Hi friends?! I shared post the applications settings in ZAP yesterday. I’m going to share some of the settings that I was writing separately today. Let’s get started, my go-to settings :)
ZAP Send to Any tools
Send to Burp Scanner
- Full Command:
/usr/local/bin/curl - Parameters:
-i -k 127.0.0.1:1337 -X POST -d '{"urls":["%url%"]}' -H 'Content-Type: application/json;'
POST /scan HTTP/1.1
Host: 127.0.0.1:1337
{
"urls":["https://www.hahwul.com"]
}
Send to SQLMap
SQLMAP(GET)
- Full Command:
/usr/local/bin/sqlmap - Parameters:
--dbs --no-cast --random-agent -u %url% --cookie %cookie%
SQLMAP(POST)
- Full Command:
/usr/local/bin/sqlmap - Parameters:
--dbs --no-cast --random-agent -u %url% --cookie=%cookie% --data=%postdata%
Send to A2SV
- Full Command:
/usr/local/bin/a2sv - Parameters:
-t %host% -p %port%
Send to ddp(dotdotpwn)
- Full Command:
/Users/hahwul/HAHWUL/tool/dotdotpwn/dotdotpwn.pl - Parameters:
-m http-url -h %host% -u %url% -k "root:"
e.g
https://127.0.0.1/lib/file_download.asp?FilePath=TRAVERSAL
Send to Arachni
Add scan to arachni
- Full Command:
/usr/local/bin/arachni-cli - Parameters:
--output-verbose --scope-include-subdomains %url%
Only xss
- Full Command:
/usr/local/bin/arachni-cli - Parameters:
%url% --checks=xss*
Send to Arjun
GET
- Full Command:
python3 /app/arjun.py - Parameters:
-u %url% --get --headers "Cookie: %cookie%"
POST
- Full Command:
python3 /app/arjun.py - Parameters:
-u %url% --post --headers "Cookie: %cookie%"
My Private Setting?
Secret :P
