diff --git a/README.md b/README.md index af86369..bced1e8 100644 --- a/README.md +++ b/README.md @@ -74,6 +74,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin | Scanner/WVS | [zap-cli](https://github.com/Grunny/zap-cli) | A simple tool for interacting with OWASP ZAP from the commandline. | ![](https://img.shields.io/github/stars/Grunny/zap-cli) | ![](https://img.shields.io/github/languages/top/Grunny/zap-cli) | | Scanner/XSS | [XSStrike](https://github.com/s0md3v/XSStrike) | Most advanced XSS scanner. | ![](https://img.shields.io/github/stars/s0md3v/XSStrike) | ![](https://img.shields.io/github/languages/top/s0md3v/XSStrike) | | Scanner/XSS | [XSpear](https://github.com/hahwul/XSpear) | Powerfull XSS Scanning and Parameter analysis tool&gem | ![](https://img.shields.io/github/stars/hahwul/XSpear) | ![](https://img.shields.io/github/languages/top/hahwul/XSpear) | +| Scanner/XSS | [dalfox](https://github.com/hahwul/dalfox) | DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang | ![](https://img.shields.io/github/stars/hahwul/dalfox) | ![](https://img.shields.io/github/languages/top/hahwul/dalfox) | | Scanner/XSS | [xsser](https://github.com/epsylon/xsser) | Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. | ![](https://img.shields.io/github/stars/epsylon/xsser) | ![](https://img.shields.io/github/languages/top/epsylon/xsser) | | Utility/CLIP | [ftc](https://github.com/hahwul/ftc) | simple copy to file to clipboard | ![](https://img.shields.io/github/stars/hahwul/ftc) | ![](https://img.shields.io/github/languages/top/hahwul/ftc) | | Utility/CSP | [CSP Evaluator](https://csp-evaluator.withgoogle.com) | Online CSP Evaluator from google|![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray) | ![](https://img.shields.io/static/v1?label=&message=it%27s%20not%20github&color=gray)| @@ -84,6 +85,11 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin | Utility/JSON | [gron](https://github.com/tomnomnom/gron) | Make JSON greppable! | ![](https://img.shields.io/github/stars/tomnomnom/gron) | ![](https://img.shields.io/github/languages/top/tomnomnom/gron) | | Utility/S3 | [s3reverse](https://github.com/hahwul/s3reverse) | The format of various s3 buckets is convert in one format. for bugbounty and security testing. | ![](https://img.shields.io/github/stars/hahwul/s3reverse) | ![](https://img.shields.io/github/languages/top/hahwul/s3reverse) | | Utility/SHOT | [gowitness](https://github.com/sensepost/gowitness) | 🔍 gowitness - a golang, web screenshot utility using Chrome Headless | ![](https://img.shields.io/github/stars/sensepost/gowitness) | ![](https://img.shields.io/github/languages/top/sensepost/gowitness) | +| Utility/URL | [anew](https://github.com/tomnomnom/anew) | A tool for adding new lines to files, skipping duplicates | ![](https://img.shields.io/github/stars/tomnomnom/anew) | ![](https://img.shields.io/github/languages/top/tomnomnom/anew) | +| Utility/URL | [burl](https://github.com/tomnomnom/burl) | A Broken-URL Checker | ![](https://img.shields.io/github/stars/tomnomnom/burl) | ![](https://img.shields.io/github/languages/top/tomnomnom/burl) | +| Utility/URL | [hacks](https://github.com/tomnomnom/hacks/tree/master/anti-burl) | remove bad urls | ![](https://img.shields.io/github/stars/tomnomnom/hacks/tree/master/anti-burl) | ![](https://img.shields.io/github/languages/top/tomnomnom/hacks/tree/master/anti-burl) | +| Utility/URL | [qsreplace](https://github.com/tomnomnom/qsreplace) | Accept URLs on stdin, replace all query string values with a user-supplied value | ![](https://img.shields.io/github/stars/tomnomnom/qsreplace) | ![](https://img.shields.io/github/languages/top/tomnomnom/qsreplace) | +| Utility/URL | [unfurl](https://github.com/tomnomnom/unfurl) | Pull out bits of URLs provided on stdin | ![](https://img.shields.io/github/stars/tomnomnom/unfurl) | ![](https://img.shields.io/github/languages/top/tomnomnom/unfurl) | | Utility/VULN | [oxml_xxe](https://github.com/BuffaloWill/oxml_xxe) | A tool for embedding XXE/XML exploits into different filetypes | ![](https://img.shields.io/github/stars/BuffaloWill/oxml_xxe) | ![](https://img.shields.io/github/languages/top/BuffaloWill/oxml_xxe) | | Utility/VULN | [ysoserial](https://github.com/frohoff/ysoserial) | A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. | ![](https://img.shields.io/github/stars/frohoff/ysoserial) | ![](https://img.shields.io/github/languages/top/frohoff/ysoserial) | | Utility/WORD | [SecLists](https://github.com/danielmiessler/SecLists) | SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. | ![](https://img.shields.io/github/stars/danielmiessler/SecLists) | ![](https://img.shields.io/github/languages/top/danielmiessler/SecLists) | diff --git a/data.json b/data.json index 1043289..dc5fa84 