Eray Mitrani's starred repositories
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
SundayStreams
Data from my Sunday streams
awesome-cve-poc
✍️ A curated list of CVE PoCs.
off-by-slash
Burp extension to detect alias traversal via NGINX misconfiguration at scale.
pentest_compilation
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
bugbountywiki
The Bug Bounty Wiki
pentest-management
Simple webinterface combining different recon tools.
CVE-2018-0296
Script to test for Cisco ASA path traversal vulnerability (CVE-2018-0296) and extract system information.
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
CloudScraper
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
bounty-targets
This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data repo
bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
umich-eecs545-lectures
This repository contains the lecture materials for EECS 545, a graduate course in Machine Learning, at the University of Michigan, Ann Arbor.