Most repositories under this account are educational and portfolio projects — university coursework, CTF labs, and learning exercises. They are not production systems, and some (like the Nmap/Wireshark lab) intentionally interact with deliberately vulnerable software in isolated environments.
That said, I'm a cybersecurity student and I take reports seriously — finding a real issue in my code is exactly the kind of thing I want to know about.
- Email: sdenarzai786@gmail.com
- Please include the repository name, the commit or version affected, steps to reproduce, and the impact you believe it has.
- If the issue is sensitive, say so in the subject line and I will treat the details as confidential.
I aim to acknowledge reports within a few days. Since these are personal projects there is no bug bounty, but you will be credited in the fix commit if you want to be.
- Sample credentials committed in some repositories (e.g.
verification.txtin the inventory system) are intentional demo data for console applications, not real accounts. - Lab write-ups target intentionally vulnerable systems (Metasploitable2, OverTheWire) in isolated environments and follow those projects' rules of engagement.