Awesome Open Source
Awesome Open Source

Web Hacking ToolKit

GitHub Workflow Status GitHub Open Issues GitHub Closed Issues GitHub contributors GitHub

Docker Automated build Docker Pulls Docker Starts Docker Image Size

A web hacking toolkit (docker image).

Resources

Installation

Docker

Pull the image from Docker Hub:

docker pull signedsecurity/web-hacking-toolkit

Run a container and attach a shell:

docker run \
	-it \
	--rm \
	--shm-size="2g" \
	--name web-hacking-toolkit \
	--hostname web-hacking-toolkit \
	-p 22:22 \
	-v $(pwd)/data:/root/data \
	signedsecurity/web-hacking-toolkit \
	/bin/zsh

Docker Compose

Docker-Compose can also be used.

version: "3.9"

services:
    web-hacking-toolkit:
        image: signedsecurity/web-hacking-toolkit
        container_name: web-hacking-toolkit
        hostname: web-hacking-toolkit
        stdin_open: true
        shm_size: 2gb # increase shared memory size to prevent firefox from crashing
        ports:
            - "22:22" # exposed for GUI support sing SSH with X11 forwarding
        volumes:
            - ./data:/root/data
        restart: unless-stopped

Build and run container:

docker-compose up

Attach shell:

docker-compose exec web-hacking-toolkit /bin/zsh

Build from Source

Clone this repository and build the image:

git clone https://github.com/signedsecurity/web-hacking-toolkit.git && \
cd web-hacking-toolkit && \
make build-image

Run a container and attach a shell:

make run

GUI Support

By default, no GUI tools can be run in a Docker container as no X11 server is available. To run them, you must change that. What is required to do so depends on your host machine. If you:

  • run on Linux, you probably have X11
  • run on Mac OS, you need Xquartz (brew install Xquartz)
  • run on Windows, you have a problem

Using SSH with X11 forwarding

Use X11 forwarding through SSH if you want to go this way. Run start_ssh inside the container to start the server, make sure you expose port 22 when starting the container: docker run -p 127.0.0.1:22:22 ..., then use ssh -X ... when connecting (the script prints the password).

Tookit Setup

System

  • Terminal
    • shell (ZSH)
    • Session Management (TMUX)
  • Text Editor
    • vim
  • Browser
    • chrome
    • firefox
  • Remote Connection
    • SSH

Tools

Name Description
amass In-depth Attack Surface Mapping and Asset Discovery
anew A tool for adding new lines to files, skipping duplicates
arjun HTTP parameter discovery suite.
Burp Suite Community The BurpSuite Project community edition.
cdncheck A CLI wrapper for ProjectDiscovery's cdncheck library - "Helper library that checks if a given IP belongs to known CDN ranges (akamai, cloudflare, incapsula and sucuri)".
commix Automated All-in-One OS Command Injection Exploitation Tool.
crlfuzz A fast tool to scan CRLF vulnerability written in Go
crobat A rapid API for the Project Sonar dataset
curl A command line tool and library for transferring data with URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, MQTT, FILE, IMAP, SMTP, POP3, RTSP and RTMP. libcurl offers a myriad of powerful features
dalfox waning_crescent_moonfox_face DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
dnsutils -
dnsvalidator Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.
dnsx dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
dotdotpwn DotDotPwn - The Directory Traversal Fuzzer
ffuf Fast web fuzzer written in Go
findomain The fastest
gin Git index file parser, using python3
gowitness gowitness - a golang, web screenshot utility using Chrome Headless
gotator Gotator is a tool to generate DNS wordlists through permutations.
grep Grep searches one or more input files for lines containing a match to a specified pattern.
hakrevdns Small, fast, simple tool for performing reverse DNS lookups en masse.
httpx httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
jq Command-line JSON processor
kiterunner Contextual Content Discovery Tool
masscan TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
massdns A high-performance DNS stub resolver.
naabu A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
net-tools -
nmap Nmap - the Network Mapper. Github mirror of official SVN repository.
nmap-utils Scripts to process nmap results.
nuclei Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.
ping Tools to test the reachability of network hosts.
ps.sh A wrapper around tools used for port scanning(nmap, naabu & masscan), the goal being reducing scan time, increasing scan efficiency and automating the workflow.
puredns Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
sigrawl3r A fast web crawler.
sigsubfind3r A subdomain discovery tool - it gathers a list of subdomains passively using various online sources.
sigurlfind3r A passive reconnaissance tool for known URLs discovery - it gathers a list of URLs passively using various online sources.
sigurlscann3r A web application attack surface mapping tool. It takes in a list of urls then performs numerous probes
sqlmap Automatic SQL injection and database takeover tool
subdomains.sh A wrapper around for subdomains gathering tools (amass, subfinder, findomain & sigsubfind3r) to increase gathering efficiency and automating the workflow.
subfinder Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
urlx A go(golang) utility for URLs parsing & pull out bits of the URLS.
waf00f The Web Application Firewall Fingerprinting Tool.
wappalyzer Wappalyzer identifies technologies on websites, such as CMS, web frameworks, ecommerce platforms, JavaScript libraries, analytics tools and more.
whois whois - client for the whois directory service
whatweb Next generation web scanner.
whois client for the whois directory service
wpscan WordPress Security Scanner
wuzz Interactive cli tool for HTTP inspection

Wordlists

Wordlist Description
WordlistsX A collection of wordlists generated by combining various common/popular wordlists.

Contribution

Issues and Pull Requests are welcome!



Alternative Project Comparisons
Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Shell (169,536
Docker (97,002
Docker Image (12,035
Hacking (7,675
Penetration Testing (3,062
Pentesting (3,061
Nmap (1,506
Osint (1,103
Recon (881
Reconnaissance (578
Web Security (405
Bugbounty Tool (108
Web Hacking (74
Hacker Tools (24