Alternatives and detailed information of Htrace.sh

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Stars: ✭ 1,824 (-47.36%)

Mutual labels: security-tools, nmap

nmap-nse-modules

My collection of nmap nse modules

Stars: ✭ 59 (-98.3%)

Mutual labels: nmap, nmap-scripts

Cerberus

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

Stars: ✭ 389 (-88.77%)

Mutual labels: security-tools, waf

webnettools

Web Net Tools is a web frontend for some useful command line tooling. It provides especially an web frontend for tools like testssl.sh and nmap.

Stars: ✭ 33 (-99.05%)

Mutual labels: nmap, testssl

Wasmite

Now WebAssembly has proper testing, unit-testing and debugging 🤗

Stars: ✭ 20 (-99.42%)

Mutual labels: testing-tools, debugging-tools

Vxscan

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

Stars: ✭ 1,244 (-64.1%)

Mutual labels: security-tools, waf

NSE-scripts

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Stars: ✭ 105 (-96.97%)

Mutual labels: nmap, nmap-scripts

Awesome Test Automation

A curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com

Stars: ✭ 4,712 (+35.99%)

Mutual labels: security-tools, testing-tools

Security Scripts

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

Stars: ✭ 188 (-94.57%)

Mutual labels: security-tools, nmap

Hellraiser

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Stars: ✭ 413 (-88.08%)

Mutual labels: security-tools, nmap

ivre

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Stars: ✭ 2,712 (-21.73%)

Mutual labels: nmap, nmap-scripts

A Red Teamer Diaries

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Stars: ✭ 382 (-88.98%)

Mutual labels: security-tools, nmap

Envizon

network visualization & vulnerability management/reporting

Stars: ✭ 382 (-88.98%)

Mutual labels: security-tools, nmap

ObsidianSailboat

Nmap and NSE command line wrapper in the style of Metasploit

Stars: ✭ 36 (-98.96%)

Mutual labels: nmap, nmap-scripts

nse

Nmap NSE scripts

Stars: ✭ 23 (-99.34%)

Mutual labels: nmap, nmap-scripts

View All Similar Projects ➔

_{Created by
trimstray and
contributors}

Description

htrace.sh is a shell script for http/https troubleshooting and profiling. It's also a simple wrapper around several open source security tools.

For a more detailed understanding of htrace.sh, its parameters, functions and how it all works, run htrace.sh --examples or see the Wiki.

Preview

How To Use

To install htrace.sh itself:

# Clone this repository
git clone https://github.com/trimstray/htrace.sh

# Go into directory
cd htrace.sh

# Install
sudo ./setup.sh install

# Install dependencies (Debian 8/9, Ubuntu 18.x and MacOS support)
#   - recommend build docker image or install dependencies manually
#   - before init please see what it does and which packages are available on your repository
sudo ./dependencies.sh

# Show examples
htrace.sh --examples

# Run the app
htrace.sh -u https://nmap.org -s -h

symlink to bin/htrace.sh is placed in /usr/local/bin

man page is placed in /usr/local/man/man8

or build docker image:

# Clone this repository
git clone https://github.com/trimstray/htrace.sh

# Go into directory and build docker image
cd htrace.sh && build/build.sh

# Run the app
docker run --rm -it --name htrace.sh htrace.sh -u https://nmap.org -s -h

Parameters

Provides the following options:

    htrace.sh v1.1.7

  Usage:

    htrace.sh <option|long-option> [value]

  Examples:

    htrace.sh -u https://example.com -s -h -b
    htrace.sh -u https://example.com --all-scans

  Options:

        --help                                show this message
        --version                             show script version
        --examples                            show script examples

    Standard:

        -u|--url <value>                      set target url with http/https protocol
        -s|--ssl                              show basic ssl server/connection parameters
        -h|--headers                          show response headers
        -b|--body                             show response body
        -M|--req-method <value>               set request method (default: GET)
        -H|--req-header <value>               set request header(s)
        -p|--proxy <value>                    set proxy server (not for external tools)
        -r|--resolve <value>                  resolve the host+port to this address
        -i|--iface <value>                    set network interface (or address)
        -a|--all-scans                        use all external security tools

    Security tools:

        --testssl                             test ssl protocols and ciphers (testssl.sh)
        --observatory                         analyze website headers (mozilla observatory)
        --ssllabs                             deep analysis of the ssl web server (ssllabs)
        --mixed-content                       scan website for non-secure resources (mixed-content-scan)
        --nse                                 scan website and domain with nse library (nmap)
        --waf                                 detect and bypass web application firewalls (wafw00f)
        --dns                                 enumerate subdomains (subfinder) and perform zone transfer
        --http2                               test HTTP/2 (nghttp2)

    Extended:

        --ssl-bin <path>                      set path to the openssl bin
        --ssl-debug                           debug ssl connection
        --cache-bypass <value>                try (proxy) cache bypass
        --user-agent <value>                  set 'User-Agent' header
        --referer <value>                     set 'Referer' header
        --auth <value>                        set authentication method
        --httpv <value>                       set http version
        --tlsv <value>                        set tls version
        --ciph <value>                        set of cryptographic algorithm
        --max-redirects <num>                 set max redirects (default: 10)
        --timeout <num>                       set max timeout (default: 15)
        --hide-src-ip                         hide source ip from output

Contributing

See this.

Code Contributors

This project exists thanks to all the people who contribute.

License

GPLv3 : http://www.gnu.org/licenses/

Free software, Yeah!

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

trimstray / Htrace.sh

Programming Languages

Labels

Projects that are alternatives of or similar to Htrace.sh

Description

Preview

How To Use

Parameters

Contributing

Code Contributors

License