#### Most common security vulnerabilities in npm static content/file servers modules

https://github.com/bl4de/research/blob/master/npm-static-servers-most-common-issues/npm-static-servers-most-common-issues.md



#### Hidden directories and files as a source of sensitive information about web application

Some analysis about how to get information about web application from folders like _.git_ , _.idea_ and similar.
https://github.com/bl4de/research/tree/master/hidden_directories_leaks

As a part of this, I'm working on tool (in Python) to extract data from revealed Git repositories:

https://github.com/bl4de/security-tools/tree/master/diggit



#### RAA Ransomware JavaScript code analysis

Detailed, step-by-step analysis of RAA ransomware, created entirely in JavaScript

https://github.com/bl4de/research/tree/master/raa-ransomware-analysis



#### Simple JavaScript malware code deobfuscation walkthrough

JavaScript malware code deobfuscation step-by-step walkthrough

https://github.com/bl4de/research/blob/master/javascript-malware-obfuscation/Simple_JavaScript_malware_code_obfuscation_examples.md