Chrome extension for federated secure web application code delivery.

Generates a random robots.txt deny list to throw script kiddies off the scent.

sample source code

Proyecto personal para la compra de boletos de sitios turísticos de la ciudad de Londres, enfocado principalmente en seguridad web bajo php. (Aún en construcción).

Deloitte's Virtual Experience (VE) Program offers students a platform to explore and develop skills in cyber technology, forensic investigations, data analytics, platform engineering, and coding. The program empowers participants to shape their own career paths and provides a glimpse into the exciting opportunities available at Deloitte.

This project focuses on penetration testing of web pages to identify and exploit common vulnerabilities.

Automation of solving PortSwigger's web security labs.

Learning Spring Security

Valid Login and Registration for a user with java web security.

The Directory Enumerator is a Python script for efficiently discovering existing directories on a target URL using the requests library.

Tool For Exploiting Cross-Origin Resource Sharing Vulnerability

PoC ASGI middleware implementation of the Fetch Metadata specification

Go-Secure-Input is a Go repository dedicated to user input validation and sanitization. This project aims to provide a robust and secure implementation of validation techniques to protect applications against common attacks such as SQL Injection and Cross-Site Scripting (XSS).

PwnWAF 🛡️ Open-source and next-generation Web Application Firewall (WAF)

Web security workshop examples [Shellmates Club]

A purposefully vulnerable HTTP server showcasing potentially vulnerable code patterns

jwtbreaker - Bruteforce JWT token with a password list

Java Spring Boot Backend who implements multiple Authentication Ways.

Here you can find some of the writeups of the ctfs I've played so far.

A simple trap for web crawlers