Projects
Attacking Go's Lagged Fibonacci Generator
- Analaysis of Go's default random.Source generator, a fibonacci-based PRNG
- Basic, but novel attacks against a non-cryptographically secure PRNG
Leaky-Repo
- Compilation of fake but realistic secrets
- Useful for benchmarking secrets scanning tools
LNKUp
- Generates malicious windows lnk payloads
- Allows for exfiltration of NetNTLMv2 hashes and environment variables via UNC icon path
CVEStack (& CVESlack)
- CVEStack provides filtered vulnerability feeds via RSS
- CVESlack does the same, but posts to a slack webhook and provides more configuration options
CVESlack
StatusFrost
- Chrome extension made over the course of a week
- Generates simple browsing statistics such as typing speed and mouse clicks and displays them to users
Source
This Site
- Hosted via GitHub Pages
- Comments through Disqus
- TLS and CDN via Cloudflare (+HSTS preloaded!)
- Posts written in markdown