Hi ๐, I'm Steven, a software developer and offensive security professional based in Scotland ๐ด๓ ง๓ ข๓ ณ๓ ฃ๓ ด๓ ฟ. Below are some of the more interesting repos you will find on my GitHub profile.
- CMSup - A Bash script to prepare a Ubuntu system for Umbraco source debugging.
- Multipass Launch Script - A Bash script I use to spin up and configure Multipass instances.
- UmbProfile CSRF PoC - Proof of concept for a cross-site request forgery in Umbraco member profiles.
- UmbRegister-Spoofer - A Python script to create arbitrary members in Umbraco by exploiting the auto-routed surface controllers that Umbraco ships with.
- Offensive Umbraco: Notes of a Friendly Adversary - June 2021 at the Umbraco Codegarden conference.
- Offensive Umbraco: The Prequel (The Power of XSS) - November 2021 at the Edinburgh Umbraco Users Group meetup.
- Offensive Umbraco Part 3: XSS Weaponisation - April 2023 at Defcon Edinburgh.
- Offensive Umbraco Part 4: Letโs Get Pasted - April 2024 at the Edinburgh Umbraco Users Group meetup.
- Blog: DonutSec
- Mastodon: @[email protected]
- LinkedIn: in/stvnhrlnd