ββββ β β ββ βββ βββ ββββββ ββββββ ββββββ
ββ ββ β ββ ββββββββ ββββ βββ β ββ β ββββ ββ
βββ ββ ββββββ ββββββββ ββββ β ββββ ββββ βββ β
ββββ ββββββββ ββββββββ ββββ β ββββββ β ββββ ββββ
ββββ ββββββββββββ βββββββββββββββββββββββββββββββββ βββββ β
β ββ β β ββββ β β β βββ ββ βββ ββ βββ β βββ ββ ββ ββ β β
β β β β β β β β β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββββββββββββββββββββ W E B βββββββββββββββββββββββββββββββββ
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
bad-antics
π Join discord.gg/killers for premium features!
| Tool | Language | Description | Free | Premium |
|---|---|---|---|---|
| dirfuzz | Go | Directory/file bruteforcer | β | π₯ |
| sqlmap-ng | Rust | SQL injection detection | β | π₯ |
| xsshunter | Go | XSS vulnerability scanner | β | π₯ |
| paraminer | Go | Parameter discovery | β | π₯ |
| crawler | Rust | Deep web crawler | β | π₯ |
| httpprobe | Go | HTTP probing & fingerprint | β | π₯ |
nullsec-web/
βββ go/
β βββ dirfuzz/ # Directory fuzzer
β βββ xsshunter/ # XSS scanner
β βββ paraminer/ # Parameter mining
β βββ httpprobe/ # HTTP prober
βββ rust/
β βββ sqlmap_ng/ # SQLi detection
β βββ crawler/ # Web crawler
β βββ vulnscan/ # Vulnerability scanner
βββ python/
β βββ jwt_exploit.py # JWT exploitation
β βββ ssrf_scan.py # SSRF detection
β βββ header_inject.py # Header injection
β βββ cors_check.py # CORS misconfiguration
βββ wordlists/
βββ directories.txt # Common directories
βββ parameters.txt # Common parameters
βββ payloads/ # Attack payloads
# Directory fuzzing
./dirfuzz -u https://target.com -w wordlists/directories.txt
# SQL injection scan
./sqlmap-ng -u "https://target.com/page?id=1" --dbs
# XSS hunting
./xsshunter -u https://target.com -w wordlists/xss.txt
# Parameter discovery
./paraminer -u https://target.com --all
# Web crawling
./crawler -u https://target.com -d 3 -o urls.txtFeatures:
- Recursive scanning
- Extension fuzzing
- Custom wordlists
- Response filtering
- Rate limiting
# Basic scan
./dirfuzz -u https://target.com -w common.txt
# With extensions
./dirfuzz -u https://target.com -w files.txt -x php,asp,jsp
# Recursive + filtered
./dirfuzz -u https://target.com -w dirs.txt -r -fc 404,403
# High speed
./dirfuzz -u https://target.com -w big.txt -t 100 --rate 1000Detection methods:
- Boolean-based blind
- Time-based blind
- Error-based
- UNION query
- Stacked queries
# Auto detection
./sqlmap-ng -u "https://target.com/item?id=1"
# Specific technique
./sqlmap-ng -u "https://target.com/item?id=1" --technique=BT
# Database enumeration
./sqlmap-ng -u "https://target.com/item?id=1" --dbs --tables
# Data extraction
./sqlmap-ng -u "https://target.com/item?id=1" -D dbname -T users --dumpFor authorized security testing only. Only test applications you have permission to assess.