Pinned Repositories
api_paths
A list of REST API URL paths for use in blackbox API end-point discovery
Aquascreen
Personal script to grab all the subdomains of a specific target from Aquatone and run Webscreenshot tool on each subdomain.
Asnlookup
Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
CVE-2018-0296
Script to test for Cisco ASA path traversal vulnerability (CVE-2018-0296) and extract system information.
CVE-2020-5902
Proof of concept for CVE-2020-5902
sublert
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
the-nuclei-templates
Nuclei templates written by us.
yassineaboukir's Repositories
yassineaboukir/api_paths
A list of REST API URL paths for use in blackbox API end-point discovery
yassineaboukir/Aquascreen
Personal script to grab all the subdomains of a specific target from Aquatone and run Webscreenshot tool on each subdomain.
yassineaboukir/h1domains
HackerOne "in scope" domains
yassineaboukir/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
yassineaboukir/magento-exploits
Exploits for Magento 2.3.0 and lower
yassineaboukir/wordlist
Collection of some common wordlists such as RDP password, user name list, ssh password wordlist for brute force. IP Cameras Default Passwords.
yassineaboukir/enumerate-iam
Enumerate the permissions associated with AWS credential set
yassineaboukir/Exploits
yassineaboukir/gitleaks
Audit git repos for secrets 🔑
yassineaboukir/InformationSecurity
A place where I can create, collect and share tooling, resources and knowledge about information security.
yassineaboukir/TravisLeaks
A tool to find sensitive keys and passwords in Travis logs
yassineaboukir/AWAE-PREP
This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by me and various courses.
yassineaboukir/BreachCompilation
BreachCompilation Tools
yassineaboukir/DNSGrep
Quickly Search Large DNS Datasets
yassineaboukir/FileChangeMonitor
Continuous monitoring for JavaScript files
yassineaboukir/firebase
Exploiting misconfigured firebase databases
yassineaboukir/kexkill
Proof of concept for CVE-2016-8858
yassineaboukir/Keye
Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a list of urls, it will make a request to these urls and it will try to detect changes on these urls based on their Content-Length.
yassineaboukir/keywords
yassineaboukir/livestream-api-samples
Public API Sample
yassineaboukir/messpostage
PostMessage extension
yassineaboukir/mysql.stack
yassineaboukir/OpenVBX
OpenVBX is a web-based open source phone system for business.
yassineaboukir/python-sdk
The official Alooma Python SDK. Allows integration of Alooma into any Python application
yassineaboukir/svg-cheatsheet
A cheatsheet for exploiting server-side SVG processors.
yassineaboukir/tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
yassineaboukir/turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
yassineaboukir/xsshunter
The XSS Hunter service - a portable version of XSSHunter.com