webapp-exploit-hunterlisted

# Webapp Exploit Hunter Intelligent web application vulnerability scanner. Context-aware testing that adapts to the target's technology stack. ## Important CRITICAL: Only test web applications you have explicit authorization to test (pentest agreement, bug bounty program, or own infrastructure). ## Instructions ### Step 1: Target Setup Accept input as: 1. Single domain or URL 2. List of domains/URLs (from recon-dominator output or manual list) 3. Specific endpoint to test For each target, determine: - Is it in scope? - What technology stack is it running? (use tech_fingerprint.py from recon-dominator or fingerprint inline) - Are there any testing restrictions (rate limits, no automated scanning, etc.)? ### Step 2: Crawling and Endpoint Discovery ```bash python scripts/crawler.py --target {url} --depth 3 ``` Intelligent crawling: 1. Spider all linked pages up to configured depth 2. Extract forms and input parameters 3. Identify API endpoints from JavaScript files 4. Parse robots.txt and sitemap.xml for hidden paths 5. Fuzz for common hidden endpoints Output: Structured map of all endpoints with parameters. ### Step 3: Parameter Classification For each discovered parameter, classify: - **Input type**: string, numeric, email, URL, file path, JSON, XML - **Reflection**: Is input reflected in response? Where? (HTML body, attribute, JS, header) - **Sink type**: Database query, file system, HTTP request, template, command, redirect - **Authentication**: Does the endpoint