A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
1.14k
stars
431
forks
source link
Current version does not install gf, gau, waybackurls Ubuntu Or Kali Linux. It does not show installation path to add API, or other keys for censys, shodan based scripts or tools. #55
Current version does not install gf, gau, waybackurls Ubuntu Or Kali Linux. It does not show installation path to add API, or other keys for censys, shodan based scripts or tools.
Second thing, please make it world no.01 web bug hunting installer by adding these top notch bug hunting tools.
Dear Sir,
Current version does not install gf, gau, waybackurls Ubuntu Or Kali Linux. It does not show installation path to add API, or other keys for censys, shodan based scripts or tools.
Second thing, please make it world no.01 web bug hunting installer by adding these top notch bug hunting tools.
Subdomains enumeration:
Amass Assetfinder Crobat Findomain Github-subdomains Subfinder Sudomy subdomainizer sublister findomain
Subdomain Takeover:
Subover Autosubtakeover Tko-subs Subjack
Cloud Workflow: AWS_Recon festin lazys3 s3brute flumberboozle slurp
DNS resolver
Visual Inspection - Screenshots
Aquatone Gowitness httpscreenshot
HTTP probe
Web crawler / Content Discovery
Gospider Hakrawler ParamSpider gau waybackurls paramspider GF GF_Pattern Photon
Network scanner
HTTP Parameter
Fuzzing tools
Ffuf Gobuster Wfuzz Gobuster Dirsearch Dirb
LFI/RFI tools
LFISuite Fimap
XPR1M3 / sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python https://github.com/XPR1M3/sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python-.git
Spring4Shell: redhuntlabs / Hunt4Spring | https://github.com/redhuntlabs/Hunt4Spring.git
Log4j: log4jscan for Linux | https://github.com/intezer/log4jscan.git
SSRF tools
SSTI tools
API hacking tools
Wordlists
Vulns - XSS
Vulns - SQL Injection
SQLbit BSQL hacker SQLMap SQLninja Safe3 SQL injector SQLSus Mole NoSQLMap SQLmate ATLAS (WAF Bypass Suggester for SQLmap) SQLiScanner AutoSQLi Bypass-WAF-SQLMAP KhetaguriDimitri/SQL-Injection Agressiv1njector/psqli-pro AngelSecurityTeam/SQLiDumper-AngelSecurityTeam JohnTroony/Blisqy quadcoreside/QuadCore-Web-SQLi-Injecter-DB-Dumper enjoiz/BSQLinjector lanmaster53/sqli-exploiter Sqliv Havij BBQSQL Leviathan WhiteWidow jSQL Injection
CMS Scanner
Vulns - Scanner
JavaScript hunting
Find_Web_Technologies
Git Hunting / GIT Enum Tools:
Sensitive Stuff Finding
Useful tools
Web Exploitation Frameworks:
Sn1per Vajra Jok3r v3 beta osmedeus cobra Arachni TIDoS Framework sudomy Grabber Vega Zed Attack Proxy Wapiti W3af WebScarab Skipfish Ratproxy Wfuzz Grendel-Scan Watcher
JS Enumeration Tools:
jsscanner jsparser linkfinder
Fingerprint & CVE Tools:
nuclei webtech waf