Faizzyhon faizzyhon

🕵️ About Me

class MuhammadFaizan:
    def __init__(self):
        self.name       = "Muhammad Faizan"
        self.alias      = "faizzyhon"
        self.email      = "faizzyhon@gmail.com"
        self.role       = "Cybersecurity Researcher & Bug Bounty Hunter"
        self.cert       = "EC-Council Bug Bounty Professional"
        self.location   = "🌍 Hack the Planet"

    @property
    def focus(self):
        return [
            "PHP Web Application Pentesting",
            "OWASP Top 10 Vulnerability Research",
            "Business Logic Bypass & Payment Testing",
            "Automated Security Scanner Development",
            "CVE Research & Responsible Disclosure",
        ]

    @property
    def current_projects(self):
        return [
            "🔥 BugScanner   — PHP Web Security Scanner",
            "⚡ Cyberburg     — Advanced Web Pentest Suite (v2.0 PHANTOM BLADE)",
        ]

    def motto(self):
        return "⚡ Think like an attacker. Defend like a guardian."

🔥 Featured Projects

🛡️ BugScanner — PHP Web Security Scanner

🛡️ What is BugScanner?

BugScanner is a professional-grade PHP Web Security Scanner built for Bug Bounty hunters and Ethical Hackers. It automates detection of OWASP Top 10 vulnerabilities with AI-powered CVSS 3.1 scoring and generates HackerOne-ready PDF reports.

Built for EC-Council Bug Bounty course — real-world training target tested.

⚡ Key Capabilities

🔐 Auth Bypass — JWT attacks, session fixation, brute-force
💳 Payment Bypass — Race conditions, IDOR on order IDs
🐘 PHP Arsenal — LFI/RFI, SSTI, Object Injection, DB Dump
🕳️ SQLi Engine — UNION, error-based, LOAD_FILE, INTO OUTFILE
🐚 Webshell Detection — c99, r57, WSO, b374k auto-scan
📄 PDF Reports — Professional HackerOne/Bugcrowd format

# Install & Launch
$ git clone https://github.com/faizzyhon/BUGSCANNER---PHP-Web-Security-Scanner-for-Bug-Bounty-Penetration-Testing
$ pip install -r requirements.txt
$ python main.py scan --url https://target.com --modules all --auth --report pdf

Module	Coverage	OWASP Category
`sqli`	SQL Injection + DB Dump	A03: Injection
`xss`	Reflected / Stored / DOM	A03: Injection
`auth`	JWT / Brute-Force / Session	A07: Auth Failures
`payment`	Race Condition / IDOR	A04: Insecure Design
`php`	LFI/RFI / Webshell / SSTI	A05: Misconfig
`idor`	Horizontal / Vertical Priv Esc	A01: Broken Access
`ssrf`	Internal Network Probing	A10: SSRF

⚡ Cyberburg — Advanced Web Pentest Suite `v2.0.0 — PHANTOM BLADE`

🔥 What is Cyberburg?

Cyberburg is a full-stack Linux Web Penetration Testing Framework that orchestrates 30+ professional security tools under a single terminal interface. It runs tools in sequence, parses their output automatically, correlates findings across modules, and generates professional dark-themed HTML security reports — all in one command.

Built for professional pentesters, bug bounty hunters, and red teamers.

⚡ Key Capabilities

🔍 Recon Engine — WHOIS, DNS, subdomain enum, email harvest, OSINT
🔌 Port Scanner — Nmap (quick/full/stealth/UDP/vuln scripts)
🕸️ Web Scan — Nikto, WhatWeb, WAF detect, header audit, CMS scan
💉 SQLi Testing — SQLMap (all techniques) + manual error probing
🎭 XSS Testing — Dalfox + manual payloads + DOM XSS analysis
📂 Dir Brute — Gobuster/FFuf/Dirb + 30 critical path checks
🔐 SSL/TLS — SSLScan, Heartbleed, POODLE, cipher analysis
🚀 Nuclei — 7000+ CVE & misconfiguration templates
📊 Reports — HTML (dark theme + charts) + JSON + TXT

# Install & Launch
$ git clone https://github.com/faizzyhon/cyberburg
$ sudo bash install.sh
$ python3 cyberburg.py                          # Interactive menu
$ python3 cyberburg.py -t https://target.com    # Full scan
$ python3 cyberburg.py -t target.com --quick    # Quick scan
$ python3 cyberburg.py -t target.com --stealth  # Stealth mode

Module	Tools Used	Coverage
`recon`	whois, dig, subfinder, amass, theHarvester	OSINT + DNS
`ports`	nmap (6 modes)	TCP/UDP + OS fingerprint
`web`	nikto, whatweb, wafw00f, curl	OWASP headers, WAF, CMS
`sqli`	sqlmap (BEUSTQ) + manual	All SQLi techniques
`xss`	dalfox + DOM analysis	Reflected / DOM XSS
`dirs`	gobuster, ffuf, dirb	Files, APIs, admin panels
`ssl`	sslscan, openssl	TLS 1.0/1.1, ciphers, CVEs
`nuclei`	nuclei templates	7000+ CVE & misconfig checks

