Pinned Repositories
003Recon
Some tools to automate recon - 003random
996.ICU
Repo for counting stars and contributing. Press F to pay respect to glorious developers.
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
cobinhood.github.io
CORStest
A simple CORS misconfiguration scanner
criteo.github.io
Static site to list Criteo contributions to the Open Source community.
CRLF-Injection-Payloads
Payloads for CRLF Injection
dirsearch
A Go implementation of dirsearch.
dnspop
Analysis of DNS records to find popular trends
domain_analyzer
Analyze the security of any domain by finding all the information possible. Made in python.
muneebirfan's Repositories
muneebirfan/aem-hacker
muneebirfan/BugBounty
RepoToStoreBugBountyInfo
muneebirfan/circleci-logs
CircleCI log and security configuration automations
muneebirfan/codeza
This tool will scan all the URL's in the file and will provide Content-Length and Status-Code. Result will be saved in different files
muneebirfan/CVE-2019-11510-poc
Pulse Secure SSL VPN pre-auth file reading
muneebirfan/cve-2019-19781
This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.
muneebirfan/ffuf
Fast web fuzzer written in Go
muneebirfan/findomain
The fastest and cross-platform subdomain enumerator, don't waste your time.
muneebirfan/gitGraber
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
muneebirfan/github-search
Tools to perform basic search on GitHub.
muneebirfan/GitHubSearch
Search Github api with powershell
muneebirfan/goop
Google Search Scraper
muneebirfan/Insecure-Firebase-Exploit
A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.
muneebirfan/jsonp
jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
muneebirfan/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
muneebirfan/keyFinder
Keyfinder🔑 is a tool that let you find keys while surfing the web!
muneebirfan/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
muneebirfan/kiwicom.github.io
muneebirfan/LinksDumper
Extract (links/possible endpoints) from responses & filter them via decoding/sorting
muneebirfan/massNS
A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this as a reasearch into an alternative approach at gaining and using authoritative nameservers as resolvers . I welcome every suggestion / flaws / fixes / do's & dont's from everyone in the community. Thanks!
muneebirfan/OWASP-Testing-Checklist
OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
muneebirfan/pathbrute
Pathbrute
muneebirfan/pentest-tools
Custom pentesting tools
muneebirfan/postMessage-tracker
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
muneebirfan/pwn-pulse
Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
muneebirfan/SauronEye
Search tool to find specific files containing specific words, i.e. files containing passwords..
muneebirfan/Silver
Mass scan IPs for vulnerable services
muneebirfan/spoofcheck
Simple script that checks a domain for email protections
muneebirfan/sub.sh
Online Subdomain Detect Script
muneebirfan/tracy
A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.