antiTree | posts and projects
portfolio-image

Keyctl Unmask

A tool that targets the Linux keyrings to try and expose them from within containers across namespaces.


portfolio-image

Command and Kubectl Tools and Demos

Tools and demos from my Shmoocon 2020 talk on Kubernetes security.


portfolio-image

Krew net-forward

A krew plugin for Kubernetes that handles deploying a socat proxy to arbitrary IPs on the network


portfolio-image

syscall2seccomp

Tooling to audit containers and applications for appropriate syscalls and convert them to a seccomp profile.


portfolio-image

Interlock Time Capsule

Using Shamir Secret Sharing to build a community time capsule

portfolio-image

Private Tor Network

A private tor research network using docker images.


portfolio-image

Rochester 2600 intelligence gathering

A complicated news collection system using NLP and cloud API's to collect articles, analyze them, and summarize them into a slide-show format.


portfolio-image

Liberation Technology Toolkits

Tooling for analyzing the security of libtech technlogies such as meek and obfs4.

portfolio-image

Phantomfinger

Tools to attack and defend from fingerprinting phantomJS and Selenium framework.

portfolio-image

Spit

Quick proof-of-concept library to simulate actual human typing to mess with Andrew Morris' honeypots.


portfolio-image

Tor Research Workshop

A 4 hour class going into details about tor, cryptography, networking, and anonymity attacks.

portfolio-image

Jukebox Jacking

A project reverse engineering a XXXXXXXXXX jukebox remote control using hardware analysis and RF interception. Concluded with a legal threat to stop doing that.

portfolio-image

SansBullShitCyberSans

A font ligature that replaces common infosec buzzwords with the word 'bullshit'.


portfolio-image

manitree / AndroidAXMLParser

Static analysis tool and library to parse Android APK files, analyze their manifests, and highlight areas of concern at scale.


portfolio-image

SSH Un-Tunnel

SshUnTunnel was a PoC exploiting a file permission vulnerability in the Android app, SSHTunnel.

portfolio-image

Security B-Sides Rochester

A local hacking conference representing the local hacking and infosec community, volunteer supported and low cost of entry.