GH0ST_3exP10it 's repositories
B-XSSRF
Toolkit to detect and keep track on Blind XSS, XXE & SSRF
Bashter
Web Crawler, Scanner, and Analyzer Framework (Shell-Script based)
bigipsecurity
This document describes common misconfigurations of F5 Networks BigIP systems.
CVE-2017-5487
POC of CVE-2017-5487 + tool
DNSExfiltrator
Data exfiltration over DNS request covert channel
exploit-CVE-2016-10033
PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container
extended-xss-search
A better version of my xssfinder tool - scans for different types of xss on a list of urls.
FakeRoot
Install fake root in termux
githack
A .git/ folder disclosure exploit
LANscan
Find out who is on your LAN. Was made with low-privilege users in mind...
Laravel-PhpUnit-Rce-And-Get-Env-Exploiter
Laravel PhpUnit Rce And Get Env Exploiter
LinksDumper
Extract (links/possible endpoints) from responses & filter them via decoding/sorting
MARA_Framework
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
MatchandReplace
Match and Replace script used to automatically generate JSON option file to BurpSuite
NetAss2
Network Security Assessment Assistance Framework (PenTest Toolkit).
old-repos-backup
Back-up of my old unmaintained GitHub repositories
OOB-Server
A Bind9 server for pentesters to use for Out-of-Band vulnerabilities
opencart-bruteforce
Opencart Bruteforce and Upload Image
parameth
This tool can be used to brute discover GET and POST parameters
posh-discovery
[alpha] A set of scripts useful to run on a compromised Windows OS to map the attack surface (find of open ports, live hosts, etc.) from that Pivot. This toolkit aims to be complementary to framework that directly play with Active Directory objects.
s3_vulr
This tools is use for finding AWS S3 bucket vulrnablity base on hackerone report. Idea of making this tool came from Hackerone report "https://hackerone.com/reports/128088"
SourceFu
hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Current status: birth. Based on ANTLR
SpyAppClient
An android Spy app using FireBase
SVScanner
SVScanner - Scanner Vulnerability And MaSsive Exploit.
swaraVM
SwaraVM is a mobile security virtual machine that aggregates tools and resources that are commonly used for network traffic analysis, malware analysis, digital forensics, vulnerability research and exploitation, reverse engineering, mobile and web application assessment, alongside a variety of mobile application practice labs.
TalentRAT
……(o^^o) happy project for android rat
webshell-1
web shell,php shell ,bypass shell , web hack,symlink