-
Emad Shanab
- Egypt
- https://twitter.com/Alra3ees
- @Alra3ees
Stars
A path-normalization pentesting tool.
LazyHunter is an automated reconnaissance tool designed for bug hunters, leveraging Shodan's InternetDB and CVEDB APIs
my mini collection of exploits and scripts for pentest
An awesome reverse engine for xray poc. | 一个自动化根据 xray poc 生成对应靶站的工具
Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit
POC - WordPress File Upload plugin, in the wfu_file_downloader.php file before version <= 4.24.11
A simple bash script that downloads a collection of BChecks from various sources and consolidates them into a single directory.
based on https://x.com/PortSwiggerRes/status/1886792856204959824?t=zRm2hVCr2UeewQSvgenERQ&s=08 just implemented bchecks for additional stuff
Bounty Prompt is an Open-Source Burp Suite extension by Bounty Security that leverages advanced AI via Burp AI and Groq AI. It enables users to generate intelligent security testing prompts and tai…
TimeVault is a specialized automated tool designed to detect potential information disclosure vulnerabilities in web applications by leveraging archived URLs from the Wayback Machine.
Collect the path of the js file from the wayback machine using gau and download it from the real domain.
A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
GitHub Entreprise Server SAML authentication bypass (CVE-2025-23369) exploit
Grep subdomains from web pages.
This tools used for Automating finding of subdomain, and checking for alive subdomain, and gathering js files from all the subdomain and then automating finding of sensitive information on all the …
DsSScan — is a tool for scanning directories contained in .DS_Store files used on websites. It extracts information about the directory structure and paths stored in these files, which can be usefu…
Perform a simple scan on your OutSystems applications.