Emre Polat's repositories
albatar
Albatar is a SQLi exploitation framework in Python
AllVideoPocsFromHackerOne
This script grab public report from hacker one and make some folders with poc videos
awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
awesome-smartcontract-hacking
Here we collect and discuss for Smart contract security & Blockchain researches and tools - contributions are welcome.
awesome-reverse-engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
Blind_SPOT
Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI
ChopChop
ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
command-injection-payload-list
🎯 Command Injection Payload List
CORScanner
Fast CORS misconfiguration vulnerabilities scanner🍻
github-regexp
Basically a regexp over a GitHub search.
github-search
Tools to perform basic search on GitHub.
HackSmartContract
Smart contracts to practice your (WH) hacking skills.
inception
A highly configurable Framework for easy automated web scanning
justctf-2020
justCTF [*] 2020 challenges sources
Mind-Maps
Mind-Maps of Several Things
OS_Command_Payload_List
OS Command Injection Vulnerability Payload List
oxml_xxe
A tool for embedding XXE/XML exploits into different filetypes
pencode
Complex payload encoder
Public-CTF
Collect public CTF source code repo
py3webfuzz
A Python3 module to assist in fuzzing web applications
qsfuzz
qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
s3-buckets-finder
Find aws s3 buckets and extract datas.
sd-goo
Enumerate Subdomains Through Google Dorks
shelling
SHELLING - a comprehensive OS command injection payload generator
solr-injection
Apache Solr Injection Research
Source-and-Fuzzing
一些阅读源码和Fuzzing 的经验,涵盖黑盒与白盒测试..
toxic-cookies
Tool for poisoning browser cookies of currently loaded domain
vhosts-sieve
Searching for virtual hosts among non-resolvable domains
XRCross
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities