Merge pull request #83 from pwnwiki/Partial-Web-App

Partial web app (part 3)

tools/apache-users.md

@@ -0,0 +1,17 @@
+# apache-users
+
+Notes
+-------
+
+Help Text
+-------
+```
+USAGE: apache.pl [-h 1.2.3.4] [-l names] [-p 80] [-s (SSL Support 1=true 0=false)] [-e 403 (http code)] [-t threads]
+```
+
+Example Usage
+-------
+
+Links
+-------
+

tools/cutycap.md

@@ -0,0 +1,52 @@
+# CutyCapt
+
+Notes
+-------
+
+Help Text
+-------
+```
+ -----------------------------------------------------------------------------
+ Usage: CutyCapt --url=http://www.example.org/ --out=localfile.png            
+ -----------------------------------------------------------------------------
+  --help                         Print this help page and exit                
+  --url=<url>                    The URL to capture (http:...|file:...|...)   
+  --out=<path>                   The target file (.png|pdf|ps|svg|jpeg|...)   
+  --out-format=<f>               Like extension in --out, overrides heuristic 
+  --min-width=<int>              Minimal width for the image (default: 800)   
+  --min-height=<int>             Minimal height for the image (default: 600)  
+  --max-wait=<ms>                Don't wait more than (default: 90000, inf: 0)
+  --delay=<ms>                   After successful load, wait (default: 0)     
+  --user-style-path=<path>       Location of user style sheet file, if any    
+  --user-style-string=<css>      User style rules specified as text           
+  --header=<name>:<value>        request header; repeatable; some can't be set
+  --method=<get|post|put>        Specifies the request method (default: get)  
+  --body-string=<string>         Unencoded request body (default: none)       
+  --body-base64=<base64>         Base64-encoded request body (default: none)  
+  --app-name=<name>              appName used in User-Agent; default is none  
+  --app-version=<version>        appVers used in User-Agent; default is none  
+  --user-agent=<string>          Override the User-Agent header Qt would set  
+  --javascript=<on|off>          JavaScript execution (default: on)           
+  --java=<on|off>                Java execution (default: unknown)            
+  --plugins=<on|off>             Plugin execution (default: unknown)          
+  --private-browsing=<on|off>    Private browsing (default: unknown)          
+  --auto-load-images=<on|off>    Automatic image loading (default: on)        
+  --js-can-open-windows=<on|off> Script can open windows? (default: unknown)  
+  --js-can-access-clipboard=<on|off> Script clipboard privs (default: unknown)
+  --print-backgrounds=<on|off>   Backgrounds in PDF/PS output (default: off)  
+  --zoom-factor=<float>          Page zoom factor (default: no zooming)       
+  --zoom-text-only=<on|off>      Whether to zoom only the text (default: off) 
+  --http-proxy=<url>             Address for HTTP proxy server (default: none)
+ -----------------------------------------------------------------------------
+  <f> is svg,ps,pdf,itext,html,rtree,png,jpeg,mng,tiff,gif,bmp,ppm,xbm,xpm    
+ -----------------------------------------------------------------------------
+ http://cutycapt.sf.net - (c) 2003-2010 Bjoern Hoehrmann - bjoern@hoehrmann.de
+
+```
+
+Example Usage
+-------
+
+Links
+-------
+

tools/dirb.md

@@ -0,0 +1,59 @@
+# DirB
+
+Notes
+-------
+
+Help Text
+-------
+```
+-----------------
+DIRB v2.21    
+By The Dark Raver
+-----------------
+
+./dirb <url_base> [<wordlist_file(s)>] [options]
+
+========================= NOTES =========================
+ <url_base> : Base URL to scan. (Use -resume for session resuming)
+ <wordlist_file(s)> : List of wordfiles. (wordfile1,wordfile2,wordfile3...)
+
+======================== HOTKEYS ========================
+ 'n' -> Go to next directory.
+ 'q' -> Stop scan. (Saving state for resume)
+ 'r' -> Remaining scan stats.
+
+======================== OPTIONS ========================
+ -a <agent_string> : Specify your custom USER_AGENT.
+ -c <cookie_string> : Set a cookie for the HTTP request.
+ -f : Fine tunning of NOT_FOUND (404) detection.
+ -H <header_string> : Add a custom header to the HTTP request.
+ -i : Use case-insensitive search.
+ -l : Print "Location" header when found.
+ -N <nf_code>: Ignore responses with this HTTP code.
+ -o <output_file> : Save output to disk.
+ -p <proxy[:port]> : Use this proxy. (Default port is 1080)
+ -P <proxy_username:proxy_password> : Proxy Authentication.
+ -r : Don't search recursively.
+ -R : Interactive recursion. (Asks for each directory)
+ -S : Silent Mode. Don't show tested words. (For dumb terminals)
+ -t : Don't force an ending '/' on URLs.
+ -u <username:password> : HTTP Authentication.
+ -v : Show also NOT_FOUND pages.
+ -w : Don't stop on WARNING messages.
+ -X <extensions> / -x <exts_file> : Append each word with this extensions.
+ -z <milisecs> : Add a miliseconds delay to not cause excessive Flood.
+
+======================== EXAMPLES =======================
+ ./dirb http://url/directory/ (Simple Test)
+ ./dirb http://url/ -X .html (Test files with '.html' extension)
+ ./dirb http://url/ /usr/share/dirb/wordlists/vulns/apache.txt (Test with apache.txt wordlist)
+ ./dirb https://secure_url/ (Simple Test with SSL)
+
+```
+
+Example Usage
+-------
+
+Links
+-------
+

tools/dirbuster.md

@@ -0,0 +1,17 @@
+# DirBuster
+
+Notes
+-------
+
+Help Text
+-------
+```
+This is a graphical tool
+```
+
+Example Usage
+-------
+
+Links
+-------
+

webapp/index.md

@@ -46,9 +46,15 @@ Web Application Proxies
 Web Crawlers
 -----------
 
- * [tool](../tools/foo.md)
- * [tool](../tools/foo.md)
- * [tool](../tools/foo.md)
+ * [apache-users](../tools/apache-users.md)
+ * [burpsuite](../tools/burpsuite.md)
+ * [cutycapt](../tools/cutycapt.md)
+ * [dirb](../tools/dirb.md)
+ * [dirbuster](../tools/dirbuster.md)
+ * [owasp-zap](../tools/owasp-zap.md)
+ * [vega](../tools/vega.md)
+ * [webscarab](../tools/webscarab.md)
+ * [webslayer](../tools/webslayer.md)
 
 Web VUlnerability Scanners
 -----------