├── .github └── workflows │ └── lint_python.yml ├── .gitignore ├── Burp ├── conf │ ├── checklist.json │ ├── issues.json │ ├── owasptg.json │ └── wahh.json ├── hunt_methodology.py ├── hunt_scanner.py └── lib │ ├── __init__.py │ ├── close_tab.py │ ├── data.py │ ├── issue_listener.py │ ├── issues.py │ ├── link_listener.py │ ├── menu_action_listener.py │ ├── message_controller.py │ ├── methodology_settings_action.py │ ├── methodology_tsl.py │ ├── methodology_view.py │ ├── scanner_issue.py │ ├── scanner_table_listener.py │ ├── scanner_table_model.py │ ├── scanner_table_models.py │ ├── settings_action.py │ ├── tsl.py │ └── view.py ├── README.md ├── Remix ├── BurpRemix │ ├── build.gradle │ ├── gradle.properties │ ├── gradle │ │ └── wrapper │ │ │ ├── gradle-wrapper.jar │ │ │ └── gradle-wrapper.properties │ ├── gradlew │ ├── gradlew.bat │ ├── settings.gradle │ └── src │ │ └── main │ │ └── kotlin │ │ ├── BurpExtender.kt │ │ ├── HuntActions.kt │ │ ├── HuntData.kt │ │ ├── HuntFilters.kt │ │ ├── HuntListener.kt │ │ ├── HuntOptions.kt │ │ ├── HuntTab.kt │ │ └── HuntUtils.kt ├── README.md └── images │ └── huntrmxburp.png ├── ZAP └── scripts │ └── passive │ ├── CMDi.py │ ├── Debug & Logic Parameters.py │ ├── File Inclusion.py │ ├── IDOR.py │ ├── SQLi.py │ ├── SSRF.py │ └── SSTI.py ├── images ├── extension.png ├── jython.png ├── logo.png ├── methodology.png ├── passive_scanner.png ├── scanner.png └── target_scope.png ├── license └── slides ├── AppSecUSA 2017 - HUNT.pdf ├── DEF CON 25 - HUNT.pdf └── NBT4 - HUNT.pdf /.github/workflows/lint_python.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/.github/workflows/lint_python.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/.gitignore -------------------------------------------------------------------------------- /Burp/conf/checklist.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/conf/checklist.json -------------------------------------------------------------------------------- /Burp/conf/issues.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/conf/issues.json -------------------------------------------------------------------------------- /Burp/conf/owasptg.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/conf/owasptg.json -------------------------------------------------------------------------------- /Burp/conf/wahh.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/conf/wahh.json -------------------------------------------------------------------------------- /Burp/hunt_methodology.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/hunt_methodology.py -------------------------------------------------------------------------------- /Burp/hunt_scanner.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/hunt_scanner.py -------------------------------------------------------------------------------- /Burp/lib/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Burp/lib/close_tab.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/close_tab.py -------------------------------------------------------------------------------- /Burp/lib/data.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/data.py -------------------------------------------------------------------------------- /Burp/lib/issue_listener.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/issue_listener.py -------------------------------------------------------------------------------- /Burp/lib/issues.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/issues.py -------------------------------------------------------------------------------- /Burp/lib/link_listener.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/link_listener.py -------------------------------------------------------------------------------- /Burp/lib/menu_action_listener.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/menu_action_listener.py -------------------------------------------------------------------------------- /Burp/lib/message_controller.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/message_controller.py -------------------------------------------------------------------------------- /Burp/lib/methodology_settings_action.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/methodology_settings_action.py -------------------------------------------------------------------------------- /Burp/lib/methodology_tsl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/methodology_tsl.py -------------------------------------------------------------------------------- /Burp/lib/methodology_view.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/methodology_view.py -------------------------------------------------------------------------------- /Burp/lib/scanner_issue.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/scanner_issue.py -------------------------------------------------------------------------------- /Burp/lib/scanner_table_listener.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/scanner_table_listener.py -------------------------------------------------------------------------------- /Burp/lib/scanner_table_model.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/scanner_table_model.py -------------------------------------------------------------------------------- /Burp/lib/scanner_table_models.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/scanner_table_models.py -------------------------------------------------------------------------------- /Burp/lib/settings_action.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/settings_action.py -------------------------------------------------------------------------------- /Burp/lib/tsl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/tsl.py -------------------------------------------------------------------------------- /Burp/lib/view.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Burp/lib/view.py -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/README.md -------------------------------------------------------------------------------- /Remix/BurpRemix/build.gradle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/build.gradle -------------------------------------------------------------------------------- /Remix/BurpRemix/gradle.