Pinned Repositories
apachrot
Apache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker
Arbitrium-RAT
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
awscli-ec2
Make VPS/RDP from awscli
Dor3
Tembak Kuota Three
getgrass
GetGrass Crot
larapler
LARAPLER - Laravel Random Exploit
Mass-CVE-2023-28121
CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]
MSAPer
Automatic Mass Tool for check and exploiting vulnerability in CVE-2023-3076 - MStore API < 3.9.9 - Unauthenticated Privilege Escalation (Mass Add Admin + PHP File Upload)
UPGer
Automatic Mass Tool for checking vulnerability in CVE-2022-4060 - WordPress Plugin : User Post Gallery <= 2.19 - Unauthenticated RCE
zRev2
[Python] ZReverse IP 2. Tools for find hosted domains from IPs
im-hanzou's Repositories
im-hanzou/awskey-iam-privescheck
This Bash script allows you to interact with AWS Identity and Access Management (IAM) and EC2 services to check AWS credentials and permissions related to EC2 instances.
im-hanzou/RRev
[Python] RapidDNS Reverse IP. Tools for find hosted domains from IPs use threading.
im-hanzou/Ngelistv2
Ngelist web lur V2
im-hanzou/php-chankro
php-chankro command bypass php shell
im-hanzou/Spoofing_Network
im-hanzou/ACWL
Access Control Web Lab
im-hanzou/BypassServ-Mini-Shell
im-hanzou/CVE-2024-38856_Scanner
Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)
im-hanzou/CVE-2024-40348
POC for CVE-2024-40348. Will attempt to read /etc/passwd from target
im-hanzou/CVE-2024-44000-LiteSpeed-Cache
CVE-2024-44000 is a vulnerability in the LiteSpeed Cache plugin, a popular WordPress plugin. This vulnerability affects session management in LiteSpeed Cache, allowing attackers to gain unauthorized access to sensitive data.
im-hanzou/dirlister
im-hanzou/google-security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
im-hanzou/hackJS
To use hackJS, specify a target URL that contains JavaScript files you want to analyze. The tool will fetch these JavaScript files, extract embedded links and subdomains.
im-hanzou/LaCrot
Laravel Croter | GET SMTP, DATABASE, APP_KEY FROM MISSCONFIGURATION AND DEBUGING IN LARAVEL
im-hanzou/MBPTL
Self-deployed Straight-forward hacking lab machine which designed for new comer who want to learn Penetration Testing field that running inside Docker for easy setup.
im-hanzou/moodle-rce-calculatedquestions
Scripts for Analysis of a RCE in Moodle Calculated Questions (CVE-2024-43425)
im-hanzou/Otp-Bot-Bypass-Verifications-Sms-Bot-Bank
VBV,OTP,Paypal,OTP,PaypalX OTP,Vemmo OTP,Cashapp OTP,,Bank OTP,Zelle OTP.Time-based OTP (TOTP) is stored on a users phone, and combined with something the user knows (Password)
im-hanzou/OTP-Bot-One-Time-Password-Telegram-Api-Paypal-Whatsapp-Verification-Bypass
victim’s digital banking account, the attacker feeds the OTP bot with the consumer’s phone number and the name of the bank. These inputs prompt the OTP bot to initiate a call to the victim and dupe them into divulging the 2FA code (OTP or token)
im-hanzou/OTP-Bot-One-Time-Password-Verification-Bank-Paypal-Bypass-2FA
OTPBYPASS Bot sends a post request to the api, which will save the call into a sqlite DB and send the call to the custom twilio API.Google,Snapchat,Instagram,Facebook,Whatsapp,Twitter,Amazon
im-hanzou/OTP-BYPASS-and-SMS-BOT-V-3
OTP BYPASS and SMS BOT V 3
im-hanzou/proofs
im-hanzou/QRIS-Editor
im-hanzou/qrysis
Simple code to alter QRIS data
im-hanzou/roastgithub-api_id
im-hanzou/roastgithub_id
im-hanzou/Shell-Backdoor-Finder
Shell backdoor
im-hanzou/subdosec
im-hanzou/tariautoreff
im-hanzou/twap-order-binance-bot
Split your big order to get a good price
im-hanzou/WhatsUps