Switch to English?
Yes
Переключитись на українську?
Так
Переключиться на русскую?
Да
Przełączyć się na polską?
Tak
  1. Freelancers

Danylo Afonin

Offer Danylo work on your next project.

Ukraine Kharkiv, Ukraine
1 month 23 days back
Available for hire available for hire
age 19 years
on the service 2 months 3 days
Freelancer Danylo A. — Ukraine, Kharkiv. Core skill — Cybersecurity & Data Protection, Python

Rating

Successful projects
No data
Average rating
No data
Rating
292
Cybersecurity & Data Protection
24 place out of 197
Python
616 place out of 4454

Skills and abilities

Programming

Services

Portfolio


  • 11 USD

    Development of a tool for fuzzing web applications (ghostfuzzing)

    Cybersecurity & Data Protection
    Development of a custom tool for automated testing of web applications using the fuzzing method.

    As part of the work, a tool was created that allows:

    * to automatically generate and send requests to target endpoints
    * to test parameters for vulnerabilities
    * to detect unusual behavior of the application

    The main goal is to simplify the process of finding vulnerabilities through automation and scaling of testing.

    Implemented:

    * processing of request parameters
    * generation of payloads
    * analysis of server responses

    The tool can be used for:

    * initial security testing
    * searching for potential vulnerabilities (XSS, injections, logical errors)
    * analysis of APIs and web applications

    The work demonstrates skills in:

    * development of tools for cybersecurity
    * understanding of fuzzing principles
    * practical approach to pentest automation
  • 0 USD

    Vulnerability analysis in the CTF task (Write-up)

    Cybersecurity & Data Protection
    Analysis and exploitation of vulnerabilities in the Docker environment (CTF / laboratory)

    This work conducted a complete analysis of the target system followed by the exploitation of vulnerabilities.

    The following was performed:

    * initial scanning and analysis of services
    * investigation of the web application
    * exploitation of a vulnerability to gain initial access
    * privilege escalation in the system

    Particular attention was paid to working with the Docker environment, including:

    * analysis of containers
    * detection of insecure configurations
    * use of docker.sock to escape from the container and gain access to the host system

    As a result, full control over the system was obtained (root access).

    Tools used:

    * Burp Suite
    * Nmap
    * custom scripts
    * Docker API

    The work demonstrates practical skills in:

    * pentesting web applications
    * exploiting vulnerabilities
    * analyzing containerized environments (Docker)
  • 23 USD

    Detection of XSS vulnerability in the web application

    Cybersecurity & Data Protection
    An XSS (Cross-Site Scripting) vulnerability has been discovered in the web application.

    Conducted:

    * analysis of request parameters
    * testing of user input
    * confirmation of JavaScript code execution

    Described:

    * how the vulnerability occurs
    * potential risks
    * recommendations for remediation

    Demonstrates practical experience in identifying and analyzing web vulnerabilities.