xalgord
GitHub profile for xalgord20 skills
Are you xalgord? Claim your skills.
xalgord / exploiting-dependency-confusion
Identifies and exploits dependency confusion attacks in package managers, enhancing web application security assessments.
xalgord / exploiting-mass-assignment-in-rest-apis
Identifies and exploits mass assignment vulnerabilities in REST APIs to escalate privileges and modify restricted fields.
xalgord / exploiting-orm-injection
Enables security professionals to exploit ORM injection vulnerabilities in web applications, aiding in data exfiltration testing.
xalgord / exploiting-race-condition-vulnerabilities
Detects and exploits race condition vulnerabilities in web applications using Turbo Intruder's single-packet attack technique.
xalgord / exploiting-template-injection-vulnerabilities
Detects and exploits Server-Side Template Injection vulnerabilities in various template engines to achieve remote code execution.
xalgord / exploiting-xslt-server-side-injection
Demonstrates techniques for exploiting server-side XSLT injection vulnerabilities, enabling various attacks like SSRF and RCE.
xalgord / performing-web-cache-deception-attack
Enables execution of web cache deception attacks by exploiting CDN caching discrepancies to access sensitive content.
xalgord / testing-for-xxe-injection-vulnerabilities
Enables security professionals to discover and exploit XXE injection vulnerabilities in XML processing applications.
xalgord / detecting-bluetooth-low-energy-attacks
Analyzes Bluetooth Low Energy security attacks, detecting sniffing and replay attacks using specialized hardware and software tools.
xalgord / implementing-beyondcorp-zero-trust-access-model
Enables secure application access using Google's BeyondCorp zero trust model, eliminating implicit trust and enhancing security.
xalgord / monitoring-scada-modbus-traffic-anomalies
Monitors Modbus TCP traffic on SCADA networks to detect anomalies and unauthorized actions, enhancing OT security through deep packet inspection.
xalgord / conducting-api-security-testing
Conducts thorough security testing of APIs to identify vulnerabilities using OWASP guidelines and tools like Burp Suite and Postman.
xalgord / executing-phishing-simulation-campaign
Facilitates authorized phishing simulations to evaluate an organization's vulnerability to email-based social engineering attacks.
xalgord / executing-red-team-exercise
Simulates real-world adversary operations to assess an organization's detection and response capabilities through comprehensive red team exercises.
xalgord / exploiting-sql-injection-vulnerabilities
Identifies and exploits SQL injection vulnerabilities in web applications during authorized penetration tests using sqlmap and manual techniques.
xalgord / performing-web-application-penetration-test
Conducts thorough security testing of web applications using OWASP guidelines to identify vulnerabilities and enhance application security.
xalgord / testing-for-xss-vulnerabilities
Tests web applications for XSS vulnerabilities by injecting JavaScript payloads to identify security flaws and potential exploits.
xalgord / implementing-gdpr-data-subject-access-request
Automates GDPR Data Subject Access Requests, ensuring compliance with identity verification, PII discovery, and response templating.
xalgord / deploying-ransomware-canary-files
Deploys ransomware canary files to detect unauthorized access, providing early warnings before data encryption occurs.
xalgord / detecting-ransomware-precursors-in-network
Identifies early ransomware indicators in network traffic, enabling proactive defense before encryption occurs.