vinnyvinoth's repositories
aem-groovy-console
The AEM Groovy Console provides an interface for running Groovy scripts in the AEM container. Scripts can be created to manipulate content in the JCR, call OSGi services, or execute arbitrary code using the CQ, Sling, or JCR APIs.
aem-links
Adobe Experience Manager links, cheat sheets and solutions to common problems.
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
Awesome-WAF
🔥 Web-application firewalls (WAFs) from security standpoint.
bbscope
Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
bruteforce-lists
Some files for bruteforcing certain things.
CVE-2022-44268
A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read
CVE-2022-47986
Aspera Faspex Pre Auth RCE
CVE-2023-25690-POC
CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.
CVE-2023-2732
MStore API <= 3.9.2 - Authentication Bypass
CVE-2023-2825
GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0.
CVE-2023-32243
CVE-2023-32243
CVE-2023-33733
CVE-2023-33733 reportlab RCE
Dependency-Confusion
All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)
Infinite-Storage-Glitch
ISG lets you use YouTube as cloud storage for ANY files, not just video
jira_scan
A simple remote scanner for Atlassian Jira
Nuclei-bug-hunter
i will upload more templates here to share with the comunity.
poc-graphql
Research on GraphQL from an AppSec point of view.
recollapse
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
SecBugs
Full disclosures for CVE ids, proofs of concept, exploits, 0day bugs and so on.
ShadowClone
Unleash the power of cloud
shortscan
An IIS short filename enumeration tool
ssl-kill-switch3
Next Generation SSLKillSwitch with much more support!
SSLEnum
Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)
super-secret-finder
Burp Plugin for Secret Matching
webjars-swagger-xss
PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]