Security, Human Behavior and Artificial Intelligence

Welcome to my personal laboratory!

My name is Ivan Marković, and I explore at the intersection of security, human behavior and artificial intelligence.
With over 20 years of experience designing security solutions and leading technical teams, I focus on ethical technology, behavioral risk design, and building safer, more transparent digital systems.

Please get in touch via E-Mail or connect on LinkedIn.

Selected personal public projects and acknowledgments

OSINT - Hack the Hate (2022 - 2024)

• Impact analysis of email spam filters on election integrity (2022) - View details here.
• How automated bot systems spread hate on Twitter (2022) - View details here and here.
• Tool for analysis of Twitter bots behaviour (2022) - View on GitHub
• Does goverment workers use work time for spreading hate (2023) - View details here.
• How spreading hate affects security of critical systems (2024) - View details here and here.

OSINT - Threat Hunting and Intelligence (2022)

• Co-Founder of Threat Intelligence Forum - Bezbedan Balkan
• Bezbedan Balkan Threat Agregator - View on Bezbedan Balkan
• Post-Incident Analysis (Republic Geodetic Institute) - View on Bezbedan Balkan
• Pre-Incident Analysis (Critical Infrastructure: Electrical Distribution) - View on Bezbedan Balkan

Security Engineering - Penetration testing tools development (2008 - 2019)

• DFF, Default File and Folder Scanner (2008, included on BackTrack 4 and OWASP Phoenix Project) - View on GitHub
• WMAT, Web Mail Authentication Scanner (2009, included on BackTrack 4) - View on GitHub
• OWASP Risk Assessment Calculator (2017) - View on GitHub
• Android Task Injection Exploit PoC (2019) - View on GitHub

Security Engineering - Capture the Flag and Phishing Test Development (2008 - 2021)

Objective of this projects was to create and launch a CTF challenges and phishing awareness tests that engage the general public in developing practical skills and awareness of real-world security threats.

• Microsoft Sinergija Conference - Hack The Gate 2008
• Microsoft Sinergija Conference - Hack The Gate 2010
• BalCCon Conference - Hacke.rs Wargame 2013
• MAKER Meetup - IoT Playground 2018
• Balcan Threats - Phishing Test 2021

Vulnerability Research - Secunia, Bugtraq, ExploitDB and other public advisories (2006 - 2018, 15 CVE)

• Link CMS Cross-Site Scripting and SQL Injection (CVE-2006-6387)
• emuCMS "query" and "page" Cross-Site Scripting Vulnerabilities (CVE-2006-4822)
• vtiger CRM Multiple Vulnerabilities (CVE-2006-4617, CVE-2006-4588, CVE-2006-4587)
• SD Studio CMS SQL Injection Vulnerabilities (CVE-2006-3919)
• sNews "search_query" Cross-Site Scripting Vulnerability (CVE-2006-3916)
• Kerio MailServer WebMail Cross-Site Scripting Vulnerabilities (CVE-2008-5760)
• SquirrelMail e-mail message cross-site scripting (CVE-2008-2379)
• ESET Remote Administrator Script Insertion Vulnerability (CVE-2009-0548)
• Vivvo CMS "404 Page Not Found" Cross-Site Scripting Vulnerability (CVE-2009-0466)
• UltraVNC Viewer Insecure Library Loading Vulnerability (CVE-2010-5248)
• Elastix "id_nodo" Local File Inclusion Vulnerability (CVE-2010-1492)
• Exponent CMS Multiple Vulnerabilities (CVE-2010-5002)
• Symantec Endpoint Protection Manager 12.1 XSS and CSRF (CVE-2011-0550, CVE-2011-0551)
• dotCMS Multiple Cross-Site Scripting Vulnerabilities (CVE-2013-3484)
• IT Dashboard "value" Cross-Site Scripting Vulnerability (SA44033)
• Huawei HG510 Security Bypass and Cross-Site Request Forgery Vulnerabilities (BID38261)
• MSTAR Set-Top Box Command Injection (SNB2018)

Vulnerability Research - Security Researcher Acknowledgments for Microsoft Online Services (2008 - 2012)

• Security Researcher Acknowledgments for Microsoft Online Services, September 2008
• Security Researcher Acknowledgments for Microsoft Online Services, February 2009
• Security Researcher Acknowledgments for Microsoft Online Services, March 2009
• Security Researcher Acknowledgments for Microsoft Online Services, May 2009
• Security Researcher Acknowledgments for Microsoft Online Services, September 2010
• Security Researcher Acknowledgments for Microsoft Online Services, January 2011
• Security Researcher Acknowledgments for Microsoft Online Services, August 2012

Vulnerability Research - HTTP Parameter Contamination (2011)

The objective of this research is to explore techniques that exploit inconsistencies in how web infrastructure components handle HTTP requests. HTTP Parameter Contamination is a technique where an attacker injects malicious characters directly into parameter names, in order to manipulate how the server parses and interprets the request. This can confuse web applications, proxies, or firewalls, leading to vulnerabilities like authentication bypass, cache poisoning or WAF evasion. The key risk lies in how different systems or components process special characters such as "[" and "%" when embedded inside parameter names. Using this technique, WAF protections "ModSecurity" and "URLScan" are sucesfully bypased as an example during the research.

• Research paper: https://www.exploit-db.com/...parameter-contamination-(hpc)-attack--research-paper.pdf
• Related 3rd party paper (Beyond SQLi: Obfuscate and Bypass): https://www.exploit-db.com/papers/17934
• Related 3rd party CVE (Caucho Quercus): https://nvd.nist.gov/vuln/detail/CVE-2012-2965

Vulnerability Research - Current state of Serbian banks security vulnerabilities (2009 - 2011)

Objective of this research was to assess and statistically summarize the security vulnerabilities of bank websites in Serbia, highlighting their severity and prevalence using non-invasive testing methods.

• Research paper: https://security-net.biz/files/Statistika bezbednosnih propusta banaka u Srbiji - 2011.pdf
• Related research: https://security-net.biz/.../Napad-na-atribute-...-dokumenata-...-banke-u-Srbiji....pdf

* If you are looking for the another older content, tools and papers please check here.