Muhammad Daffa's Projects
Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
All about bug bounty (bypasses, payloads, and etc)
Go script to guess an API key / OAuth token found during pentest. CLI version of https://github.com/daffainfo/apiguesser-web/
Simple website to guess API Key / OAuth Token
Random Tools for Bug Bounty
Final Project for Mobile Device Programming Course
Go script for bypassing 403 forbidden
PHP CRUD + Login and Register
Website info-corona.id
CTF Writeups
Personal website and blog made using Hugo and PaperMod theme
DNS lookup using Go
Go scripts for finding sensitive data like API key / some keywords in the github repository
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Jawaban pemrograman C dan C++ https://tlx.toki.id/
Go scripts for checking API key / access token validity
Simple API to scans SPF, DMARC, DKIM records for issues that could allow email spoofing.
Tools for Detecting Malicious Packages
Useful "Match and Replace" burpsuite rules
Some contributions in the nuclei-templates repository
Golang tool to send notifications to LINE app
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Template to detect some malware
Community curated list of templates for the nuclei engine to find security vulnerabilities.
A collection oneliner scripts for bug bounty
Simple bash script to install OpenXPKI on Debian
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Suricata rules that can detect a wide range of threats, including malware, exploits, and other malicious activity especially web application attacks