HAHWUL (@hahwul)
github

hahwul

Twitter logo Share LinkedIn logo Share Facebook logo Share

Top repositories

1

WebHackersWeapons

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Ruby
3,581
star
2

dalfox

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Go
3,152
star
3

DevSecOps

♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎
Go
1,565
star
4

XSpear

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
Ruby
1,084
star
5

jwt-hack

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
Go
707
star
6

MobileHackersWeapons

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Go
624
star
7

a2sv

Auto Scanning to SSL Vulnerability
Python
610
star
8

mad-metasploit

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection
Ruby
373
star
9

authz0

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
Go
341
star
10

droid-hunter

(deprecated) Android application vulnerability analysis and Android pentest tool
Ruby
287
star
11

metasploit-autopwn

db_autopwn plugin of metasploit
Ruby
192
star
12

deadfinder

🏴‍☠️ Find dead-links (broken links)
Ruby
123
star
13

RegexPassive

🔭 Collection of regexp pattern for security passive scanning
109
star
14

mzap

⚡️ Multiple target ZAP Scanning
Go
99
star
15

hack-pet

🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Go
98
star
16

XSS-Payload-without-Anything

XSS Payload without Anything.
92
star
17

gee

🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go
Go
79
star
18

s3reverse

The format of various s3 buckets is convert in one format. for bugbounty and security testing.
Go
78
star
19

websocket-connection-smuggler

websocket-connection-smuggler
Go
66
star
20

gitls

🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline
Go
58
star
21

ws-smuggler

WebSocket Connection Smuggler
Go
48
star
22

ras-fuzzer

RAS(RAndom Subdomain) Fuzzer
Go
43
star
23

MemBi

All the members of bugbounty and infosec. If you don't know who to follow, see!
Go
35
star
24

backbomb

💣 Dockerized penetration-testing/bugbounty/app-sec testing environment
Go
33
star
25

hbxss

Security test tool for Blind XSS
Ruby
27
star
26

fuzzstone

My fuzz repo!
JavaScript
23
star
27

action-dalfox

XSS scanning with Dalfox on Github-action
Dockerfile
22
star
28

recon-raven

Reconnaissance tool of Penetration test & Bug Bounty
Ruby
22
star
29

vais

SWF Vulnerability & Information Scanner
HTML
21
star
30

noir

♠️ Noir is an attack surface detector form source code.
Crystal
20
star
31

xssmaze

XSSMaze is a web service designed to test and improve the performance of security testing tools by providing various cases of XSS vulnerabilities.
Crystal
20
star
32

asset-of-hahwul.com

assets for www.hahwul.com
Shell
19
star
33

can-i-protect-xss

Everything about xss protection technology
16
star
34

volt

⚡ Golang library for quick make pentest tools
Go
15
star
35

raven

Automation Hacking & Penetration Testing Suite
Ruby
13
star
36

vunlink

Auto Web Vulnerability Scanning Framework
Ruby
11
star
37

websocket-connection-smuggling-go

websocket-connection-smuggling write in go
Go
10
star
38

hahwul

about me!
9
star
39

zest-env

🐋 Zest CLI Environment
Shell
9
star
40

awesome-zap-extensions

A curated list of amazingly awesome ZAP Extensions
8
star
41

github-aciton-injection-test

This repo is a sample repo for Github Action Injection.
8
star
42

VAHA

Web for security engineer & hacker
7
star
43

buildpack-nmap

install nmap and set alias buildpack of heroku
Shell
6
star
44

jqueen

Go
6
star
45

m2h.js

remote markdown document to html on DOM
JavaScript
6
star
46

zap-cloud-scan

5
star
47

homebrew-dalfox

Ruby
5
star
48

hahwul-testzz

tool, page code for https://www.hahwul.com
HTML
5
star
49

qs-openvpn

quick setup openvpn
Shell
5
star
50

eoyc

Encoding Only Your Choices
Crystal
5
star
51

zaproxy-ruby

A Ruby Implementation and Library for Easy Utilization of ZAP API
Ruby
5
star
52

cyan-snake

Live OS for Physical hacking
Ruby
5
star
53

podopunch

Easy testing from multiple android devices
Python
5
star
54

openvas_install_script

OpenVAS Scanner Install Script on Debian
Shell
5
star
55

rings

Ruby
4
star
56

licaner

Go
4
star
57

homebrew-jwt-hack

Ruby
4
star
58

buildpack-zap-daemon

zap(zed attack proxy) daemon mode buildpack of heroku
Shell
4
star
59

exploit-db_to_dokuwiki

exploit-db(edb) convert to dokuwiki template
Python
4
star
60

restime

Web page response time checker
Python
4
star
61

homebrew-backbomb

backbomb homebrew repository
Ruby
4
star
62

booungJS

Vulnerability analysis to javascript using javascript and web debugger
JavaScript
4
star
63

homebrew-authz0

Ruby
3
star
64

struts2-rce-cve-2017-9805-ruby

cve -2017-9805
Ruby
3
star
65

homebrew-mzap

Ruby
3
star
66

go-github-selfupdate-patched

go get error patched version
Go
3
star
67

crystal-smuggle

Toy :D
Crystal
3
star
68

CaidoTweaks

3
star
69

shooting-scheme

custom scheme testing tool with checklist
3
star
70

ftc

simple copy to file to clipboard
Ruby
3
star
71

action-authz0-test

3
star
72

mycert

Ruby
2
star
73

lab

lab.hahwul.com
2
star
74

homebrew-gee

Ruby
2
star
75

jekyll-securitytxt

Jekyll plugin for security.txt
Ruby
2
star
76

homebrew-s3reverse

Ruby
2
star
77

heroku-buildpack-geckodriver

2
star
78

vuln_test

<video><embed><object><meta><body><script><frame><frameset>
2
star
79

projectsend_r582_webshell

ProjectSend_r582_webshell exploit
Ruby
1
star
80

homebrew-eoyc

Ruby
1
star
81

hlogger

golang logger for hahwul z
Go
1
star
82

caido-crystal

Caido implementation for crystal
Crystal
1
star