Giancarlo Pellegrino

tgianko

I use this corner to share prototypes and tools I build as part of my research.

@cispa

Joined June 2014

deemon

Deemon is a tool to detect CSRF in web applications. Deemon has been used for the paper "Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs" by G. Pellegrino, M. Johns, S. Koch, M. Backes, and C. Rossow.

PythonUpdated 1/22/2025

guenther

guenther is a tool used to test web applications against Server Side Request abuse including Server Side Request Forgery. This tool was used in "Uses and Abuses of Server-Side Requests" RAID 2016, See http://trouge.net/gp/papers/SSR_raid2016.pdf

PythonUpdated 6/7/2024

hotcrp_tk

Script for implementing custom HotCRP policies

JavaScriptUpdated 3/6/2023

www-project-testability-patterns-for-web-applications

OWASP Foundation Web Respository

Updated 2/13/2023

hotcrp

HotCRP conference review software

Updated 12/10/2022