a1k-ghaz1's Projects
Prototype Pollution and useful Script Gadgets
Uncover the true IP address of websites safeguarded by Cloudflare & Others
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Try to find the origin IP of a webapp protected by Cloudflare.
A cloudflare verification bypass script for webscraping
Cloudflare DNS Enumeration Tool for Pentesters
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
CMS (Content Management Systems) Detection and Exploitation suite
CMS渗透测试框架-A CMS Exploit Framework
Collect XSS vulnerable parameters from entire domain.
🎯 Command Injection Payload List
Automated All-in-One OS command injection and exploitation tool.
A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.
XSS Cookie Stealer | PROOF OF CONCEPT
CTF (Capture The Flag) writeups, code snippets, notes, scripts
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
A command-line interface for preparing and outputting Cumulus Messages for Cumulus Tasks
XSS via Host Header injection and Steal Password Reset Token of another user
[Confluence] CVE-2023-22527 realworld poc
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
CVE-2024-32640 | Automated SQLi Exploitation PoC
Tool to find CVEs and Exploits.
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis