",
|
|
"Type": "Utility"
|
|
},
|
|
"Corsy": {
|
|
"Data": "| Scanner/CORS | [Corsy](https://github.com/s0md3v/Corsy) | CORS Misconfiguration Scanner | ![](https://img.shields.io/github/stars/s0md3v/Corsy) | ![](https://img.shields.io/github/languages/top/s0md3v/Corsy) |",
|
|
"Method": "CORS",
|
|
"Type": "Scanner"
|
|
},
|
|
"DNSDumpster": {
|
|
"Data": "| Discovery/DNS | [DNSDumpster](https://dnsdumpster.com) | Online dns recon \u0026 research, find \u0026 lookup dns records|![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray) | ![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray)|",
|
|
"Method": "DNS",
|
|
"Type": "Discovery"
|
|
},
|
|
"GitMiner": {
|
|
"Data": "| Discovery/GIT | [GitMiner](https://github.com/UnkL4b/GitMiner) | Tool for advanced mining for content on Github | ![](https://img.shields.io/github/stars/UnkL4b/GitMiner) | ![](https://img.shields.io/github/languages/top/UnkL4b/GitMiner) |",
|
|
"Method": "GIT",
|
|
"Type": "Discovery"
|
|
},
|
|
"LFISuite": {
|
|
"Data": "| Scanner/LFI | [LFISuite](https://github.com/D35m0nd142/LFISuite) | Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner | ![](https://img.shields.io/github/stars/D35m0nd142/LFISuite) | ![](https://img.shields.io/github/languages/top/D35m0nd142/LFISuite) |",
|
|
"Method": "LFI",
|
|
"Type": "Scanner"
|
|
},
|
|
"Medusa": {
|
|
"Data": "| Scanner/FUZZ | [Medusa](https://github.com/pymedusa/Medusa) | Automatic Video Library Manager for TV Shows. It watches for new episodes of your favorite shows, and when they are posted it does its magic. | ![](https://img.shields.io/github/stars/pymedusa/Medusa) | ![](https://img.shields.io/github/languages/top/pymedusa/Medusa) |",
|
|
"Method": "FUZZ",
|
|
"Type": "Scanner"
|
|
},
|
|
"NoSQLMap": {
|
|
"Data": "| Scanner/NOSQL | [NoSQLMap](https://github.com/codingo/NoSQLMap) | Automated NoSQL database enumeration and web application exploitation tool. | ![](https://img.shields.io/github/stars/codingo/NoSQLMap) | ![](https://img.shields.io/github/languages/top/codingo/NoSQLMap) |",
|
|
"Method": "NOSQL",
|
|
"Type": "Scanner"
|
|
},
|
|
"Phoenix": {
|
|
"Data": "| Utility/ETC | [Phoenix](https://www.hahwul.com/p/phoenix.html) | hahwul's online tools|![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray) | ![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray)|",
|
|
"Method": "ETC",
|
|
"Type": "Utility"
|
|
},
|
|
"Photon": {
|
|
"Data": "| Discovery/CRAWL | [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. | ![](https://img.shields.io/github/stars/s0md3v/Photon) | ![](https://img.shields.io/github/languages/top/s0md3v/Photon) |",
|
|
"Method": "CRAWL",
|
|
"Type": "Discovery"
|
|
},
|
|
"S3Scanner": {
|
|
"Data": "| Scanner/S3 | [S3Scanner](https://github.com/sa7mon/S3Scanner) | Scan for open AWS S3 buckets and dump the contents | ![](https://img.shields.io/github/stars/sa7mon/S3Scanner) | ![](https://img.shields.io/github/languages/top/sa7mon/S3Scanner) |",
|
|
"Method": "S3",
|
|
"Type": "Scanner"
|
|
},
|
|
"SQLNinja": {
|
|
"Data": "| Scanner/SQL | [SQLNinja](https://gitlab.com/kalilinux/packages/sqlninja) | SQL Injection scanner|![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray) | ![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray)|",
|
|
"Method": "SQL",
|
|
"Type": "Scanner"
|
|
},
|
|
"SecLists": {
|
|
"Data": "| Utility/WORD | [SecLists](https://github.com/danielmiessler/SecLists) | SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. | ![](https://img.shields.io/github/stars/danielmiessler/SecLists) | ![](https://img.shields.io/github/languages/top/danielmiessler/SecLists) |",
|
|
"Method": "WORD",
|
|
"Type": "Utility"
|
|
},
|
|
"SecurityTrails": {
|
|
"Data": "| Discovery/DNS | [SecurityTrails](https://securitytrails.com) | Online dns / subdomain / recon tool|![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray) | ![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray)|",
|
|
"Method": "DNS",
|
|
"Type": "Discovery"
|
|
},
|
|
"SequenceDiagram": {
|
|
"Data": "| Utility/FLOW | [SequenceDiagram](https://sequencediagram.org) | Online tool for creating UML sequence diagrams|![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray) | ![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray)|",
|
|
"Method": "FLOW",
|
|
"Type": "Utility"
|
|
},
|
|
"Shodan": {
|
|
"Data": "| Discovery/PORT | [Shodan](https://www.shodan.io/) | World's first search engine for Internet-connected devices|![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray) | ![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray)|",
|
|
"Method": "PORT",
|
|
"Type": "Discovery"
|
|
},
|
|
"Silver": {
|
|
"Data": "| Discovery/VULN | [Silver](https://github.com/s0md3v/Silver) | Mass scan IPs for vulnerable services | ![](https://img.shields.io/github/stars/s0md3v/Silver) | ![](https://img.shields.io/github/languages/top/s0md3v/Silver) |",
|
|
"Method": "VULN",
|
|
"Type": "Discovery"
|
|
},
|
|
"Striker": {
|
|
"Data": "| Scanner/WVS | [Striker](https://github.com/s0md3v/Striker) | Striker is an offensive information and vulnerability scanner. | ![](https://img.shields.io/github/stars/s0md3v/Striker) | ![](https://img.shields.io/github/languages/top/s0md3v/Striker) |",
|
|
"Method": "WVS",
|
|
"Type": "Scanner"
|
|
},
|
|
"Sublist3r": {
|
|
"Data": "| Discovery/DOMAIN | [Sublist3r](https://github.com/aboul3la/Sublist3r) | Fast subdomains enumeration tool for penetration testers | ![](https://img.shields.io/github/stars/aboul3la/Sublist3r) | ![](https://img.shields.io/github/languages/top/aboul3la/Sublist3r) |",
|
|
"Method": "DOMAIN",
|
|
"Type": "Discovery"
|
|
},
|
|
"VHostScan": {
|
|
"Data": "| Scanner/FUZZ | [VHostScan](https://github.com/codingo/VHostScan) | A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages. | ![](https://img.shields.io/github/stars/codingo/VHostScan) | ![](https://img.shields.io/github/languages/top/codingo/VHostScan) |",
|
|
"Method": "FUZZ",
|
|
"Type": "Scanner"
|
|
},
|
|
"XSStrike": {
|
|
"Data": "| Scanner/XSS | [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. | ![](https://img.shields.io/github/stars/s0md3v/XSStrike) | ![](https://img.shields.io/github/languages/top/s0md3v/XSStrike) |",
|
|
"Method": "XSS",
|
|
"Type": "Scanner"
|
|
},
|
|
"XSpear": {
|
|
"Data": "| Scanner/XSS | [XSpear](https://github.com/hahwul/XSpear) | Powerfull XSS Scanning and Parameter analysis tool\u0026gem | ![](https://img.shields.io/github/stars/hahwul/XSpear) | ![](https://img.shields.io/github/languages/top/hahwul/XSpear) |",
|
|
"Method": "XSS",
|
|
"Type": "Scanner"
|
|
},
|
|
"a2sv": {
|
|
"Data": "| Scanner/SSL | [a2sv](https://github.com/hahwul/a2sv) | Auto Scanning to SSL Vulnerability | ![](https://img.shields.io/github/stars/hahwul/a2sv) | ![](https://img.shields.io/github/languages/top/hahwul/a2sv) |",
|
|
"Method": "SSL",
|
|
"Type": "Scanner"
|
|
},
|
|
"altdns": {
|
|
"Data": "| Discovery/DOMAIN | [altdns](https://github.com/infosec-au/altdns) | Generates permutations, alterations and mutations of subdomains and then resolves them | ![](https://img.shields.io/github/stars/infosec-au/altdns) | ![](https://img.shields.io/github/languages/top/infosec-au/altdns) |",
