This is your work, valued

SLC, UT

Facundo Fernandez

Expert
@fdzdev

Architect of elegant chaos, disguised as code.

DMARC-SPF-Checker. Python tool designed to identify misconfigured DMARC and SPF settings in domains. It resolves DNS records, checks for DMARC policies, SPF records, and logs the results for each domain. Additionally, it provides the option to send a spoofed email for testing purposes if misconfigurations are detected. Supports bulk and individual scanning.

119

ReconX. ReconX is a powerful automated reconnaissance and vulnerability scanning tool designed for ethical hackers, penetration testers, and security researchers. It effortlessly scans domains, extracts live assets, identifies vulnerabilities, and maps open ports—all while staying fast, stealthy, and efficient.

16

Subdomain-Takeover-Checker. Python tool for detecting subdomain takeover vulnerabilities by resolving CNAME records and checking for known error messages. It supports bulk domain scanning and logs detailed results for analysis.

14

FTP-AnonHunter. FTP-AnonHunter is a Python tool designed to automate the discovery of anonymous open FTP servers. Using Nmap’s ftp-anon script, the tool scans a list of IP addresses for open FTP ports (port 21) and identifies servers that allow anonymous logins. The results are logged into an output file for easy tracking and follow-up.

10

Subdomain-Finder. Python script to collect unique subdomains from Subfinder and Assetfinder into one file

10

Injectify. Injectify is a versatile injection testing repository featuring asynchronous and threaded header payload tools for BXSS, SQLi, and multi-header attacks. It efficiently facilitates vulnerability scanning by automating diverse injection techniques.

2

CVE-2024-50964. MX Server misconfiguration

1

CVE-2024-50962. A Cross-Site Scripting (XSS) vulnerability

1

JavaProjects.

1

InsightFlowAI. InsightFlow AI uses Google Chrome's built-in summary feature to generate concise summaries. Easily save to Google Docs or share on LinkedIn, streamlining productivity for students and professionals.

1

CVE-2024-33231. XSS Vulnerability via File Upload in Ferozo Webmail Application

1

Node.js---API-Test. This repository contains a test suite for the Task Manager API. The tests are written in JavaScript using Jest framework.

1

DMARC-and-SPF-Extension. Google Chrome DMARC+SPF Checker

1

SwaggerScan. SwaggerScan is an automated API specification analyzer and testing tool built with Flask and SQLAlchemy. It allows users to upload Swagger/OpenAPI specification files (.json or .yaml), parse and extract all endpoints, and generate a UI to interactively or massively test these endpoints.

1

CVE-2024-50961. Remote attacker can access sensitive data exposed on the URL

1

AI-Guided-Remediation-Skill. Security report → atomic fix skills. Each skill reads vulnerable code, analyzes impact, applies the safe replacement, and verifies the fix. CODE-FIX for code changes, MANUAL-REMEDIATION for infra actions.

1