100644 --- a/data.json +++ b/data.json @@ -50,9 +50,9 @@ "Type": "Scanner" }, "ParamSpider": { - "Type": "Discovery", "Data": "| Discovery/FUZZ | [ParamSpider](https://github.com/devanshbatham/ParamSpider) | Mining parameters from dark corners of Web Archives | ![](https://img.shields.io/github/stars/devanshbatham/ParamSpider) | ![](https://img.shields.io/github/languages/top/devanshbatham/ParamSpider) |", - "Method": "FUZZ" + "Method": "FUZZ", + "Type": "Discovery" }, "Phoenix": { "Data": "| Utility/ETC | [Phoenix](https://www.hahwul.com/p/phoenix.html) | hahwul's online tools|![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray) | ![](https://img.shields.io/static/v1?label=\u0026message=it%27s%20not%20github\u0026color=gray)|", @@ -134,6 +134,11 @@ "Method": "DOMAIN", "Type": "Discovery" }, + "anew": { + "Data": "| Utility/URL | [anew](https://github.com/tomnomnom/anew) | A tool for adding new lines to files, skipping duplicates | ![](https://img.shields.io/github/stars/tomnomnom/anew) | ![](https://img.shields.io/github/languages/top/tomnomnom/anew) |", + "Method": "URL", + "Type": "Utility" + }, "arachni": { "Data": "| Scanner/WVS | [arachni](https://github.com/Arachni/arachni) | Web Application Security Scanner Framework | ![](https://img.shields.io/github/stars/Arachni/arachni) | ![](https://img.shields.io/github/languages/top/Arachni/arachni) |", "Method": "WVS", @@ -144,11 +149,21 @@ "Method": "DOMAIN", "Type": "Discovery" }, + "burl": { + "Data": "| Utility/URL | [burl](https://github.com/tomnomnom/burl) | A Broken-URL Checker | ![](https://img.shields.io/github/stars/tomnomnom/burl) | ![](https://img.shields.io/github/languages/top/tomnomnom/burl) |", + "Method": "URL", + "Type": "Utility" + }, "cc.py": { "Data": "| Discovery/CRAWL | [cc.py](https://github.com/si9int/cc.py) | Extracting URLs of a specific target based on the results of \"commoncrawl.org\" | ![](https://img.shields.io/github/stars/si9int/cc.py) | ![](https://img.shields.io/github/languages/top/si9int/cc.py) |", "Method": "CRAWL", "Type": "Discovery" }, + "dalfox": { + "Data": "| Scanner/XSS | [dalfox](https://github.com/hahwul/dalfox) | DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang | ![](https://img.shields.io/github/stars/hahwul/dalfox) | ![](https://img.shields.io/github/languages/top/hahwul/dalfox) |", + "Method": "XSS", + "Type": "Scanner" + }, "dirsearch": { "Data": "| Discovery/FUZZ | [dirsearch](https://github.com/maurosoria/dirsearch) | Web path scanner | ![](https://img.shields.io/github/stars/maurosoria/dirsearch) | ![](https://img.shields.io/github/languages/top/maurosoria/dirsearch) |", "Method": "FUZZ", @@ -219,6 +234,11 @@ "Method": "JSON", "Type": "Utility" }, + "hacks": { + "Type": "Utility", + "Data": "| Utility/URL | [hacks](https://github.com/tomnomnom/hacks/tree/master/anti-burl) | remove bad urls | ![](https://img.shields.io/github/stars/tomnomnom/hacks/tree/master/anti-burl) | ![](https://img.shields.io/github/languages/top/tomnomnom/hacks/tree/master/anti-burl) |", + "Method": "URL" + }, "hakrawler": { "Data": "| Discovery/CRAWL | [hakrawler](https://github.com/hakluke/hakrawler) | Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application | ![](https://img.shields.io/github/stars/hakluke/hakrawler) | ![](https://img.shields.io/github/languages/top/hakluke/hakrawler) |", "Method": "CRAWL", @@ -269,6 +289,11 @@ "Method": "VULN", "Type": "Utility" }, + "qsreplace": { + "Data": "| Utility/URL | [qsreplace](https://github.com/tomnomnom/qsreplace) | Accept URLs on stdin, replace all query string values with a user-supplied value | ![](https://img.shields.io/github/stars/tomnomnom/qsreplace) | ![](https://img.shields.io/github/languages/top/tomnomnom/qsreplace) |", + "Method": "URL", + "Type": "Utility" + }, "rapidscan": { "Data": "| Scanner/WVS | [rapidscan](https://github.com/skavngr/rapidscan) | The Multi-Tool Web Vulnerability Scanner. | ![](https://img.shields.io/github/stars/skavngr/rapidscan) | ![](https://img.shields.io/github/languages/top/skavngr/rapidscan) |", "Method": "WVS", @@ -309,6 +334,11 @@ "Method": "FUZZ", "Type": "Scanner" }, + "unfurl": { + "Data": "| Utility/URL | [unfurl](https://github.com/tomnomnom/unfurl) | Pull out bits of URLs provided on stdin | ![](https://img.shields.io/github/stars/tomnomnom/unfurl) | ![](https://img.shields.io/github/languages/top/tomnomnom/unfurl) |", + "Method": "URL", + "Type": "Utility" + }, "waybackurls": { "Data": "| Discovery/URL | [waybackurls](https://github.com/tomnomnom/waybackurls) | Fetch all the URLs that the Wayback Machine knows about for a domain | ![](https://img.shields.io/github/stars/tomnomnom/waybackurls) | ![](https://img.shields.io/github/languages/top/tomnomnom/waybackurls) |", "Method": "URL",