mirror of
https://github.com/hahwul/WebHackersWeapons.git
synced 2025-11-13 04:40:39 -05:00
12 KiB
12 KiB
Tools Made of Java
| Type | Name | Description | Star | Tags | Badges |
|---|---|---|---|---|---|
| Army-Knife | BurpSuite | The BurpSuite Project | mitmproxy live-audit crawl |
     |
|
| Army-Knife | ZAP | The ZAP core project |  |
mitmproxy live-audit crawl |
 |
| Recon | attack-surface-detector-burp | The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters |  |
endpoint url attack-surface |
|
| Recon | reflected-parameters |  |
param |
|
|
| Recon | attack-surface-detector-zap | The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters |  |
endpoint url attack-surface |
|
| Fuzzer | param-miner | Param Miner |  |
param cache-vuln |
|
| Scanner | csp-auditor |  |
csp |
|
|
| Scanner | collaborator-everywhere |  |
oast |
|
|
| Scanner | BurpSuiteHTTPSmuggler |  |
smuggle |
|
|
| Scanner | http-request-smuggler |  |
smuggle |
|
|
| Scanner | DeepViolet | Tool for introspection of SSL\TLS sessions |  |
ssl |
|
| Exploit | BaRMIe | Java RMI enumeration and attack tool. |  |
RMI |
|
| Utils | HTTPSignatures | A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft. |  |
|
|
| Utils | Web3 Decoder | Burp Extension for Web3 |  |
web3 |
|
| utils | Neonmarker |  |
|
||
| Utils | BurpSuiteLoggerPlusPlus |  |
|
||
| Utils | AWSSigner | Burp Extension for AWS Signing |  |
|
|
| Utils | safecopy |  |
|
||
| Utils | burp-send-to |  |
|
||
| Utils | SerializationDumper | A tool to dump Java serialization streams in a more human readable form. |  |
deserialize |
|
| Utils | Stepper |  |
|
||
| Utils | AuthMatrix | Automated HTTP Request Repeating With Burp Suite |  |
|
|
| Utils | BurpCustomizer | Because just a dark theme wasn't enough! |  |
|
|
| Utils | taborator |  |
oast |
|
|
| Utils | ysoserial | A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |  |
deserialize |
|
| Utils | http-script-generator |  |
|
||
| Utils | Decoder-Improved | Improved decoder for Burp Suite |  |
|
|
| Utils | Map Local | ZAP add-on which allows mapping of responses to content of a chosen local file. |  |
|
|
| Utils | pcap-burp | Pcap importer for Burp |  |
|
|
| Utils | GadgetProbe | Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths. |  |
deserialize |
|
| Utils | Berserko | Burp Suite extension to perform Kerberos authentication |  |
|
|
| Utils | zap-hud |  |
|
||
| utils | owasp-zap-jwt-addon |  |
jwt |
|
|
| Utils | knife | A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅 |  |
|