💥 ServerSideTemplateInjection (SSTI) Demo with Flask A simple Flask app to demonstrate Server-Side Template Injection vulnerabilities — useful for learning, testing, and understanding how SSTI works and how to avoid it.

Wishlist Member Arbitrary File Read via Directory Travesal <= 3.25.1

Live PoC: MCP rug pull attack that steals AI agent credentials mid-session and how to block it in 3 lines of code.

Ready-to-use GitHub Copilot demo kit with intentional bugs, TODOs, and security vulnerabilities. Complete test suite (227+ tests, 93% coverage) + reset script for live test generation demos. Perfect for trainers showcasing AI-assisted development.

Proper Password Hashing - A cybersecurity demonstration project showcasing secure password storage using bcrypt, salt generation, and industry-standard authentication practices. Includes both CSV and SQL database implementations.