Mazin Ahmed

Elite
@mazen160

Product Security / Offensive Security Engineering

secrets-patterns-db. Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.

1.6k

bfac. BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.

566

shennina. Automating Host Exploitation with AI

556

Firefox-Security-Toolkit. A tool that transforms Firefox browsers into a penetration testing suite

513

struts-pwn. An exploit for Apache Struts CVE-2017-5638

444

server-status_PWN. A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances.

443

GithubCloner. A script that clones Github repositories of users and organizations.

424

xless. The Serverless Blind XSS App

338

jwt-pwn. Security Testing Scripts for JWT

333

tfquery. tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.

332

struts-pwn_CVE-2018-11776. An exploit for Apache Struts CVE-2018-11776

303

struts-pwn_CVE-2017-9805. An exploit for Apache Struts CVE-2017-9805

247

llmquery. Powerful LLM Query Framework with YAML Prompt Templates. Made for Automation

36

public. PHP

35

go-random. 🌐 go-random: A fast, clear, and cryptographically-secure random data generator for Golang

32

whatsapp-chat-parser. WhatsApp Chat Parser

27

backlog. backlog: Your AI agent forgets between sessions. Backlog remembers.

9

juice-shop. TypeScript

4

Ubuntu-Desktop-Malware-Vector-Demo. Demo for http://blog.mazinahmed.net/2017/04/using-ubuntu-desktop-as-malware-vector.html

4

SecLists. SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

4

gronpy. Print JSON objects in a "Greppable" output.

3

aws-bedrock-proxy-server. AWS Bedrock API Proxy Server: Interact with AWS Bedrock models through a standardized OLLAMA API format

3

mazinahmed.net. mazinahmed.net

3

ohmyzsh. 🙃 A delightful community-driven (with nearly 1,500 contributors) framework for managing your zsh configuration. Includes 200+ optional plugins (rails, git, OSX, hub, capistrano, brew, ant, php, python, etc), over 140 themes to spice up your morning, and an auto-update tool so that makes it easy to keep up with the latest updates from the community.

2

dirsearch. Web path scanner

2

detect_passive_secrets. JavaScript

2

tfsec. 🔒🌍 Security scanner for your Terraform code

1

ptf. The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

1

InfoSec-Black-Friday. All the deals for InfoSec related software/tools this Black Friday

1

dnsrecon. DNS Enumeration Script

1

trufflehog-clone. Trufflehog v2 Clone

1
31
Apply