Nasur Ullah's repositories
Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
beanshooter
JMX enumeration and attacking tool.
bloghub
Blog Site
Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
BugBountyReportTemplates
List of reporting templates I have used since I started doing BBH.
BypassFuzzer
Fuzz 401/403/404 pages for bypasses
Car-Model-Data-Scraper
This Python script allows you to fetch detailed car model data from the Car Query API and export it to a CSV file. With powerful filtering options, you can tailor your search by manufacturer, model, variant, production year, and more. Explore, analyze, and visualize automotive data effortlessly!
ChatGPT-Bypass
Simple scripts that allows you to bypass content filtering in ChatGPT through the API
CVE-2023-36845
Juniper Firewalls CVE-2023-36845 - RCE
dotfiles
my dotfiles for ubuntu 22.04 gnome
HEDnsExtractor
raw html extractor from Hurricane Electric portal
HExHTTP
Header Exploitation HTTP
JADXecute
JADX-gui scripting plugin for dynamic decompiler manipulation
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
match-replace-burp
Useful "Match and Replace" burpsuite rules
owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
poc
RFI to XSS and Open redirect
Posts
Temporary dump of posts I eventually plan to publish on a proper site
quark-script
Collections of Quark Script that detect vulnerabilities in the binaries.
rmiscout
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
scanner
A lightweight Go-based port scanner that swiftly identifies open ports on specified IP addresses or hosts. It employs concurrent routines for efficient and accurate port identification, providing customizable port range options and supporting both TCP and UDP protocols.
SSRF_Vulnerable_Lab
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
waf-bypass
WAF Bypass Tool by Nemesida WAF Team
WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
xxe-lab
一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo