This is a collection of tools that I use during web application penetration tests. A lot of these exist elsewhere and I mainly made this repository as an exercise and I use it in most of my engagements.
Below is a summary of some of the included tools and documentation
- HTTP-SHC - HTTP security headers checks
- Web-Comment-Scrape - Scrapes a page for HTML and JS comments
- HTTP-Scan - Makes HTTP requests from targets file and logs responses
- Site-Map-Enum - Enumeration of site maps identified during web application tests
- SSLyze-Reporter - A simple Python3 script to parse JSON files generated by SSLyze for a copy-&-paste, report friendly output.
- TimedUserEnum - A WIP, PoC for analyzing timed server responses for valid/invalid usernames of web apps
- W3Fuzz - Super lightweight directory and file brute force tool
- AutoWeb - Automate the first day of web application penetration test
- CORSAudit - This tool checks for CORS-related security issues
- SSRF-Snare - An HTTP server to handle incoming SSRF requests
- UA-Util - HTTP header User-Agent Utility (randomizing for evasion, etc)
- BurpExportURIs - Extract URIs from Burp Suite's project files.
- Dredgeon - Dredges through a file looking for potential web-related sensitive information.
This is a set of wordlists that I have generated over the years of web application penetration testing.
- Wordlists - Collection of all wordlists
- WWWordlist - This tool scrapes a page and generates a word list
This is a collection of API-related tools to help with tasks during web application penetration tests.
- Epoch-Convert.py - Convert an API key or JWT creation or expiration date into human readble form for reporting.