Nasur Ullah's Projects
Proof of concept written in Python to show that in some situations a SSRF vulnerability can be used to steal NTLMv1/v2 hashes.
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
These are the regexes that power truffleHog
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
Auto deployment of my VPS
WAF Bypass Tool by Nemesida WAF Team
Web Attack Cheat Sheet
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
Anotações e scripts de web scraping, screen scraping, etc
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Web App bug hunting
Reverse proxies cheatsheet
Resources for Windows exploit development
Collection of some common wordlists such as RDP password, user name list, ssh password wordlist for brute force. IP Cameras Default Passwords.
Infosec Wordlists
wp-file-manager 6.7 (Aug 2020) Wordpress Plugin 0day - Remote Code Execution
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
XERXES the most powerful DoS tool
xss test