Hanif Jilani

Software Developer,
Full Stack Developer

Residence:
Michigan, USA
City:
Ypsilanti
Age:
20

English

Tamil

Hindi

Languages

C++

Python

MySQL

JavaScript

HTML/CSS

FrameWorks

Flask

Django

Node.js

React

Dialogflow

Developer Tools

GIT, Google Cloud Platform
VS Code, Figma, CorelDraw
Linux Terminal, MS Office

Download cv

Web Project

Computer Security

Project details

Description

Performed a series of real-world web attacks against an intentionally vulnerable Go/SQLite web application to understand core web security flaws:

SQL Injection - Extracted the full database schema and user data, and hijacked admin sessions by injecting malicious SQL into login and search endpoint
Cross-Site Scripting (XSS) - Executed stored and reflected XSS attacks to steal session cookies, inject malicious scripts into user profiles, and deploy a self-replicating "Samy is my hero" worm that propagated across user accounts.
Cross-Site Request Forgery (CSRF) - Crafted malicious HTML forms to perform unauthorized state-changing actions such as altering grades and uploading files on behalf of logged-in users without their consent.

Demonstrated a deep understanding of session hijacking, CSRF token mismatches, insecure form handling, and chaining XSS → CSRF for maximum impact with no user interaction. All attacks were executed under strict ethical and controlled conditions.

Start Date:
Jan 29th, 2025
End Date:
Feb 19th, 2025
Github:
Private
Course:
EECS388
Course Topic:
Computer Security

Years of Coding Experience

Completed CS Projects

Honors and Awards

Previous project

All projects

Next project

Hanif Jilani

Residence:

City:

Age:

English

Tamil

Hindi

Languages

C++

Python

MySQL

JavaScript

HTML/CSS

FrameWorks

Flask

Django

Node.js

React

Dialogflow

Developer Tools

Web Project

Project details

Description

Start Date:

End Date:

Github:

Course:

Course Topic:

Years of Coding Experience

Completed CS Projects

Honors and Awards

Hanif Jilani