Projects
syscalls.kernelgrok.com
Up-to-date Linux system call reference table. Generated using Python, Exuberant Ctags, jQuery DataTables.
bits.nullmethod.com
[DEFUNCT]
In-browser file encryption and decryption using JavaScript, HTML5 File API, and drop.io. Currently defunct due to drop.io closing down.
Presentations
Black Hat USA / 2011
Exploiting USB Devices with Arduino
A step-by-step walkthrough of USB device assessment and exploitation from a application security professional's point of view. Discusses USB analysis, protocol comprehension, and the creation of custom Arduino USB firmware to exploit architectural vulnerabilities of USB proximity sensor devices.
Presentation
Whitepaper
Hacker Halted / 2010
Web Application Scanners: Evaluating Past the Base Case
Presentation reviewing automated web application scanners' ability to identify common web application vulnerabilities and real-world deviations from base case vulnerabilities.
THOTCON / 2010
Forensic Fail
Mortal Kombat themed presentation detailing modern forensic techniques and ways malware can defend itself. Topics include Linux rootkits, Linux kernel module packers, and 0-day in popular forensic tools.
Hacker Halted / 2009
So Long, and Thanks For All the Clock Cycles
Awesome development and POC deployment of a distributed / crowd-sourced password cracker that gathers clock-cycles through XSS vulns. Utilizing a Java applet and Django backend, password cracking chunks are distributed to and processed by unsuspecting clients.
Video
of crowd-pleasing admin interface written in Flex.
Champaign-Urbana InfoSec / July 2008
Penetration Testing 101
Introduction to penetration testing presented with Ken Rowe.
Publications
Dark Reading / June 2010
Scanning Reality: Limits of Automated Vulnerability Scanners
Article detailing the commonly overlooked limitations of automated vulnerability scanners and the assumptions that could lead to security fail.
Neohapsis Labs' Blog
Random posts on Neohapsis' blog on topics including encryption key storage, kernel rootkits, and archive file directory traversal vulns.
SALIVATE
A Secure Architecture for Loading, Initializing, and Verifying A Trusted Environment
Research completed at CERIAS detailing the architecture and development of a secure boot sequence to identify and restore a compromised system upon boot.
Disclosures
CVE-2009-1151
Static code injection in phpMyAdmin's setup.php.
Google Vulnerability Reward Program / Dec 2010
Stored XSS in Chrome Web Store.