Ko Ko Naing's repositories
CVE-2020-25515
Unrestricted File Upload in Simple Library Management System 1.0
Attiny85
RubberDucky like payloads for DigiSpark Attiny85
awesome-google-vrp-writeups
🐛 A list of writeups from the Google VRP Bug Bounty program
Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
CTF
CTF chall write-ups, files, scripts etc (trying to be more organised LOL)
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
devsecops-gitlab-java-vulnerable-application
DevSecOps Training
dvna
Damn Vulnerable NodeJS Application
envizon
network visualization & pentest reporting
HowToHunt
Collection of methodology and test case for various web vulnerabilities.
icmpdoor
ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)
Insecure-Firebase-Exploit
A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.
java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
kiterunner
Contextual Content Discovery Tool
MonkeyDev
CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.
noPac
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
petereport
PeTeReport is an open-source application vulnerability reporting tool.
PRET
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
pwndoc
Pentest Report Generator
PwnKit
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
saycheese
Grab target's webcam shots by link
spring-spel-0day-poc
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP
xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档