okaayfine's Projects
Poc Collected for study and develop
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
Client Side Prototype Pollution Scanner
A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
Content released at NorthSec 2018 for my talk on prototype pollution
Prototype Pollution Lab
proxylogon, proxyshell, proxyoracle and proxytoken full chain exploit tool
All Algorithms implemented in Python
Remote Administration Tool for Windows
Just some bash scripting to help your recon.
Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
RCE 0-day for GhostScript 9.50 - Payload generator
OpenSource Poc && Vulnerable-Target Storage Box.
Automated Recon for Pentesting & Bug Bounty
Automated learning of regexes for DNS discovery
The project contains multiple shell scripts for automating the tasks during recon.
reNgine is a reconnaissance engine(framework) that does end-to-end reconnaissance with the help of highly configurable scan engines and does information gathering about the target web application. reNgine makes use of various open-source tools and makes a configurable pipeline of reconnaissance.
Http request smuggling vulnerability scanner
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
scanner detecting the use of JavaScript libraries with known vulnerabilities
CLI tool that extracts a regex pattern from a list of urls ( Rust )
Tool to check AWS S3 bucket permissions
List of S3 Hacks
Scan for open S3 buckets and dump
PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)
[Project-Kob-6]The toolbox of open source scanners - ๅฎๅ
จ่กไธไปไธไบบๅ่ช็ ๅผๆบๆซๆๅจๅ้๐ป
The Ultimate OSINT Framework
Second-order subdomain takeover scanner