Skip to content
View kOaDT's full-sized avatar
33 followers · 104 following

Achievements

Achievement: QuickdrawAchievement: Pull Sharkx3Achievement: YOLO

Achievements

Achievement: QuickdrawAchievement: Pull Sharkx3Achievement: YOLO

Block or report kOaDT

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
kOaDT/README.md

AppSec & Software Developer

Header

Website   TryHackMe   Root-Me


TryHackMe

Global Rank Top Streak
#16473 1% 571 days

Projects

Project Description
OopsSec Store Deliberately vulnerable e-commerce for security training and CTF. Run npx create-oss-store, open your browser, and start hunting flags!
Cyber Hub Threat intelligence platform: RSS aggregation, NVD CVE tracking, ENISA EUVD, databreaches, ...
Hash Cracker Multi-threaded dictionary attack tool built with Rust
Hate Crimes Map Data visualization platform mapping hate crime statistics

CVE Proof of Concepts

CVE Severity Description
CVE-2025-55182 CVSS 10.0 A pre-authentication remote code execution vulnerability also known as React2Shell
CVE-2025-29927 CVSS 9.1 A vulnerability in Next.js that allows attackers to bypass authorization checks implemented in middleware

Github Metrics

TryHackMe Badges (46)
  • Networking NerdCompleting the 'Network Fundamentals' module
  • 7 Day StreakAchieving a 7 day hacking streak
  • WebbedUnderstands how the world wide web works
  • World Wide WebCompleting the 'How The Web Works' module
  • cat linux.txtBeing competent in Linux
  • 30 Day StreakHacking for 30 days solid
  • OWASP Top 10Understanding every OWASP vulnerability
  • Hash CrackerCracking all those hashes
  • MetasploitableContains the knowledge to use Metasploit
  • BlueHacking into Windows via EternalBlue
  • Cyber ReadyUnderstanding impact of training on teams
  • Sword ApprenticeCompleting the SQLMap room
  • Shield ApprenticeCompleting the FlareVM room
  • 90 Day StreakHacking for 90 days in a row
  • Linux PrivEscMastering Linux Privilege Escalation
  • Pentesting PrinciplesCompleting the 'Introduction to Pentesting' module
  • Intro to Web HackingCompleting the 'Introduction to Web Hacking' module
  • Advent of Cyber 2024Completing Advent of Cyber 2024!
  • Burp'edCompleting the Burp Suite module
  • 180 Day StreakHacking for 180 days in a row
  • Authentication StrikerUsed the Hammer to bypass authentication
  • SQL SlayerConquered Advanced SQL Injection
  • System SnifferCompleted the File Path traversal room
  • OhSINTCompleting the OhSINT room
  • Client-Side ChampSuccessfully exploited client-side vulnerabilities
  • Introduction to Security EngineeringCompleted the Security Engineer Intro room!
  • Calculated Risk — _Completed the Risk Management room! _
  • 3 Day StreakAchieving a 3 day hacking streak
  • Network and System SecurityFinished the Auditing and Monitoring room!
  • Software Security — _Completed the OWASP API Security Top 10 rooms! _
  • 365 Day StreakHacking for 365 days in a row
  • The Course AwakensFinishing the first room in the DevSecOps path!
  • Just have to deal with it — _Successfully managed a cyber crisis! _
  • Raffle RoyaltyParticipating in Hack2Win 2025!
  • /opt/m0th3rFinishing Mother’s Secret!
  • Skilled NavigatorFinishing the Eviction challenge!
  • First Step into SOCExplored emerging threats and SOC response
  • SOC ApprenticeExplored how a SOC team operates from inside
  • First alert closedClosing your first alert
  • First scenario completedCompleting your first scenario
