search

drak3hft7 / VPS-Bug-Bounty-Tools

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
176 stars 43 forks source link

Add more tools πŸ”§ please πŸ‘πŸ’―β€οΈπŸŒΊπŸ’β€οΈβ€πŸ”₯πŸ’₯πŸ‘ #3

Open CyberGhazi786 opened 2 years ago

CyberGhazi786 commented 2 years ago

Subdomains enumeration:

Amass Assetfinder Crobat Findomain Github-subdomains Subfinder Sudomy subdomainizer sublister findomain

Subdomain Takeover:

Subover Autosubtakeover Tko-subs Subjack

Cloud Workflow: AWS_Recon festin lazys3 s3brute flumberboozle slurp

DNS resolver

dnsx MassDNS PureDNS ShuffleDNS DNSvalidator

Visual Inspection - Screenshots

Aquatone Gowitness httpscreenshot

HTTP probe

httprobe httpx

Web crawler / Content Discovery

Gospider Hakrawler ParamSpider gau waybackurls paramspider GF GF_Pattern Photon

Network scanner

Rustscan Masscan Naabu Nmap Brutespray

HTTP Parameter

Arjun x8 *

Fuzzing tools

Ffuf Gobuster Wfuzz Gobuster Dirsearch Dirb

LFI/RFI tools

LFISuite Fimap

XPR1M3 / sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python https://github.com/XPR1M3/sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python-.git

Spring4Shell: redhuntlabs / Hunt4Spring | https://github.com/redhuntlabs/Hunt4Spring.git

Log4j: log4jscan for Linux | https://github.com/intezer/log4jscan.git

SSRF tools

SSRFmap Gopherus Interactsh

SSTI tools

tplmap *

API hacking tools

Kiterunner + API routes

Wordlists

SecLists

Vulns - XSS

Dalfox Bxss XSpear kxss XSStrike Gxss FinDOM-XSS X5S Xenotix XSS Exploit Framework

Vulns - SQL Injection

SQLbit BSQL hacker SQLMap SQLninja Safe3 SQL injector SQLSus Mole NoSQLMap SQLmate ATLAS (WAF Bypass Suggester for SQLmap) SQLiScanner AutoSQLi Bypass-WAF-SQLMAP KhetaguriDimitri/SQL-Injection Agressiv1njector/psqli-pro AngelSecurityTeam/SQLiDumper-AngelSecurityTeam JohnTroony/Blisqy quadcoreside/QuadCore-Web-SQLi-Injecter-DB-Dumper enjoiz/BSQLinjector lanmaster53/sqli-exploiter Sqliv Havij BBQSQL Leviathan WhiteWidow jSQL Injection

CMS Scanner

WPscan droopescan AEM-Hacker Drupwn Wig

Vulns - Scanner

Jaeles Nikto ** Nuclei

JavaScript hunting

LinkFinder SecretFinder subjs GetJS

Find_Web_Technologies

Wappalyzer CLI

Git Hunting / GIT Enum Tools:

GitDorker gitGraber GitHacker GitTools Githound Trufflehog Gitscanner

Sensitive Stuff Finding

DumpsterDiver EarlyBird Ripgrep

Useful tools

anew anti-burl getallurls gron Interlace jq qsreplace Tmux unfurl Uro

Web Exploitation Frameworks:

Sn1per Vajra Jok3r v3 beta osmedeus cobra Arachni TIDoS Framework sudomy Grabber Vega Zed Attack Proxy Wapiti W3af WebScarab Skipfish Ratproxy Wfuzz Grendel-Scan Watcher

JS Enumeration Tools:

jsscanner jsparser linkfinder

Fingerprint & CVE Tools:

nuclei webtech waf

drak3hft7 commented 2 years ago

I @CyberGhazi786 , currently I have inserted the new katana tool.