Repository for my GitBook (CTF writeups)

The B.L.O.G experiment

My papers

A utility to test the success of xss payloads on a target website. Use responsibly.

Content Discovery/Directory Brute-forcing using Python3

VulnCode: Secure Code Review Training -- This application allows the user to practice identifying vulnerabilities within codeblocks. Each codeblock was engineered to contain a single vulnerability. There are three difficulty levels. Each exercise contains a detailed explanation which becomes available after a correct answer or three wrong answers.

Automatically exploit time-based blind SQL injection vulnerabilities

A collection of often-used scripts and tools

Lists of elements that compose HTML and SVG structure to fuzz in security testing checks

The Clara S. Traversal's classroom is an intermediate level web security challenge (black box) where you will have to exploit both client-side and server-side vulnerability in order to change a student gard. Can you hack the class and get in? Access teacher only features? Do even more than the teacher can? Good luck!

🤖 Telegram Bot written on Python for basic web-app analysis.

Yet another security blog

Some netsec workflow notes

Malspider is a web spidering framework that detects characteristics of web compromises.

Writeups for Over The Wire wargames, for total security noobs.

writeups/solvers for CTF challenges

A collection of small web-security challenges

Extract endpoints from stdin or files.

A tech enumeration toolkit focused on 404 Not found pages.