Skip to content
View moeinfatehi's full-sized avatar

Block or report moeinfatehi

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
moeinfatehi/README.md

πŸ‘‹ Hi there, I'm Moein Fatehi!

Experienced Cybersecurity Specialist and Team Leader, specializing in vulnerability assessment and penetration testing. Passionate about blockchain security and fintech innovations. Developer of a sophisticated cryptocurrency trading bot and founder of VAaaS for smart contract vulnerability detection. Active in CTF competitions with multiple first-place wins as part of the DCUA team. Committed to driving security advancements in both traditional and blockchain technologies. Welcome to my GitHub page where I share my projects and contributions to the world of cybersecurity and blockchain.

Twitter: MoeinFatehi Linkedin: MoeinFatehi GitHub MoeinFatehi

🌟 My Projects

Here's a glimpse of my work:

BurpSuite Extensions

  • Backup-Finder: A Burp Suite extension that dynamically reviews backup, old, temporary, and unreferenced files on web servers for sensitive information. Technologies: Java, Gradle. GitHub stars GitHub forks
  • Admin-Panel_Finder: Enumerates infrastructure and application Admin Interfaces with configurable testing levels. Technologies: Java, Gradle. GitHub stars GitHub forks
  • CVSS_Calculator: Offline CVSS v2 and v3.1 scores calculator with a user-friendly interface. Technologies: Java. GitHub stars GitHub forks
  • PassiveDigger: Passive analysis of web traffic for vulnerabilities, with features like request and response checks. Technologies: Java, Gradle. GitHub stars GitHub forks

Vulnerable Web Challenges

  • xss_vulnerability_challenges: XSS vulnerability challenges in a Dockerized PHP application, focusing on various bypass techniques. Technologies: PHP, Docker. GitHub stars GitHub forks
  • file_upload_vulnerability_scenarios: Challenges related to file upload vulnerabilities, including various bypass techniques. Technologies: PHP, Docker. GitHub stars GitHub forks
  • lfi-to-rce-scenario: LFI to RCE vulnerability challenges in a Dockerized environment, demonstrating path traversal and command execution. Technologies: PHP, Docker. GitHub stars GitHub forks
  • captcha_logical_bypass_scenarios: Captcha logical bypass challenges, exploring various techniques to circumvent captcha protections. Technologies: PHP, Docker. GitHub stars GitHub forks
  • rfi_vulnerability_scenarios: Remote File Inclusion vulnerability scenarios, focusing on PHP code injection and RCE. Technologies: PHP, Docker. GitHub stars GitHub forks

Blockchain Security

guidelines, best practices, and in-depth articles. Technologies: Markdown (Documentation). GitHub stars GitHub forks


πŸ“ˆ My GitHub Stats

Your GitHub stats


πŸ“« How to Reach Me


Feel free to fork and star my repositories if you find them useful!

Pinned Loading

  1. Backup-Finder Backup-Finder Public

    A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

    Java 160 29

  2. file_upload_vulnerability_scenarios file_upload_vulnerability_scenarios Public

    This repository is a dockerized PHP application containing some file upload vulnerability challenges (scenarios).

    PHP 45 4

  3. captcha_logical_bypass_scenarios captcha_logical_bypass_scenarios Public

    This repository is a dockerized PHP application containing some captcha logical bypass challenges (scenarios).

    PHP 2

  4. lfi-to-rce-scenario lfi-to-rce-scenario Public

    This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).

    PHP 11

  5. Awesome-Smart-Contract-Security Awesome-Smart-Contract-Security Public

    Your go-to resource for all things Smart Contract Security. Featuring guidelines, best practices, and in-depth articles. Sections include: Vulnerabilities (SWC, OWASP Top 10), Learning Resources (P…

    8

  6. PassiveDigger PassiveDigger Public

    Optimize your web vulnerability assessments with PassiveDigger, a comprehensive Burp Suite extension that specializes in passive traffic analysis. Detect potential vulnerabilities, get actionable i…

    Java 3 1