moeinfatehi/moeinfatehi

admin-page-finder admin-panel-finder application-security backupfinder burpsuite burpsuite-extender captcha-breaking cvssv3 file-upload-vulnerability local-file-inclusion owasp owasp-top-10 penetration-testing-tools remote-file-inclusion security-automation security-tools web-application-security xss-vulnerability

👋 Hi there, I'm Moein Fatehi!

Experienced Cybersecurity Specialist and Team Leader, specializing in vulnerability assessment and penetration testing. Passionate about blockchain security and fintech innovations. Developer of a sophisticated cryptocurrency trading bot and founder of VAaaS for smart contract vulnerability detection. Active in CTF competitions with multiple first-place wins as part of the DCUA team. Committed to driving security advancements in both traditional and blockchain technologies. Welcome to my GitHub page where I share my projects and contributions to the world of cybersecurity and blockchain.

🌟 My Projects

Here's a glimpse of my work:

BurpSuite Extensions

Backup-Finder: A Burp Suite extension that dynamically reviews backup, old, temporary, and unreferenced files on web servers for sensitive information. Technologies: Java, Gradle.
Admin-Panel_Finder: Enumerates infrastructure and application Admin Interfaces with configurable testing levels. Technologies: Java, Gradle.
CVSS_Calculator: Offline CVSS v2 and v3.1 scores calculator with a user-friendly interface. Technologies: Java.
PassiveDigger: Passive analysis of web traffic for vulnerabilities, with features like request and response checks. Technologies: Java, Gradle.

Vulnerable Web Challenges

xss_vulnerability_challenges: XSS vulnerability challenges in a Dockerized PHP application, focusing on various bypass techniques. Technologies: PHP, Docker.
file_upload_vulnerability_scenarios: Challenges related to file upload vulnerabilities, including various bypass techniques. Technologies: PHP, Docker.
lfi-to-rce-scenario: LFI to RCE vulnerability challenges in a Dockerized environment, demonstrating path traversal and command execution. Technologies: PHP, Docker.
captcha_logical_bypass_scenarios: Captcha logical bypass challenges, exploring various techniques to circumvent captcha protections. Technologies: PHP, Docker.
rfi_vulnerability_scenarios: Remote File Inclusion vulnerability scenarios, focusing on PHP code injection and RCE. Technologies: PHP, Docker.