Pinned Repositories
aspxWebshell
asp.net webshell
Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
public-apis
A collective list of free APIs
SQL-login-bypass
Brute forcing login pages with SQL Injection queries with cURL
top-nmap-ports-csv
Various lists of the most popular ports as evaluated by nmap, expressed as lists and csv.
s41n1k's Repositories
s41n1k/SQL-login-bypass
Brute forcing login pages with SQL Injection queries with cURL
s41n1k/aspxWebshell
asp.net webshell
s41n1k/-Plugin-WPML-Version-4.6.1-RXSS
WordPress Plugin WPML Version < 4.6.1 RXSS vulnerability
s41n1k/CCTV-telegram-to-users
Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegram API integration. Offering precise tracking within 50-100 meters, users can monitor others in real-time for logistics or safety, redefining how we navigate our surroundings.
s41n1k/CVE-2023-2825
GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0.
s41n1k/CVE-2023-28432
CVE-2023-28434 nuclei templates
s41n1k/CVE-2023-34992
CVE-2023-34992: Fortinet FortiSIEM Command Injection Proof of Concept Exploit
s41n1k/cve-2023-3519-citrix-scanner
Citrix Scanner for CVE-2023-3519
s41n1k/CVE-2024-2389
enkins CVE-2024-23897 RCE
s41n1k/CVE-2024-23897
jenkins CVE-2024-23897 RCE
s41n1k/CVE-2024-29849
Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)
s41n1k/CVE-2024-38475
s41n1k/Fast-Google-Dorks-Scan
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
s41n1k/GoogleRecaptchaBypass
Solve Google reCAPTCHA in less than 5 seconds! 🚀
s41n1k/nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
s41n1k/PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
s41n1k/pdFExploits
this repo contains all types of pdf exploits for pdf.js CVE-2024-4367
s41n1k/Priv8-Nuclei-Templates
My Priv8 Nuclei Templates
s41n1k/PyPhisher
Easy to use phishing tool with 77 website templates. Author is not responsible for any misuse.
s41n1k/shell-extension-upload_bypass
File upload restrictions bypass, by using different bug bounty techniques!
s41n1k/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
s41n1k/SQL_Injection-Techniques
Advanced SQL Injection Techniques for Bug Bounty Hunters
s41n1k/svn-extractor
simple script to extract all web resources by means of .SVN folder exposed over network.
s41n1k/swagger-ui-xss
Swagger UI >=3.14.1 < 3.38.0 XSS payload
s41n1k/swagger-xssTOssrf
Swagger ui XSS to SSRF payload
s41n1k/Unicode-Punycode
Create Punycode text because Cpanel blocking you to create with Unicode Character. You can use this python script.
s41n1k/vulnerability-Checklist-logical
logical, bussiness error, broken authentication bugs
s41n1k/WebShells
s41n1k/x8
Hidden parameters discovery suite with RUST
s41n1k/xorshell
Encoder PHP webshell to bypass WAF using XOR operations.