incredibleindishell
Security enthusiast Love to learn Linux, PHP and exploit development
IndiShell Lab
Pinned Repositories
CORS-vulnerable-Lab
Sample vulnerable code and its exploit code
CORS_vulnerable_Lab-Without_Database
exploit-code-by-me
Exploit code developed/reproduced by me
LDAP-credentials-collector-backdoor-generator
This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.
Local-file-disclosure-SQL-Injection-Lab
This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)
Mannu-Shell
Mannu Shell is PHP web based shell. This code is meant for performing server side file manipulation and other stuffs. Its backdoor free and user friendly.
PHP-web-shells
when i started web application security testing, i fall in love with web shell development and designed some PHP based web shells. This repository contains all my codes which i released in public.
sqlite-lab
This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
SSRF_Vulnerable_Lab
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
Windows-AD-environment-related
This Repository contains the stuff related to windows Active directory environment exploitation
incredibleindishell's Repositories
incredibleindishell/Magento-shoplift-python-exploit
Magento shoplift exploit is vulnerability which was discovered by CheckPoint team (http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/) This python script developed by joren but it was having some bug because of which it was not working properly. If magento version is vulnerable, this script will create admin account with username forme and password forme
incredibleindishell/Cheatsheets
Penetration Testing/Security Cheatsheets
incredibleindishell/Panda-sql-injector
API for SQLmap sql injection tool. This tool is developed by my friend incredible.
incredibleindishell/CrackMapExecWin
The great CrackMapExec tool compiled for Windows
incredibleindishell/jwtcrack
incredibleindishell/ldap-brute
A semi fast tool to bruteforce values of LDAP injections over HTTP.
incredibleindishell/mannu-shell-jump-tester
These codes are for checking read permission on website document root directory for other user in shared server environment.
incredibleindishell/mysql-brute-forcer
MySQL brute forcer is a PHP based script which perform mysql user account bruteforcing locally. This code is developed by one of my friend and for Educational purpose only.
incredibleindishell/Wordpress-XML-RPC-Library
A PHP library for interacting with Wordpress via XML-RPC
incredibleindishell/write-ups-2015
Wiki-like CTF write-ups repository, maintained by the community. 2015
incredibleindishell/ABPTTS
TCP tunneling over HTTP/HTTPS for web application servers
incredibleindishell/Axis2Shell
incredibleindishell/CVE-2016-3714
ImaegMagick Code Execution (CVE-2016-3714)
incredibleindishell/DTD-Attacks
Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java
incredibleindishell/fsef
Format string exploit Framework (to be continued! or not)
incredibleindishell/Joomla-3-SQL-injection-exploit
This script is web interface based and use PHP-curl this script attempt to exploit SQL Injection vulnerability in Joomla version 3.2.* to 3.4.4
incredibleindishell/joomla-vulnerabilities
list of vulnerable Joomla components for one of my personal Joomla cms testing script
incredibleindishell/Other-Projects
This project is just a dumping ground for random scripts I've developed.
incredibleindishell/perl-reverse-shell
incredibleindishell/PrivEsc
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
incredibleindishell/Proxy_JSP
This is a web proxy created using JSP.
incredibleindishell/UnmanagedPowerShell
Executes PowerShell from an unmanaged process
incredibleindishell/WebLogicPasswordDecryptor
PowerShell script and Java code to decrypt WebLogic passwords
incredibleindishell/write-ups-2014
Wiki-like CTF write-ups repository, maintained by the community. 2014