Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)

Code to share the knowledge I gained while designing and implementing micro services

Hands-On workshop for securing a reactive spring boot 2 application in multiple steps

Cloud-Native Microservice Security Bootcamp

A reinforced version of the Wavsep evaluation platform.

Integrate our security scans with your Jenkins CI/CD pipeline

Optimize your web vulnerability assessments with PassiveDigger, a comprehensive Burp Suite extension that specializes in passive traffic analysis. Detect potential vulnerabilities, get actionable insights, and supercharge your security audits.

A seriously flawed Java project for teaching "OWASP Top 10 - 2017" concepts.

Project for the course: https://cybersecuritybase.github.io/

Bachelor’s Work - WEB programming

A vehicle service reservation application with a focus on security, authentication, and access control.

This project is a Spring MVC-based Java application that implements a security interceptor to validate incoming HTTP requests and prevent common vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and malicious file uploads.

A dynamic web application for vehicle service reservations, securing against OWASP Top 10 vulnerabilities. It uses OIDC protocols with the Asgardeo IDP for user authentication and access control.

Same vulnerable app as swsec-intro, but in a more modern framework.

Ecom is a Spring Boot-based e-commerce application offering user authentication, role-based access, product management, a shopping cart, and admin controls. Built with Java 17, Spring Security, and Hibernate, it ensures secure and efficient operations. Its intuitive setup and robust features make it ideal for scalable e-commerce solutions.

Created a secure vehicle service reservation system. Implemented OIDC authentication and ensured compliance with OWASP Top 10 security practices, featuring user profiles and reservation management.

Project for the class Computer Security

Cross-site Request Forgery (CSRF) protection in web applications can be done in 2 ways; Synchronizer Token Pattern and Double Submit Cookies Pattern. This Web App demonstrates both of these.