Mayur Parmar's repositories
CTF-CheatSheet-1
All About CTFs
awesome-php-security
Awesome PHP Security Resources 🕶🐘🔐
cloudflare-bypass
Bypass Coudflare bot protection using Cloudflare Workers
crlfuzz
A fast tool to scan CRLF vulnerability written in Go
DirDar
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
DomLink
A tool to link a domain with registered organisation names and emails, to other domains.
eval_villain
A Firefox Web Extension to improve the discovery of DOM XSS.
frida
Clone this repo to build Frida
GitTools
A repository with 3 tools for pwn'ing websites with .git repositories available
Golden-Guide-for-Pentesting
Golden Guide
Guide-to-SSRF
Guide to SSRF
hack
deface page for web deface :P
HackBar
HackBar is a security audit tool that will enable you to pentest websites more easily. ... You can use it to check site security by performing SQL injections, XSS holes and more. It also has a user-friendly interface that makes it easy for you to do fuzz testing, hash generation, encoding and more.
IABE-BugBounty-Framework
BugBounty framework with main function to ORGANIZE data and STEPS. So, you don't get lost in your bug bounty hunting. You can find everything in: PoC's, vulnerabilities, tools-name and usage, basic A.I, some automation, steps, guides, etc.
identYwaf
Blind WAF identification tool
lmi4u
lmi4u is designed to Install basic kind of tools (my personal preferred) required in Bug Bounty.
poc-1
Proof of Concepts
public-bugbounty-programs
Community curated list of public bug bounty and responsible disclosure programs.
s3viewer
Publicly Open Amazon AWS S3 Bucket Viewer
StockManagement-XSS-Login-CredHarvester
Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Stock Management System v1.0 allows remote attackers to harvest login credentials & session cookie via unauthenticated victim clicking malicious URL and entering credentials.
tailorMS-rXSS-Keylogger
Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Tailor Management System v1.0 allows remote attackers to harvest keys pressed via unauthenticated victim clicking malicious URL and typing.
template
A template Sphinx repo
urlbrute
Directory/Subdomain scanner developed in GoLang.
Web-Application-Pentest-Checklist
This is one of the largest checklist available so far on the Internet.
WebHacking101
Web-App-Hacking-Notes
winx64-InjectAllProcessesMeterpreter-Shellcode
64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.
XSSRadare
A Cross Site Scripting scanner using selenium webdriver