hahwul
Repos
113
Followers
1653
Following
35

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

2400
450

🌙🦊 DalFox is an powerful open source XSS scanning tool and parameter analyzer, utility

2170
268

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

566
79

🔱 Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎

697
171

Powerfull XSS Scanning and Parameter analysis tool&gem

866
190

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

309
38

Events

Improve code

Add lang images

Created at 3 days ago
Created at 3 days ago

Add Oralyzer

Created at 3 days ago

Add Web3 Decoder

Created at 3 days ago
Created at 3 days ago
closed issue
CVE-2022-28948: upgrade to gopkg.in/yaml.v3
  • https://github.com/hahwul/dalfox/security/dependabot/1
  • https://github.com/advisories/GHSA-hp87-p4gw-j4gq

go mod why gopkg.in/yaml.v2
# gopkg.in/yaml.v2
github.com/hahwul/dalfox/v2/pkg/server/docs
github.com/swaggo/swag
github.com/go-openapi/spec
github.com/go-openapi/swag
gopkg.in/yaml.v2
Created at 3 days ago
issue comment
Dalfox Not Testing Blind XSS

@tekcap Thank you for the report! Let me check again :D

  • https://github.com/hahwul/dalfox/issues/416
Created at 3 days ago
issue comment
Optionally include HTTP Request and Response in the JSON output

@kmcquade Oh yes, this is really important, too! roll up my sleeves. thank you so much :D

Created at 3 days ago

Bump github.com/stretchr/testify from 1.8.0 to 1.8.1

Bumps github.com/stretchr/testify from 1.8.0 to 1.8.1.


updated-dependencies:

  • dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com

Merge branch 'main' into dependabot/go_modules/github.com/stretchr/testify-1.8.1

Merge pull request #418 from hahwul/dependabot/go_modules/github.com/stretchr/testify-1.8.1

Bump github.com/stretchr/testify from 1.8.0 to 1.8.1

Created at 3 days ago
pull request closed
Bump github.com/stretchr/testify from 1.8.0 to 1.8.1

Bumps github.com/stretchr/testify from 1.8.0 to 1.8.1.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Created at 3 days ago
issue comment
Include certain messages that are in the command line in the JSON output

@kmcquade Thank you very much for your opinion! I'll need some time to think about it, but I'll make it well😉

Created at 3 days ago
issue comment
Bump github.com/stretchr/testify from 1.8.0 to 1.8.1

Fixed conflict

Created at 3 days ago

Bump github.com/labstack/echo/v4 from 4.9.0 to 4.9.1

Bumps github.com/labstack/echo/v4 from 4.9.0 to 4.9.1.


updated-dependencies:

  • dependency-name: github.com/labstack/echo/v4 dependency-type: direct:production update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com

Bump github.com/spf13/cobra from 1.6.0 to 1.6.1

Bumps github.com/spf13/cobra from 1.6.0 to 1.6.1.


updated-dependencies:

  • dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com

chore: update contributors [skip ci]

Bump github.com/swaggo/swag from 1.8.6 to 1.8.8

Bumps github.com/swaggo/swag from 1.8.6 to 1.8.8.


updated-dependencies:

  • dependency-name: github.com/swaggo/swag dependency-type: direct:production update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com

--remote-payloads: fix typo 'paylaodbox' [issue 426]

Merge pull request #427 from dkegel-fastly/dkegel-issue426-payloadbox-typo

--remote-payloads: fix typo 'paylaodbox' [issue 426]

chore: update contributors [skip ci]

Merge pull request #425 from hahwul/dependabot/go_modules/github.com/swaggo/swag-1.8.8

Bump github.com/swaggo/swag from 1.8.6 to 1.8.8

Merge pull request #419 from hahwul/dependabot/go_modules/github.com/spf13/cobra-1.6.1

Bump github.com/spf13/cobra from 1.6.0 to 1.6.1

Merge pull request #415 from hahwul/dependabot/go_modules/github.com/labstack/echo/v4-4.9.1

Bump github.com/labstack/echo/v4 from 4.9.0 to 4.9.1

Merge branch 'main' into dependabot/go_modules/github.com/stretchr/testify-1.8.1

Created at 3 days ago

Bump github.com/labstack/echo/v4 from 4.9.0 to 4.9.1

Bumps github.com/labstack/echo/v4 from 4.9.0 to 4.9.1.


updated-dependencies:

  • dependency-name: github.com/labstack/echo/v4 dependency-type: direct:production update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #415 from hahwul/dependabot/go_modules/github.com/labstack/echo/v4-4.9.1

Bump github.com/labstack/echo/v4 from 4.9.0 to 4.9.1

Created at 3 days ago
pull request closed
Bump github.com/labstack/echo/v4 from 4.9.0 to 4.9.1

Bumps github.com/labstack/echo/v4 from 4.9.0 to 4.9.1.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Created at 3 days ago

Bump github.com/spf13/cobra from 1.6.0 to 1.6.1

Bumps github.com/spf13/cobra from 1.6.0 to 1.6.1.


updated-dependencies:

  • dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #419 from hahwul/dependabot/go_modules/github.com/spf13/cobra-1.6.1

Bump github.com/spf13/cobra from 1.6.0 to 1.6.1

Created at 3 days ago
pull request closed
Bump github.com/spf13/cobra from 1.6.0 to 1.6.1

Bumps github.com/spf13/cobra from 1.6.0 to 1.6.1.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Created at 3 days ago

Bump github.com/swaggo/swag from 1.8.6 to 1.8.8

Bumps github.com/swaggo/swag from 1.8.6 to 1.8.8.


updated-dependencies:

  • dependency-name: github.com/swaggo/swag dependency-type: direct:production update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #425 from hahwul/dependabot/go_modules/github.com/swaggo/swag-1.8.8

Bump github.com/swaggo/swag from 1.8.6 to 1.8.8

Created at 3 days ago
pull request closed
Bump github.com/swaggo/swag from 1.8.6 to 1.8.8

Bumps github.com/swaggo/swag from 1.8.6 to 1.8.8.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Created at 3 days ago
closed issue
payloadbox payload load fail ?

Describe the bug

When running the command

dalfox url http://localhost --no-spinner --remote-payloads=payloadbox,portswigger

Log shows:

[*] payloadbox payload load fail..
[I] A 'portswigger' payloads has been loaded [1046L / 67K]  

Environment

  • Dalfox Version: v2.8.2
  • Installed from: (e.g go-get)
Created at 3 days ago

--remote-payloads: fix typo 'paylaodbox' [issue 426]

Merge pull request #427 from dkegel-fastly/dkegel-issue426-payloadbox-typo

--remote-payloads: fix typo 'paylaodbox' [issue 426]

Created at 3 days ago
pull request closed
--remote-payloads: fix typo 'paylaodbox' [issue 426]

a zero-bit change, really :-)

Fixes https://github.com/hahwul/dalfox/issues/426

Created at 3 days ago
issue comment
--remote-payloads: fix typo 'paylaodbox' [issue 426]

Oh this was a serious error. Thank you so much for solving it nicely.

Created at 3 days ago

Add go.mod and Deploy page

Signed-off-by: hahwul hahwul@gmail.com

Created at 3 days ago

Update data.json

Add ggshield, the GitGuardian CLI for detecting hardcoded secrets in source control, CI/CD pipelines, dev workstations and Docker images.

Merge pull request #12 from ziadghalleb/patch-1

Update data.json

Created at 3 days ago
pull request closed
Update data.json

Add ggshield, the GitGuardian CLI for detecting hardcoded secrets in source control, CI/CD pipelines, dev workstations and Docker images.

Created at 3 days ago