gf4
/
WebHackersWeapons
mirror of https://git.hackliberty.org/Awesome-Mirrors/WebHackersWeapons
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
26 Commits
5 Branches
0 Tags
37 MiB
Ruby 100%
 
Go to file
하훌 a9cd7aeda2
Update README.md 		2020-04-06 00:57:55 +09:00
.github Create FUNDING.yml 2020-04-05 00:08:50 +09:00
LICENSE Initial commit 2020-04-04 23:54:05 +09:00
README.md Update README.md 2020-04-06 00:57:55 +09:00
tool-template.md Update tool-template.md 2020-04-05 13:58:09 +09:00
weapon-md add generating tool 2020-04-05 14:17:44 +09:00
weapon-md.go add generating tool 2020-04-05 14:17:44 +09:00

README.md



Web Hacker's Weapons

A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Category

Weapons

Subdomain Enumeration

Name Description Popularity Language Metadata
findomain The fastest and cross-platform subdomain enumerator, do not waste your time.


subfinder Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.


Amass In-depth Attack Surface Mapping and Asset Discovery


Sublist3r Fast subdomains enumeration tool for penetration testers


assetfinder Find domains and subdomains related to a given domain


Fetch path and host

Name Description Popularity Language Metadata
meg Fetch many paths for many hosts - without killing the hosts


httprobe Take a list of domains and probe for working HTTP and HTTPS servers


Port scanner

Name Description Popularity Language Metadata
nmap Nmap - the Network Mapper. Github mirror of official SVN repository.


naabu A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests


masscan TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.


Web Discovery

Name Description Popularity Language Metadata
gospider Gospider - Fast web spider written in Go


gobuster Directory/File, DNS and VHost busting tool written in Go


LinkFinder A python script that finds endpoints in JavaScript files


wfuzz Web application fuzzer


Web Vulnerability Scanner

XSS

CSRF

Path traversal / Directory traversal / LFI

Command Injection

SQL Injection

NoSQL Injection

SSRF

CORS Misconfiguration

WebSocket

Cloud Security

Utility for hackers

Online tools

Contribute and Contributor

Usage of weapon-md

./weapon-md
Usage of ./weapon-md:
  -isFirst
    	if you add new type, it use
  -url string
    	github / gitlab / bitbucket url

Three Procedures for the Contribute

  • First, generate markdown code using weapon-md
$ ./weapon-md -url https://github.com/hahwul/xspear
| [xspear](https://github.com/hahwul/xspear) | Powerfull XSS Scanning and Parameter analysis tool&gem | ![](https://img.shields.io/github/stars/hahwul/xspear) | ![](https://img.shields.io/github/languages/top/hahwul/xspear) | ![](https://img.shields.io/github/repo-size/hahwul/xspear)<br>![](https://img.shields.io/github/license/hahwul/xspear) <br> ![](https://img.shields.io/github/forks/hahwul/xspear) <br> ![](https://img.shields.io/github/watchers/hahwul/xspear) |
  • Second, Give me PR or Add issue with output code
  • Third, There's no third.