diff --git a/tools/apache-users.md b/tools/apache-users.md new file mode 100644 index 0000000..21ecf84 --- /dev/null +++ b/tools/apache-users.md @@ -0,0 +1,17 @@ +# apache-users + +Notes +------- + +Help Text +------- +``` +USAGE: apache.pl [-h 1.2.3.4] [-l names] [-p 80] [-s (SSL Support 1=true 0=false)] [-e 403 (http code)] [-t threads] +``` + +Example Usage +------- + +Links +------- + diff --git a/tools/cutycap.md b/tools/cutycap.md new file mode 100644 index 0000000..fdfb99b --- /dev/null +++ b/tools/cutycap.md @@ -0,0 +1,52 @@ +# CutyCapt + +Notes +------- + +Help Text +------- +``` + ----------------------------------------------------------------------------- + Usage: CutyCapt --url=http://www.example.org/ --out=localfile.png + ----------------------------------------------------------------------------- + --help Print this help page and exit + --url= The URL to capture (http:...|file:...|...) + --out= The target file (.png|pdf|ps|svg|jpeg|...) + --out-format= Like extension in --out, overrides heuristic + --min-width= Minimal width for the image (default: 800) + --min-height= Minimal height for the image (default: 600) + --max-wait= Don't wait more than (default: 90000, inf: 0) + --delay= After successful load, wait (default: 0) + --user-style-path= Location of user style sheet file, if any + --user-style-string= User style rules specified as text + --header=: request header; repeatable; some can't be set + --method= Specifies the request method (default: get) + --body-string= Unencoded request body (default: none) + --body-base64= Base64-encoded request body (default: none) + --app-name= appName used in User-Agent; default is none + --app-version= appVers used in User-Agent; default is none + --user-agent= Override the User-Agent header Qt would set + --javascript= JavaScript execution (default: on) + --java= Java execution (default: unknown) + --plugins= Plugin execution (default: unknown) + --private-browsing= Private browsing (default: unknown) + --auto-load-images= Automatic image loading (default: on) + --js-can-open-windows= Script can open windows? (default: unknown) + --js-can-access-clipboard= Script clipboard privs (default: unknown) + --print-backgrounds= Backgrounds in PDF/PS output (default: off) + --zoom-factor= Page zoom factor (default: no zooming) + --zoom-text-only= Whether to zoom only the text (default: off) + --http-proxy= Address for HTTP proxy server (default: none) + ----------------------------------------------------------------------------- + is svg,ps,pdf,itext,html,rtree,png,jpeg,mng,tiff,gif,bmp,ppm,xbm,xpm + ----------------------------------------------------------------------------- + http://cutycapt.sf.net - (c) 2003-2010 Bjoern Hoehrmann - bjoern@hoehrmann.de + +``` + +Example Usage +------- + +Links +------- + diff --git a/tools/dirb.md b/tools/dirb.md new file mode 100644 index 0000000..49d44c3 --- /dev/null +++ b/tools/dirb.md @@ -0,0 +1,59 @@ +# DirB + +Notes +------- + +Help Text +------- +``` +----------------- +DIRB v2.21 +By The Dark Raver +----------------- + +./dirb [] [options] + +========================= NOTES ========================= + : Base URL to scan. (Use -resume for session resuming) + : List of wordfiles. (wordfile1,wordfile2,wordfile3...) + +======================== HOTKEYS ======================== + 'n' -> Go to next directory. + 'q' -> Stop scan. (Saving state for resume) + 'r' -> Remaining scan stats. + +======================== OPTIONS ======================== + -a : Specify your custom USER_AGENT. + -c : Set a cookie for the HTTP request. + -f : Fine tunning of NOT_FOUND (404) detection. + -H : Add a custom header to the HTTP request. + -i : Use case-insensitive search. + -l : Print "Location" header when found. + -N : Ignore responses with this HTTP code. + -o : Save output to disk. + -p : Use this proxy. (Default port is 1080) + -P : Proxy Authentication. + -r : Don't search recursively. + -R : Interactive recursion. (Asks for each directory) + -S : Silent Mode. Don't show tested words. (For dumb terminals) + -t : Don't force an ending '/' on URLs. + -u : HTTP Authentication. + -v : Show also NOT_FOUND pages. + -w : Don't stop on WARNING messages. + -X / -x : Append each word with this extensions. + -z : Add a miliseconds delay to not cause excessive Flood. + +======================== EXAMPLES ======================= + ./dirb http://url/directory/ (Simple Test) + ./dirb http://url/ -X .html (Test files with '.html' extension) + ./dirb http://url/ /usr/share/dirb/wordlists/vulns/apache.txt (Test with apache.txt wordlist) + ./dirb https://secure_url/ (Simple Test with SSL) + +``` + +Example Usage +------- + +Links +------- + diff --git a/tools/dirbuster.md b/tools/dirbuster.md new file mode 100644 index 0000000..a1a4052 --- /dev/null +++ b/tools/dirbuster.md @@ -0,0 +1,17 @@ +# DirBuster + +Notes +------- + +Help Text +------- +``` +This is a graphical tool +``` + +Example Usage +------- + +Links +------- + diff --git a/webapp/index.md b/webapp/index.md index bdc5f05..ffc7e8c 100644 --- a/webapp/index.md +++ b/webapp/index.md @@ -46,9 +46,15 @@ Web Application Proxies Web Crawlers ----------- - * [tool](../tools/foo.md) - * [tool](../tools/foo.md) - * [tool](../tools/foo.md) + * [apache-users](../tools/apache-users.md) + * [burpsuite](../tools/burpsuite.md) + * [cutycapt](../tools/cutycapt.md) + * [dirb](../tools/dirb.md) + * [dirbuster](../tools/dirbuster.md) + * [owasp-zap](../tools/owasp-zap.md) + * [vega](../tools/vega.md) + * [webscarab](../tools/webscarab.md) + * [webslayer](../tools/webslayer.md) Web VUlnerability Scanners -----------