s0md3v/Shiva

Stars
109
Rank 308,725 (Top 7 %)
Language
Python
Created about 6 years ago
Updated over 3 years ago

s0md3v/Shiva

s0md3v

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Improved DOS exploit for wordpress websites (CVE-2018-6389)

Shiva

First of all, put Shiva on watch. I will be upgrading it to a full stress testing suite over time. Shiva is designed to perform Denial Of Service (DOS) attack on wordpress sites by loading all jquery scripts at once through load-scripts.php. So basically its an exploit for CVE-2018-6389.

Awesomeness

Shiva uses multithreading to bring down websites as soon as possible,
You don't need to worry about your IP being exposed because Shiva uses Proxify to route all requests through random proxies which keep getting rotated automatically.

Dependencies & Compatibility

Shiva is compatible with both python2 and python3.
Dependencies:

requests
proxify

Usages

You can attack a target with Shiva as follows:

python shiva.py -u target.com -t 50

Where target.com is the target website and 50 is the number of threads.
You must keep in mind that Shiva is only effective against wordpress site so make sure your target runs on wordpress.
Number of threads should be selected according to the network speed.

roop

one-click face swap

XSStrike

Most advanced XSS scanner.

Photon

Incredibly fast crawler designed for OSINT.

Arjun

HTTP parameter discovery suite.

AwesomeXSS

Awesome XSS stuff

sd-webui-roop

roop extension for StableDiffusion web-ui

Smap

a drop-in replacement for Nmap powered by shodan.io

Striker

Striker is an offensive information and vulnerability scanner.

be-a-hacker

roadmap for a self-taught hacker

ReconDog

Reconnaissance Swiss Army Knife

Hash-Buster

Crack hashes in seconds.

huepy

Print awesomely in terminals.

Corsy

CORS Misconfiguration Scanner

Silver

Mass scan IPs for vulnerable services

uro

declutters url lists for crawling/pentesting

Diggy

Extract endpoints from apk files.

Decodify

Detect and decode encoded strings, recursively.

Blazy

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

Breacher

An advanced multithreaded admin panel finder written in python.

goop

Google Search Scraper

ote

Generate Email, Register for anything, Get the OTP/Link

Zen

Find emails of Github users

Parth

Heuristic Vulnerable Parameter Scanner

Orbit

Blockchain Transactions Investigation Tool

JShell

JShell - Get a JavaScript shell with XSS.

MyPapers

Repository for hosting my research papers

Bolt

Cloak

Cloak can backdoor any python script with some tricks.

nano

Nano is a family of PHP web shells which are code golfed for stealth.

sqlmate

A friend of SQLmap which will do what you always expected from SQLmap.

SubGPT

Find subdomains with GPT, for free

dump

Stuff that doesn't deserves its own repository.

hardcodes

find hardcoded strings from source code

Quark

Quark is a data visualization framework.

proxify

A python module for dumping usable proxies.

Predator

Anti-Automation System

velocity

DNS caching for humans

rewise

Google auto-complete wrapper

zetanize

HTML form parser for humans.

ifnude

nudity detector that works

Locky

Locky generates "really" strong yet easy to remember passwords.

Entropy

Entropy is a (prototype) WAF driven by maths.

fonetic-go

golang implementation of fonetic (https://github.com/s0md3v/fonetic)

meta

Explains and tests HTTP response headers

fonetic

assess pronounciblity of text

shades

wl

convert case style of words

s0md3v.github.io

my personal blog

s0md3v

.github

my default .github files

BG3-Mutant

Mod for Baldur's Gate 3 that adds a Mutant class to the game.