Name: Sahil Ojha
Type: User
Bio: Offensive Security Researcher | Application Penetration Tester
Twitter: SahilOj
Location: Nepal
Blog: sahilojha.com.np
š Iām currently working on Application Security
š I sometime write blogs on https://sahilojha.com.np
š¬ Ask me about Cybersecurity, Penetration Testing and Bug Hunting.
š« How to reach me : Twitter- @SahilOj
ā” Fun fact š Moto Rider
Ā
allaboutbugbounty
All about bug bounty (bypasses, payloads, and etc)
amazon
awesome-google-vrp-writeups
š A list of writeups from the Google VRP Bug Bounty program
bug-bounty-dorks
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
cve-2023-31702
Authenticated SQL Injection to RCE on database server in eScan Management Console
cve-2023-31703
Cross Site Scripting (XSS) in eScan Management Console
cve-2023-33730
Privilege Escalation to access admin user account in eScan Management Console
cve-2023-33731
Reflected Cross Site Scripting (XSS) in eScan Management Console
cve-2023-33732
cve-2023-34835
cve-2023-34836
cve-2023-34837
cve-2023-34838
cve-2023-34839
cve-2023-37189
Stored Cross-Site Scripting (XSS) vulnerability in billing feature of Issabel issabel-pbx v.4.0.0-6
cve-2023-37190
cve-2023-37191
Stored Cross-Site Scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6
cve-2023-37596
CSRF vulnerability in issabel-pbx 4.0.0-6 to delete any user
cve-2023-37597
CSRF vulnerability in issabel-pbx 4.0.0-6 to delete any user group
cve-2023-37598
CSRF vulnerability in issabel-pbx v.4.0.0-6 to delete any new virtual fax of users
cve-2023-37599
Directory Listing vulnerability in issabel-pbx 4.0.0-6 exposing application sensitive files
digmaster
digMaster is a command-line tool written in Go for performing DNS lookups. It allows users to quickly query DNS records for multiple subdomains specified in a file or entered interactively. This tool is built with an intention to identify subdomain takeover manually from DNS records.
facebook-bugbounty-writeups
Collection of Facebook Bug Bounty Writeups
sahiloj
sastlab
semgrep-rules
Semgrep rules registry
smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
swagger
Swagger XSS
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
š Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ššš
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ā¤ļø Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
