fatinsourav
Just another cloud & security researcher. Obsessed with vulnerable code for research and exploiting bugs for the soul.
Dhaka,Bangladesh
Pinned Repositories
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
bbht
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
Bug_Bounty_writeups
BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔
Damn-Vulnerable-Flask-Application
DVFA( Damn Vulnerable Flask Application) is an intentionally vulnerable web application for security research.Its goal is to aid software engineers, security researchers, and students to analyze application security.
DevOps-Roadmap
DevOps Roadmap for 2024. with learning resources
html5_attack_and_secure
HTML5 Training material for Attack and Secure training sessions.
leaky-paths
A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
OSCP
OSCP
Recon-Techniques
fatinsourav's Repositories
fatinsourav/leaky-paths
A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
fatinsourav/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
fatinsourav/android_app_security_checklist
Android App Security Checklist
fatinsourav/AndroidSecNotes
Self curated notes related to android application security.
fatinsourav/Arjun
HTTP parameter discovery suite.
fatinsourav/awesome-api-security
A collection of awesome API Security tools and resources.
fatinsourav/awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
fatinsourav/bbtips
BugBountyTips
fatinsourav/bruteforce-lists
Some files for bruteforcing certain things.
fatinsourav/bug-bounty-dorks
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
fatinsourav/Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
fatinsourav/Bugbounty-Resources
fatinsourav/byp4xx
Pyhton script for HTTP 40X responses bypassing. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials and fuzzing.
fatinsourav/bypass-403
A simple script just made for self use for bypassing 403
fatinsourav/CEH-Notes
|| CEH Notes ||
fatinsourav/cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
fatinsourav/Docker-Security
Getting a handle on container security
fatinsourav/Guide-to-SSRF
Guide to SSRF
fatinsourav/HolyTips
Tips and Tutorials on Bug Bounty Hunting and Web App Security.
fatinsourav/Hunting-Tips
Tips For Bug Bounty Hunters
fatinsourav/KnowledgeSharing
Recon Video's
fatinsourav/naglinagli.github.io1
:triangular_ruler: Personal Information Security blog
fatinsourav/Nuclei-Resource
This repository contains the popular Nuclei resources.
fatinsourav/Subdomainer
Automated tool for domains & subdomains gathering
fatinsourav/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
fatinsourav/Vulnerabilities-Approach-Slides
PDF slides
fatinsourav/wap
CS632 - Web App Pentesting
fatinsourav/Web-Application-Pentest-Checklist
This is one of the largest checklist available so far on the Internet.
fatinsourav/Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
fatinsourav/webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.