Hi, my name is İbrahim Taha İstikbal

I'm a security researcher and bug hunter.

Computer Engineering student passionate about cyber security and its assets. Experienced in developing security tools, performing in-depth security research and report writing. Participated in public bug bounty programs and reported multiple bugs.

r3conwhal3

reconnaissance-framework

r3conwhale aims to develop a multifunctional recon chain for web applications, intelligently interpreting collected data, and optimizing performance and resource consumption through a concurrency-based approach.

AES File Encryption/Decryption Tool

cryptography

A simple command line tool that encrypts and decrypts files using AES encryption and stores the key in a separate file.

Network Hound

packet-sniffer

Network hound is a network packet sniffer that captures and analyzes network packets on a given interface. The tool is implemented using scapy and Pandas. The packets can be saved to a csv file for later analysis. Network hound can filter the packets based on TCP and/or UDP protocols and source and destination IP adresses.

Decodify

encoding/decoding

Have you ever encountered with a suspicious text and try to decode it in various formats in order to retrieve the hidden information. Well, you don't need to do it manually anymore, just specify the data you found and decodify will identify and decode the data for you.

Reflected XSS with AngularJS expression escape and CSP

The first step of the payload is to set the location property which is a built-in JavaScript object that represents the URL of the current page, and setting it to a new URL is constructed using a template string that includes the following components...

İbrahim Taha İstikbal
İbrahim Taha İstikbal

Reflected XSS with AngularJS Sandbox Escape without Strings

View the page source and observe that your canary is between the angularJS script. Remember that you are dealing with angularJS sandbox, that means regular attack vectors are not going to work. For being able to deliver a successfull XSS attack you have to bypass the angularJS sandbox.

İbrahim Taha İstikbal
İbrahim Taha İstikbal

How To Install Windows 10 On An External Hard Drive

I am not completely against to use dual-boot as a solution but if you are just low on disk space , using dual-boot as a solution can be annoying. So if you are looking for another solution, you are at the right place.

İbrahim Taha İstikbal
İbrahim Taha İstikbal