Murat Kaya's Projects
Fast and customizable vulnerability scanner based on simple YAML based DSL.
A 100% spec compliant, secure by default PHP OAuth 2.0 Server
An open source, general-purpose policy engine.
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient @owtfp http://owtf.org
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Scripts for pentesting
Images, posters, books, checklists, diagrams, sample reports, manuals e.t.c.
Posters, drawings...
PowerShell Scripts I find useful
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
The Pwning Machine
Tool to look for several security related Android application vulnerabilities
Code that goes along with my YouTube React JS Series
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
CRUD uygulamalar için SPA startup framework
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
The Secure Coding Dojo is a platform for delivering secure coding training.
Proof-of-concept codes created as part of security research done by Google Security Team.
Raise your baseline in security by using this as your template instead of default Mvc project. Keep your app secure by continuously applying Security rules
Web and mobile application security training platform
Test spies, stubs and mocks for JavaScript.
Stripe.net is a sync/async .NET 4.5+ client, and a portable class library for stripe.com.
Python library for the Stripe API.
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.