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/gradle.properties -------------------------------------------------------------------------------- /Remix/BurpRemix/gradle/wrapper/gradle-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/gradle/wrapper/gradle-wrapper.jar -------------------------------------------------------------------------------- /Remix/BurpRemix/gradle/wrapper/gradle-wrapper.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/gradle/wrapper/gradle-wrapper.properties -------------------------------------------------------------------------------- /Remix/BurpRemix/gradlew: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/gradlew -------------------------------------------------------------------------------- /Remix/BurpRemix/gradlew.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/gradlew.bat -------------------------------------------------------------------------------- /Remix/BurpRemix/settings.gradle: -------------------------------------------------------------------------------- 1 | rootProject.name = 'HUNT' -------------------------------------------------------------------------------- /Remix/BurpRemix/src/main/kotlin/BurpExtender.kt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/src/main/kotlin/BurpExtender.kt -------------------------------------------------------------------------------- /Remix/BurpRemix/src/main/kotlin/HuntActions.kt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/src/main/kotlin/HuntActions.kt -------------------------------------------------------------------------------- /Remix/BurpRemix/src/main/kotlin/HuntData.kt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/src/main/kotlin/HuntData.kt -------------------------------------------------------------------------------- /Remix/BurpRemix/src/main/kotlin/HuntFilters.kt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/src/main/kotlin/HuntFilters.kt -------------------------------------------------------------------------------- /Remix/BurpRemix/src/main/kotlin/HuntListener.kt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/src/main/kotlin/HuntListener.kt -------------------------------------------------------------------------------- /Remix/BurpRemix/src/main/kotlin/HuntOptions.kt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/src/main/kotlin/HuntOptions.kt -------------------------------------------------------------------------------- /Remix/BurpRemix/src/main/kotlin/HuntTab.kt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/src/main/kotlin/HuntTab.kt -------------------------------------------------------------------------------- /Remix/BurpRemix/src/main/kotlin/HuntUtils.kt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/BurpRemix/src/main/kotlin/HuntUtils.kt -------------------------------------------------------------------------------- /Remix/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/README.md -------------------------------------------------------------------------------- /Remix/images/huntrmxburp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/Remix/images/huntrmxburp.png -------------------------------------------------------------------------------- /ZAP/scripts/passive/CMDi.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/ZAP/scripts/passive/CMDi.py -------------------------------------------------------------------------------- /ZAP/scripts/passive/Debug & Logic Parameters.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/ZAP/scripts/passive/Debug & Logic Parameters.py -------------------------------------------------------------------------------- /ZAP/scripts/passive/File Inclusion.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/ZAP/scripts/passive/File Inclusion.py -------------------------------------------------------------------------------- /ZAP/scripts/passive/IDOR.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/ZAP/scripts/passive/IDOR.py -------------------------------------------------------------------------------- /ZAP/scripts/passive/SQLi.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/ZAP/scripts/passive/SQLi.py -------------------------------------------------------------------------------- /ZAP/scripts/passive/SSRF.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/ZAP/scripts/passive/SSRF.py -------------------------------------------------------------------------------- /ZAP/scripts/passive/SSTI.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/ZAP/scripts/passive/SSTI.py -------------------------------------------------------------------------------- /images/extension.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/images/extension.png -------------------------------------------------------------------------------- /images/jython.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/images/jython.png -------------------------------------------------------------------------------- /images/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/images/logo.png -------------------------------------------------------------------------------- /images/methodology.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/images/methodology.png -------------------------------------------------------------------------------- /images/passive_scanner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/images/passive_scanner.png -------------------------------------------------------------------------------- /images/scanner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/images/scanner.png -------------------------------------------------------------------------------- /images/target_scope.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/images/target_scope.png -------------------------------------------------------------------------------- /license: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/license -------------------------------------------------------------------------------- /slides/AppSecUSA 2017 - HUNT.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/slides/AppSecUSA 2017 - HUNT.pdf -------------------------------------------------------------------------------- /slides/DEF CON 25 - HUNT.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/slides/DEF CON 25 - HUNT.pdf -------------------------------------------------------------------------------- /slides/NBT4 - HUNT.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/blackhatethicalhacking/HUNT/HEAD/slides/NBT4 - HUNT.pdf --------------------------------------------------------------------------------