Skip to content
View stvnhrlnd's full-sized avatar
11 followers · 20 following

Achievements

Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Block or report stvnhrlnd

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
stvnhrlnd/README.md

🍩 Stvn Hrlnd (He/Him)

Hi πŸ‘‹, I'm Steven, a software developer and offensive security professional based in Scotland 🏴󠁧󠁒󠁳󠁣󠁴󠁿. Below are some of the more interesting repos you will find on my GitHub profile.

πŸš€ Current Projects

  • donutsec.fun - The source code for my Eleventy blog site.
  • fullhack.dev - The source code for my Eleventy business site.
  • CMSup - A Bash script to prepare a Ubuntu system for Umbraco source debugging.
  • Multipass Launch Script - A Bash script I use to spin up and configure Multipass instances.

🧐 Vulnerability Research

  • UmbProfile CSRF PoC - Proof of concept for a cross-site request forgery in Umbraco member profiles.
  • UmbRegister-Spoofer - A Python script to create arbitrary members in Umbraco by exploiting the auto-routed surface controllers that Umbraco ships with.

πŸ—£οΈ Talks

πŸ”— Other Links

Pinned Loading

  1. donutsec.fun donutsec.fun Public

    JavaScript

  2. Full-Hack-Developer/fullhack.dev Full-Hack-Developer/fullhack.dev Public

    CSS

  3. cmsup cmsup Public

    A Bash script to prepare a Ubuntu system for Umbraco source debugging.

    Shell

  4. multipass-launch-script multipass-launch-script Public

    A Bash script I use to spin up and configure Multipass instances.

    Shell

  5. UmbProfile-CSRF-PoC UmbProfile-CSRF-PoC Public

    Proof of concept for a cross-site request forgery in Umbraco member profiles.

    JavaScript 1

  6. UmbRegister-Spoofer UmbRegister-Spoofer Public

    A Python script to create arbitrary members in Umbraco by exploiting the auto-routed surface controllers that Umbraco ships with.

    JavaScript 1