Hello and welcome to my GitHub account. If you'd like to know more about me, this is likely the best place to start
HackerOne
Bugcrowd
OLX https://security.olx.com/security-hall-of-fame.html (2016)
Eternity Wall https://eternitywall.it/m/5ac86b8099d0121ff3b1944309878eb7d1d37341b062ec4a7219957fb5776365
serve npm module Directory Traversal vulnerability - CVE-2018-3712 (https://nodesecurity.io/advisories/561)
Hackthebox.eu profile:
https://www.hackthebox.eu/profile/703
In progress...
Ranking position: 1251 with 13,435 points; finished in top 8,55% teams with any points in CTFtime ranking, with 1,72% points of the best team
teams with any points: 14615
best team result: 780,201 (217)
Full stats: https://ctftime.org/team/16701 (Stack)
Ranking position: 882 with 11,276 points; finished in top 9% teams with any points in CTFtime ranking, with 0,69% points of the best team
teams with any points: 10593
best team result: 1625,714 (dcua)
Full stats: https://ctftime.org/team/16701 (Stack)
Ranking position: 562 with 14,677 points; finished in top 8% teams with any points in CTFtime ranking, with 0,81% points of the best team
teams with any points: 7275
best team result: 1789,884 (Plaid Parliament of Pwning)
Full stats: https://ctftime.org/team/12769 (bl4de - not active at this name anymore)
You can see my CTF writeups from variuos events here: https://github.com/bl4de/ctf#ctf-capture-the-flag-writeups-repository
--
Hidden directories and files as a source of sensitive information about web application
Some analysis about how to get information about web application from folders like .git , .idea and similar. https://github.com/bl4de/research/tree/master/hidden_directories_leaks
As a part of this, I'm working on tool (in Python) to extract data from revealed Git repositories:
https://github.com/bl4de/security-tools/tree/master/diggit
Detailed, step-by-step analysis of RAA ransomware, created entirely in JavaScript
https://github.com/bl4de/research/tree/master/raa-ransomware-analysis
JavaScript malware code deobfuscation step-by-step walkthrough
--
You can follow me on Twitter. I share IT security, web development and coding related stuff.
If you'd like to contact me, please feel free to send an email to bloorq [at] gmail [dot] com
Hello and welcome to my GitHub account. If you'd like to know more about me, this is likely the best place to start
HackerOne
Bugcrowd
OLX https://security.olx.com/security-hall-of-fame.html (2016)
Eternity Wall https://eternitywall.it/m/5ac86b8099d0121ff3b1944309878eb7d1d37341b062ec4a7219957fb5776365
serve npm module Directory Traversal vulnerability - CVE-2018-3712 (https://nodesecurity.io/advisories/561)
Hackthebox.eu profile:
https://www.hackthebox.eu/profile/703
In progress...
Ranking position: 1251 with 13,435 points; finished in top 8,55% teams with any points in CTFtime ranking, with 1,72% points of the best team
teams with any points: 14615
best team result: 780,201 (217)
Full stats: https://ctftime.org/team/16701 (Stack)
Ranking position: 882 with 11,276 points; finished in top 9% teams with any points in CTFtime ranking, with 0,69% points of the best team
teams with any points: 10593
best team result: 1625,714 (dcua)
Full stats: https://ctftime.org/team/16701 (Stack)
Ranking position: 562 with 14,677 points; finished in top 8% teams with any points in CTFtime ranking, with 0,81% points of the best team
teams with any points: 7275
best team result: 1789,884 (Plaid Parliament of Pwning)
Full stats: https://ctftime.org/team/12769 (bl4de - not active at this name anymore)
You can see my CTF writeups from variuos events here: https://github.com/bl4de/ctf#ctf-capture-the-flag-writeups-repository
Some security related tools I've created:
https://github.com/bl4de/security-tools
Hidden directories and files as a source of sensitive information about web application
Some analysis about how to get information about web application from folders like .git , .idea and similar. https://github.com/bl4de/research/tree/master/hidden_directories_leaks
As a part of this, I'm working on tool (in Python) to extract data from revealed Git repositories:
https://github.com/bl4de/security-tools/tree/master/diggit
Detailed, step-by-step analysis of RAA ransomware, created entirely in JavaScript
https://github.com/bl4de/research/tree/master/raa-ransomware-analysis
JavaScript malware code deobfuscation step-by-step walkthrough
You can follow me on Twitter. I share IT security, web development and coding related stuff.
If you'd like to contact me, please feel free to send an email to bloorq [at] gmail [dot] com