The B.L.O.G experiment

VulnCode: Secure Code Review Training -- This application allows the user to practice identifying vulnerabilities within codeblocks. Each codeblock was engineered to contain a single vulnerability. There are three difficulty levels. Each exercise contains a detailed explanation which becomes available after a correct answer or three wrong answers.

My papers

A utility to test the success of xss payloads on a target website. Use responsibly.

Yet another security blog

websec.fr writeups

Chrome extension to help in identify SPAs

Some netsec workflow notes

Confidential Project: Under Development

Lists of elements that compose HTML and SVG structure to fuzz in security testing checks

🤖 Telegram Bot written on Python for basic web-app analysis.

The Clara S. Traversal's classroom is an intermediate level web security challenge (black box) where you will have to exploit both client-side and server-side vulnerability in order to change a student grade. Can you hack the class and get in? Access teacher only features? Do even more than the teacher can? Good luck!

A collection of often-used scripts and tools

Content Discovery/Directory Brute-forcing using Python3

🔍 Explore a comprehensive collection of cybersecurity interview questions and answers, designed for all positions in the field.

Automatically exploit time-based blind SQL injection vulnerabilities

Malspider is a web spidering framework that detects characteristics of web compromises.

Writeups for Over The Wire wargames, for total security noobs.

writeups/solvers for CTF challenges