From d27b349267cbb8673230163b8d2e832f8f1a723e Mon Sep 17 00:00:00 2001 From: hahwul Date: Mon, 22 Nov 2021 22:33:27 +0900 Subject: [PATCH] distribute readme --- README.md | 3 +++ data.json | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 53 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d75676a..0e59150 100644 --- a/README.md +++ b/README.md @@ -117,6 +117,7 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin | Discovery/URL | [urlhunter](https://github.com/utkusen/urlhunter) | a recon tool that allows searching on URLs that are exposed via shortener services | ![](https://img.shields.io/github/stars/utkusen/urlhunter) | ![](https://img.shields.io/github/languages/top/utkusen/urlhunter) | | Discovery/URL | [waybackurls](https://github.com/tomnomnom/waybackurls) | Fetch all the URLs that the Wayback Machine knows about for a domain | ![](https://img.shields.io/github/stars/tomnomnom/waybackurls) | ![](https://img.shields.io/github/languages/top/tomnomnom/waybackurls) | | Discovery/VULN | [Silver](https://github.com/s0md3v/Silver) | Mass scan IPs for vulnerable services | ![](https://img.shields.io/github/stars/s0md3v/Silver) | ![](https://img.shields.io/github/languages/top/s0md3v/Silver) | +| Fetch/HTTP | [fhc](https://github.com/Edu4rdSHL/fhc) | Fast HTTP Checker. | ![](https://img.shields.io/github/stars/Edu4rdSHL/fhc) | ![](https://img.shields.io/github/languages/top/Edu4rdSHL/fhc) | | Fetch/HTTP | [htcat](https://github.com/htcat/htcat) | Parallel and Pipelined HTTP GET Utility | ![](https://img.shields.io/github/stars/htcat/htcat) | ![](https://img.shields.io/github/languages/top/htcat/htcat) | | Fetch/HTTP | [httprobe](https://github.com/tomnomnom/httprobe) | Take a list of domains and probe for working HTTP and HTTPS servers | ![](https://img.shields.io/github/stars/tomnomnom/httprobe) | ![](https://img.shields.io/github/languages/top/tomnomnom/httprobe) | | Fetch/HTTP | [httpx](https://github.com/projectdiscovery/httpx) | httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads. | ![](https://img.shields.io/github/stars/projectdiscovery/httpx) | ![](https://img.shields.io/github/languages/top/projectdiscovery/httpx) | @@ -131,10 +132,12 @@ A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntin | Scanner/CRLF | [crlfuzz](https://github.com/dwisiswant0/crlfuzz) | A fast tool to scan CRLF vulnerability written in Go | ![](https://img.shields.io/github/stars/dwisiswant0/crlfuzz) | ![](https://img.shields.io/github/languages/top/dwisiswant0/crlfuzz) | | Scanner/CSRF | [XSRFProbe](https://github.com/0xInfection/XSRFProbe) | The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. | ![](https://img.shields.io/github/stars/0xInfection/XSRFProbe) | ![](https://img.shields.io/github/languages/top/0xInfection/XSRFProbe) | | Scanner/FUZZ | [BruteX](https://github.com/1N3/BruteX) | Automatically brute force all services running on a target. | ![](https://img.shields.io/github/stars/1N3/BruteX) | ![](https://img.shields.io/github/languages/top/1N3/BruteX) | +| Scanner/FUZZ | [PPScan](https://github.com/msrkp/PPScan) | Client Side Prototype Pollution Scanner | ![](https://img.shields.io/github/stars/msrkp/PPScan) | ![](https://img.shields.io/github/languages/top/msrkp/PPScan) | | Scanner/FUZZ | [VHostScan](https://github.com/codingo/VHostScan) | A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages. | ![](https://img.shields.io/github/stars/codingo/VHostScan) | ![](https://img.shields.io/github/languages/top/codingo/VHostScan) | | Scanner/FUZZ | [ffuf](https://github.com/ffuf/ffuf) | Fast web fuzzer written in Go | ![](https://img.shields.io/github/stars/ffuf/ffuf) | ![](https://img.shields.io/github/languages/top/ffuf/ffuf) | | Scanner/FUZZ | [plution](https://github.com/raverrr/plution) | Prototype pollution scanner using headless chrome | ![](https://img.shields.io/github/stars/raverrr/plution) | ![](https://img.shields.io/github/languages/top/raverrr/plution) | | Scanner/FUZZ | [ppfuzz](https://github.com/dwisiswant0/ppfuzz) | A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀 | ![](https://img.shields.io/github/stars/dwisiswant0/ppfuzz) | ![](https://img.shields.io/github/languages/top/dwisiswant0/ppfuzz) | +| Scanner/FUZZ | [ppmap](https://github.com/kleiton0x00/ppmap) | A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets. | ![](https://img.shields.io/github/stars/kleiton0x00/ppmap) | ![](https://img.shields.io/github/languages/top/kleiton0x00/ppmap) | | Scanner/FUZZ | [thc-hydra](https://github.com/vanhauser-thc/thc-hydra) | hydra | ![](https://img.shields.io/github/stars/vanhauser-thc/thc-hydra) | ![](https://img.shields.io/github/languages/top/vanhauser-thc/thc-hydra) | | Scanner/FUZZ | [wfuzz](https://github.com/xmendez/wfuzz) | Web application fuzzer | ![](https://img.shields.io/github/stars/xmendez/wfuzz) | ![](https://img.shields.io/github/languages/top/xmendez/wfuzz) | | Scanner/GQL | [GraphQLmap](https://github.com/swisskyrepo/GraphQLmap) | GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. | ![](https://img.shields.io/github/stars/swisskyrepo/GraphQLmap) | ![](https://img.shields.io/github/languages/top/swisskyrepo/GraphQLmap) | diff --git a/data.json b/data.json index 89d749b..5b8f801 100644 --- a/data.json +++ b/data.json @@ -575,6 +575,22 @@ "Windows": "cd Osmedeus; git pull -v; pip3 install -r requirements.txt" } }, + "PPScan": { + "Data": "| Scanner/FUZZ | [PPScan](https://github.com/msrkp/PPScan) | Client Side Prototype Pollution Scanner | ![](https://img.shields.io/github/stars/msrkp/PPScan) | ![](https://img.shields.io/github/languages/top/msrkp/PPScan) |", + "Description": "Client Side Prototype Pollution Scanner", + "Install": { + "Linux": "", + "MacOS": "", + "Windows": "" + }, + "Method": "FUZZ", + "Type": "Scanner", + "Update": { + "Linux": "", + "MacOS": "", + "Windows": "" + } + }, "ParamSpider": { "Data": "| Discovery/PARAM | [ParamSpider](https://github.com/devanshbatham/ParamSpider) | Mining parameters from dark corners of Web Archives | ![](https://img.shields.io/github/stars/devanshbatham/ParamSpider) | ![](https://img.shields.io/github/languages/top/devanshbatham/ParamSpider) |", "Description": "Mining parameters from dark corners of Web Archives ", @@ -1567,6 +1583,22 @@ "Windows": "go get -u github.com/ffuf/ffuf" } }, + "fhc": { + "Data": "| Fetch/HTTP | [fhc](https://github.com/Edu4rdSHL/fhc) | Fast HTTP Checker. | ![](https://img.shields.io/github/stars/Edu4rdSHL/fhc) | ![](https://img.shields.io/github/languages/top/Edu4rdSHL/fhc) |", + "Description": "Fast HTTP Checker.", + "Install": { + "Linux": "", + "MacOS": "", + "Windows": "" + }, + "Method": "HTTP", + "Type": "Fetch", + "Update": { + "Linux": "", + "MacOS": "", + "Windows": "" + } + }, "findom-xss": { "Data": "| Scanner/XSS | [findom-xss](https://github.com/dwisiswant0/findom-xss) | A fast DOM based XSS vulnerability scanner with simplicity. | ![](https://img.shields.io/github/stars/dwisiswant0/findom-xss) | ![](https://img.shields.io/github/languages/top/dwisiswant0/findom-xss) |", "Description": "A fast DOM based XSS vulnerability scanner with simplicity. ", @@ -2735,6 +2767,22 @@ "Windows": "" } }, + "ppmap": { + "Type": "Scanner", + "Data": "| Scanner/FUZZ | [ppmap](https://github.com/kleiton0x00/ppmap) | A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets. | ![](https://img.shields.io/github/stars/kleiton0x00/ppmap) | ![](https://img.shields.io/github/languages/top/kleiton0x00/ppmap) |", + "Method": "FUZZ", + "Description": "A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.", + "Install": { + "Linux": "", + "MacOS": "", + "Windows": "" + }, + "Update": { + "Linux": "", + "MacOS": "", + "Windows": "" + } + }, "proxify": { "Data": "| Army-Knife/PROXY | [proxify](https://github.com/projectdiscovery/proxify) | Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation and replay | ![](https://img.shields.io/github/stars/projectdiscovery/proxify) | ![](https://img.shields.io/github/languages/top/projectdiscovery/proxify) |", "Description": "Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation and replay", @@ -3344,15 +3392,15 @@ } }, "web_cache_poison": { - "Type": "Scanner", "Data": "| Scanner/CACHE-POISON | [web_cache_poison](https://github.com/fngoo/web_cache_poison) | web cache poison - Top 1 web hacking technique of 2019 | ![](https://img.shields.io/github/stars/fngoo/web_cache_poison) | ![](https://img.shields.io/github/languages/top/fngoo/web_cache_poison) |", - "Method": "CACHE-POISON", "Description": "web cache poison - Top 1 web hacking technique of 2019", "Install": { "Linux": "", "MacOS": "", "Windows": "" }, + "Method": "CACHE-POISON", + "Type": "Scanner", "Update": { "Linux": "", "MacOS": "",