8000 GitHub - foorw1nner/hiddenrecon: Your perfect recognition for HTMLi and XSS
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

foorw1nner/hiddenrecon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
README.md
README.md
 
 
hiddenrecon.sh
hiddenrecon.sh
 
 

Repository files navigation

Hidden Recon

Are you tired of the same old parameter recognition? active crawling with katana or passive crawling pulling urls from waybackarchive, commoncrawl, alienvault...

Well then maybe this tool is for you.

With the -ihs option you can find hidden entries waiting for a value in a web application, formatting in its original url hiddenrecon increases your chance of success in a string reflection.

Empty "data-" custom attributes, are most of the time expecting a value, it won't always come from the url but it's not bad to test xD... for that use -eda

I created hiddenrecon based on the "Airi" tool from my personal friend @ferreiraklet, please take a look, it's an incredible tool! https://github.com/ferreiraklet/airi

image

What exactly does the tool do?

-ihs

image

-eda

image

Remembering that you can use -ihs and -eda together :) ! Thank you see you later!

Installation

▶ git clone https://github.com/foorw1nner/hiddenrecon.git
▶ cd hiddenrecon
▶ chmod +x hiddenrecon.sh

Usage

[buffers] | ./hiddenrecon.sh [flags]

Example

cat urls.txt | ./hiddenrecon.sh -ihs -eda

About

Your perfect recognition for HTMLi and XSS

Resources

Readme
Activity

Stars

19 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
0