This repository contains research material, exploit code, and utilities developed while preparing for the Offensive Security Web Expert (OSWE) certification and the Hack The Box Certified Web Exploitation Expert (CWEE) course.
Some Python files in this repository were never intended to be standalone, executable scripts.
This is especially true for the Utilities and PythonExplorations directories, which mostly contain experimental snippets kept on hand for future use.
These snippets may require modification or debugging before use.
The repository was originally meant to be more comprehensive, but priorities shifted mid-development.
Each directory corresponds to a topic or lab area explored while studying for web exploitation certifications.
| Directory | Description |
|---|---|
| AuthenticationMechanism/ | Experiments and PoCs focused on authentication and session management weaknesses. |
| BurpsuiteExtensions/ | Custom Burp Suite extension. |
| CWEE/ | Supporting code and notes derived from the CWEE labs. |
| CodeScanning/ | Early experiments with automated source scanning and static analysis (abandoned). |
| ExamPrep/ | Skeletons and modules created during OSWE preparation. |
| InjectionAttacks/ | Mostly LDAP injection scripts from CWEE. |
| SQLi/ | SQL injection exploitation scripts. |
| Scanners/ | Custom scanning utilities and quick enumeration tools. Was meant to be more, but I never came back to development work here. |
| TemplatesAndSnippets/ | Reusable code fragments, decorators, and boilerplate used across projects. |
| Utilities/ | General-purpose Python utilities and code snippets I found helpful. |
| Notes/ | Markdown notes and supporting material from lab sessions and write-ups. |
- CodeScanning/ — Experimental; left for historical reference but no longer maintained.