Pinned Repositories
Bitcoin-Price-Counter
JavaScript BTC price counter for your website written in JavaScript.
bruteforce-lists
Some files for bruteforcing certain things.
cors-checker
CORS Checker, check for acac header in response using Origin and Referer headers
Extension-Juggler
File upload extension juggler, prints a list containng extension upload bypasses ex .xphp.jpg or .php7\x00.gif or .php.mp3%00 for example
Firefox-Startup-HTML
Browser startup index.html
local-proxy-listener
A tool that captues replay proxy requests on localhost:8088 when using tools like dirsearch.
MediaFire-URL-Download-Seed-Generator
The tool generates a wordlist with seeds to get access to random downloads which can contain some juicy stuff.
Open-Redirect-Checker
Open-Redirect Python3 script that checks for status code in output file.
postBasedXSS
Demo of various ways to exploit post based reflected XSS
wordlists
My personal wordlists from WebApp Hacking and Bug Bounty.
a6thmfsin's Repositories
a6thmfsin/wordlists
My personal wordlists from WebApp Hacking and Bug Bounty.
a6thmfsin/MediaFire-URL-Download-Seed-Generator
The tool generates a wordlist with seeds to get access to random downloads which can contain some juicy stuff.
a6thmfsin/Open-Redirect-Checker
Open-Redirect Python3 script that checks for status code in output file.
a6thmfsin/postBasedXSS
Demo of various ways to exploit post based reflected XSS
a6thmfsin/Bitcoin-Price-Counter
JavaScript BTC price counter for your website written in JavaScript.
a6thmfsin/bruteforce-lists
Some files for bruteforcing certain things.
a6thmfsin/cors-checker
CORS Checker, check for acac header in response using Origin and Referer headers
a6thmfsin/Extension-Juggler
File upload extension juggler, prints a list containng extension upload bypasses ex .xphp.jpg or .php7\x00.gif or .php.mp3%00 for example
a6thmfsin/Firefox-Startup-HTML
Browser startup index.html
a6thmfsin/local-proxy-listener
A tool that captues replay proxy requests on localhost:8088 when using tools like dirsearch.
a6thmfsin/Param-Value-Changer
Changes the value of given parameter with a list of endpoints as input
a6thmfsin/Quick-Enumerate
Bash script to enumerate a website (passive).
a6thmfsin/SQLMap-tamper-loop-script
Loops through SQLMap tamper scripts, perfect if you want to run SQLmap in background.
a6thmfsin/Status-Code-Header-checker
Bash script that curls a list of URLs from a text file and writes out either only status code or status code and headers.
a6thmfsin/Username-Generator
A simple Python3 username generator. Just change the wordlists of your choise.
a6thmfsin/PHP-Pingback-Collaborator
PHP Pingback Collaborator with a obfuscated directory for output file
a6thmfsin/PHP-source-code-finder
Removes everything after .php adds a ~ and does 1 request to each URL looking for PHP source code.
a6thmfsin/Proxy-checker
Checks a list of proxies if still active.
a6thmfsin/ssrf-header-checker
Adds plenty of headers to every request sent to look for possible pingbacks
a6thmfsin/URL-Encoder
URL encodes every line in a file skipping new lines so output file is not all one long string.
a6thmfsin/WordList
GodlyWordlists