|
|
"Method": "DOMAIN",
|
|
"Type": "Discovery"
|
|
},
|
|
"arachni": {
|
|
"Data": "| Scanner/WVS | [arachni](https://github.com/Arachni/arachni) | Web Application Security Scanner Framework | ![](https://img.shields.io/github/stars/Arachni/arachni) | ![](https://img.shields.io/github/languages/top/Arachni/arachni) |",
|
|
"Method": "WVS",
|
|
"Type": "Scanner"
|
|
},
|
|
"assetfinder": {
|
|
"Data": "| Discovery/DOMAIN | [assetfinder](https://github.com/tomnomnom/assetfinder) | Find domains and subdomains related to a given domain | ![](https://img.shields.io/github/stars/tomnomnom/assetfinder) | ![](https://img.shields.io/github/languages/top/tomnomnom/assetfinder) |",
|
|
"Method": "DOMAIN",
|
|
"Type": "Discovery"
|
|
},
|
|
"dirsearch": {
|
|
"Data": "| Discovery/FUZZ | [dirsearch](https://github.com/maurosoria/dirsearch) | Web path scanner | ![](https://img.shields.io/github/stars/maurosoria/dirsearch) | ![](https://img.shields.io/github/languages/top/maurosoria/dirsearch) |",
|
|
"Method": "FUZZ",
|
|
"Type": "Discovery"
|
|
},
|
|
"dnsprobe": {
|
|
"Data": "| Discovery/DNS | [dnsprobe](https://github.com/projectdiscovery/dnsprobe) | DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. | ![](https://img.shields.io/github/stars/projectdiscovery/dnsprobe) | ![](https://img.shields.io/github/languages/top/projectdiscovery/dnsprobe) |",
|
|
"Method": "DNS",
|
|
"Type": "Discovery"
|
|
},
|
|
"dotdotpwn": {
|
|
"Data": "| Scanner/LFI | [dotdotpwn](https://github.com/wireghoul/dotdotpwn) | DotDotPwn - The Directory Traversal Fuzzer | ![](https://img.shields.io/github/stars/wireghoul/dotdotpwn) | ![](https://img.shields.io/github/languages/top/wireghoul/dotdotpwn) |",
|
|
"Method": "LFI",
|
|
"Type": "Scanner"
|
|
},
|
|
"ffuf": {
|
|
"Data": "| Scanner/FUZZ | [ffuf](https://github.com/ffuf/ffuf) | Fast web fuzzer written in Go | ![](https://img.shields.io/github/stars/ffuf/ffuf) | ![](https://img.shields.io/github/languages/top/ffuf/ffuf) |",
|
|
"Method": "FUZZ",
|
|
"Type": "Scanner"
|
|
},
|
|
"findomain": {
|
|
"Data": "| Discovery/DOMAIN | [findomain](https://github.com/Edu4rdSHL/findomain) | The fastest and cross-platform subdomain enumerator, do not waste your time. | ![](https://img.shields.io/github/stars/Edu4rdSHL/findomain) | ![](https://img.shields.io/github/languages/top/Edu4rdSHL/findomain) |",
|
|
"Method": "DOMAIN",
|
|
"Type": "Discovery"
|
|
},
|
|
"ftc": {
|
|
"Data": "| Utility/CLIP | [ftc](https://github.com/hahwul/ftc) | simple copy to file to clipboard | ![](https://img.shields.io/github/stars/hahwul/ftc) | ![](https://img.shields.io/github/languages/top/hahwul/ftc) |",
|
|
"Method": "CLIP",
|
|
"Type": "Utility"
|
|
},
|
|
"fzf": {
|
|
"Data": "| Utility/FIND | [fzf](https://github.com/junegunn/fzf) | A command-line fuzzy finder | ![](https://img.shields.io/github/stars/junegunn/fzf) | ![](https://img.shields.io/github/languages/top/junegunn/fzf) |",
|
|
"Method": "FIND",
|
|
"Type": "Utility"
|
|
},
|
|
"gf": {
|
|
"Data": "| Utility/GREP | [gf](https://github.com/tomnomnom/gf) | A wrapper around grep, to help you grep for things | ![](https://img.shields.io/github/stars/tomnomnom/gf) | ![](https://img.shields.io/github/languages/top/tomnomnom/gf) |",
|
|
"Method": "GREP",
|
|
"Type": "Utility"
|
|
},
|
|
"gitGraber": {
|
|
"Data": "| Discovery/GIT | [gitGraber](https://github.com/hisxo/gitGraber) | gitGraber | ![](https://img.shields.io/github/stars/hisxo/gitGraber) | ![](https://img.shields.io/github/languages/top/hisxo/gitGraber) |",
