This is your work, valued

Spain

Florian Walter

Expert
@dub-flow

Penetration Tester, App Sec expert, Software Engineer

sessionprobe. SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.

463

secure-code-review-challenges. This repo contains the code for my secure code review challenges. People used this as the primary resource to pass FAANG AppSec interviews ๐Ÿ˜‰

365

subsnipe. SubSnipe is a tool designed to help find subdomains that are vulnerable to takeover.

131

github-dorks. The repository contains useful GitHub dorks for finding open-source vulnerabilities.

95

vulnerability-research. This repository contains information on the CVEs I found.

53

veracode-javascript-packager. Simple auto-packager for JavaScript/TypeScript (i.e., Node, Angular, React, Vue) that creates a zip to upload for Veracode Static Analysis

27

code-review-week-challenges. This repo contains a series of challenges that get harder and harder to exploit

16

path-normalization-bypasses. This repo contains labs for bypassing path normalization issues involving Nginx and e.g. Flask and Node.js

15

worst-fit-poc. This repo contains a PoC of exploiting Worst Fit (props to Orange Tsai and Splitline who presented this research at Black Hat EMEA 2024)

10

leotrace-community-challenges. This repo contains the source code for the LeoTrace community challenges

5

xssprobe. XSSProbe is a multi-threaded pentesting tool designed to assist in finding Cross-Site Scripting vulnerabilities.

3

createObjectURL-XSS-PoC. PoC for how createObjectURL() can be vulnerable to XSS

3

random-bruteforce. This repo is a practical demonstration of bruteforcing a number generated by a not cryptographically secure random number generator

3

basic-aws-enumeration. This repo contains useful commands for enumerating common AWS services

2

Secure-Processing-XXE-Tests-Java. This repository show that the FEATURE_SECURE_PROCESSING functionality doesn't provide any security benefit against XXE in Java

1

pirate-vuln-app. A repository containing a very simple pirate-themed vulnerable app

1

JNI-Shared-Object-Injection-PoC. This repo contains a PoC for how an attacker might be able to inject a malicious shared object into a Java application using JNI.

1

java-gadget-chain. This project contains a Java deserialization vulnerability that is exploitable with some ysoserial payloads, but also contains a custom class that can be leveraged to get command execution upon deserialization.

1