Skip to content
View luisfontes19's full-sized avatar
🤓
🤓
76 followers · 5 following

Achievements

Achievement: Starstruckx3Achievement: Pair Extraordinairex2Achievement: YOLOAchievement: Pull Sharkx3Achievement: QuickdrawAchievement: Arctic Code Vault Contributor
BetaSend feedback

Achievements

Achievement: Starstruckx3Achievement: Pair Extraordinairex2Achievement: YOLOAchievement: Pull Sharkx3Achievement: QuickdrawAchievement: Arctic Code Vault Contributor
BetaSend feedback

Highlights

Organizations

@TheSecurityVault @DamnVulnerableCryptoApp
Block or Report

Block or report luisfontes19

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
luisfontes19/README.md

trophy


TheSecurityVault is my blog, where I do some writing about web vulnerabilities, usually not that well known by most people

Some of My Projects

XXExploiter - Tool to help exploit XXE vulnerabilities. It generates the XML payloads, and automatically starts a server to serve the needed DTD's or to do data exfiltration.



CSRFER - Tool to generate csrf payloads based on vulnerable requests. It parses supplied requests to generate either a form or a fetch request. The payload can then be embedded in an html template.



VSCode Swissknife - Scriptable VSCode extension to generate or manipulate data. Stop pasting sensitive data in webpages.



DamnVulnerableCryptoApp - An app with really insecure crypto. To be used to see/test/exploit weak cryptographic implementations as well as to learn a little bit more about crypto, without the need to dive deep into the math behind it





The Combiner - Combines supplied words and generates a wordlist with all possible combinatios/permutations. Can also hash wordlist entries to look for an hash match


hash-identifier-js Started as a port to javascript of the python project hash-identifier. Identifies the algorithm used to generate the supplied hash

Pinned

  1. xxexploiter xxexploiter Public

    Tool to help exploit XXE vulnerabilities

    TypeScript 523 67

  2. DamnVulnerableCryptoApp/DamnVulnerableCryptoApp DamnVulnerableCryptoApp/DamnVulnerableCryptoApp Public

    An app with really insecure crypto. To be used to see/test/exploit weak cryptographic implementations as well as to learn a little bit more about crypto, without the need to dive deep into the math…

    TypeScript 85 22

  3. CSRFER CSRFER Public

    Tool to generate csrf payloads based on vulnerable requests

    TypeScript 60 16

  4. DamnVulnerableCryptoApp/BeOnTime DamnVulnerableCryptoApp/BeOnTime Public

    Simple tool to test for TIming Attacks

    TypeScript

  5. thecombiner thecombiner Public

    Combines supplied words and generates all possible combinatios/permutations. Can also hash wordlist entries to look for an hash match

    TypeScript 3

  6. vscode-swissknife vscode-swissknife Public

    Scriptable VSCode extension to generate or manipulate data. Stop pasting sensitive data in webpages.

    TypeScript 47 7