AhmetQara

100-redteam-projects

Projects for security students

31-days-of-API-Security-Tips

This challenge is Inon Shkedy's 31 days API Security Tips.

365Inspect

A PowerShell script that automates the security assessment of Microsoft Office 365 environments.

ahmetqara.github.io

ceng-407-408-2017-2018-project-sensor-programming

ceng-407-408-project-sensor-programming created by GitHub Classroom

Find-Binary-Tree-Path

Find binary tree path and sum

packet-listener

packet listener with python

Port-Scanner

Port scanner script

ssh2john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

Student-Registration-System

Student Registration System in Java with admin panel and SQL database

AhmetQara/ahmetQara

Config files for my GitHub profile.

AhmetQara/BobTheSmuggler

"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).

AhmetQara/cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

AhmetQara/client-side-prototype-pollution

Prototype Pollution and useful Script Gadgets

AhmetQara/Creds

Some usefull Scripts and Executables for Pentest & Forensics

AhmetQara/CRLF-Injection-Scanner

Command line tool for testing CRLF injection on a list of domains.

AhmetQara/crlfuzz

A fast tool to scan CRLF vulnerability written in Go

AhmetQara/CVE-2024-1071-SQL-Injection

Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited

AhmetQara/CVE-2024-27954

Automatic Plugin for WordPress < 3.92.1 Multiples Vulnerabilities

AhmetQara/CVE-2024-28987-POC

Web Help Desk Hardcoded Credential Vulnerability (CVE-2024-28987)

AhmetQara/CVE-2024-4577-RCE

PHP CGI Argument Injection (CVE-2024-4577) RCE

AhmetQara/exploit-writing-for-oswe

Tips on how to write exploit scripts (faster!)

AhmetQara/GAP-Burp-Extension

Burp Extension to find potential endpoints. parameters, and generate a custom target wordlist

AhmetQara/ghauri

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

AhmetQara/JS-Scanner

The powerfull Extract and Scanner Javascript urls xD

AhmetQara/kiterunner

Contextual Content Discovery Tool

AhmetQara/ldapper

AhmetQara/Nuclei_templates2024

nuclei templates for bug bounty #by.Ghost

AhmetQara/p0wny-shell

Single-file PHP shell

AhmetQara/Rest_API_Exploit

CORS Exploit POC for WordPress REST API

AhmetQara/ShadowDumper

Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.

AhmetQara/sj

A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.

AhmetQara/spyhunt

recon for bug hunters

AhmetQara/SSTImap

Automatic SSTI detection tool with interactive interface

AhmetQara/trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

AhmetQara/URLFetcherApp

Fetch urls/hidden file on domain target

AhmetQara/urlfinder

A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.

AhmetQara/vulnerability-Checklist

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

AhmetQara/waymore

Find way more from the Wayback Machine!

AhmetQara/XSStrike

Most advanced XSS scanner.