mirror of
https://github.com/hahwul/WebHackersWeapons.git
synced 2024-10-01 01:25:58 -04:00
13 KiB
13 KiB
Tools Made of JavaScript
Type | Name | Description | Star | Tags | Badges |
---|---|---|---|---|---|
Recon | rengine | reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. | |||
Recon | DotGit | An extension for checking if .git is exposed in visited websites | |||
Recon | burp-retire-js | js-analysis |
|||
Fuzzer | jwt-cracker | Simple HS256 JWT token brute force cracker | jwt |
||
Scanner | jsprime | a javascript static security analysis tool | js-analysis |
||
Scanner | domdig | DOM XSS scanner for Single Page Applications | xss |
||
Scanner | github-search | Tools to perform basic search on GitHub. | |||
Scanner | DOMPurify | DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo: | xss |
||
Scanner | PPScan | Client Side Prototype Pollution Scanner | prototypepollution prototype-pollution |
||
Scanner | xsinator.com | XS-Leak Browser Test Suite | |||
Exploit | singularity | A DNS rebinding attack framework. | |||
Utils | DOMLogger++ | A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations. | dom xss |
||
Utils | quickjack | Quickjack is a point-and-click tool for intuitively producing advanced clickjacking and frame slicing attacks. | |||
Utils | xless | The Serverless Blind XSS App | xss blind-xss |
||
Utils | clear-cache | Add-on to clear browser cache with a single click or via the F9 key. | |||
Utils | reverse-shell-generator | Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs) | payload |
||
Utils | eval_villain | A Firefox Web Extension to improve the discovery of DOM XSS. | xss |
||
Utils | community-scripts | ||||
Utils | weaponised-XSS-payloads | XSS payloads designed to turn alert(1) into P1 | xss documents |
||
Utils | Firefox Multi-Account Containers | Firefox Multi-Account Containers lets you keep parts of your online life separated into color-coded tabs | |||
Utils | MM3 ProxySwitch | Proxy Switch in Firefox and Chrome | |||
Utils | cookie-quick-manager | An addon to manage (view, search, create, edit, remove, backup, restore) cookies on Firefox. | cookie |
||
Utils | postMessage-tracker | A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon | js-analysis |
||
Utils | CyberChef | The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis | |||
Utils | xssor2 | XSS'OR - Hack with JavaScript. | xss |
||
Utils | Phoenix | hahwul's online tools | online |
||
Utils | Edit-This-Cookie | EditThisCookie is the famous Google Chrome/Chromium extension for editing cookies | cookie |
||
Utils | jsfuck | Write any JavaScript with 6 Characters | xss |
||
Utils | PwnFox | Firefox/Burp extension that provide usefull tools for your security audit. | |||
Utils | firefox-container-proxy | Assign a proxy to a Firefox container | |||
Utils | jsonwebtoken.github.io | JWT En/Decode and Verify | jwt |
||
Utils | wssip | Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa. | |||
Utils | template-generator | A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily in local storage. PHP is only needed to generate the list of files in the dropdown of templates. |