This is your work, valued

IndiShell Lab

Incredible

Elite
@incredibleindishell

Security enthusiast Love to learn Linux, PHP and exploit development

SSRF_Vulnerable_Lab. This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

780

CORS-vulnerable-Lab. Sample vulnerable code and its exploit code

190

sqlite-lab. This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

159

Windows-AD-environment-related. This Repository contains the stuff related to windows Active directory environment exploitation

154

exploit-code-by-me. Exploit code developed/reproduced by me

89

CORS_vulnerable_Lab-Without_Database. PHP

66

PHP-web-shells. when i started web application security testing, i fall in love with web shell development and designed some PHP based web shells. This repository contains all my codes which i released in public.

62

LDAP-credentials-collector-backdoor-generator. This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.

59

Local-file-disclosure-SQL-Injection-Lab. This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)

42

good-read. Repository for study material including ebooks, URLs, web pages etc

24

Certi-Bhai. AD CS exploitation related stuff goes here

24

axis_web_shell. This repo contains Axis web shells

18

Mannu-Shell. Mannu Shell is PHP web based shell. This code is meant for performing server side file manipulation and other stuffs. Its backdoor free and user friendly.

17

Magento-shoplift-python-exploit. Magento shoplift exploit is vulnerability which was discovered by CheckPoint team (http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/) This python script developed by joren but it was having some bug because of which it was not working properly. If magento version is vulnerable, this script will create admin account with username forme and password forme

13

hash-cracker-ICA. Just an experiment with hash cracking :) few password lists along with some good password cracking rule sets.

13

ysoserial.net-complied. This repository contains complied exe of ysoserial.net ( ys.exe in directory ysoserial/bin/Debug). This work belongs to @pwntester bhai ji \m/

12

Red_Team_Op. Notes for the CRTO exam

10

Random. This repo contains random stuffs

7

SQLI_b0x. PHP

7

Panda-sql-injector. API for SQLmap sql injection tool. This tool is developed by my friend incredible.

6

SQLI-Lab_b0x. This repository contains sample SQL Injection vulnerable code which are not straight forward.

5

weblogic-exploits. POC codes related to Oracle WebLogic server

5

XXE_Vulnerable_codes. Sample codes vulnerable to XXE

4

Certipy-JSON-Viewer. Python

4

network-wala-jugaad.

3

sh. b374k php web shell

3

RedTeam-Tools. Tools and Techniques for Red Team / Penetration Testing

3

insert_SQLI. SQL Injection in Insert query. Application is not throwing SQL server error messages.

1

writeups. CTF writeups and the like

1

mannu-shell-jump-tester. These codes are for checking read permission on website document root directory for other user in shared server environment.

1

mysql-brute-forcer. MySQL brute forcer is a PHP based script which perform mysql user account bruteforcing locally. This code is developed by one of my friend and for Educational purpose only.

1

pentest-book.

1

Penetration-Testing-Grimoire. Custom Tools and Notes from my own Penetration Testing Experience

1

lpeworkshop. Windows / Linux Local Privilege Escalation Workshop

1

jexboss. JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

1