Pinned Repositories
B9P4Z5B0X
Coming Soon...
bypazs
Config files for my GitHub profile.
CVE-2020-0668.exe
CVE-2022-32060
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
CVE-2022-32114
An unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file.
CVE-2022-42094
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Card content.
CVE-2022-42096
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Post content.
CVE-2022-42097
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the comment.
CVE-2022-42098
KLiK-SocialMediaWebsite v1.0.1 has SQL Injection Vulnerabilities at profile.php
DVIA-v2-bypazs.ipa
Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested up to iOS 13.7. The current version is writen in Swift and has the following vulnerabilities.
bypazs's Repositories
bypazs/CVE-2020-0668.exe
bypazs/CVE-2022-32060
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
bypazs/CVE-2022-32114
An unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file.
bypazs/CVE-2022-34961
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module.
bypazs/CVE-2022-42094
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Card content.
bypazs/CVE-2022-42096
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Post content.
bypazs/CVE-2022-42097
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the comment.
bypazs/CVE-2022-42098
KLiK-SocialMediaWebsite v1.0.1 has SQL Injection Vulnerabilities at profile.php
bypazs/B9P4Z5B0X
Coming Soon...
bypazs/bypazs
Config files for my GitHub profile.
bypazs/DVIA-v2-bypazs.ipa
Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested up to iOS 13.7. The current version is writen in Swift and has the following vulnerabilities.
bypazs/CVE-2022-34962
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module.
bypazs/CVE-2022-34963
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module.
bypazs/CVE-2022-42095
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content.
bypazs/CVE-2023-26982
Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function.
bypazs/CVE-2023-26984
An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request.
bypazs/DecryptTeamViewer.exe
Enumerate and decrypt TeamViewer credentials from Windows registry
bypazs/dstserver
file setup mods for dstserver linux
bypazs/Duplicate-of-CVE-2023-26982
Trudesk version 1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the tickets `Create/Modify Ticket Tags` on admin role.
bypazs/Duplicate_ChurchCRM-v4.4.5_Vuln1
ChurchCRM v4.4.5 has SQL Injection Vulnerabilities at EditEventAttendees.php
bypazs/GrimTheRipper
bypazs/kali-desktop
:whale: Kali Linux Desktop Docker Image. Access via Webbrowser
bypazs/kali-docker-vnc-novnc
This Kali Linux Docker container offers a full desktop experience by using the x11vnc to provide a VNC connection to the container and novnc for simple VNC access with your browser.
bypazs/omega-scripts
bypazs/vulnerable-AD-plus
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
bypazs/xc.exe
A small reverse shell for Linux & Windows