|
|
"Method": "GIT",
|
|
"Type": "Discovery"
|
|
},
|
|
"gitrob": {
|
|
"Data": "| Discovery/GIT | [gitrob](https://github.com/michenriksen/gitrob) | Reconnaissance tool for GitHub organizations | ![](https://img.shields.io/github/stars/michenriksen/gitrob) | ![](https://img.shields.io/github/languages/top/michenriksen/gitrob) |",
|
|
"Method": "GIT",
|
|
"Type": "Discovery"
|
|
},
|
|
"gobuster": {
|
|
"Data": "| Discovery/FUZZ | [gobuster](https://github.com/OJ/gobuster) | Directory/File, DNS and VHost busting tool written in Go | ![](https://img.shields.io/github/stars/OJ/gobuster) | ![](https://img.shields.io/github/languages/top/OJ/gobuster) |",
|
|
"Method": "FUZZ",
|
|
"Type": "Discovery"
|
|
},
|
|
"gospider": {
|
|
"Data": "| Discovery/CRAWL | [gospider](https://github.com/jaeles-project/gospider) | Gospider - Fast web spider written in Go | ![](https://img.shields.io/github/stars/jaeles-project/gospider) | ![](https://img.shields.io/github/languages/top/jaeles-project/gospider) |",
|
|
"Method": "CRAWL",
|
|
"Type": "Discovery"
|
|
},
|
|
"gowitness": {
|
|
"Data": "| Utility/SHOT | [gowitness](https://github.com/sensepost/gowitness) | 🔍 gowitness - a golang, web screenshot utility using Chrome Headless | ![](https://img.shields.io/github/stars/sensepost/gowitness) | ![](https://img.shields.io/github/languages/top/sensepost/gowitness) |",
|
|
"Method": "SHOT",
|
|
"Type": "Utility"
|
|
},
|
|
"gron": {
|
|
"Data": "| Utility/JSON | [gron](https://github.com/tomnomnom/gron) | Make JSON greppable! | ![](https://img.shields.io/github/stars/tomnomnom/gron) | ![](https://img.shields.io/github/languages/top/tomnomnom/gron) |",
|
|
"Method": "JSON",
|
|
"Type": "Utility"
|
|
},
|
|
"hakrawler": {
|
|
"Data": "| Discovery/CRAWL | [hakrawler](https://github.com/hakluke/hakrawler) | Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application | ![](https://img.shields.io/github/stars/hakluke/hakrawler) | ![](https://img.shields.io/github/languages/top/hakluke/hakrawler) |",
|
|
"Method": "CRAWL",
|
|
"Type": "Discovery"
|
|
},
|
|
"hakrevdns": {
|
|
"Data": "| Discovery/DNS | [hakrevdns](https://github.com/hakluke/hakrevdns) | Small, fast tool for performing reverse DNS lookups en masse. | ![](https://img.shields.io/github/stars/hakluke/hakrevdns) | ![](https://img.shields.io/github/languages/top/hakluke/hakrevdns) |",
|
|
"Method": "DNS",
|
|
"Type": "Discovery"
|
|
},
|
|
"httprobe": {
|
|
"Data": "| Fetch/TOM | [httprobe](https://github.com/tomnomnom/httprobe) | Take a list of domains and probe for working HTTP and HTTPS servers | ![](https://img.shields.io/github/stars/tomnomnom/httprobe) | ![](https://img.shields.io/github/languages/top/tomnomnom/httprobe) |",
|
|
"Method": "TOM",
|
|
"Type": "Fetch"
|
|
},
|
|
"knock": {
|
|
"Data": "| Discovery/DOMAIN | [knock](https://github.com/guelfoweb/knock) | Knock Subdomain Scan | ![](https://img.shields.io/github/stars/guelfoweb/knock) | ![](https://img.shields.io/github/languages/top/guelfoweb/knock) |",
|
|
"Method": "DOMAIN",
|
|
"Type": "Discovery"
|
|
},
|
|
"masscan": {
|
|
"Data": "| Discovery/PORT | [masscan](https://github.com/robertdavidgraham/masscan) | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. | ![](https://img.shields.io/github/stars/robertdavidgraham/masscan) | ![](https://img.shields.io/github/languages/top/robertdavidgraham/masscan) |",
|
|
"Method": "PORT",
|
|
"Type": "Discovery"
|
|
},
|
|
"meg": {
|
