a1k-ghaz1's Projects
Veil 3.1.X (Check version info in Veil at runtime)
A tool for exploring and investigating APIs and websites.
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
https://github.com/secdec/attack-surface-detector-zap/wiki
A script to enumerate virtual hosts on a server.
Easy 802.1Q VLAN Hopping
This is a tool for pentesters which scan for VLANs on a network link.
VirusTotal Stealer is a DATA Exfiltration tool that exfitrate office documents and tunnel them over VirusTotal API to the Team Server
A comprehensive Python-based security tool for file scanning, malware detection, and analysis in an ever-evolving cyber landscape.
Vulnera is a web app vulnerability scanner that focuses on subdomain enumeration, clickjacking, and host header injection. Vulnera helps developers and security professionals proactively mitigate risks and safeguard their web applications
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
Vulnerability detection funcVulnerability-detection-functions Vulnerability Detection Functionality The script currently focuses on detecting cross-site scripting (XSS) vulnerabilities in web links. Additional functions will be developed to detect vulnerabilities so you can incorporate them into your script.
crawl a website for links and expose all the vulnerable parameters.
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
Advanced vulnerability scanning with Nmap NSE
vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Automatic Web Vulnerability Scanner.
Check your WAF before an attacker does
XSS payloads for bypassing WAF. This repository is updating continuously.
From Cloudflare to Imperva, Akamai, F5, Checkpoint, Fortinet
Quick Python Script I Wrote For A Video To Input The Hostname/IP/Website Adresses inside and the string will be automatically inputted into the Censys/DNSTrails Search-Engine To Than Open A Web-Browser Page For You To See The Output Data. Its For Bypassing WAF For Leaking Data..
Fetch all the URLs that the Wayback Machine knows about for a domain
Find way more from the Wayback Machine!
XSS payloads designed to turn alert(1) into P1
In the context of web application penetration testing, Google Dorks can be used to find vulnerabilities and sensitive information in websites. This involves searching for specific keywords or file types that can indicate the presence of vulnerabilities or sensitive information, such as login pages, database files, and backups.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Web Exploit Was here ! advanced web hacking and hacker toolkit