rizzy01,github

malwarepersistencescripts

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

mercure

Mercure is a tool for security managers who want to train their colleague to phishing.

merlin

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

mobile-detect

Mobile_Detect is a lightweight PHP class for detecting mobile devices (including tablets). It uses the User-Agent string combined with specific HTTP headers to detect the mobile environment.

noisy

Simple random DNS, HTTP/S internet traffic noise generator

The project’s primary goals consist of: A robust and effective web based online banking system. Extending functionality without compromising the security. Personal banking services that gives you complete control over all your banking demands online. Simple and easy user interface to work with. Online Banking features: Registration for online banking by Admin. Adding Beneficiary account by customer. Transferring amount to the beneficiary added by customer. Staff must approve for beneficiary activation before it can be used for transferring funds. Customer gets to know his last login date and time each time he logs in. Customer can check last 10 transactions made with their account. Customer can check their account statement within a date range. Customer can request for ATM and Cheque Book. Staff will approve requests for ATM card and cheque book. Admin can add/edit/delete customer as well as staff. All three of them(customer, staff & admin) can change their password. Staff and Admin Login pages are hidden from customer for security purpose. Security: Each and every input is passed through mysql_real_escape_string() to remove special characters from the string so that user can’t submit arbitrary input. It protects from attacks like Sql Injection and Cross Site Scripting(XSS). Passwords are encrypted with SHA- 1 hashing algorithm and then stored in database. Passwords are stored as encrypted hashes with an additional random salt for added security. Note: If we talk about security,above mentioned points would provide no security at all but it will work for beginners. Being into web app pentesting,I very well know this project will not be considered secure. It needs atleast a more effective filtering mechanism, better hashing algorithm, a better salting procedure for storing passwords and some other things too. Database: The database contains customer, staff & admin tables. Each customer has its own virtual passbook linked with its account number. Staff, customer and, admin have their details and password in their respective tables with all the details. A separate table for beneficiary is included in the database. A table for cheque book and ATM requests is included. This project is divided into three hierarchical parts: The index page for the customer login. A hidden staff login page. A hidden admin login page. Usage: 1.Install XAMPP or something similar. 2.Copy all the files to c:/xampp/htdocs/banking/ 3.Create a db named as 'bnak_db' and import the bank_db.sql from phpMyAdmin. 4.change the password in _inc/dbconn.php file accordingly. 5.visit localhost/banking (customer index page) 6.visit localhost/banking/adminlogin.php (admin login) 7.visit the localhost/banking/staff_login.php (staff login)

operative-framework

This is a framework based on fingerprint action, this tool is used for get information on a website or a enterprise target with multiple modules (Viadeo search,Linkedin search, Reverse email whois, Reverse ip whois, SQL file forensics ...)

osint-spy

Performs OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. If you want to ask something please feel free to reach out to me at [email protected]

osweep

Don't Just Search OSINT. Sweep It.

oxwall

passwordresetphp

PHP MySQL FileMaker User Registration System with Secure Password Reset and Multiple File Upload

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

payment-gateway

Bitcoin/Altcoins PHP Payment Class. It supports Bitcoin BitcoinCash DASH Dogecoin Litecoin Reddcoin Feathercoin Vertcoin Potcoin Speedcoin. Install GoUrl php script - bitcoin api payment gateway on your site!

phishdetect

PhishDetect is a tool to help identify phishing pages

php-dkim

Send Php multipart mime message signed with DKIM keys and php mail() function

php-mail-signature

Sign your e-mails with DKIM and Domain Keys in PHP

php-shell-detector

Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%.

php_ip_blacklist

phpsploit

Stealth post-exploitation framework

plaguescanner

Open source multiple AV scanner framework

polr

:aerial_tramway: A modern, powerful, and robust URL shortener

powershell-rat

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

powershell-uac-bypass

A UAC bypass dropper written in powershell

powershx

Run Powershell without software restrictions.

rizzy01 Goto Github PK

rizzy01's Projects

Recommend Projects

Recommend Topics

Recommend Org