🧰 Tech Arsenal

🔴 Offensive Security

💻 Programming & Scripting

🏆 Certifications & Platforms

🛠️ Tools & Libraries

📊 GitHub Analytics

🏆 GitHub Trophies

📈 Contribution Activity

🌐 Bug Bounty & Security Profile

╔══════════════════════════════════════════════════════════════╗
║              SECURITY RESEARCHER PROFILE                     ║
╠══════════════════════════════════════════════════════════════╣
║  Specialization : PHP Web Application Security               ║
║  Methodology    : OWASP Top 10 (2021) + Custom Playbooks     ║
║  Report Format  : HackerOne / Bugcrowd Standard              ║
║  Scoring System : CVSS v3.1 (Base + Temporal + Environmental)║
║  Tools Built    : BugScanner  — Automated PHP Pentest Suite  ║
║                   Cyberburg   — Advanced Web Pentest Suite   ║
║  Course         : EC-Council Bug Bounty Professional         ║
╚══════════════════════════════════════════════════════════════╝

🎯 Expertise Areas

Web Application Security

SQL Injection (Union, Blind, Error-based)
XSS (Reflected, Stored, DOM-based)
CSRF, IDOR, Broken Access Control
PHP Object Injection / Unserialize
Server-Side Template Injection (SSTI)

Authentication & Session

JWT Token Attacks (alg:none, weak secrets)
Session Fixation & Hijacking
Password Reset Poisoning
OAuth / SAML Bypass Techniques
Multi-Factor Auth Bypass

Infrastructure & Network

SSRF (Internal Network Probing)
Local / Remote File Inclusion
XXE (XML External Entity)
Open Redirect Chains
Subdomain Takeover

📂 All Projects

Project	Description	Tech	Status
🔥 BugScanner	PHP Web Security Scanner — OWASP Top 10 automated with CVSS scoring & PDF reports	Python, Click, Rich	⭐ Featured
⚡ Cyberburg	Advanced Linux Web Pentest Suite — 30+ tools, 8 scan modules, HTML/JSON reports	Python, Rich, Nmap, Nuclei	🔴 v2.0 LIVE

📡 Connect With Me

💬 Open to: Bug Bounty Collaborations • Security Research • Open Source Contributions

███╗   ███╗██╗   ██╗██╗  ██╗ █████╗ ███╗   ███╗███╗   ███╗ █████╗ ██████╗
████╗ ████║██║   ██║██║  ██║██╔══██╗████╗ ████║████╗ ████║██╔══██╗██╔══██╗
██╔████╔██║██║   ██║███████║███████║██╔████╔██║██╔████╔██║███████║██║  ██║
██║╚██╔╝██║██║   ██║██╔══██║██╔══██║██║╚██╔╝██║██║╚██╔╝██║██╔══██║██║  ██║
██║ ╚═╝ ██║╚██████╔╝██║  ██║██║  ██║██║ ╚═╝ ██║██║ ╚═╝ ██║██║  ██║██████╔╝
╚═╝     ╚═╝ ╚═════╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚═╝     ╚═╝╚═╝     ╚═╝╚═╝  ╚═╝╚═════╝

███████╗ █████╗ ██╗███████╗ █████╗ ███╗   ██╗
██╔════╝██╔══██╗██║╚══███╔╝██╔══██╗████╗  ██║
█████╗  ███████║██║  ███╔╝ ███████║██╔██╗ ██║
██╔══╝  ██╔══██║██║ ███╔╝  ██╔══██║██║╚██╗██║
██║     ██║  ██║██║███████╗██║  ██║██║ ╚████║
╚═╝     ╚═╝  ╚═╝╚═╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝

「 Hack the Planet 🌍 | Think Offensive. Stay Ethical. 」

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Faizzyhon faizzyhon

Achievements

Achievements

Block or report faizzyhon

🕵️ About Me

🔥 Featured Projects

🛡️ BugScanner — PHP Web Security Scanner

🛡️ What is BugScanner?

⚡ Key Capabilities

⚡ Cyberburg — Advanced Web Pentest Suite `v2.0.0 — PHANTOM BLADE`

🔥 What is Cyberburg?

⚡ Key Capabilities

🧰 Tech Arsenal

🔴 Offensive Security

💻 Programming & Scripting

🏆 Certifications & Platforms

🛠️ Tools & Libraries

📊 GitHub Analytics

🏆 GitHub Trophies

📈 Contribution Activity

🌐 Bug Bounty & Security Profile

🎯 Expertise Areas

📂 All Projects

📡 Connect With Me

Pinned Loading

Uh oh!

Faizzyhon faizzyhon

Achievements

Achievements

🕵️ About Me

🔥 Featured Projects

🛡️ BugScanner — PHP Web Security Scanner

🛡️ What is BugScanner?

⚡ Key Capabilities

⚡ Cyberburg — Advanced Web Pentest Suite v2.0.0 — PHANTOM BLADE

🔥 What is Cyberburg?

⚡ Key Capabilities

🧰 Tech Arsenal

🔴 Offensive Security

💻 Programming & Scripting

🏆 Certifications & Platforms

🛠️ Tools & Libraries

📊 GitHub Analytics

🏆 GitHub Trophies

📈 Contribution Activity

🌐 Bug Bounty & Security Profile

🎯 Expertise Areas

📂 All Projects

📡 Connect With Me

Pinned Loading

Uh oh!

⚡ Cyberburg — Advanced Web Pentest Suite `v2.0.0 — PHANTOM BLADE`