kuteminh11's repositories
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
AndroidMobilePentest101
Pentesting Android Application Course For Kids+ (English and Vietnamese edition)
Apache-Solr-RCE
Apache Solr Exploits 🌟
Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
CVE-2019-0708
Scanner PoC for CVE-2019-0708 RDP RCE vuln
CVE-2020-2551
Weblogic IIOP CVE-2020-2551
Disclosures
Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts
dom-examples
Code examples that accompany various MDN DOM and Web API documentation pages
exploits-1
Pwn stuff.
h1domains
HackerOne "in scope" domains
JS-Alpha
Funny project to create an encoder/obfuscator that converts any javascript code into a code that only consist of /[a-z().]/ characters
JSONBee
A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
JSshell
JSshell - JavaScript reverse/remote shell
kenzer-templates
essential templates for kenzer
proxyshell
A basic proxylogon scanner
RdpThief
Extracting Clear Text Passwords from mstsc.exe using API Hooking.
request_smuggler
Http request smuggling vulnerability scanner
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
sub.sh
Online Subdomain Detect Script
tokenx_privEsc
with metasploit
WMIHACKER
A Bypass Anti-virus Software Lateral Movement Command Execution Tool
wycheproof
Project Wycheproof tests crypto libraries against known attacks.
xsleaks
A collection of browser-based side channel attack vectors.