/research

Hello and welcome to my GitHub account. If you'd like to know more about me, this is likely the best place to start

Primary LanguageJavaScript

Hello and welcome to my GitHub account. If you'd like to know more about me, this is likely the best place to start

Writeups

Hidden directories and files as a source of sensitive information about web application

Some analysis about how to get information about web application from folders like .git , .idea and similar. https://github.com/bl4de/research/tree/master/hidden_directories_leaks

As a part of this, I'm working on tool (in Python) to extract data from revealed Git repositories:

https://github.com/bl4de/security-tools/tree/master/diggit

RAA Ransomware JavaScript code analysis

Detailed, step-by-step analysis of RAA ransomware, created entirely in JavaScript

https://github.com/bl4de/research/tree/master/raa-ransomware-analysis

Simple JavaScript malware code deobfuscation walkthrough

JavaScript malware code deobfuscation step-by-step walkthrough

https://github.com/bl4de/research/blob/master/javascript-malware-obfuscation/Simple_JavaScript_malware_code_obfuscation_examples.md

--

Bug Bounty

Bugcrowd

https://bugcrowd.com/bl4de

HackerOne

https://hackerone.com/bl4de

--

Hall of Fame

OLX https://security.olx.com/security-hall-of-fame.html

Acknowledgments

Eternity Wall https://eternitywall.it/m/5ac86b8099d0121ff3b1944309878eb7d1d37341b062ec4a7219957fb5776365

--

CTF CTFtime.org

2017

In progress...

2016

Ranking position: 882 with 11,276 points; finished in top 9% teams with any points in CTFtime ranking, with 0,69% points of the best team

teams with any points: 10593

best team result: 1625,714 (dcua)

Full stats: https://ctftime.org/team/16701 (Stack)

2015

Ranking position: 562 with 14,677 points; finished in top 8% teams with any points in CTFtime ranking, with 0,81% points of the best team

teams with any points: 7275

best team result: 1789,884 (Plaid Parliament of Pwning)

Full stats: https://ctftime.org/team/12769 (bl4de - not active at this name anymore)

CTF writeups

You can see my CTF writeups from variuos events here: https://github.com/bl4de/ctf#ctf-capture-the-flag-writeups-repository

--

You can follow me on Twitter. I share IT security, web development and coding related stuff.

https://twitter.com/_bl4de

If you'd like to contact me, please feel free to send an email to bloorq [at] gmail [dot] com