  • 100% true positive rateAchieving 100% true positive rate in a scenario
  • 500 Day StreakHacking for 500 days in a row
  • Tooling SpecialistAdept in creating custom offensive tooling
  • Advent of Cyber 2025Completing Advent of Cyber 2025!
  • Model CompromiseCompleted the LLM Attacks Module
  • Session HeldCompleting 4 weekly missions in a row!
TryHackMe Completed Rooms (287)
# Room Difficulty
1 Crack the hash easy
2 Pickle Rick easy
3 Blue easy
4 OhSINT easy
5 Basic Pentesting easy
6 Vulnversity easy
7 Simple CTF easy
8 Kenobi easy
9 tmux easy
10 Steel Mountain easy
11 Hacking with PowerShell easy
12 Agent Sudo easy
13 LazyAdmin easy
14 Introductory Networking easy
15 Common Linux Privesc easy
16 Network Services easy
17 Introductory Researching easy
18 What the Shell? easy
19 Hashing - Crypto 101 medium
20 Linux PrivEsc medium
21 Upload Vulnerabilities easy
22 Encryption - Crypto 101 medium
23 Bounty Hacker easy
24 OWASP Juice Shop easy
25 Overpass easy
26 Network Services 2 easy
27 RootMe easy
28 Tutorial easy
29 MITRE medium
30 Starting Out In Cyber Sec easy
31 Nmap easy
32 Introduction to Flask easy
33 John the Ripper: The Basics easy
34 Linux Fundamentals Part 1 info
35 Linux Fundamentals Part 2 info
36 How Websites Work easy
37 Linux Fundamentals Part 3 info
38 Putting it all together easy
39 DNS in Detail easy
40 HTTP in Detail easy
41 Windows Fundamentals 1 info
42 Windows Fundamentals 2 info
43 What is Networking? info
44 Intro to LAN info
45 OSI Model info
46 Packets & Frames info
47 Extending Your Network info
48 Learning Cyber Security easy
49 Windows Fundamentals 3 info
50 Linux Privilege Escalation medium
51 Walking An Application easy
52 Pentesting Fundamentals easy
53 Principles of Security info
54 Metasploit: Exploitation easy
55 Content Discovery easy
56 Subdomain Enumeration easy
57 Authentication Bypass easy
58 Junior Security Analyst Intro easy
59 Passive Reconnaissance easy
60 Active Reconnaissance easy
61 Nmap Live Host Discovery medium
62 Nmap Basic Port Scans easy
63 Nmap Advanced Port Scans medium
64 Metasploit: Introduction easy
65 IDOR easy
66 Vulnerabilities 101 easy
67 Metasploit: Meterpreter easy
68 Intro to SSRF easy
69 Pyramid Of Pain easy
70 Intro to Cross-site Scripting easy
71 Nmap Post Port Scans medium
72 Cyber Kill Chain easy
73 Diamond Model easy
74 Vulnerability Capstone easy
75 Exploit Vulnerabilities easy
76 Protocols and Servers easy
77 SQL Injection medium
78 Command Injection easy
79 Net Sec Challenge medium
80 File Inclusion medium
81 Protocols and Servers 2 medium
82 Pwnkit: CVE-2021-4034 info
83 Threat Intelligence Tools easy
84 Intro to Digital Forensics easy
85 Introduction to DevSecOps medium
86 Operating System Security easy
87 Offensive Security Intro easy
88 Lo-Fi easy
89 Network Security easy
90 Web Application Security easy
91 Unified Kill Chain easy
92 Spring4Shell: CVE-2022-22965 info
93 Defensive Security Intro easy
94 SSDLC medium
95 Security Operations easy
96 Careers in Cyber info
97 Windows Privilege Escalation medium
98 Wireshark: The Basics easy
99 Intro to Cyber Threat Intel easy
100 Introduction to SIEM easy
101 Active Directory Basics easy
102 Microsoft Windows Hardening easy
103 Security Principles easy
104 Atlassian CVE-2022-26134 easy
105 Secure Network Architecture medium
106 Active Directory Hardening medium
107 Introduction to Cryptography medium
108 Network Security Protocols medium
109 OWASP API Security Top 10 - 2 medium
