gf4
/
WebHackersWeapons
mirror of https://git.hackliberty.org/Awesome-Mirrors/WebHackersWeapons
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

distribute readme

pull/40/head
hahwul 2021-09-16 21:12:24 +09:00
parent ad6da33884
commit afff7424b2
2 changed files with 22 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -49,6 +49,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
| Discovery/ALL | [rengine](https://github.com/yogeshojha/rengine) | reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. | ![](https://img.shields.io/github/stars/yogeshojha/rengine) | ![](https://img.shields.io/github/languages/top/yogeshojha/rengine) |
| Discovery/ALL | [scilla](https://github.com/edoardottt/scilla) | 🏴‍☠️ Information Gathering tool 🏴‍☠️ dns/subdomain/port enumeration | ![](https://img.shields.io/github/stars/edoardottt/scilla) | ![](https://img.shields.io/github/languages/top/edoardottt/scilla) |
| Discovery/ALL | [sn0int](https://github.com/kpcyrd/sn0int) | Semi-automatic OSINT framework and package manager | ![](https://img.shields.io/github/stars/kpcyrd/sn0int) | ![](https://img.shields.io/github/languages/top/kpcyrd/sn0int) |
| Discovery/API | [kiterunner](https://github.com/assetnote/kiterunner) | Contextual Content Discovery Tool | ![](https://img.shields.io/github/stars/assetnote/kiterunner) | ![](https://img.shields.io/github/languages/top/assetnote/kiterunner) |
| Discovery/APK | [apkleaks](https://github.com/dwisiswant0/apkleaks) | Scanning APK file for URIs, endpoints & secrets. | ![](https://img.shields.io/github/stars/dwisiswant0/apkleaks) | ![](https://img.shields.io/github/languages/top/dwisiswant0/apkleaks) |
| Discovery/URL | [Photon](https://github.com/s0md3v/Photon) | Incredibly fast crawler designed for OSINT. | ![](https://img.shields.io/github/stars/s0md3v/Photon) | ![](https://img.shields.io/github/languages/top/s0md3v/Photon) |
| Discovery/URL | [cc.py](https://github.com/si9int/cc.py) | Extracting URLs of a specific target based on the results of "commoncrawl.org" | ![](https://img.shields.io/github/stars/si9int/cc.py) | ![](https://img.shields.io/github/languages/top/si9int/cc.py) |
@ -145,7 +146,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin
| Scanner/S3 | [AWSBucketDump](https://github.com/jordanpotti/AWSBucketDump) | Security Tool to Look For Interesting Files in S3 Buckets | ![](https://img.shields.io/github/stars/jordanpotti/AWSBucketDump) | ![](https://img.shields.io/github/languages/top/jordanpotti/AWSBucketDump) |
| Scanner/S3 | [S3Scanner](https://github.com/sa7mon/S3Scanner) | Scan for open AWS S3 buckets and dump the contents | ![](https://img.shields.io/github/stars/sa7mon/S3Scanner) | ![](https://img.shields.io/github/languages/top/sa7mon/S3Scanner) |
| Scanner/SMUGGLE | [HRS](https://github.com/SafeBreach-Labs/HRS) | HTTP Request Smuggling demonstration Perl script, for variants 1, 2 and 5 in my BlackHat US 2020 paper HTTP Request Smuggling in 2020. | ![](https://img.shields.io/github/stars/SafeBreach-Labs/HRS) | ![](https://img.shields.io/github/languages/top/SafeBreach-Labs/HRS) |
| Scanner/SMUGGLE | [h2csmuggler](https://github.com/BishopFox/h2csmuggler) | HTTP Request Smuggling over HTTP/2 Cleartext (h2c) | ![](https://img.shields.io/github/stars/BishopFox/h2csmuggler) | ![](https://img.shields.io/github/languages/top/BishopFox/h2csmuggler) |
| Scanner/SMUGGLE | [h2csmuggler](https://github.com/assetnote/h2csmuggler) | HTTP Request Smuggling Detection Tool | ![](https://img.shields.io/github/stars/assetnote/h2csmuggler) | ![](https://img.shields.io/github/languages/top/assetnote/h2csmuggler) |
| Scanner/SMUGGLE | [http-request-smuggler](https://github.com/PortSwigger/http-request-smuggler) | This extension should not be confused with Burp Suite HTTP Smuggler, which uses similar techniques but is focused exclusively bypassing WAFs. | ![](https://img.shields.io/github/stars/PortSwigger/http-request-smuggler) | ![](https://img.shields.io/github/languages/top/PortSwigger/http-request-smuggler) |
| Scanner/SMUGGLE | [http-request-smuggling](https://github.com/anshumanpattnaik/http-request-smuggling) | HTTP Request Smuggling Detection Tool | ![](https://img.shields.io/github/stars/anshumanpattnaik/http-request-smuggling) | ![](https://img.shields.io/github/languages/top/anshumanpattnaik/http-request-smuggling) |
| Scanner/SMUGGLE | [http2smugl](https://github.com/neex/http2smugl) | This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server. | ![](https://img.shields.io/github/stars/neex/http2smugl) | ![](https://img.shields.io/github/languages/top/neex/http2smugl) |

