Pinned Repositories
reflector
Burp plugin able to find reflected XSS on page in real-time while browsing on site
samling
Serverless SAML IDP for testing SAML integrations
surf
Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.
top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
vinnyvinoth's Repositories
vinnyvinoth/Apache-Solr-RCE_CVE-2023-50386_POC
Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)
vinnyvinoth/badsecrets
A library for detecting known secrets across many web frameworks
vinnyvinoth/bkcrack
Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
vinnyvinoth/burp-digitalocean-openvpn-socks
vinnyvinoth/confused
Tool to check for dependency confusion vulnerabilities in multiple package management systems
vinnyvinoth/cookiemonster
🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
vinnyvinoth/CVE-2023-34039
VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)
vinnyvinoth/CVE-2024-20931
CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839
vinnyvinoth/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
Microsoft-Outlook-Remote-Code-Execution-Vulnerability
vinnyvinoth/CVE-2024-21893.py
CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure
vinnyvinoth/CVE-2024-22024
Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure
vinnyvinoth/detect-cve-2024-4367
YARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js
vinnyvinoth/DockerRegistryGrabber
Enumerate / Dump Docker Registry
vinnyvinoth/frida-interception-and-unpinning
A Frida script to disable SSL certificate pinning in a target application
vinnyvinoth/GLAN-NucleiFinger
Nuclei指纹集合(自用)
vinnyvinoth/grpc-pentest-suite
gRPC-Web Pentesting Suite + Burp Suite Extension
vinnyvinoth/HttpRemotingObjRefLeak
Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting
vinnyvinoth/ILSpy
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
vinnyvinoth/IP-Morph
A bug bounty and web application penetration testing tool designed for ethical hackers and security professionals. With its innovative IP rotation feature, the tool seamlessly facilitates dynamic changes in IP addresses, enhancing anonymity and bypassing security measures during testing
vinnyvinoth/Ivanti-Connect-Around-Scan
Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.
vinnyvinoth/metasploit-javapayload
THIS REPO IS OBSOLETE. USE https://github.com/rapid7/metasploit-payloads INSTEAD
vinnyvinoth/nuclei-wordfence-cve
You just found a hidden gem 💎 This repo contains a massive amount (10,000+) of WordPress related Nuclei templates. Updated daily!
vinnyvinoth/pdf-injection
Tool to create XSS PDF files
vinnyvinoth/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
vinnyvinoth/pwn_jenkins
Notes about attacking Jenkins servers
vinnyvinoth/rayder
A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows
vinnyvinoth/ScoutSuite
Multi-Cloud Security Auditing Tool
vinnyvinoth/swagger
vinnyvinoth/xss
vinnyvinoth/zip-slip-vulnerability
Zip Slip Vulnerability (Arbitrary file write through archive extraction)