Skip to content
View stvnhrlnd's full-sized avatar
11 followers · 57 following

Achievements

Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Organizations

@Full-Hack-Developer

Block or report stvnhrlnd

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
stvnhrlnd/README.md

🍩 Stvn Hrlnd (He/Him)

Hi πŸ‘‹, I'm Steven, a software developer and offensive security professional based in Scotland 🏴󠁧󠁒󠁳󠁣󠁴󠁿. Below are some of the more interesting repos you will find on my GitHub profile.

πŸš€ Current Projects

  • fr1end1y - A starter kit for Umbraco-powered Eleventy sites.
  • donutsec.fun - The source code for my blog (built on Eleventy).
  • fullhack.dev - The source code for my business site (built on Eleventy).
  • CMSup - A Bash script to prepare a Ubuntu system for Umbraco source debugging.
  • Multipass Launch Script - A Bash script I use to spin up and configure Multipass instances.

🧐 Vulnerability Research

  • UmbProfile CSRF PoC - Proof of concept for a cross-site request forgery in Umbraco member profiles.
  • UmbRegister-Spoofer - A Python script to create arbitrary members in Umbraco by exploiting the auto-routed surface controllers that Umbraco ships with.

πŸ—£οΈ Talks

πŸ”— Other Links

Pinned Loading

  1. Full-Hack-Developer/fr1end1y Full-Hack-Developer/fr1end1y Public

    A starter kit for Umbraco-powered Eleventy sites.

    JavaScript

  2. donutsec.fun donutsec.fun Public

    My blog site.

    JavaScript

  3. Full-Hack-Developer/fullhack.dev Full-Hack-Developer/fullhack.dev Public

    My business site.

    CSS

  4. cmsup cmsup Public

    A Bash script to prepare a Ubuntu system for Umbraco source debugging.

    Shell

  5. UmbProfile-CSRF-PoC UmbProfile-CSRF-PoC Public

    Proof of concept for a cross-site request forgery in Umbraco member profiles.

    JavaScript 1

  6. UmbRegister-Spoofer UmbRegister-Spoofer Public

    A Python script to create arbitrary members in Umbraco by exploiting the auto-routed surface controllers that Umbraco ships with.

    JavaScript 1