4. Security & Compliance

Prevents XSS and injection attacks by validating and sanitizing user input, ensuring secure handling of form data and user-generated content.

Prevents Cross-Site Scripting (XSS) attacks in web applications through input sanitization, output encoding, and Content Security Policy implementation.

Identifies cryptographic weaknesses including weak algorithms, hardcoded keys, and insecure key management in binary code for security auditing.

Breaks cryptographic systems including RSA, AES, and classical ciphers to identify vulnerabilities and decrypt ciphertext.

Prevents XSS and injection attacks by sanitizing and validating user input in TypeScript applications.

Scans codebases for exposed secrets like API keys, tokens, and passwords to prevent security breaches before committing changes.

Scans Python code for security vulnerabilities, maps to CWE/OWASP, and provides remediation guidance for CI/CD pipelines.

Expert guidance on PKI and X.509 certificate management including structure, CSR generation, signing, revocation, and OpenSSL commands for secure cryptographic operations.

Provides guidance for bypassing HTML/JavaScript sanitization filters to test for XSS vulnerabilities in security assessments and penetration testing.

Extracts and processes ELF binary data including headers, segments, and memory contents for security analysis and reverse engineering workflows.

Guides linear cryptanalysis on FEAL and Feistel ciphers to recover encryption keys from known plaintext-ciphertext pairs.

Automates removal of API keys, tokens, and credentials from Git repositories to prevent accidental exposure and enhance security.

Sanitizes HTML by removing JavaScript and XSS vectors while preserving original document structure and formatting.

Guides on fixing security vulnerabilities in code, including SQL injection and XSS remediation.

Guides secure recovery and removal of sensitive data from Git history, including handling lost commits and reflog data to prevent leaks.

Guides cracking 7z archive password hashes for security testing, CTF challenges, and authorized password recovery.

Guides implementation of differential cryptanalysis on FEAL and Feistel ciphers for key recovery and CTF challenges.

Guides extraction of secrets from protected binaries using static and dynamic analysis for security vulnerability discovery.

Recovers passwords and sensitive data from disk images, deleted files, and binary data in digital forensic investigations.

Expert guidance for OpenSSL operations including SSL/TLS certificate management, key handling, and PKI infrastructure setup.

Generates LibFuzzer-based fuzz drivers for Python libraries to identify security vulnerabilities through automated input testing.

Generates self-signed SSL/TLS certificates using OpenSSL, including key creation, certificate signing, and verification scripts.

Provides foundational knowledge for creating and understanding Suricata network security signatures and multi-condition deep packet inspection logic.

Generates structured CSV security audit reports with severity filtering and JSON-to-CSV field mapping using Python.