Skip to content
View Chocapikk's full-sized avatar
πŸ₯₯
Tung Tung Tung Tung Sahurrrr
πŸ₯₯
Tung Tung Tung Tung Sahurrrr
773 followers · 156 following

Achievements

Achievement: Starstruckx3Achievement: Pair Extraordinairex3Achievement: Pull Sharkx2Achievement: Quickdraw

Achievements

Achievement: Starstruckx3Achievement: Pair Extraordinairex3Achievement: Pull Sharkx2Achievement: Quickdraw

Highlights

  • Pro

Block or report Chocapikk

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Chocapikk/README.md

Typing SVG

Note

Hi there! I'm Valentin Lobstein, a pentester and cybersecurity student at Oteria Cyber School.
Passionate about ethical hacking, vulnerability research, and software development.
Committed to sharing knowledge and uplifting the cybersecurity community via my GitHub repositories. πŸŒπŸ’‘


LinkedIn Instagram Twitter ProtonMail TryHackMe RootMe Ko-fi


🧰 Skills & Languages

Skills & Languages

πŸ“š Repositories
Tool Description Link
WPProbe Fast WordPress plugin enumeration GitHub
LFIHunt Scan & exploit Local File Inclusion (LFI) GitHub
LeakPy Query LeakIX.net API via Python GitHub
πŸ† Hall Of Fame
2023 – Ferrari 2024 – Siemens 2024 – Philips 2024 – Wikimedia
🚨 CVE Contributions
CVE Identifier Description Links
πŸ”’ CVE-2023-50917 Remote Code Execution in MajorDoMo GitHub
πŸ”’ CVE-2024-22899 to CVE-2024-22903, CVE-2024-25228 Exploit chain in Vinchin Backup & Recovery GitHub
πŸ”’ CVE-2024-30920 to CVE-2024-30929, CVE-2024-31818 Research and exploitation in DerbyNet GitHub
πŸ”’ CVE-2024-31819 Unauthenticated RCE in WWBN AVideo via systemRootPath GitHub
πŸ”’ CVE-2024-3032 Themify Builder < 7.5.8 – Open Redirect WPScan
πŸ”’ CVE-2025-2609 & CVE-2025-2610 Stored XSS in MagnusBilling 7.x (one unauthenticated) Blog Β· VulnCheck
πŸ”’ CVE-2025-2292, CVE-2025-30004, CVE-2025-30005 & CVE-2025-30006 Authenticated vulnerabilities in Xorcom CompletePBX ≀ 5.2.35 File Disclosure Β· Command Injection Β· Path Traversal Β· Reflected XSS
🚨 Exploit Development & PoC

All PoCs and Metasploit modules consolidated in:
Chocapikk/msf-exploit-collection

☁️ LeakIX
  • Moderator & vulnerability hunter
  • Notable finding: Massive PSaux ransomware attack affecting 22,000 CyberPanel instances (BleepingComputer)
  • Follow on Twitter: @leak_ix

LeakIX

πŸ€“ Stats for Nerds

Introduction

Views
Visitors

🎢 Spotify

Spotify

Caution

⚠️ Disclaimer
Please use the information and exploits provided in my repositories for educational purposes and responsible disclosure only. I am not responsible for any misuse or damage caused by using these tools, scripts, or exploits.

Pinned Loading

  1. wpprobe wpprobe Public

    A fast WordPress plugin enumeration tool

    Go 537 79

  2. CVE-2023-29357 CVE-2023-29357 Public

    Microsoft SharePoint Server Elevation of Privilege Vulnerability

    Python 231 32

  3. CVE-2024-25600 CVE-2024-25600 Public

    Unauthenticated Remote Code Execution – Bricks <= 1.9.6

    Python 168 36

  4. CVE-2023-22515 CVE-2023-22515 Public

    CVE-2023-22515: Confluence Broken Access Control Exploit

    Python 135 29

  5. CVE-2024-45519 CVE-2024-45519 Public

    Zimbra - Remote Command Execution (CVE-2024-45519)

    Python 125 24

  6. CVE-2023-6553 CVE-2023-6553 Public

    Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution

    Python 75 22