Muhammad Ahsan's repositories
WAF-bypass-xss-payloads
Xss payload for bypassing waf
KNR-XSS-Payloads
Payloads For XSS
match-replace-burp
Useful Match and Replace BurpSuite Rules
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
apkleaks
Scanning APK file for URIs, endpoints & secrets.
awesome-google-vrp-writeups
π A list of writeups from the Google VRP Bug Bounty program
Collabfiltrator
Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
CVE-2021-27651-PoC
RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2
dalfox
ππ¦ DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Dom-based-XSS
Dom based XSS exploit
frogy
My subdomain enumeration script.
gap
Google Maps API checker
h1stats
a tool that compiles a csv of all h1 program stats
hunter0x8.github.io
π« A portfolio that i literally worked on for you ππ»ππ» CI/CD Integrated.
magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
mBot
A Go-Based Synack Mission Bot
posta
π Cross-document Messaging security research tool
REVN
REVN
uro
declutters url lists for crawling/pentesting
Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
www-community
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
x8
Hidden parameters discovery suite
x8-Burp
Hidden parameters discovery suite
XSS-Catcher
Find blind XSS but why not gather data while you're at it.