This is your work, valued
sessionprobe. SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
463secure-code-review-challenges. This repo contains the code for my secure code review challenges. People used this as the primary resource to pass FAANG AppSec interviews ๐
365subsnipe. SubSnipe is a tool designed to help find subdomains that are vulnerable to takeover.
131github-dorks. The repository contains useful GitHub dorks for finding open-source vulnerabilities.
95vulnerability-research. This repository contains information on the CVEs I found.
53veracode-javascript-packager. Simple auto-packager for JavaScript/TypeScript (i.e., Node, Angular, React, Vue) that creates a zip to upload for Veracode Static Analysis
27code-review-week-challenges. This repo contains a series of challenges that get harder and harder to exploit
16path-normalization-bypasses. This repo contains labs for bypassing path normalization issues involving Nginx and e.g. Flask and Node.js
15worst-fit-poc. This repo contains a PoC of exploiting Worst Fit (props to Orange Tsai and Splitline who presented this research at Black Hat EMEA 2024)
10leotrace-community-challenges. This repo contains the source code for the LeoTrace community challenges
5xssprobe. XSSProbe is a multi-threaded pentesting tool designed to assist in finding Cross-Site Scripting vulnerabilities.
3createObjectURL-XSS-PoC. PoC for how createObjectURL() can be vulnerable to XSS
3random-bruteforce. This repo is a practical demonstration of bruteforcing a number generated by a not cryptographically secure random number generator
3basic-aws-enumeration. This repo contains useful commands for enumerating common AWS services
2Secure-Processing-XXE-Tests-Java. This repository show that the FEATURE_SECURE_PROCESSING functionality doesn't provide any security benefit against XXE in Java
1pirate-vuln-app. A repository containing a very simple pirate-themed vulnerable app
1JNI-Shared-Object-Injection-PoC. This repo contains a PoC for how an attacker might be able to inject a malicious shared object into a Java application using JNI.
1java-gadget-chain. This project contains a Java deserialization vulnerability that is exploitable with some ysoserial payloads, but also contains a custom class that can be leveraged to get command execution upon deserialization.
1