Mayur Parmar's repositories
awesome-cve-poc
✍️ A curated list of CVE PoCs.
Awsome-shells
Collection of reverse shells
BashTime
All Bash learning material is here
BigBountyRecon
BigBountyRecon tool utilises 58 different techniques to expediate the process of intial reconnaissance on the target organisation.
cheatsheet
cheatsheet
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
ditto
A tool for IDN homograph attacks and detection.
Ecommerce-Website-Security-CheckList
List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.
frogy-subdomain-enumeration
My subdomain enumeration
hacker-roadmap
:pushpin: Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
hacker101
Source code for Hacker101.com - a free online web and mobile security class.
kxss
This a adaption of tomnomnom's kxss tool with a different output format
Linux-privilege-escalation
A cheat sheet to demonstrate the linux privilege escalations
Open-Redirect-Payloads
Open Redirect Payloads
pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
pentesterlab-bootcamp
My notes on PentesterLab's Bootcamp series 🕵️
privatecollaborator
A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
pythonSimpleServer
A bash and python script for severing files on your pc, Red team.
SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
security-cheatsheets
Cheat sheets
Sqli_Best_Setup
A great setup for SQL Injection, xss and xxe (plus a few more) on Kali
subdover
Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Written In Python3
top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
uxss-db
🔪Browser logic vulnerabilities :skull_and_crossbones:
wprecon
Hello! Welcome. WPrecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.