th3hack3rwiz
Welcome! A CTI analyst here, who has knowledge in pentesting, bug bounty hunting, and who loves scripting tools to contribute to the cybersecurity community.
Pinned Repositories
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
Bug-Bounty-scripts
BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Excel2Navigator
test
Fu-JS
This tool aims at accumulating javascript files from a given set of subdomains to discover hidden endpoints. It swims through JS files to find more JS files. It also creates a target-specific wordlist from the JS-files for further content discovery and dumps all the discovered JS files neatly in a folder for static analysis.
Lazy-FuzzZ
Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the false positives we obtain in those results. To solve this problem I created Lazy FuzzZ. It fuzzes all those urls, removes all false positives and sends only legitimate results to burpsuite.
Mal-Or-Not
Mal-O-Not: Malicious Entity Detector
Phish-Me-Not
This project aims at training/educating employees about real-life phishing attack scenarios by carrying out simulated spear-phishing attacks.
Scantime-Crypter
The project aims at building a Scan-Time Crypter that can assist a malware in bypassing antivirus software. The Crypter will open the malware from the disk while creating another output file to the disk. The Crypter will then extract the contents from the malware and obfuscate them using XOR encryption algorithm. The obfuscated contents will then be written to the previously created output file. When the obfuscated file is opened by the victim, the Crypter will then start the de-obfuscation process by using the same key it used to encrypt it in the first place.
Wordlist-Weaver
The project aims at creating target-specific wordlists for any web application that you are testing.
th3hack3rwiz's Repositories
th3hack3rwiz/Wordlist-Weaver
The project aims at creating target-specific wordlists for any web application that you are testing.
th3hack3rwiz/Lazy-FuzzZ
Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the false positives we obtain in those results. To solve this problem I created Lazy FuzzZ. It fuzzes all those urls, removes all false positives and sends only legitimate results to burpsuite.
th3hack3rwiz/Fu-JS
This tool aims at accumulating javascript files from a given set of subdomains to discover hidden endpoints. It swims through JS files to find more JS files. It also creates a target-specific wordlist from the JS-files for further content discovery and dumps all the discovered JS files neatly in a folder for static analysis.
th3hack3rwiz/Scantime-Crypter
The project aims at building a Scan-Time Crypter that can assist a malware in bypassing antivirus software. The Crypter will open the malware from the disk while creating another output file to the disk. The Crypter will then extract the contents from the malware and obfuscate them using XOR encryption algorithm. The obfuscated contents will then be written to the previously created output file. When the obfuscated file is opened by the victim, the Crypter will then start the de-obfuscation process by using the same key it used to encrypt it in the first place.
th3hack3rwiz/Phish-Me-Not
This project aims at training/educating employees about real-life phishing attack scenarios by carrying out simulated spear-phishing attacks.
th3hack3rwiz/Mal-Or-Not
Mal-O-Not: Malicious Entity Detector
th3hack3rwiz/Bug-Bounty-scripts
th3hack3rwiz/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
th3hack3rwiz/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
th3hack3rwiz/Excel2Navigator
test
th3hack3rwiz/GenCodi-cide
This tool generates random codes for brute-forcing pattern type pass codes.
th3hack3rwiz/Mal-OR-Not-2.0
This repository will contain a CLI version of the project - Mal-OR-Not. The aim is to implement it using docker to learn something new.
th3hack3rwiz/mona
Corelan Repository for mona.py
th3hack3rwiz/Pentesting-with-Golang-
I will be posting codes for pentesting written in golang!
th3hack3rwiz/Permutator
This project aims at creating a wordlist with permuation of paths from a set of URLs
th3hack3rwiz/Programming-in-Golang
I am learning Golang! I will be posting my Go programs over here.
th3hack3rwiz/python-projects
th3hack3rwiz/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
th3hack3rwiz/th3hack3rwiz
th3hack3rwiz/th3hack3rwiz.github.io
th3hack3rwiz/wpxmlrpcbrute
Brute force WordPress sites vulnerabile to XML-RPC amplification.