Skip to content
View PabloAlejandroVidal's full-sized avatar
3 followers · 2 following
  • Argentina

Achievements

Achievement: QuickdrawAchievement: Pull Sharkx2Achievement: YOLO

Achievements

Achievement: QuickdrawAchievement: Pull Sharkx2Achievement: YOLO

Block or report PabloAlejandroVidal

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
PabloAlejandroVidal/README.md

Hi, I'm Pablo Vidal 👋

🛡️ Application Security | API Security & Defensive Engineering

Full-stack developer with a strong focus on application security and API resilience.
I analyze real APIs to identify risk patterns, document findings, and recommend practical mitigations.

🚀 Featured Project

🔎 appsec-api-audit-case-study

Security & Resilience Audit of a Healthcare REST API

  • Key Findings:
    • DoS via large payloads without validation
    • Metadata exposure in verbose error responses
    • HTTP verb tampering bypassing authentication
  • Approach: Black-box API analysis focused on availability, error handling, and access control.
  • Mitigations: Payload limits, rate limiting, error sanitization, and schema validation (Zod / Joi).

👉 View the full case study →

🛠️ Tech Stack & Tools

  • Languages: JavaScript (Node.js)
  • AppSec: OWASP Top 10, API Security, black-box testing
  • Tools: Burp Suite, Postman, manual API analysis
  • Validation: Zod / Joi
  • DevOps: Git, Docker

📬 Connect with me

LinkedIn
Email

📌 Passionate about secure design, API hardening, and real-world security case studies?
➡️ Start with the featured audit above.

Pinned Loading

  1. appsec-api-audit-case-study appsec-api-audit-case-study Public

    An anonymized AppSec case study analyzing availability, error handling, and access control in a healthcare REST API.

    JavaScript 1

  2. pablo-vidal-portfolio pablo-vidal-portfolio Public

    Sitio web profesional creado con Angular que compila mis proyectos, habilidades técnicas y experiencia académica, orientado a reclutadores y oportunidades laborales.

    TypeScript