Skip to content
View JavierOlmedo's full-sized avatar
๐Ÿ•ต๏ธโ€โ™€๏ธ
Researching!!
๐Ÿ•ต๏ธโ€โ™€๏ธ
Researching!!
266 followers · 342 following

Achievements

Achievement: Starstruckx3Achievement: Pull SharkAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Starstruckx3Achievement: Pull SharkAchievement: Arctic Code Vault Contributor

Highlights

  • Pro

Block or report JavierOlmedo

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please donโ€™t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
JavierOlmedo/README.md

Typing SVG


About Me

๐Ÿง‘โ€๐Ÿ’ป Who am I?

๐Ÿท๏ธ Name: Javier Olmedo

๐Ÿ“ Location: Toledo, Spain ๐Ÿ‡ช๐Ÿ‡ธ UTC+01:00

๐Ÿ’ผ Role: Penetration Tester

๐ŸŽ“ Certs: OSCP ยท OSWE ยท OSEP ยท CRTO

โšก Fun Fact: 18 CVEs published and still hunting...

๐Ÿ’ก What I do?

๐Ÿ” Web Application Penetration Testing

๐Ÿด CTF Player at Hack The Box

๐Ÿ› Security Research & CVE Discovery

โœ๏ธ Blogging at Hackpuntes.com

๐Ÿ›ก๏ธ Red Team & Active Directory Attacks

๐Ÿš€ Currently

๐Ÿ”ญ Writing CTF WriteUps on Hackpuntes.com ย โ€ขย  ๐ŸŒฑ Researching Active Directory & Red Team techniques ย โ€ขย  ๐Ÿ’ฌ Ask me about Web Pentesting, Python, Exploit Development ย โ€ขย  ๐ŸŽฏ Goal: Make cybersecurity knowledge accessible to everyone

๐ŸŽ“ Certifications

GitHub Trophies

Trophies

๐Ÿ› ๏ธ Skills

๐Ÿž Penetration Testing ๐Ÿ”ง Hacking Tools ๐Ÿ‘จ๐Ÿปโ€๐Ÿ’ป Programming ๐ŸŒ Web Development
โœ… Web Application โœ… Burp Suite โœ… Python โœ… HTML, CSS, JS
โœ… Reversing APK โœ… Nmap โœ… Golang โœ… PHP
โœ… Linux / Windows โœ… Nessus โœ… C# / PowerShell โœ… Vue.js

๐Ÿ” My CVEs

CVE Name CVSS3 CVSS2 ExploitDB
CVE-2018-13832 All In One Favicon <= 4.6 - Multiple Stored Authenticated XSS 4.8 MEDIUM ๐ŸŸ  3.5 LOW ๐ŸŸข โœ…
CVE-2018-14430 Multi Step Form <= 1.2.5 - Multiple Unauthenticated Reflected XSS 6.1 MEDIUM ๐ŸŸ  4.3 MEDIUM ๐ŸŸ  โŒ
CVE-2018-15571 Export Users to CSV <= 1.1.1 - CSV Injection 8.6 HIGH ๐Ÿ”ด 6.8 MEDIUM ๐ŸŸ  โœ…
CVE-2018-15873 Sentrifugo HRMS 3.2 - Blind SQL Injection 9.8 CRITICAL ๐ŸŸฃ 7.5 HIGH ๐Ÿ”ด โœ…
CVE-2018-15917 Jorani Leave Management System 0.6.5 - Stored XSS 5.4 MEDIUM ๐ŸŸ  3.5 LOW ๐ŸŸข โœ…
CVE-2018-15918 Jorani Leave Management System 0.6.5 - SQL Injection 5.4 MEDIUM ๐ŸŸ  5.5 MEDIUM ๐ŸŸ  โœ…
CVE-2018-18478 Libre Network Monitoring System 1.43 - Stored XSS 6.1 MEDIUM ๐ŸŸ  4.3 MEDIUM ๐ŸŸ  โŒ
CVE-2018-18921 PHP Server Monitor 3.3.1 - CSRF 6.5 MEDIUM ๐ŸŸ  5.8 MEDIUM ๐ŸŸ  โœ…
CVE-2018-18922 Ticketly 1.0 - Privilege Escalation 9.8 CRITICAL ๐ŸŸฃ 5.0 MEDIUM ๐ŸŸ  โœ…
CVE-2018-18923 Ticketly 1.0 - Multiple SQL Injection 9.8 CRITICAL ๐ŸŸฃ 7.5 HIGH ๐Ÿ”ด โœ…
CVE-2018-19828 Integria IMS 5.0.83 - XSS 6.1 MEDIUM ๐ŸŸ  4.3 MEDIUM ๐ŸŸ  โœ…
CVE-2018-19829 Integria IMS 5.0.83 - CSRF 6.5 MEDIUM ๐ŸŸ  5.8 MEDIUM ๐ŸŸ  โœ…
CVE-2019-7400 Rukovoditel ERP & CRM 2.4.1 - XSS 6.1 MEDIUM ๐ŸŸ  4.3 MEDIUM ๐ŸŸ  โœ…
CVE-2019-15092 Import Export WordPress Users 1.3.1 - CSV Injection 7.3 HIGH ๐Ÿ”ด 6.0 MEDIUM ๐ŸŸ  โœ…
CVE-2019-19031 Easy XML Editor <= 1.7.8 - XXE Injection 8.1 HIGH ๐Ÿ”ด 5.5 MEDIUM ๐ŸŸ  โœ…
CVE-2019-19032 XMLBlueprint <= 16.191112 - XXE Injection 8.1 HIGH ๐Ÿ”ด 5.5 MEDIUM ๐ŸŸ  โœ…
CVE-2020-9038 Joplin through 1.0.184 - Arbitrary File Read via XSS 5.4 MEDIUM ๐ŸŸ  3.5 LOW ๐ŸŸข โŒ
CVE-2021-43091 SQL Injection in yeswiki/yeswiki 7.5 HIGH ๐Ÿ”ด 5.0 MEDIUM ๐ŸŸ  โŒ

๐Ÿ“ Latest from Hackpuntes

๐Ÿ“Š GitHub Stats

GitHub Stats Streak Stats
Top Languages

Profile Summary

Profile Details
Repos per Language Most Commit Language Productive Time

๐Ÿ“ฌ Contact Me


ย ย  ย ย  ย ย  ย ย  ย ย  ย ย  ย ย  ย ย  ย ย 



snake animation

Profile Views


Made with โค๏ธ in Spain

Pinned Loading

  1. projectdiscovery/public-bugbounty-programs projectdiscovery/public-bugbounty-programs Public

    Community curated list of public bug bounty and responsible disclosure programs.

    Go 1.3k 385

  2. shodan-filters shodan-filters Public

    A list of shodan filters

    584 124

  3. OWASP-Calculator OWASP-Calculator Public

    ๐Ÿงฎ An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment

    HTML 162 73

  4. UltimateCMSWordlists UltimateCMSWordlists Public

    ๐Ÿ“š An ultimate collection wordlists of the best-known CMS

    94 25

  5. ipdiscover ipdiscover Public

    ๐Ÿ” A simple tool to obtain long lists of ips from domains using goroutines

    Go 26 3

  6. tmb5cg/Fifa-Autobidder tmb5cg/Fifa-Autobidder Public

    Selenium-based bot that autobids and autobuys players on FIFA 23 Ultimate Team's transfer market

    Python 147 45