Web Exploitation / Web Vulnerability Analysis
by do son · Published May 18, 2020 · Last modified December 3, 2020
JSshell JSshell – a JavaScript reverse shell. This using to exploit XSS remotely, help to find blind XSS, … This tool works for both Unix and Windows operating systems and...
Nosql injection username and password enumeration script Using this script, we can enumerate Usernames and passwords of Nosql(mongodb) injection vulnerable web applications. Download git clone https://github.com/an0nlk/Nosql-MongoDB-injection-username-password-enumeration.git Use Arguments Description -h,...
NoXss NoXss is a cross-site script vulnerability scanner supported reflected xss and dom-based xss. It’s very fast and suitable for testing millions of urls. It has found some xss vulnerabilities...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published April 28, 2020 · Last modified May 23, 2022
hakrawler What is it? hakrawler is a Go web crawler designed for easy, quick discovery of endpoints and assets within a web application. It can be used to discover: Forms...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published April 20, 2020 · Last modified July 1, 2020
wsltools – Web Scan Lazy Tools wsltools is an elegant and simple Web Scan auxiliary library for Python. Changelog v0.2.4 update urlclean.mixPayload Install >>> pip install wsltools Use User Guide...
Programming / Web Vulnerability Analysis
by do son · Published April 16, 2020 · Last modified January 23, 2024
INTERCEPT Stupidly easy to use, small footprint Policy as Code subsecond command-line scanner that leverages the power of the fastest multi-line search tool to scan your codebase. It can be used...
Klar Integration of Clair and Docker Registry (supports both Clair API v1 and v3) Klar is a simple tool to analyze images stored in a private or public Docker registry...
FinDOM-XSS FinDOM-XSS is a tool that allows you to find possible and/ potential DOM-based XSS vulnerability in a fast manner. Installation $ git clone git@github.com:dwisiswant0/findom-xss.git Configuration Change the value of...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published March 20, 2020 · Last modified May 1, 2024
Katana-ds Katana-ds (ds for dork_scanner) is a simple python tool that automates Google Hacking/Dorking and supports Tor It becomes more powerful in combination with GHDB Changelog v1.5.3 No need to...
MSSQLi-DUET – MSSQL Injection-based Domain User Enumeration Tool SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing. Supports various forms of...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published March 10, 2020 · Last modified May 1, 2024
Natlas should make continuous, extensible, host-oriented scanning an easy thing to deploy and make use of. Users shouldn’t require specialized knowledge of which nmap flags do what, which tools take...
DOMDig DOMDig is a DOM XSS scanner that runs inside the Chromium web browser and it can scan single-page applications (SPA) recursively. Unlike other scanners, DOMDig can crawl any webapplication...
SSRF Sheriff This is an SSRF testing sheriff written in Go. It was originally created for the Uber H1-4420 2019 London Live Hacking Event, but it is now being open-sourced for...
Extended XSS Searcher and Finder This is the extended version based on the initial idea already published as “xssfinder”. This private version allows an attacker to perform not only GET...
Extended ssrf search This tool search for Server-Side Request Forgery (SSRF) using predefined settings in different parts of a request (path, host, headers, post and get parameters). Download git clone...
Support Securityonline.info site. Thanks!
