Xib3rR4dAr

CloudFlareXSS

Cloudflare Bypass in HTML, attribute and JS context

envfreak

Stealing Environment Variables with desktop.ini ;)

filter-var-sqli

Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )

OpenSSH-5.3-remote-root-0day-exploit-32-bit-x86-

hehehehehe

shortest-php-webshell

Shortest PHP Webshell

WannaRace

WebApp intentionally made vulnerable to Race Condition for practicing Race Condition

Xib3rR4dAr/WannaRace

WebApp intentionally made vulnerable to Race Condition for practicing Race Condition

Xib3rR4dAr/CloudFlareXSS

Cloudflare Bypass in HTML, attribute and JS context

Xib3rR4dAr/BurpSuite_403Bypasser

Burpsuite Extension to bypass 403 restricted directory

Xib3rR4dAr/cloudfox

Automating situational awareness for cloud penetration tests.

Xib3rR4dAr/crowbar

Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.

Xib3rR4dAr/CTF_ADDA_writeups

Writeups for https://ctf.adda.gov.ae/ 2022

Xib3rR4dAr/CTF_BlackHat_MEA_2023

BalckHat MEA 2023

Xib3rR4dAr/CVE-2023-28252

Xib3rR4dAr/forothree

403 bypass tools based on golang

Xib3rR4dAr/forward-shell

Xib3rR4dAr/fypCTF

Easily create and manage Capture the flag competitions

Xib3rR4dAr/gtm4wp

Google Tag Manager plugin for WordPress

Xib3rR4dAr/hi_my_name_is_keyboard

Xib3rR4dAr/hoaxshell

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Xib3rR4dAr/httpx

httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

Xib3rR4dAr/Image-metadata-extractor

Extracts image metadata.

Xib3rR4dAr/interactsh-web

Web dashboard for Interactsh client

Xib3rR4dAr/keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Xib3rR4dAr/PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Xib3rR4dAr/SQLInjectionWiki

A wiki focusing on aggregating and documenting various SQL injection methods

Xib3rR4dAr/SqlmapDnsCollaborator

Burp Extension that lets you use Burp Collaborator as a DNS server for exfiltrating data via Sqlmap

Xib3rR4dAr/SUID3NUM

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Xib3rR4dAr/Supplementary-Material

Xib3rR4dAr/updog

Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.

Xib3rR4dAr/wfuzz

Web application fuzzer

Xib3rR4dAr/wordpress-ajax-load-more

🔥 WordPress infinite scroll with Ajax Load More - the ultimate solution to add infinite scroll functionality to your WordPress powered website.

Xib3rR4dAr/wordpress-xdebug

Wordpress with XDebug for Docker

Xib3rR4dAr/wp-statistics

Complete WordPress Analytics and Statistics for your site!

Xib3rR4dAr/xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Xib3rR4dAr/Zphisher-GUI-Back_office

A Zphisher GUI Back-Office Plugin