Astik Rawat's Projects
Config files for my GitHub profile.
Bolt is a simple CMS written in PHP. It is based on Silex and Symfony components, uses Twig and either SQLite, MySQL or PostgreSQL.
Port Swigger Labs divided on the based of level and topic.
My CEH Practical Preparation
After getting heavy demand on my Crest CPSA. I am sharing my notes on Network Security Assessment from recommended book for CPSA. Please don't keep you knowledge limited to my notes, I might have missed something important for anyone because I already knew about it.
This is my custom Cobalt Strike Profile, I used in exam.
QloApp 1.5.2: Vulnerable to XSS on two Parameter (email_create and back)
mooSocial v3.1.8 is vulnerable to external service interaction on post function.
mooSocial v3.1.8 is vulnerable to cross-site scripting on user login function.
mooSocial v3.1.8 is vulnerable to cross-site scripting on Multiple URLs.
mooSocial v3.1.8 is vulnerable to Cross Site Request Forgery (CSRF) which allows attacker to change admin password.
mooSocial v3.1.8 is vulnerable to cross-site scripting on Admin redirect function.
mooSocial v3.1.8 is vulnerable to cross-site scripting on Invite Friend function.
mooSocial v3.1.8 is vulnerable to cross-site scripting on search function.
A stored cross-site scripting (XSS) vulnerability exists in OpenKM version 7.1.40.
CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability
A python to generate PIN to get into Werkzeug Console Server.
Remote Code Execute on the Flask App with session stored in Memcached.
Prints the text content from an image
This is a simple bash script to connect the OSCP VPN file without entering the username or password everytime. It could be also used to connect any OpenVPN file with credentials.
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
Penetration Toolkit - A toolkit with more than 35 Penetration Testing tools.
Some handy scripts for Encryption and Decryption.
This repo contains the config.txt file for 2K Diplay.
Python scripts - One to check if the password is strong, another to perform a dictionary attack to crack the password.
This repo has the set of commands to allow monitoring mode on TP-LINK TL-WN722N.
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.