sandiyochristan

Google VRP Security Researcher --------->Penetration Tester Part-Time BugHunter

Pinned Repositories

aboutme
me
Language:HTML0 1 00
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
0 0 01
AhMyth
Cross-Platform Android Remote Administration Tool | Official maintained repository for the AhMyth R.A.T Project | A dedicated revival of the original repository at https://GitHub.com/AhMyth/AhMyth-Android-RAT
Language:Smali00
android-penetration-testing-cheat-sheet
Work in progress... Thanks for all the stars, I will try to prioritize this project :)
Language:JavaScript0 0 00
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
0 0 00
android_lab
Language:Java0 0 00
Damn-Vulnerable-Android-Components
An intentionally vulnerable Android Application to demonstrate various vulnerabilities that airses in Android Components.
Language:Java1 0 00
DevSecOps-Project
DevSecOps Project to setup Netflix clone on AWS using CICD, Security, Monitoring and GitOps
Language:TypeScript1 0 00
jh-bbhtv4
Recon-Hero
1 1 01
XSS-Payloads
List of advanced XSS payloads
1 0 00

sandiyochristan's Repositories

sandiyochristan/Damn-Vulnerable-Android-Components
An intentionally vulnerable Android Application to demonstrate various vulnerabilities that airses in Android Components.
Language:Java1 0 00
sandiyochristan/aboutme
me
Language:HTML0 1 00
sandiyochristan/AhMyth
Cross-Platform Android Remote Administration Tool | Official maintained repository for the AhMyth R.A.T Project | A dedicated revival of the original repository at https://GitHub.com/AhMyth/AhMyth-Android-RAT
Language:Smali00
sandiyochristan/aws-security-reference-architecture-examples
Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation and Customizations for AWS Control Tower.
sandiyochristan/AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
sandiyochristan/CVE-2022-20494
Exploit app for CVE-2022-20494, a high severity permanent denial-of-service vulnerability that leverages Android's DND (Do not disturb) feature
sandiyochristan/CVE-2024-3400
This script is designed to demonstrate the exploitation of vulnerabilities in PAN-OS firewalls. It sends a specially crafted payload to the firewall's API endpoint to execute arbitrary commands.
sandiyochristan/cve_2024_0044
CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
sandiyochristan/dot
The Deepfake Offensive Toolkit
sandiyochristan/ElectricEye
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
sandiyochristan/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
sandiyochristan/ikos-sast
Static analyzer for C/C++ based on the theory of Abstract Interpretation.
sandiyochristan/jira_clone
A simplified Jira clone built with React/Babel (Client), and Node/TypeScript (API). Auto formatted with Prettier, tested with Cypress.
sandiyochristan/malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
sandiyochristan/mantis
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
sandiyochristan/MicrosoftSecurity
Microsoft Security Guidance
sandiyochristan/newrelic-php-agent
The New Relic PHP Agent
sandiyochristan/nfcgate
An NFC research toolkit application for Android
sandiyochristan/Notes
sandiyochristan/nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
sandiyochristan/osx-security-awesome
A collection of OSX and iOS security resources
sandiyochristan/pwndoc
Pentest Report Generator
sandiyochristan/replay-attack
A device built with an Arduino board that captures wireless signals and replays them at specific frequencies. It supports operation at 433 MHz or 315 MHz frequencies for various signal applications.
sandiyochristan/RFreplayESP
Record and replay RF433Mhz signals on an ESP8266, using the Arduino IDE.
sandiyochristan/ScubaGear
Automation to assess the state of your M365 tenant against CISA's baselines
sandiyochristan/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
sandiyochristan/Web-Phishing-Detection
Detect the phishing sites with Trained Models along with some basic scans & Site Analysis techniques and APIs
Language:Jupyter Notebook
sandiyochristan/Wehack
TOOOOOL
Language:HTML
sandiyochristan/whoami
About me
Language:HTML1 0
sandiyochristan/wondercms
Fast and small flat file CMS (5 files). Built with PHP, JSON database.