MU2324

CVE-2024-32640-SQLI-MuraCMS

CVE-2024-32640 | Automated SQLi Exploitation PoC

dork-generator

Google dork generator

dorkGen

Quickly create a list of dorks based on variables entered.

jfscan

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.

DNSenum

Bash script for DNS Enumeration.

rmap

Automated enumeration for red teamers

FindExploits

FindExploits is an automation script that uses windows exploit suggester in conjuction with searchsploit to find local priv escalation exploits.

mantis

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

AllAboutBugBounty

All about bug bounty (bypasses, payloads, and etc)

bypass-403

Go script for bypassing 403 forbidden

byp4xx

40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...

csrfBypass

JSON to Form URL Encoded Converter for CSRF Bypass and other use

lazyhunter

Lazyhunter is a tool which used to automate whole process from finding subdomain and use waybackurls to run gf scan. You just need to enter domain name and select vulnerability.

iprecon

Small script for automation of IP Recon

inside403

Inside403 is a powerful and versatile web security testing tool designed to assess the robustness of web pages and directories against 403 Forbidden errors. This tool is specifically crafted for security professionals, penetration testers, and ethical hackers who seek to identify potential vulnerabilities in web applications.

forbiddenpass

Log4j-RCE-Exploiter

Scanner for Log4j RCE CVE-2021-44228

WordList

Custom wordlist, updated regularly

xsschecker

xsschecker tool checking reflected endpoints finding possible xss vulnerable endpoints.

pvreplace

Mindmap

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

BugBountyBooks

A collection of PDF/books about the modern web application security and bug bounty.

Umbrella

A Phishing Dropper designed to Pentest.

NetworkSherlock

NetworkSherlock: powerful and flexible port scanning tool With Shodan

NETworkManager

A powerful tool for managing networks and troubleshoot network problems!

ipscan

Angry IP Scanner - fast and friendly network scanner

Bug-bounty

Ressources for bug bounty hunting

CVE-2019-7192_QNAP_Exploit

QNAP pre-auth root RCE Exploit (CVE-2019-7192 ~ CVE-2019-7195)

CVE-2017-7529

Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.