AhmetQara

Ahmet Kara AhmetQara

- 👋 Hi, I’m @AhmetQara - 👀 I am a Penetration Tester - 🐱‍💻 My Blog https://ahmetqara.github.io/ - 📫 Contact mail ahmetkara.career@gmail.com

4 followers · 3 following

Achievements

Resume Public

My latest Resume

HTML Updated Jun 19, 2025

NextSploit Public
Forked from AnonKryptiQuz/NextSploit

NextSploit is a command-line tool designed to detect and exploit CVE-2025-29927, a security flaw in Next.js

Python Updated Apr 12, 2025

BlindBrute Public
Forked from c3llkn1ght/BlindBrute

A blind SQL injection brute forcer

Python MIT License Updated Nov 30, 2024

urlfinder Public
Forked from projectdiscovery/urlfinder

A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.

Go MIT License Updated Nov 27, 2024

loxs Public
Forked from coffinxp/loxs

best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect

Python 1 Updated Nov 27, 2024

ldapper Public
Forked from Synzack/ldapper

Go GNU General Public License v3.0 Updated Nov 21, 2024

ShadowDumper Public
Forked from Offensive-Panda/ShadowDumper

Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive da…

C++ MIT License Updated Nov 19, 2024

sj Public
Forked from BishopFox/sj

A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.

Go MIT License Updated Nov 15, 2024

URLFetcherApp Public
Forked from gh-ost00/URLFetcherApp

Fetch urls/hidden file on domain target

Python 1 Updated Nov 13, 2024

spyhunt Public
Forked from gotr00t0day/spyhunt

recon for bug hunters

Python 1 Updated Nov 3, 2024

trivy Public
Forked from aquasecurity/trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Go Apache License 2.0 Updated Oct 30, 2024

CVE-2024-27954 Public
Forked from gh-ost00/CVE-2024-27954

Automatic Plugin for WordPress < 3.92.1 Multiples Vulnerabilities

Python Updated Oct 29, 2024

Rest_API_Exploit Public
Forked from gh-ost00/Rest_API_Exploit

CORS Exploit POC for WordPress REST API

HTML Updated Oct 27, 2024

cherrybomb Public
Forked from blst-security/cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

Rust Apache License 2.0 Updated Oct 25, 2024

JS-Scanner Public
Forked from gh-ost00/JS-Scanner

The powerfull Extract and Scanner Javascript urls xD

Python Updated Oct 25, 2024

SSTImap Public
Forked from vladko312/SSTImap

Automatic SSTI detection tool with interactive interface

Python GNU General Public License v3.0 Updated Oct 14, 2024

Nuclei_templates2024 Public

nuclei templates for bug bounty #by.Ghost

1 3 MIT License Updated Oct 8, 2024

crlfuzz Public
Forked from dwisiswant0/crlfuzz

A fast tool to scan CRLF vulnerability written in Go

Go MIT License Updated Oct 3, 2024

ghauri Public
Forked from r0oth3x49/ghauri

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Python MIT License Updated Oct 3, 2024

CVE-2024-28987-POC Public
Forked from gh-ost00/CVE-2024-28987-POC

Web Help Desk Hardcoded Credential Vulnerability (CVE-2024-28987)

Python Updated Sep 5, 2024

CVE-2024-1071-SQL-Injection Public
Forked from gh-ost00/CVE-2024-1071-SQL-Injection

Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited

Python Updated Aug 30, 2024

CVE-2024-4577-RCE Public
Forked from gh-ost00/CVE-2024-4577-RCE

PHP CGI Argument Injection (CVE-2024-4577) RCE

Python Updated Aug 20, 2024

exploit-writing-for-oswe Public
Forked from rizemon/exploit-writing-for-oswe

Tips on how to write exploit scripts (faster!)

Updated Jul 15, 2024

kiterunner Public
Forked from assetnote/kiterunner

Contextual Content Discovery Tool

Go GNU Affero General Public License v3.0 Updated Apr 29, 2024

CRLF-Injection-Scanner Public
Forked from MichaelStott/CRLF-Injection-Scanner

Command line tool for testing CRLF injection on a list of domains.

Python Updated Apr 14, 2024

p0wny-shell Public
Forked from flozz/p0wny-shell

Single-file PHP shell

PHP Do What The F*ck You Want To Public License Updated Feb 16, 2024

vulnerability-Checklist Public
Forked from Az0x7/vulnerability-Checklist

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

Updated Feb 10, 2024

client-side-prototype-pollution Public
Forked from BlackFan/client-side-prototype-pollution

Prototype Pollution and useful Script Gadgets

Updated Jan 27, 2024

ahmetQara Public

Config files for my GitHub profile.

config github-config

Updated Jan 20, 2024

BobTheSmuggler Public
Forked from TheCyb3rAlpha/BobTheSmuggler

"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file for…

Python MIT License Updated Jan 16, 2024

Previous Next

Ahmet Kara AhmetQara

Achievements

Achievements

Resume Public

Uh oh!

NextSploit Public

Uh oh!

BlindBrute Public

Uh oh!

urlfinder Public

Uh oh!

loxs Public

Uh oh!

ldapper Public

Uh oh!

ShadowDumper Public

Uh oh!

sj Public

Uh oh!

URLFetcherApp Public

Uh oh!

spyhunt Public

Uh oh!

trivy Public

Uh oh!

CVE-2024-27954 Public

Uh oh!

Rest_API_Exploit Public

Uh oh!

cherrybomb Public

Uh oh!

JS-Scanner Public

Uh oh!

SSTImap Public

Uh oh!

Nuclei_templates2024 Public

Uh oh!

crlfuzz Public

Uh oh!

ghauri Public

Uh oh!

CVE-2024-28987-POC Public

Uh oh!

CVE-2024-1071-SQL-Injection Public

Uh oh!

CVE-2024-4577-RCE Public

Uh oh!

exploit-writing-for-oswe Public

Uh oh!

kiterunner Public

Uh oh!

CRLF-Injection-Scanner Public

Uh oh!

p0wny-shell Public

Uh oh!

vulnerability-Checklist Public

Uh oh!

client-side-prototype-pollution Public

Uh oh!

ahmetQara Public

Uh oh!

BobTheSmuggler Public

Uh oh!