24
data.json
View File

@ -1904,15 +1904,15 @@
}
},
"grex": {
"Type": "Utility",
"Data": "| Utility/URL | [grex](https://github.com/pemistahl/grex) | A command-line tool and library for generating regular expressions from user-provided test cases | ![](https://img.shields.io/github/stars/pemistahl/grex) | ![](https://img.shields.io/github/languages/top/pemistahl/grex) |",
"Method": "URL",
"Description": "A command-line tool and library for generating regular expressions from user-provided test cases",
"Install": {
"Linux": "",
"MacOS": "",
"Windows": ""
},
"Method": "URL",
"Type": "Utility",
"Update": {
"Linux": "",
"MacOS": "",
@ -1936,8 +1936,8 @@
}
},
"h2csmuggler": {
"Data": "| Scanner/SMUGGLE | [h2csmuggler](https://github.com/BishopFox/h2csmuggler) | HTTP Request Smuggling over HTTP/2 Cleartext (h2c) | ![](https://img.shields.io/github/stars/BishopFox/h2csmuggler) | ![](https://img.shields.io/github/languages/top/BishopFox/h2csmuggler) |",
"Description": "HTTP Request Smuggling over HTTP/2 Cleartext (h2c) ",
"Data": "| Scanner/SMUGGLE | [h2csmuggler](https://github.com/assetnote/h2csmuggler) | HTTP Request Smuggling Detection Tool | ![](https://img.shields.io/github/stars/assetnote/h2csmuggler) | ![](https://img.shields.io/github/languages/top/assetnote/h2csmuggler) |",
"Description": "HTTP Request Smuggling Detection Tool",
"Install": {
"Linux": "git clone https://github.com/BishopFox/h2csmuggler; cd h2csmuggler; pip3 install h2",
"MacOS": "git clone https://github.com/BishopFox/h2csmuggler; cd h2csmuggler; pip3 install h2",
@ -2351,6 +2351,22 @@
"Windows": "go get -u github.com/hahwul/jwt-hack"
}
},
"kiterunner": {
"Type": "Discovery",
"Data": "| Discovery/API | [kiterunner](https://github.com/assetnote/kiterunner) | Contextual Content Discovery Tool | ![](https://img.shields.io/github/stars/assetnote/kiterunner) | ![](https://img.shields.io/github/languages/top/assetnote/kiterunner) |",
"Method": "API",
"Description": "Contextual Content Discovery Tool",
"Install": {
"Linux": "",
"MacOS": "",
"Windows": ""
},
"Update": {
"Linux": "",
"MacOS": "",
"Windows": ""
}
},
"knock": {
"Data": "| Discovery/DOMAIN | [knock](https://github.com/guelfoweb/knock) | Knock Subdomain Scan | ![](https://img.shields.io/github/stars/guelfoweb/knock) | ![](https://img.shields.io/github/languages/top/guelfoweb/knock) |",
"Description": "Knock Subdomain Scan ",