Pinned Repositories
advisories
Atredis Partners Security Advisories
Blind-XSS-Burp-Plugin
A blind XSS Burp Plugin that intercepts every request and puts an XSS payload in headers
dockers
list of dockerfiles
fileDiffer
You can constantly monitor any file with this script
minotaur
Dockerized automated scanning
Services-Tracker
A quick Python3 Sqlite3 database tool to store services (Jira,Confluence,..) found online to use when a new exploit is made public.
ssrfScan
Scan for SSRF everywhere
Writeups
Writeups and Tools from challenges in HackTheBox, Vulnhub and CTFs
th3-alch3m1st's Repositories
th3-alch3m1st/fileDiffer
You can constantly monitor any file with this script
th3-alch3m1st/minotaur
Dockerized automated scanning
th3-alch3m1st/Services-Tracker
A quick Python3 Sqlite3 database tool to store services (Jira,Confluence,..) found online to use when a new exploit is made public.
th3-alch3m1st/Writeups
Writeups and Tools from challenges in HackTheBox, Vulnhub and CTFs
th3-alch3m1st/advisories
Atredis Partners Security Advisories
th3-alch3m1st/Blind-XSS-Burp-Plugin
A blind XSS Burp Plugin that intercepts every request and puts an XSS payload in headers
th3-alch3m1st/dockers
list of dockerfiles
th3-alch3m1st/ssrfScan
Scan for SSRF everywhere
th3-alch3m1st/Android-Security-Reference
A W.I.P Android Security Ref
th3-alch3m1st/blindSQLi
A python based blind SQL injection exploitation script
th3-alch3m1st/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
th3-alch3m1st/docker-hacks
List of dockers used for hacks
th3-alch3m1st/Exploits
th3-alch3m1st/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
th3-alch3m1st/KeeThief
Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.
th3-alch3m1st/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
th3-alch3m1st/Powermad
PowerShell MachineAccountQuota and DNS exploit tools
th3-alch3m1st/th3-alch3m1st.github.io
th3-alch3m1st/xless
The Serverless Blind XSS App