Bishal Aryal's Projects
403/401 Bypass Methods + Bash Automation + Your Support ;)
This repository is my documenting repository for learning the world of DevOps. I started this journey on the 1st January 2022 and I plan to run to March 31st for a complete 90-day romp on spending an hour a day including weekends to get a foundational knowledge across a lot of different areas that make up DevOps.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A cheat sheet that contains advanced queries for SQL Injection of all types.
All about bug bounty (bypasses, payloads, and etc)
This script grab public report from hacker one and make some folders with poc videos
A big list of Android Hackerone disclosed reports and other resources.
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Find domains and subdomains related to a given domain
Open source platform for X.509 certificate based service authentication and fine grained access control in dynamic infrastructures. Athenz supports provisioning and configuration (centralized authorization) use cases as well as serving/runtime (decentralized authorization) use cases.
test
Simple shell script for automated domain recognition with some tools
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
A curated list of various bug bounty tools
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
A list of search engines useful during Penetration testing, vulnerability assessments, red team operations, bug bounty and more
Organized list of my malware development resources
A collection of awesome one-liner scripts especially for bug bounty tips.
List of Awesome Red Teaming Resources
Vulnerability Assessment and Penetration Testing Tools (Information Security / Cyber security)
List of ngrok alternatives and other ngrok-like tunneling software and services. Focus on self-hosting.
π₯ Web-application firewalls (WAFs) from security standpoint.
πΆ A curated list of Web Security materials and resources.
List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.
Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent