Subhash's repositories
chrome_password_grabber
Get unencrypted 'Saved Password' from Google Chrome
jok3r
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
RsaCtfTool
RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data
FileChangeMonitor
Continuous monitoring for JavaScript files
quick-portfolio
Use this template if you need a quick developer / data science portfolio! Based on a Minimal Jekyll theme for GitHub Pages.
AhMyth-Android-RAT
Android Remote Administration Tool
BugBounty-reports-templates
My small collection of reports templates
Zoom
Automatic & lightning fast wordpress vulnerability scanner
graphql-security-labs
GraphQL security workshop labs
See-SURF
Python based scanner to find potential SSRF parameters
extended-xss-search
A better version of my xssfinder tool - scans for different types of xss on a list of urls.
CTFd
CTFs as you need them
statement
idea for codefundo
MARA_Framework
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
Tiny-PHP-Webshell
several list of simple and obfuscate PHP shell
NITW-DOX
Document sharing hub
Bypass-Web-Application-Firewalls
Bypassing-Web-Application-Firewalls-And-XSS-Filters A series of python scripts for generating weird character combinations and lists for BurpSuite Pro for bypassing web application firewalls (WAF) and XSS filters. These python scripts have been created to fuzz wierd combinations: URL Escape Characters HTML Escape Characters Binary Characters These scripts were created during an assessment, while trying to bypass a Web Application Firewall (WAF) in order to exploit a XSS vulnerability. Differnt webservers and browsers interpret URL and strange characters differently which could lead to the bypassing of security controls. When I tried to send a > or < character the WAF would block the request. The following URL escapes I have noticed are traslated to < > ' by Apache2 based web servers: %(N%(n%)S%)U%)^%)s%)u%*C%*E%*c%*e%,.%.#%1N%1n%2S%2U%2^%2s%2u%3C%3E%3c%3e%5.%7#%:C%:E %:c%:e%HN%Hn%IS%IU%I^%Is%Iu%JC%JE%Jc%Je%L.%N#%XN%Xn%YS%YU%Y^%Ys%Yu%ZC%ZE%Zc%Ze%.%^# %hN%hn%iS%iU%i^%is%iu%jC%jE%jc%je%l.%n#%xN%xn%yS%yU%y^%ys%yu%zC%zE%zc%ze%|
wow
django
unfurl
Pull out bits of URLs provided on stdin
masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
TechWrecK
begin
ShubhamWebScript-Website-vulnerability-Checker
Find any website vulnerability and bugs in few second.