110 OWASP API Security Top 10 - 1 medium
111 Intro to Cloud Security easy
112 Linux System Hardening medium
113 Virtualization and Containers easy
114 Vulnerability Management medium
115 DAST medium
116 Weaponizing Vulnerabilities medium
117 Identity and Access Management easy
118 Network Device Hardening medium
119 Threat Modelling medium
120 Governance & Regulation easy
121 Mother's Secret easy
122 Security Engineer Intro easy
123 SAST medium
124 Risk Management easy
125 Logging for Accountability easy
126 Traverse easy
127 Auditing and Monitoring easy
128 Intro to IR and IM easy
129 Becoming a First Responder info
130 Cyber Crisis Management easy
131 W1seGuy easy
132 Burp Suite: The Basics info
133 Burp Suite: Repeater info
134 Burp Suite: Intruder medium
135 Burp Suite: Other Modules easy
136 Burp Suite: Extensions easy
137 Eviction easy
138 Summit easy
139 Light easy
140 HTTP Request Smuggling easy
141 The Witch's Cauldron easy
142 Confluence CVE-2023-22515 easy
143 SSRF medium
144 Become a Hacker easy
145 The Sticker Shop easy
146 File Inclusion, Path Traversal medium
147 CSRF medium
148 XSS easy
149 CORS & SOP easy
150 Prototype Pollution medium
151 Snyk Open Source easy
152 Include medium
153 Moniker Link (CVE-2024-21413) easy
154 Snyk Code easy
155 Race Conditions medium
156 LDAP Injection easy
157 Whats Your Name? medium
158 DOM-Based Attacks easy
159 XXE Injection medium
160 Insecure Deserialisation medium
161 Windows Command Line easy
162 Search Skills easy
163 Server-side Template Injection medium
164 JWT Security easy
165 Nmap: The Basics easy
166 Networking Concepts easy
167 Tcpdump: The Basics easy
168 Networking Essentials easy
169 Networking Core Protocols easy
170 Networking Secure Protocols easy
171 Advanced SQL Injection medium
172 Incident Response Fundamentals easy
173 ORM Injection medium
174 NoSQL Injection easy
175 Logs Fundamentals easy
176 Enumeration & Brute Force easy
177 SOC Fundamentals easy
178 Digital Forensics Fundamentals easy
179 Session Management easy
180 Injectics medium
181 Firewall Fundamentals easy
182 OAuth Vulnerabilities medium
183 IDS Fundamentals easy
184 Multi-Factor Authentication easy
185 Vulnerability Scanner Overview easy
186 Hammer medium
187 CyberChef: The Basics easy
188 Public Key Cryptography Basics easy
189 Cryptography Basics easy
190 Hashing Basics easy
191 CAPA: The Basics easy
192 Windows PowerShell easy
193 FlareVM: Arsenal of Tools easy
194 REMnux: Getting Started easy
195 Linux Shells easy
196 Length Extension Attacks medium
197 Insecure Randomness easy
198 Gobuster: The Basics easy
199 Training Impact on Teams info
200 SQLMap: The Basics easy
201 Advent of Cyber 2024 easy
202 JavaScript Essentials easy
203 Web Application Basics easy
204 SQL Fundamentals easy
205 Shells Overview easy
206 Padding Oracles medium
207 Breaking Crypto the Simple Way easy
208 Custom Tooling Using Python easy
209 Custom Tooling using Burp hard
210 Tooling via Browser Automation easy
211 SOC L1 Alert Triage easy
212 SOC L1 Alert Reporting easy
213 SOC Workbooks and Lookups easy
214 Attacking ECB Oracles hard
215 Next.js: CVE-2025-29927 easy
216 SOC Metrics and Objectives easy
217 CAPTCHApocalypse medium
218 Offensive Security Intro easy
219 Erlang/OTP SSH: CVE-2025-32433 easy
220 Writing Pentest Reports easy
221 Extract hard
222 Cipher's Secret Message easy
223 Evil-GPT easy
224 Evil-GPT v2 easy
225 Sequence medium
226 Roundcube: CVE-2025-49113 easy
