Pinned Repositories
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
Awesome-WAF
🔥 Web-application firewalls (WAFs) from security standpoint.
bbscope
Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
bruteforce-lists
Some files for bruteforcing certain things.
BSQLi
timebased blind sqli with 99% success rate
Bug-Bounty-Methodology
These are my checklists which I use during my hunting.
bug-bounty-village-defcon32-workshop
The repo contains all the the notes, slides, and study material for my workshop at DEFCON 32 at the Bug Bounty Village
nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
muhammadfaizan92's Repositories
muhammadfaizan92/nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
muhammadfaizan92/bbscope
Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
muhammadfaizan92/bruteforce-lists
Some files for bruteforcing certain things.
muhammadfaizan92/BSQLi
timebased blind sqli with 99% success rate
muhammadfaizan92/Bug-Bounty-Methodology
These are my checklists which I use during my hunting.
muhammadfaizan92/bug-bounty-village-defcon32-workshop
The repo contains all the the notes, slides, and study material for my workshop at DEFCON 32 at the Bug Bounty Village
muhammadfaizan92/bugbountybloglist
Quick research done on some bug bounty blogs! Check em out :)
muhammadfaizan92/CredzCheckr
Testing default web credentials
muhammadfaizan92/CVE-2024-24919-Bulk-Scanner
CVE-2024-24919 [Check Point Security Gateway Information Disclosure]
muhammadfaizan92/CVE-2024-25600
Unauthenticated Remote Code Execution – Bricks <= 1.9.6
muhammadfaizan92/CVE-2024-36991
POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.
muhammadfaizan92/Directory-Traversal-Payloads
List of Directory Traversal/LFI Payloads Scraped from the Internet
muhammadfaizan92/Dome
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
muhammadfaizan92/gmapsapiscanner
muhammadfaizan92/img-payloads
muhammadfaizan92/img-payloads-1
muhammadfaizan92/ityfuzz
Blazing Fast Bytecode-Level Hybrid Fuzzer for Smart Contracts
muhammadfaizan92/Leaked-Credentials
how to look for Leaked Credentials !
muhammadfaizan92/malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
muhammadfaizan92/One-Liner-Collections
This Repositories contains list of One Liners with Descriptions and Installation requirements
muhammadfaizan92/OneDorkForAll
An insane list of all dorks taken from everywhere from various different sources.
muhammadfaizan92/payloads
muhammadfaizan92/pdf-exploit
POC Pdf-exploit builder on C#
muhammadfaizan92/pdFExploits
this repo contains all types of pdf exploits..
muhammadfaizan92/spyhunt
recon for bug hunters
muhammadfaizan92/SqliSniper
Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers
muhammadfaizan92/sub-over
muhammadfaizan92/takeover
muhammadfaizan92/weird_proxies
Reverse proxies cheatsheet
muhammadfaizan92/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956
WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries