Pinned Repositories
0day
各种开源CMS 各种版本的漏洞以及EXP 该项目将不断更新
2FAssassin
Bypass Two-Factor-Authentication
awesome-honeypots
an awesome list of honeypot resources
awesome-security
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
Blackcat-Keylogger
Blackcat Keylogger is 100% invisible keylogger not only for users, but also undetectable by antivirus software. Blackcat keylogger Monitors all keystokes, Mouse clicks. It has a seperate process which continues capture system screenshot and send to ftp server in given time.
Bypass-JSON-Web-Token-JWT-
Break and Elevation of Privilege the API v2 using JSON Web Token (JWT)
httpflox
Probe of list of IPs or domains for working http and https servers and commun web service ports
multi-architecture-linux-system
Multiarch is a significant and powerful development, and affects many processes and aspects of the system For example running a i386-linux-gnu application on an amd64-linux-gnu system
OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' Keepnote. Reconscan in scripts folder.
OSINT-2
just some osint stuff ;^)
chouaibhm's Repositories
chouaibhm/httpflox
Probe of list of IPs or domains for working http and https servers and commun web service ports
chouaibhm/CVE-Half-Day-Watcher
chouaibhm/4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
chouaibhm/awesome-obsidian
🕶️ Awesome stuff for Obsidian
chouaibhm/BugBountyTemplates
List of reporting templates I have used since I started doing BBH.
chouaibhm/cve
Gather and update all available and newest CVEs with their PoC.
chouaibhm/CVE-2022-0778
Proof of concept for CVE-2022-0778, which triggers an infinite loop in parsing X.509 certificates due to a bug in BN_mod_sqrt
chouaibhm/domscan
Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
chouaibhm/flipperbit
Corrupted files generator. Random bits flipper.
chouaibhm/GPT_Vuln-analyzer
Uses ChatGPT API and Python-Nmap module to use the GPT3 model to create vulnerability reports based on Nmap scan data.
chouaibhm/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
chouaibhm/HackVault
A container repository for my public web hacks!
chouaibhm/host_scan
这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go
chouaibhm/kek
chouaibhm/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
chouaibhm/Methodology
chouaibhm/Pentesting_cheatsheet
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
chouaibhm/PentestNote
个人输出,经验/思路/想法/总结/. . .
chouaibhm/pretender
Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
chouaibhm/recon-using-github-action
chouaibhm/Reconky-Automated_Bash_Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
chouaibhm/RFSec-ToolKit
RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.无线通信协议相关的工具集,可借助SDR硬件+相关工具对无线通信进行研究。Collect with ♥ by HackSmith
chouaibhm/sexfinder
archiveed secret finder burp plugin
chouaibhm/ShuiZe_0x727
信息收集自动化工具
chouaibhm/SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
chouaibhm/uncover
Quickly discover exposed hosts on the internet using multiple search engine.
chouaibhm/vulns-2022
本项目用于搜集 2022 年的漏洞,注意:本项目并不刻意搜集 POC 或 EXP,主要以CVE-2021、CVE-2022 为关键词,包含但不限于漏洞资讯、漏洞复现、漏洞分析、漏洞验证、漏洞利用
chouaibhm/wadump
Small utility to dump data from the multi-device WhatsApp web client.
chouaibhm/Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
chouaibhm/weggli
weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.