|
"Data": "| Fetch/TOM | [meg](https://github.com/tomnomnom/meg) | Fetch many paths for many hosts - without killing the hosts | ![](https://img.shields.io/github/stars/tomnomnom/meg) | ![](https://img.shields.io/github/languages/top/tomnomnom/meg) |",
|
|
"Method": "TOM",
|
|
"Type": "Fetch"
|
|
},
|
|
"naabu": {
|
|
"Data": "| Discovery/PORT | [naabu](https://github.com/projectdiscovery/naabu) | A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests | ![](https://img.shields.io/github/stars/projectdiscovery/naabu) | ![](https://img.shields.io/github/languages/top/projectdiscovery/naabu) |",
|
|
"Method": "PORT",
|
|
"Type": "Discovery"
|
|
},
|
|
"nikto": {
|
|
"Data": "| Scanner/WVS | [nikto](https://github.com/sullo/nikto) | Nikto web server scanner | ![](https://img.shields.io/github/stars/sullo/nikto) | ![](https://img.shields.io/github/languages/top/sullo/nikto) |",
|
|
"Method": "WVS",
|
|
"Type": "Scanner"
|
|
},
|
|
"nmap": {
|
|
"Data": "| Discovery/PORT | [nmap](https://github.com/nmap/nmap) | Nmap - the Network Mapper. Github mirror of official SVN repository. | ![](https://img.shields.io/github/stars/nmap/nmap) | ![](https://img.shields.io/github/languages/top/nmap/nmap) |",
|
|
"Method": "PORT",
|
|
"Type": "Discovery"
|
|
},
|
|
"oxml_xxe": {
|
|
"Data": "| Utility/VULN | [oxml_xxe](https://github.com/BuffaloWill/oxml_xxe) | A tool for embedding XXE/XML exploits into different filetypes | ![](https://img.shields.io/github/stars/BuffaloWill/oxml_xxe) | ![](https://img.shields.io/github/languages/top/BuffaloWill/oxml_xxe) |",
|
|
"Method": "VULN",
|
|
"Type": "Utility"
|
|
},
|
|
"rapidscan": {
|
|
"Data": "| Scanner/WVS | [rapidscan](https://github.com/skavngr/rapidscan) | The Multi-Tool Web Vulnerability Scanner. | ![](https://img.shields.io/github/stars/skavngr/rapidscan) | ![](https://img.shields.io/github/languages/top/skavngr/rapidscan) |",
|
|
"Method": "WVS",
|
|
"Type": "Scanner"
|
|
},
|
|
"s3reverse": {
|
|
"Data": "| Utility/S3 | [s3reverse](https://github.com/hahwul/s3reverse) | The format of various s3 buckets is convert in one format. for bugbounty and security testing. | ![](https://img.shields.io/github/stars/hahwul/s3reverse) | ![](https://img.shields.io/github/languages/top/hahwul/s3reverse) |",
|
|
"Method": "S3",
|
|
"Type": "Utility"
|
|
},
|
|
"shuffledns": {
|
|
"Data": "| Discovery/DNS | [shuffledns](https://github.com/projectdiscovery/shuffledns) | shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. | ![](https://img.shields.io/github/stars/projectdiscovery/shuffledns) | ![](https://img.shields.io/github/languages/top/projectdiscovery/shuffledns) |",
|
|
"Method": "DNS",
|
|
"Type": "Discovery"
|
|
},
|
|
"sqlmap": {
|
|
"Data": "| Scanner/SQL | [sqlmap](https://github.com/sqlmapproject/sqlmap) | Automatic SQL injection and database takeover tool | ![](https://img.shields.io/github/stars/sqlmapproject/sqlmap) | ![](https://img.shields.io/github/languages/top/sqlmapproject/sqlmap) |",
|
|
"Method": "SQL",
|
|
"Type": "Scanner"
|
|
},
|
|
"subfinder": {
|
|
"Data": "| Discovery/DOMAIN | [subfinder](https://github.com/projectdiscovery/subfinder) | Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. | ![](https://img.shields.io/github/stars/projectdiscovery/subfinder) | ![](https://img.shields.io/github/languages/top/projectdiscovery/subfinder) |",
|
|
"Method": "DOMAIN",
|
|
"Type": "Discovery"
|
|
},
|
|
"subjack": {
|
|
