Pham Sy Minh's repositories
Python-shell-cheat-sheet
Full python reverse shell and bind shell payloads
CVE-2019-11580
A CVE-2019-11580 shell
CVE-2012-2688
A CVE-2012-2688 shell
C-reverse-shell
C Reverse Shell
robologin-dev
Web username & password bruteforcer
Werkzeug-Shell
Exploitation for CVE-126453 to get reverse shell from "Werkzeug Debug Shell"
altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
Blacklist3r
project-blacklist3r
Corsy
CORS Misconfiguration Scanner
dirstalk
Modern alternative to dirbuster/dirb
dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
ffuf
Fast web fuzzer written in Go
fuzz.txt
Potentially dangerous files
Konan
Konan - Advanced Web Application Dir Scanner
leaky-paths
A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
OpenDoor
OWASP WEB Directory Scanner
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PySocks
A SOCKS proxy client and wrapper for Python.
requests
A simple, yet elegant HTTP library.
RustScan
🤖 The Modern Port Scanner 🤖
subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Sublist3r
Fast subdomains enumeration tool for penetration testers
urllib3
Python HTTP library with thread-safe connection pooling, file post support, user friendly, and more.
wfuzz
Web application fuzzer
xsscrapy
XSS spider - 66/66 wavsep XSS detected