Portrait of Joshua van der Poll

Joshua van der Poll

Certificates

PEN-200 (OSCP) certificate badge

PEN-200 (OSCP)

Offensive Security

In Progress
Penetration Testing Exploit Development Active Directory Linux Windows
Red Teaming Learning Path certificate badge

Red Teaming Learning Path

TryHackMe

Hard Verify
Red Teaming Windows Penetration Testing Active Directory
Jr Penetration Tester Learning Path certificate badge

Jr Penetration Tester Learning Path

TryHackMe

Hard Verify
Red Teaming Penetration Testing Linux
Web Fundamentals Learning Path certificate badge

Web Fundamentals Learning Path

TryHackMe

Easy Verify
Red Teaming Penetration Testing Application Penetration Testing General Cyber
Pre Security Learning Path certificate badge

Pre Security Learning Path

TryHackMe

Easy Verify
Purple Teaming General Cyber Security Analysis Linux
Introduction to Cyber Security Learning Path certificate badge

Introduction to Cyber Security Learning Path

TryHackMe

Easy Verify
Blue Teaming Linux Security Analysis Security Operations

CVE Exploits

View all

joshuavanderpoll/CVE-2021-3129

Laravel RCE Exploit PoC - CVE-2021-3129 (user-friendly with automatic log path detection)

147 27

joshuavanderpoll/CVE-2026-25643

CVE-2026-25643: Frigate ≤0.16.3 Blind RCE via go2rtc exec injection

7 0

joshuavanderpoll/CVE-2026-3891

Pix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File Upload (CVE-2026-3891) PoC

5 1

joshuavanderpoll/CVE-2025-14847

CVE-2025-14847 (MongoBleed)

3 0

joshuavanderpoll/NimbusPWN-CVE-2022-29799-29800

NimbusPwn (CVE-2022-29799/29800) local privilege escalation PoC in C.

3 0

joshuavanderpoll/CVE-2026-2991

PoC exploit for CVE-2026-2991 — authentication bypass in KiviCare WordPress plugin (≤4.1.2) allowing unauthenticated patient account takeover and admin session extraction.

2 0

joshuavanderpoll/cve-2024-56348

CVE-2024-56348 — JetBrains TeamCity <2024.12 auth bypass + RCE exploit (unauthenticated SYSTEM_ADMIN + shell)

2 0

joshuavanderpoll/cve-2025-32433

Go PoC for CVE-2025-32433 — unauthenticated RCE in Erlang/OTP SSH.

2 0

joshuavanderpoll/CVE-2025-69985

CVE-2025-69985: FUXA ≤1.2.8 Auth Bypass + RCE via /api/runscript

Featured on Kali Linux
2 0

joshuavanderpoll/CVE-2026-44262

Unauthenticated RCE in dedoc/scramble — PoC, Nmap NSE & Nuclei template.

Featured on Kali Linux
2 0

GitHub stats are fetched server-side and cached for a few hours.

Proud Projects

View all

joshuavanderpoll/DitherMe

Creates Watch Dogs 2 DedSec-style dithered images and GIFs

19 0

joshuavanderpoll/CMS-Detector

A lightweight fast Go script to detect which CMS or framework a given website is running, based on HTTP response fingerprints.

6 3

joshuavanderpoll/PGPBox-js

A user-friendly PGP Web GUI for generating, encrypting, signing, verifying, and decrypting PGP messages. Secure your communications effortlessly with this web-based GitHub hosted application.

2 0

GitHub stats are fetched server-side and cached for a few hours.

© Joshua van der Poll