subn0x / awesome-bbht Goto Github PK

...

I have been checking the script for any errors and I found 2 incompatible git repositories.

Tools Affected:

1. XSS Finder (XSS)
2. Open Redirect Scanner

SCRIPT OUTPUT

XSS FINDER

Open Redirect Scanner

Suggestion to add a new framework.

• https://github.com/eslam3kl/3klCon

I will probably pull the repo and add the changes in the next two days.

Dear Sir,

Current version does not install gf, gau, waybackurls Ubuntu Or Kali Linux. It does not show installation path to add API, or other keys for censys, shodan based scripts or tools.

Second thing, please make it world no.01 web bug hunting installer by adding these top notch bug hunting tools.

Subdomains enumeration:

Amass
Assetfinder
Crobat
Findomain
Github-subdomains
Subfinder
Sudomy
subdomainizer
sublister
findomain

Subdomain Takeover:

Subover
Autosubtakeover
Tko-subs
Subjack

Cloud Workflow: AWS_Recon
festin
lazys3
s3brute
flumberboozle
slurp

DNS resolver

dnsx
MassDNS
PureDNS
ShuffleDNS
DNSvalidator

Visual Inspection - Screenshots

Aquatone
Gowitness
httpscreenshot

HTTP probe

httprobe
httpx

Web crawler / Content Discovery

Gospider
Hakrawler
ParamSpider
gau
waybackurls
paramspider
GF
GF_Pattern
Photon

Network scanner

Rustscan
Masscan
Naabu
Nmap
Brutespray

HTTP Parameter

Arjun
x8 *

Fuzzing tools

Ffuf
Gobuster
Wfuzz
Gobuster
Dirsearch
Dirb

LFI/RFI tools

LFISuite
Fimap

XPR1M3 / sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python
https://github.com/XPR1M3/sqli-lfi-xss-rce-dorker-and-auto-exploiter-Python-.git

Spring4Shell:
redhuntlabs / Hunt4Spring | https://github.com/redhuntlabs/Hunt4Spring.git

Log4j:
log4jscan for Linux | https://github.com/intezer/log4jscan.git

SSRF tools

SSRFmap
Gopherus
Interactsh

SSTI tools

tplmap *

API hacking tools

Kiterunner + API routes

Wordlists

SecLists

Vulns - XSS

Dalfox
Bxss
XSpear
kxss
XSStrike
Gxss
FinDOM-XSS
X5S
Xenotix XSS Exploit Framework

Vulns - SQL Injection

SQLbit
BSQL hacker
SQLMap
SQLninja
Safe3 SQL injector
SQLSus
Mole
NoSQLMap
SQLmate
ATLAS (WAF Bypass Suggester for SQLmap)
SQLiScanner
AutoSQLi
Bypass-WAF-SQLMAP
KhetaguriDimitri/SQL-Injection
Agressiv1njector/psqli-pro
AngelSecurityTeam/SQLiDumper-AngelSecurityTeam
JohnTroony/Blisqy
quadcoreside/QuadCore-Web-SQLi-Injecter-DB-Dumper
enjoiz/BSQLinjector
lanmaster53/sqli-exploiter
Sqliv
Havij
BBQSQL
Leviathan
WhiteWidow
jSQL Injection

CMS Scanner

WPscan
droopescan
AEM-Hacker
Drupwn
Wig

Vulns - Scanner

Jaeles
Nikto **
Nuclei

JavaScript hunting

LinkFinder
SecretFinder
subjs
GetJS

Find_Web_Technologies

Wappalyzer CLI

Git Hunting / GIT Enum Tools:

GitDorker *
gitGraber *
GitHacker *
GitTools *
Githound
Trufflehog
Gitscanner

Sensitive Stuff Finding

DumpsterDiver *
EarlyBird *
Ripgrep

Useful tools

anew
anti-burl
getallurls
gron
Interlace
jq *
qsreplace
Tmux
unfurl
Uro *

Web Exploitation Frameworks:

Sn1per
Vajra
Jok3r v3 beta
osmedeus
cobra
Arachni
TIDoS Framework
sudomy
Grabber
Vega
Zed Attack Proxy
Wapiti
W3af
WebScarab
Skipfish
Ratproxy
Wfuzz
Grendel-Scan
Watcher

JS Enumeration Tools:

jsscanner
jsparser
linkfinder

Fingerprint & CVE Tools:

nuclei
webtech
waf