xen00rw
Cyber Security Professional. Actually doing activities like Pentesting/Red Teaming/Bug hunting
Brazil
Pinned Repositories
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
android-penetration-testing-cheat-sheet
Work in progress... Thanks for all the stars, I will try to prioritize this project :)
c2hack
C2Hack, sharing tips and tricks for pentesters
exfil_server
An basic python exfiltration server (HTTP) to handle with multiple files and save it local with different hash names.
GoForDorks
Easier way to use advanced search syntax on common search engines like Google, Yandex, DuckDuckGo and more.
lazy_scripts
Basic javascript snippets to interact with DOM in some web services in order to extract usefull information.
tableofrefs
This is an repository created to compress information and make easier to find informations normally used for creating reports on day2day work.
xen00rw
MyProfile
xen00rw's Repositories
xen00rw/lazy_scripts
Basic javascript snippets to interact with DOM in some web services in order to extract usefull information.
xen00rw/tableofrefs
This is an repository created to compress information and make easier to find informations normally used for creating reports on day2day work.
xen00rw/exfil_server
An basic python exfiltration server (HTTP) to handle with multiple files and save it local with different hash names.
xen00rw/xen00rw
MyProfile
xen00rw/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
xen00rw/android-penetration-testing-cheat-sheet
Work in progress... Thanks for all the stars, I will try to prioritize this project :)
xen00rw/chisel
A fast TCP/UDP tunnel over HTTP
xen00rw/Conferences
Conference slides
xen00rw/csrf-poc-generator
this html file creates a csrf poc form to any http request.
xen00rw/dumpall
一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出
xen00rw/GoForDorks
Easier way to use advanced search syntax on common search engines like Google, Yandex, DuckDuckGo and more.
xen00rw/frida-scripts
Frida Scripts
xen00rw/git-dumper
A tool to dump a git repository from a website
xen00rw/GoMapEnum
User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin
xen00rw/HTTPLeaks
HTTPLeaks - All possible ways, a website can leak HTTP requests
xen00rw/imapsprayer
A simple IMAP password sprayer
xen00rw/juicyinfo-nuclei-templates
Nuclei (https://github.com/projectdiscovery/nuclei) templates for extracting juicy info from web pages
xen00rw/LoggerPlusPlus-API-Filters
A Collection of Logger++ Filters for Hunting API Vulnerabilities
xen00rw/LOTL
Living Off The Land (LOTL) persistent Reverse shell
xen00rw/MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
xen00rw/MSOLSpray
A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
xen00rw/o365recon
retrieve information via O365 and AzureAD with a valid cred
xen00rw/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
xen00rw/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
xen00rw/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
xen00rw/sns
IIS shortname scanner written in Go
xen00rw/subdominex
xen00rw/subjs
Fetches javascript file from a list of URLS or subdomains.
xen00rw/waymore
Find way more from the Wayback Machine!
xen00rw/zendesk_chat_adapter
Inbenta's public repository