"Data": "| Discovery/TKOV | [subjack](https://github.com/haccer/subjack) | Subdomain Takeover tool written in Go | ![](https://img.shields.io/github/stars/haccer/subjack) | ![](https://img.shields.io/github/languages/top/haccer/subjack) |",
|
|
"Method": "TKOV",
|
|
"Type": "Discovery"
|
|
},
|
|
"testssl.sh": {
|
|
"Data": "| Scanner/SSL | [testssl.sh](https://github.com/drwetter/testssl.sh) | Testing TLS/SSL encryption anywhere on any port | ![](https://img.shields.io/github/stars/drwetter/testssl.sh) | ![](https://img.shields.io/github/languages/top/drwetter/testssl.sh) |",
|
|
"Method": "SSL",
|
|
"Type": "Scanner"
|
|
},
|
|
"thc-hydra": {
|
|
"Data": "| Scanner/FUZZ | [thc-hydra](https://github.com/vanhauser-thc/thc-hydra) | hydra | ![](https://img.shields.io/github/stars/vanhauser-thc/thc-hydra) | ![](https://img.shields.io/github/languages/top/vanhauser-thc/thc-hydra) |",
|
|
"Method": "FUZZ",
|
|
"Type": "Scanner"
|
|
},
|
|
"waybackurls": {
|
|
"Data": "| Discovery/URL | [waybackurls](https://github.com/tomnomnom/waybackurls) | Fetch all the URLs that the Wayback Machine knows about for a domain | ![](https://img.shields.io/github/stars/tomnomnom/waybackurls) | ![](https://img.shields.io/github/languages/top/tomnomnom/waybackurls) |",
|
|
"Method": "URL",
|
|
"Type": "Discovery"
|
|
},
|
|
"websocket-connection-smuggler": {
|
|
"Data": "| Fetch/WSOCK | [websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler) | websocket-connection-smuggler | ![](https://img.shields.io/github/stars/hahwul/websocket-connection-smuggler) | ![](https://img.shields.io/github/languages/top/hahwul/websocket-connection-smuggler) |",
|
|
"Method": "WSOCK",
|
|
"Type": "Fetch"
|
|
},
|
|
"wfuzz": {
|
|
"Data": "| Scanner/FUZZ | [wfuzz](https://github.com/xmendez/wfuzz) | Web application fuzzer | ![](https://img.shields.io/github/stars/xmendez/wfuzz) | ![](https://img.shields.io/github/languages/top/xmendez/wfuzz) |",
|
|
"Method": "FUZZ",
|
|
"Type": "Scanner"
|
|
},
|
|
"wpscan": {
|
|
"Data": "| Scanner/WP | [wpscan](https://github.com/wpscanteam/wpscan) | WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. | ![](https://img.shields.io/github/stars/wpscanteam/wpscan) | ![](https://img.shields.io/github/languages/top/wpscanteam/wpscan) |",
|
|
"Method": "WP",
|
|
"Type": "Scanner"
|
|
},
|
|
"xsser": {
|
|
"Type": "Scanner",
|
|
"Data": "| Scanner/XSS | [xsser](https://github.com/epsylon/xsser) | Cross Site \"Scripter\" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. | ![](https://img.shields.io/github/stars/epsylon/xsser) | ![](https://img.shields.io/github/languages/top/epsylon/xsser) |",
|
|
"Method": "XSS"
|
|
},
|
|
"ysoserial": {
|
|
"Data": "| Utility/VULN | [ysoserial](https://github.com/frohoff/ysoserial) | A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. | ![](https://img.shields.io/github/stars/frohoff/ysoserial) | ![](https://img.shields.io/github/languages/top/frohoff/ysoserial) |",
|
|
"Method": "VULN",
|
|
"Type": "Utility"
|
|
},
|
|
"zap-cli": {
|
|
"Data": "| Scanner/WVS | [zap-cli](https://github.com/Grunny/zap-cli) | A simple tool for interacting with OWASP ZAP from the commandline. | ![](https://img.shields.io/github/stars/Grunny/zap-cli) | ![](https://img.shields.io/github/languages/top/Grunny/zap-cli) |",
|
|
"Method": "WVS",
|
|
"Type": "Scanner"
|
|
},
|
|
"zaproxy": {
|
|
"Data": "| Army-Knife/ZAP | [zaproxy](https://github.com/zaproxy/zaproxy) | The OWASP ZAP core project | ![](https://img.shields.io/github/stars/zaproxy/zaproxy) | ![](https://img.shields.io/github/languages/top/zaproxy/zaproxy) |",
|
|
"Method": "ZAP",
|
|
"Type": "Army-Knife"
|
|
}
|
|
} |