Hi, my name is İbrahim Taha İstikbal
I'm a security researcher and bug hunter.
Computer Engineering student passionate about cyber security and its assets. Experienced in developing security tools, performing in-depth security research and report writing. Participated in public bug bounty programs and reported multiple bugs.
Latest Projects
I show only my best works built completely with passion, simplicity, and creativity!
r3conwhal3
reconnaissance-framework
r3conwhale aims to develop a multifunctional recon chain for web applications, intelligently interpreting collected data, and optimizing performance and resource consumption through a concurrency-based approach.
AES File Encryption/Decryption Tool
cryptography
A simple command line tool that encrypts and decrypts files using AES encryption and stores the key in a separate file.
Network Hound
packet-sniffer
Network hound is a network packet sniffer that captures and analyzes network packets on a given interface. The tool is implemented using scapy and Pandas. The packets can be saved to a csv file for later analysis. Network hound can filter the packets based on TCP and/or UDP protocols and source and destination IP adresses.
Decodify
encoding/decoding
Have you ever encountered with a suspicious text and try to decode it in various formats in order to retrieve the hidden information. Well, you don't need to do it manually anymore, just specify the data you found and decodify will identify and decode the data for you.
Recent Posts
Reflected XSS with AngularJS expression escape and CSP
The first step of the payload is to set the location property which is a built-in JavaScript object that represents the URL of the current page, and setting it to a new URL is constructed using a template string that includes the following components...
Reflected XSS with AngularJS Sandbox Escape without Strings
View the page source and observe that your canary is between the angularJS script. Remember that you are dealing with angularJS sandbox, that means regular attack vectors are not going to work. For being able to deliver a successfull XSS attack you have to bypass the angularJS sandbox.
How To Install Windows 10 On An External Hard Drive
I am not completely against to use dual-boot as a solution but if you are just low on disk space , using dual-boot as a solution can be annoying. So if you are looking for another solution, you are at the right place.