ivan-sincek
Senior offensive security engineer and bug hunter. These are some of the security-related codes I wrote in my free time.
Croatia
Pinned Repositories
android-penetration-testing-cheat-sheet
Work in progress...
chad
Search Google Dorks like Chad. / Broken link hijacking tool.
forbidden
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.
invoker
Penetration testing utility and antivirus assessment tool.
ios-penetration-testing-cheat-sheet
Work in progress...
penetration-testing-cheat-sheet
Work in progress...
php-ransomware
PHP ransomware that encrypts your files, as well as file and directory names.
php-reverse-shell
PHP shells that work on Linux OS, macOS, and Windows OS.
powershell-reverse-tcp
PowerShell scripts for communicating with a remote host.
wifi-penetration-testing-cheat-sheet
Work in progress...
ivan-sincek's Repositories
ivan-sincek/penetration-testing-cheat-sheet
Work in progress...
ivan-sincek/php-reverse-shell
PHP shells that work on Linux OS, macOS, and Windows OS.
ivan-sincek/wifi-penetration-testing-cheat-sheet
Work in progress...
ivan-sincek/android-penetration-testing-cheat-sheet
Work in progress...
ivan-sincek/ios-penetration-testing-cheat-sheet
Work in progress...
ivan-sincek/forbidden
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.
ivan-sincek/keylogger
Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).
ivan-sincek/java-reverse-tcp
JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.
ivan-sincek/xss-catcher
Simple API for storing all incoming XSS requests and various XSS templates.
ivan-sincek/chad
Search Google Dorks like Chad. / Broken link hijacking tool.
ivan-sincek/dns-exfiltrator
Exfiltrate data with DNS queries. Based on CertUtil and NSLookup.
ivan-sincek/scrapy-scraper
Web crawler and scraper based on Scrapy and Playwright's headless browser.
ivan-sincek/file-scraper
Scrape files for sensitive information, and generate an interactive HTML report. Based on Rabin2.
ivan-sincek/nagooglesearch
Not another Google searching tool.
ivan-sincek/jwt-bf
Brute force a JWT token. Script uses multithreading.
ivan-sincek/websocket-bf
Brute force a REST API query through WebSocket. Based on cURL.
ivan-sincek/amounts
Generate a wordlist to fuzz amounts or any other numerical values.
ivan-sincek/domain-extractor
Extract valid or partially valid domain names and IPs from malicious or invalid URLs.
ivan-sincek/dnsrecon-chunked
Brute force subdomains in multiple smaller iterations. Based on DNSRecon.
ivan-sincek/property-lister
Extract and convert property list files from SQLite database files and from other property list files.
ivan-sincek/transporter
Send packets through raw sockets.
ivan-sincek/ivan-sincek
My profile info.
ivan-sincek/malware-apk
Are your bug bounty reports getting rejected because you don't use a "malicious" PoC app to exploit the vulnerabilities? I've got you covered!
ivan-sincek/solidity-learning
Work in progress...
ivan-sincek/browser-extension-automation
Run a browser extension in a sandboxed web browser and without any fear of corrupting or loosing your real data.
ivan-sincek/bot-safe-agents
A library for fetching a list of bot-safe user agents.
ivan-sincek/go-actions
Golang SAST workflows.
ivan-sincek/mixaudit-sarif
Convert MixAudit's JSON formatted results to SARIF format.
ivan-sincek/python-actions
Python SAST workflows.
ivan-sincek/send-tcp-payload
Send a payload through TCP.