@kh4sh3i
  • Stars
    star
    759
  • Global Rank 39,815 (Top 2 %)
  • Followers 127
  • Following 18
  • Registered over 4 years ago
  • Most used languages
    Python
    78.6 %
    HTML
    7.1 %
    Shell
    7.1 %
    PowerShell
    7.1 %
  • Location ๐Ÿ‡ฎ๐Ÿ‡ท Iran
  • Country Total Rank 35
  • Country Ranking
    Shell
    10
    Python
    97
    HTML
    1,140

Top repositories

1

ICS-Pentesting-Tools

A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing
222
star
2

smartrecon

smartrecon is a powerful shell script to automate the recon and finding common vulnerabilities for bug hunter
Shell
82
star
3

cloud-penetration-testing

A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud
58
star
4

Ransomware-Samples

Small collection of Ransomware organized by family.
48
star
5

bug-bounty-writeups

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.
34
star
6

exchange-penetration-testing

The great Microsoft exchange hack: A penetration testerโ€™s guide (exchange penetration testing)
PowerShell
29
star
7

Apache-Tomcat-Pentesting

Apache Tomcat exploit and Pentesting guide for penetration tester
27
star
8

Penetration-Testing-Interview-Questions

Penetration Testing Interview Questions
23
star
9

wifi-password-stealer

steal saved wifi passwords in a computer & ip of target then report them through email.
Python
17
star
10

Application-Security-Interview-Questions

Here are some common interview questions for an application security position you can review for your own interview, along with example answers
17
star
11

Ransomware

Ransomware Simulator for Blue team ,Ransomware Simulator for Red team ,Ransomware infographic, open source Anti Ransomware, Ransomware As A Service and Ransomware protection technologies
16
star
12

Malware-Analysis

A curated list of awesome malware analysis tools and resources
15
star
13

security-mindmap

This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security Professional people
15
star
14

Spring-CVE

This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell".
Python
13
star
15

ProxyShell

CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability
Python
12
star
16

CVE-2022-23131

Zabbix - SAML SSO Authentication Bypass
Python
9
star
17

xmlrpc-exploit

Exploiting the xmlrpc.php on all WordPress versions
9
star
18

FFUF-Tricks

Describe how to use ffuf different options with examples
7
star
19

DDoS-Attack

DDoS Attack and type of ddos attack and ddos mitigation approach
7
star
20

ElasticSearch-Pentesting

ElasticSearch exploit and Pentesting guide for penetration tester
7
star
21

Shodan-Dorks

a curated list of shodan dorks for finding sensitive data in shodan.io
7
star
22

Active-Directory-Attacks

A curated list of awesome Active Directory Penetration Testing and attack resources
6
star
23

DevSecOps

Collection and Roadmap for everyone who wants DevSecOps, contains list of tools and methodologies
6
star
24

Smishing-Botnets

Smishing Botnets Going Viral in Iran
5
star
25

Cyber-Threat-Hunting

A curated list of threat detection and hunting resources
5
star
26

Cloud-Flaws-CTF

flAWS.cloud and flAWS2.cloud Interactive tutorial/CTFs to learn common AWS security mistakes.
5
star
27

Bug-Hunting-Handbook

Bug Hunting Handbook
5
star
28

Nextcloud-Pentesting

Nextcloud exploit and Pentesting guide for penetration tester
5
star
29

Fresh-Resolvers

List of fresh DNS resolvers updated daily
4
star
30

bruteforce-http-authentication

Bruteforce HTTP Authentication. Supports: Basic HTTP authentication ,Digest HTTP authentication
Python
4
star
31

ProxyLogon

ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)
Python
4
star
32

RabbitMQ-Pentesting

RabbitMQ exploit and Pentesting guide for penetration tester
4
star
33

CVE-2022-26134

[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)
Python
3
star
34

PHP-Interview-Questions

a curated list of php interview questions and answers
3
star
35

cyber-attacks-in-iran

A curated list of awesome cyber attacks in iran, we want to review and explain some advanced attack that happened in iran, in order to learned some security tips.
3
star
36

Webmin-CVE

a Curated list of Webmin vulnerability for penetration tester
Python
3
star
37

open-DNS-resolver

DNS Open resolvers or Open DNS resolver vulnerability are type of DNS amplification attack.
3
star
38

Python-Interview-Questions

a curated list of Python interview questions and answers
2
star
39

CVE-2023-38646

Metabase Pre-auth RCE (CVE-2023-38646)
Python
2
star
40

Gitlab-CVE

a Curated list of gitlab vulnerability
2
star
41

GitLab-SSRF-CVE-2021-22214

POC for CVE-2021-22214: Gitlab SSRF
Python
2
star
42

FortiWeb

FortiWeb is a web application firewall (WAF)
2
star
43

kh4sh3i

1
star
44

CKEditor-Pentesting

1
star
45

Grafana-CVE

a Curated list of Grafana Security Vulnerabilities, CVE & exploit
1
star
46

Favicon-Hash

Calculate Favicon Hash for Shodan
Python
1
star
47

Splunk

a useful tutorial about splunk and security splunk app
1
star
48

97-Tests-for-Authentication-API

97 JSON Tests for Authentication Endpoints
1
star
49

Redis-Pentesting

Redis exploit and Pentesting guide for penetration tester
1
star
50

CVE-2021-30573

Google Chrome Vulnerabilities CVE-2021-30573 allowed a remote attacker to potentially exploit heap corruption
HTML
1
star