Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.

Self-deployed Straight-forward hacking lab machine which designed for new comer who want to learn Penetration Testing field that running inside Docker for easy setup.

A Laravel package to scrub sensitive information that breaks operational security policies from being leaked on accident or not by developers.

Subscan is a simple tool for subdomain scanner, it can scan subdomains fast.

Website for testing and preventing different attacks like XSS, SQL Injection & Spoofing for Nasscom (ISAA) Project.

Secure Coding Practices for PHP – A white paper and code snippets on best practices for securing PHP applications, covering input validation, authentication, encryption, and more. 🔒🚀

Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vulnerabilities such as SQL, cross-site scripting (XSS), OS command injections, our intention to expand more vulnerabilities for learning purposes.

Challenges of the alpha ctf 2022

PHP DDoS/Stress Test

This is a simple web application that allows users to try and solve a series of challenges. The challenges are designed to test the user's knowledge of web security and programming. The application is written in PHP.

Web Shell Detector is a PHP script designed to identify PHP, CGI (Perl), ASP/ASPX shells. It uses a "web shells" signature database to detect shells with up to 99% accuracy. The tool features a lightweight and user-friendly interface built with modern JavaScript and CSS technologies.

A side note about LFI and Leaking the php source of some sites

blake2b & md5 based registration and login in PHP to show a secure hashed password.

Abertay Univesity 3rd Year Ethical Hacking Professional Project. Work performed by EH9 Team

A simple Vulnerable Web-App for Classroom Training.

Exploit mail function in php when admin disabled other functions like shell. Uses LD_PRELOAD

This small PHP scripts detects IP address whether from it's protected by web proxy or other methods. It reveals original IP address and finds access from which IP address and from which browser.

Secure Bharat is a website presented at Smart India Hackathon 2017. It aimed at providing Awareness about Cyber Security to everybody in India.

🌐🔒 Evaluating the security (exploiting and fixing vulnerabilities) of Open eClass 2.3 (University of Athens) platform.