Pinned Repositories
100-redteam-projects
A small list of projects for students of programming for cybersecurity
1ndi-hacks
Bug Bounty Tools
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
OneForAllFacebook
Modified patch of https://github.com/Naituw/HackingFacebook/ and https://github.com/Naituw/IPAPatch/
oneliner-bugbounty
oneliner commands for bug bounties
rengine
reNgine is a reconnaissance engine(framework) that does end-to-end reconnaissance with the help of highly configurable scan engines and does information gathering about the target web application. reNgine makes use of various open-source tools and makes a configurable pipeline of reconnaissance.
VHostScan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
okaayfine's Repositories
okaayfine/AEM-List
okaayfine/arsenal
Arsenal is just a quick inventory and launcher for hacking programs
okaayfine/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
okaayfine/awesome-vulnerable
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
okaayfine/azureOutlookC2
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
okaayfine/crawlergo
A powerful browser crawler for web vulnerability scanners
okaayfine/CVE-2021-26084
Atlassian Confluence CVE-2021-26084 one-liner mass checker
okaayfine/Dorks-collections-list1
List of Github repositories and articles with list of dorks for different search engines
okaayfine/earlybird
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
okaayfine/FingerprintHub
侦查守卫(ObserverWard)的指纹库
okaayfine/Flask-Unsign
Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
okaayfine/Grafana-CVE-2021-43798
Grafana Unauthorized arbitrary file reading vulnerability
okaayfine/learn365
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
okaayfine/log4j-affected-db
okaayfine/log4j-fuzz-head-poc
批量检测log4j漏洞,主要还是批量fuzzz 头
okaayfine/log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
okaayfine/MANSPIDER
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
okaayfine/My-Nuclei-Templates
Nuclei Templates - Here you will find the templates I use while hunting
okaayfine/nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
okaayfine/NotQuite0DayFriday
This is a repo which documents real bugs in real software to illustrate trends, learn how to prevent or find them more quickly.
okaayfine/OffenOsint
Beta release
okaayfine/Oralyzer
Open Redirection Analyzer
okaayfine/privatecollaborator
A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
okaayfine/Proxy-Attackchain
proxylogon, proxyshell, proxyoracle and proxytoken full chain exploit tool
okaayfine/RCE-0-day-for-GhostScript-9.50
RCE 0-day for GhostScript 9.50 - Payload generator
okaayfine/reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
okaayfine/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
okaayfine/SprayingToolkit
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
okaayfine/test
test
okaayfine/Web-Cache-Vulnerability-Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).