OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

Datadog PHP Clients

Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.

A simple PHP application to learn SQL Injection detection and exploitation techniques.

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

OWASP Application Security Verification Standard 4.0 Checklist

webshells written with malice

Vulnerable Application written in PHP

A simple static application security testing (SAST) tool for locating dangerous sinks in php applications.

PHP Implementation of SafeURL (Anti-SSRF lib)

Demonstration videos and presentation regarding the talk given at the VOXXED LU 2022 conference.

This is the demo application of my talk "Defensive Coding Reloaded" held at the Securi-Tay 2022 conference in Dundee, Scotland.

A PHP library for creating typed values (Value Objects) with integrated validation via Respect\Validation. Built according to the principles of the Application Security Manifesto to ensure secure data processing.

Security testing toolkit for Claude Code: curated SecLists wordlists, injection payloads, and expert agents for authorized pentesting, CTFs, and bug bounties

A PHP 8.1+ library for creating robust typed value objects with built-in validation, composite values, and enum support

Projeto onde exploro vulnerabilidades de File Upload a partir dos labs da PortSwigger, realizando RCE via upload de arquivos PHP e bypass de validações como Content-Type usando Caido e Burp Suite. Registrei todo o processo com evidências e análise técnica.

🛒 Manage merchant and customer accounts efficiently with this system, ensuring smooth financial tracking and personal data management.