Oğuzhan Akkaya's repositories
1.6-C2
Using the Counter Strike 1.6 RCON protocol as a C2 Channel.
Android-Security-Exploits-YouTube-Curriculum
🔓A curated list of modern Android exploitation conference talks.
apidetector
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
arttoolkit.github.io
A RedTeam Toolkit
Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
bambdas
Bambdas collection for Burp Suite Professional and Community.
BestEdrOfTheMarket
Little AV/EDR bypassing lab for training & learning purposes
caldera
Automated Adversary Emulation Platform
CloakQuest3r
Uncover the true IP address of websites safeguarded by Cloudflare & Others
Cobalt-Strike-Profiles-for-EDR-Evasion
Cobalt Strike Profiles for EDR Evasion
Disable-Windows-Defender-
Disable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
frinet
Frida-based tracer for easier reverse-engineering on Android, iOS, Linux, Windows and most related architectures.
fzf
:cherry_blossom: A command-line fuzzy finder
GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
LEAKEY
LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and easy to add checks for new services.
MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
Pantheon
Pantheon - Insecure Camera Parser
porch-pirate
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
sgn
Shikata ga nai (仕方がない) encoder ported into go with several improvements
sicat
The useful exploit finder
SkittlesBambda
Filters and highlights Proxy HTTP history for requests with potentially vulnerable parameters
SOAPHound
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
SploitScan
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated proof-of-concept (PoC) exploits.
SqliSniper
Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers
SSH-Snake
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
Valid8Proxy
Tool designed for fetching, validating, and storing working proxies.