Nasur Ullah's Projects
RFI to XSS and Open redirect
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
A PortScanner for various plattforms
Temporary dump of posts I eventually plan to publish on a proper site
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Content released at NorthSec 2018 for my talk on prototype pollution
Just Simple Tools
some scripts for penetration testing
:snake: Syntax, working with Shell commands, Files, Text Processing, and more...
Collections of Quark Script that detect vulnerabilities in the binaries.
Simple script for full recon
Just some public notes that can be useful and i want let the world knows.
reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.
A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
This tools is use for finding AWS S3 bucket vulrnablity base on hackerone report. Idea of making this tool came from Hackerone report "https://hackerone.com/reports/128088"
s3 brute force tool
A lightweight Go-based port scanner that swiftly identifies open ports on specified IP addresses or hosts. It employs concurrent routines for efficient and accurate port identification, providing customizable port range options and supporting both TCP and UDP protocols.
Burp Suite Extension to monitor new scope
Collection of small security tools created mostly in Python. CTFs, pentests and so on
A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances.
Bash Script for Enumerating Spring Applications