Mayur Parmar's repositories
AutoNmap
Automated daily scan using Nmap and report on the differences
awesome
A curated list of awesome lists
btslab
Vulnerable web application
bug-bounty-responses
A collection of response templates for invalid bug bounty reports.
Bug-Hunting-Repo
Quick Repo for any Bug Hunter
bugbounty-cheatsheet
A list of interesting payloads, tips and tricks.
bypasswaf
Add headers to all Burp requests to bypass some WAF products
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Cheatsheets
Helped during my OSCP lab days.
CSRF-PoC-Genorator
This is a simple CSRF Proof of Concept generator that supports multiple form encodings and methods
DAws
Advanced Web Shell
httpscreenshot
Fork of https://github.com/breenmachine/httpscreenshot
insecure-php-example
Example PHP project showing off bad techniques.
LFiFreak
A unique automated LFi Exploiter with Bind/Reverse Shells
Malicious-Web-Scripts-Search
Here are two perl scripts. The first one hack-search.pl searches your files for malicious code according to some well-known paths. It will find most malicious web files (exploits, backdoors, shells...) which hackers leave on websites. The second script find_and_replace.pl can be used to clean your web files from the malicious patterns. This find and replace script works recursively and on more than one line.
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
My-Checklist-
The focus of this cheat sheet is infrastructure,network penetration testing and web application penetration testing Perform.
Nodejs-SSRF-App
Nodejs application intentionally vulnerable to SSRF
PracticalMalwareAnalysis-Labs
Binaries for the book Practical Malware Analysis
PrivEsc
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
riplink
Find dead links on the web.
RoadMap
GitBook: OSCP RoadMap
SecPasswords
Passwords taken from public paste's
security-notes
:notebook: Some security related notes
SQLMAP-Web-GUI
PHP Frontend to work with the SQLMAP JSON API Server (sqlmapapi.py) to allow for a Web GUI to drive near full functionality of SQLMAP!
web-cache-deception-checker
Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages
Wi-Fi-Hash-Decrypter
Small utitlities for decrypting the stored Wi-Fi hashes
Windows-Post-Exploitation
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
windows_auditor
A simple powershell script which gives handy compliance report.
xss-labs
small set of scripts to practice exploit XSS and CSRF vulnerabilities