227 Chaining Vulnerabilities easy
228 Voyage medium
229 Humans as Attack Vectors easy
230 Systems as Attack Vectors easy
231 SOC Role in Blue Team easy
232 Defensive Security Intro easy
233 Hack2Win: How you can grab extra tickets info
234 Introduction to EDR easy
235 Input Manipulation & Prompt Injection easy
236 Data Integrity & Model Poisoning medium
237 LLM Output Handling and Privacy Risks easy
238 IDOR - Santa’s Little IDOR medium
239 Obfuscation - The Egg Shell File medium
240 XSS - Merry XSSMas easy
241 Passwords - A Cracking Christmas easy
242 SOC Alert Triaging - Tinsel Triage medium
243 Splunk Basics - Did you SIEM? medium
244 Phishing - Merry Clickmas easy
245 Prompt Injection - Sched-yule conflict easy
246 Linux CLI - Shells Bells easy
247 YARA Rules - YARA mean one! medium
248 Forensics - Registry Furensics medium
249 Exploitation with cURL - Hoperation Eggsploit easy
250 ICS/Modbus - Claus for Concern medium
251 Race Conditions - Toy to The World easy
252 Network Discovery - Scan-ta Clause easy
253 Containers - DoorDasher's Demise medium
254 CyberChef - Hoperation Save McSkidy medium
255 Phishing - Phishmas Greetings medium
256 AI in Security - old sAInt nick easy
257 Malware Analysis - Malhare.exe easy
258 C2 Detection - Command & Carol medium
259 AWS Security - S3cret Santa easy
260 Malware Analysis - Egg-xecutable medium
261 Web Attack Forensics - Drone Alone medium
262 Juicy medium
263 Advent of Cyber Prep Track easy
264 WAF: Introduction easy
265 BankGPT easy
266 HealthGPT easy
267 React2Shell: CVE-2025-55182 easy
268 Operating Systems: Introduction easy
269 Linux CLI Basics easy
270 Data Representation easy
271 Data Encoding easy
272 JavaScript: Simple Demo medium
273 Python: Simple Demo easy
274 Windows CLI Basics easy
275 The CIA Triad easy
276 Database SQL Basics easy
277 Cryptography Concepts easy
278 Client-Server Basics easy
279 Become a Hacker easy
280 Become a Defender easy
281 n8n: CVE-2025-68613 easy
282 Offensive Security Intro easy
283 Inside a Computer System easy
284 GeoServer: CVE-2025-58360 medium
285 Offensive Security Intro easy
286 Defensive Security Intro info
287 Computer Types easy

Pinned Loading

  1. oss-oopssec-store oss-oopssec-store Public

    The first security CTF lab built with React and Next.js. Open you browser and start hacking.

    TypeScript 11 27

  2. poc-cve-2025-55182 poc-cve-2025-55182 Public

    This repository contains a POC of CVE-2025-55182, a critical (CVSS score 10.0) pre-authentication remote code execution vulnerability affecting React Server Components, also known as React2Shell.

    TypeScript 12 3

  3. poc-cve-2025-29927 poc-cve-2025-29927 Public

    This repository contains a proof of concept (POC) and an exploit script for CVE-2025-29927, a critical vulnerability in Next.js that allows attackers to bypass authorization checks implemented in m…

    JavaScript 5 3

  4. cyber-bot cyber-bot Public

    Cyber Bot is an Node.js project that helps users improve their cybersecurity skills through scheduled Telegram messages.

    JavaScript 3 1

  5. crack-hash crack-hash Public

    A fast, multi-threaded hash cracking tool written in Rust. This tool performs dictionary attacks against hashed passwords.

    Rust 2

  6. hate-crimes-map hate-crimes-map Public

    This project aims to visualize hate crime data to bring visibility to crimes that are often invisible or normalized by society.

    TypeScript 3