Tool name: Helium Core Community
Version: 1.2.4
Homepage: https://core.helium.sh
Repository: https://github.com/CyberArmyID/Helium-Core-Community
License: Proprietary Freeware
Architecture: amd64 and arm64
Package:
- Helium-Core-Community_1.2.4_amd64.deb
- Helium-Core-Community_1.2.4_arm64.deb
Helium Core Community is the free version of our professional application security testing platform developed by CyberArmyID. Built for ethical hackers an enterprises who need comprehensive application security auditing capabilities.
Key Features:
� HTTP Traffic Analysis
Proxy Controller - Intercepts and analyzes HTTP/HTTPS traffic in real-time
HTTP History - Records and manages all intercepted requests/responses
Sitemap Generation - Automatically maps application structure and endpoints
WebSocket History - Tracks and analyzes WebSocket communications
� Security Testing Tools
Advanced Fuzzer - Automated payload testing with multiple attack modes:
Single-shot - Targeted single payload attacks
Mirror-strike - Reflection-based testing
Parallel-blades - Concurrent multi-vector attacks
Payload-storm - High-intensity fuzzing campaigns
Repeater - Manual request modification and replay functionality
Target Scope Management - Define in-scope/out-of-scope targets with precision
Wordlist Management - Custom payload dictionaries and attack patterns
� Attack Surface Scanner
Subdomain Discovery - Automatically discovers subdomains for browsed domains
Port & Service Detection - Identifies open ports and running services on discovered hosts
WebTech Detection - Technology stack identification and fingerprinting
Attack Surface Analytics - Comprehensive metrics and insights:
Port Analytics - Statistical analysis of discovered ports
Subdomain Analytics - Subdomain discovery metrics
Technology Analytics - Web technology distribution analysis
�️ Website Scanner
Passive Vulnerability Scanner - Non-intrusive security analysis with 40+ scan rules:
Security Headers - CSP, HSTS, X-Frame-Options, X-Content-Type-Options analysis
Cookie Security - Secure flags, HttpOnly, SameSite attribute validation
Information Disclosure - Debug errors, version headers, sensitive comment detection
Authentication Issues - Insecure authentication mechanism identification
Input Validation - XSS, CSRF, user-controlled parameter analysis
Web Spider - Intelligent crawling and endpoint discovery:
Configurable Depth - Customizable crawling limits and scope management
Form Discovery - Automatic form detection and processing
Metadata Extraction - Git, SVN, .DS_Store file discovery
Authentication Support - Crawling of protected application areas
OWASP-Aligned Security Checks - Industry-standard vulnerability detection
Risk Assessment - Detailed confidence levels and impact analysis
Intelligent Threading - Dynamic worker allocation based on system specifications
� Utility Tools
Decoder/Encoder - Comprehensive encoding/decoding toolkit:
URL Encoding/Decoding - Handle URL-encoded data
Base64 Operations - Encode/decode Base64 data
HTML Entity Handling - HTML encoding/decoding
Hex Operations - Hexadecimal encoding/decoding
GZIP Compression - Compress/decompress data
Hash Functions - Generate various hash types
Smart Decode - Automatic detection and decoding
HTTPQL Query Language - Advanced filtering syntax for HTTP data analysis
� Data Management
Workspace System - Project-based organization with dedicated database per workspace
Request/Response Storage - Persistent storage of raw and parsed HTTP data
Comprehensive Logging - Detailed activity tracking and audit trails
Filter Templates - Advanced query capabilities with HTTPQL syntax
Export Capabilities - Workspace data export functionality
Template System - Reusable filter and query templates | 