monish4033's repositories
RansomLook
Yet another Ransomware gang tracker
axiom
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
wappalyzer
The last commit of Wappalyzer before it went private
JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
CVE-2018-11235-Git-Submodule-CE
CVE-2018-11235-Git PoC
Lockdoor-Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
can-i-take-over-dns
"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones
mitm_relay
Hackish way to intercept and modify non-HTTP protocols through Burp & others.
kiterunner
Contextual Content Discovery Tool
KNR-XSS-Payloads
Payloads For XSS
vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
frogy
My subdomain enumeration script.
rotating-proxy
Rotating TOR proxy with Docker
bucketbunny
AWS S3 open bucket poc automated script.
HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
malicious
test
CVE-2018-11235
PoC exploit for CVE-2018-11235 allowing RCE on git clone --recurse-submodules
portable-data-exfiltration
This repo contains all the injections mentioned in my talk and enumerators.
wordlists
Automated & Manual Wordlists provided by Assetnote
commonspeak2
Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
samling
Serverless SAML IDP for testing SAML integrations
jwt-cracker
Simple HS256 JWT token brute force cracker
JSONBee
A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
nuclei
Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
NSBrute
Python utility to takeover domains vulnerable to AWS NS Takeover
test
test