Arsenal, Downloads, golang, Hacking Tools, Wayback Machine, Wordlists, Wrapper, XSS, XSS Detection

Arsenal – Recon Tool installer

Arsenal is a Simple shell script (Bash) used to install the most important tools and requirements for your environment and save time in installing all these tools.

Tools in Arsenal

AmassThe OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques
ffufA fast web fuzzer written in Go
dnsXFast and multi-purpose DNS toolkit allow to run multiple DNS queries
megmeg is a tool for fetching lots of URLs but still being ‘nice’ to servers
gfA wrapper around grep to avoid typing common patterns
XnLinkFinderThis is a tool used to discover endpoints crawling a target
httpXhttpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads
GobusterGobuster is a tool used to brute-force (DNS,Open Amazon S3 buckets,Web Content)
NucleiNuclei tool is Golang Language-based tool used to send requests across multiple targets based on nuclei templates leading to zero false positive or irrelevant results and provides fast scanning on various host
SubfinderSubfinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and is optimized for speed. subfinder is built for doing one thing only – passive subdomain enumeration, and it does that very well
NaabuNaabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply
assetfinderFind domains and subdomains potentially related to a given domain
httprobeTake a list of domains and probe for working http and https servers
knockpyKnockpy is a python3 tool designed to quickly enumerate subdomains on a target domain through dictionary attack
waybackurlfetch known URLs from the Wayback Machine for *.domain and output them on stdout
LogsensorA Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning
SubzySubdomain takeover tool which works based on matching response fingerprints from can-i-take-over-xyz
Xss-strikeAdvanced XSS Detection Suite
AltdnsSubdomain discovery through alterations and permutations
NosqlmapNoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database
ParamSpiderParameter miner for humans
GoSpiderGoSpider – Fast web spider written in Go
eyewitnessEyeWitness is a Python tool written by @CptJesus and @christruncer. It’s goal is to help you efficiently assess what assets of your target to look into first.
CRLFuzzA fast tool to scan CRLF vulnerability written in Go
DontGO403dontgo403 is a tool to bypass 40X errors
ChameleonChameleon provides better content discovery by using wappalyzer’s set of technology fingerprints alongside custom wordlists tailored to each detected technologies
uncoveruncover is a go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet. It is built with automation in mind, so you can query it and utilize the results with your current pipeline tools
wpscanWordPress Security Scanner

Requirements in Arsenal

  • Python3
  • Git
  • Ruby
  • Wget
  • GO-Lang
  • Rust:fast:

Go-lang installation

 sudo apt-get remove -y golang-go
sudo rm -rf /usr/local/go
sudo tar -xvf go1.19.1.linux-amd64.tar.gz
sudo mv go /usr/local
nano /etc/profile or .profile
export GOPATH=$HOME/go
export PATH=$PATH:/usr/local/go/bin
export PATH=$PATH:$GOPATH/bin
source /etc/profile #to update you shell dont worry

How to install

git clone
cd Arsenal
sudo chmod +x
sudo ./

Source : KitPloit – PenTest Tools!

Previous ArticleNext Article
Send this to a friend