I enjoy researching information security and participating in Capture the Flag events when I can find the time; this page collects my publicly-available work in this domain.
- sticky elephant - A medium-interaction PostgreSQL honeypot. I presented this tool, along with a low-interaction PostgreSQL honeypot, with AJ Bahnken at B-Sides San Francisco 2018.
- timing_attack - A CLI timing attack tool. I presented this tool at the 2017 BlackHat Arsenal.
- crypto_toolchain A suite of tools for breaking crypto (and solving the Matasano challenges)
- Camelflage - A rails application that is purposely vulnerable to SQL injection and timing attacks. Timing attack vulnerabilities can be configured by the attacking client to test toolchains.
- SANS Holiday Hack 2015 Writeup - My writeup for the 2015 SANS Holiday Hack Challenge. I received an honorable mention for my work.
- transform_tree - A tree of closures for performing sequential sets of transformationss on input objects. Originally written to help build rules for hashcat