Pinned Repositories
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
awesome
:sunglasses: Curated list of awesome lists
awesome-cve-poc
✍️ A curated list of CVE PoCs.
big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
exploit-database
The official Exploit Database repository
fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
xml_attacks
Collection of XML Attacks & Payloads
toekhaing's Repositories
toekhaing/xml_attacks
Collection of XML Attacks & Payloads
toekhaing/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
toekhaing/awesome
:sunglasses: Curated list of awesome lists
toekhaing/awesome-cve-poc
✍️ A curated list of CVE PoCs.
toekhaing/big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
toekhaing/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
toekhaing/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
toekhaing/exploit-database
The official Exploit Database repository
toekhaing/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
toekhaing/github-dorks
The repository contains useful GitHub dorks for finding open-source vulnerabilities.
toekhaing/graduation
$ git remote <graduation> yearbook
toekhaing/LedgerSMB
Double-entry accounting & ERP for the web
toekhaing/linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
toekhaing/mmCybCon
Myanmar Cyber Conference Web Theme
toekhaing/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
toekhaing/oxml_xxe
A tool for embedding XXE/XML exploits into different filetypes
toekhaing/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
toekhaing/samsung-ime-rce-poc
Samsung Remote Code Execution as System User
toekhaing/script
My Impotant scripts and command while performing assessment.
toekhaing/SecureCodingDojo
The Secure Coding Dojo is a platform for delivering secure coding knowledge.
toekhaing/The-Shell
Ghost Theme
toekhaing/threat-hunting-kiddie
Threat Hunting Kiddie compile the techniques and Indicator of Compromise (IoC) to perform the Compromise Assessment and Threat Hunting.
toekhaing/ThreatHunting
An informational repo about hunting for adversaries in your IT environment.
toekhaing/top-10-cicd-security-risks
toekhaing/udpstorm
UDP attack also called Chargen Attack.
toekhaing/vane
A GPL fork of the popular wordpress vulnerability scanner WPScan
toekhaing/VulnPlanet
Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
toekhaing/weapons4pentester
:hocho: This repo contains required files for web application pentest.
toekhaing/XSSYA
XSSYA (Cross Site Scripting Scanner & Vulnerability Confirmation)
toekhaing/your-first-lab-cb-gh-000