A tool that targets the Linux keyrings to try and expose them from within containers across namespaces.
Tools and demos from my Shmoocon 2020 talk on Kubernetes security.
A krew plugin for Kubernetes that handles deploying a socat proxy to arbitrary IPs on the network
Tooling to audit containers and applications for appropriate syscalls and convert them to a seccomp profile.
Using Shamir Secret Sharing to build a community time capsule
A private tor research network using docker images.
A complicated news collection system using NLP and cloud API's to collect articles, analyze them, and summarize them into a slide-show format.
Tooling for analyzing the security of libtech technlogies such as meek and obfs4.
Tools to attack and defend from fingerprinting phantomJS and Selenium framework.
Quick proof-of-concept library to simulate actual human typing to mess with Andrew Morris' honeypots.
A 4 hour class going into details about tor, cryptography, networking, and anonymity attacks.
A project reverse engineering a XXXXXXXXXX jukebox remote control using hardware analysis and RF interception. Concluded with a legal threat to stop doing that.
A font ligature that replaces common infosec buzzwords with the word 'bullshit'.
Static analysis tool and library to parse Android APK files, analyze their manifests, and highlight areas of concern at scale.
SshUnTunnel was a PoC exploiting a file permission vulnerability in the Android app, SSHTunnel.
A local hacking conference representing the local hacking and infosec community, volunteer supported and low cost of entry.