This page contains most of my work I published over the past years. If not stated otherwise, these are spare time projects I've created for educational purposes or just for the fun of it.

Contact me either via one of the social channels or via email: contact [at] adversec [doct] com.

Projects

Projects I'm working on from time to time:

• dprktech.adversec.com :: An effort to gather information, data and software from DPRK-related research. For any questions or inquiries regarding North Korean software/hardware, feel free to contact me.
  • DPRK data mirror :: A mirror for data of various DPRK software projects.
    • Red Star OS :: Installation files for the North Korean Red Star OS.
    • Woolim Android Apps :: A selection of Android apps extracted from the North Korean Woolim tablet PC.
  • dprkdict :: A web-based viewer for North Korean dictionary files provided by the E-C-K app.
• kleber.io :: A pastebin with various features like paste encryption, file uploads, removal of metadata from uploaded files, an upload history and a RESTful, JSON-based API. (Discontinued, will go offline end of 2022)
  • Kleber CLI :: Official command line client for kleber.io.

Tools

Tools that I have created and still maintain. They are either updated sporadically or might still be useful as they are (without further modifications):

• go-empdecrypt :: Decrypter for EIS passwords in Matrix24 configuration files.
• go-deen :: Generic data decoding and encoding application (Golang port of deen).
• static-toolbox :: Collection of statically linked tools, compiled and packaged with GitHub Actions.
• deen :: Generic data encoding/decoding application built with PyQt5.
• tools :: A collection of useful tools and code snippets to make various tasks easier.
• csgo-overwatcher :: A tool that allows to investigate the actual suspects of CS:GO Overwatch cases.
• python-ssllabs :: Python interface and command line client for the SSL Labs APIs.
• Nmap Scripts :: A collection of Nmap NSE scripts.
  • knx-gateway-discover.nse :: Discovers KNX gateways by sending a KNX Search Request to the multicast address 224.0.23.12 including a UDP payload with destination port 3671.
  • knx-gateway-info.nse :: Identifies a KNX gateway on UDP port 3671 by sending a KNX Description Request.
  • sstp-discover.nse :: Check if the Secure Socket Tunneling Protocol is supported.
  • ip-https-discover.nse :: Checks if the IP over HTTPS (IP-HTTPS) Tunneling Protocol is supported.
  • mop-discover.nse :: Detect the Cisco Maintenance Operation Protocol (MOP) by sending layer 2 DEC DNA Remote Console hello/test messages.

Presentations

Public presentations that I gave over the last years:

• Lifting the Fog on Red Star OS
  • 32C3 :: Slides :: Code
• Woolim - Lifting the Fog on DPRK's Latest Tablet PC
  • 33C3 :: Slides
• Exploring North Korea's Surveillance Technology
  • TROOPERS17 :: Slides
  • 6th No-Spy Conference :: Slides

Advisories

Various public security advisories for random stuff I've found:

• Arbitrary file read, command injection and local privilege escalation in innovaphone Linux Application Platform (LAP) allows full root access to the host system.
• Open redirect vulnerability in innovaphone Virtual Applicante (IPVA).
• Multiple remote code executions via template injections, SQL injections and XSS in Shopware before v5.2.25.
• CVE-2017-8920 :: irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS.
• CVE-2016-6519 :: Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1.

Misc

Fun little side projects that came up at some point:

• Advent Calendar of Advanced Cyber Fun 2020 :: A technical advent calendar with CTF-like services where a new port opens every day, 2020 edition.
• Advent Calendar of Advanced Cyber Fun 2018 :: A technical advent calendar with CTF-like services where a new port opens every day, 2018 edition.
• forpy :: Generic network traffic forwarding with Python's asyncio module. A simple blueprint script that can be extended to manipulate any kind of traffic running through it.
• myip.space :: Returns a client's IP address, SSL/TLS clients certificates and more via Lua in Nginx.

Abandoned Projects/Tools

These projects/tools are not actively developed anymore. However, I left them here for reference and maybe they will be usefule for someone at some point. Feel free to open issues or send pull requests in any of these repositories, but expect delayed responses.

• CTFPWNng :: A simple automation framework for attack-defense CTFs. (successor of CTFPWN)
• KNXmap :: KNXnet/IP scanning and auditing tool for KNX home automation installations.
• WebFixy :: On-the-fly decryption proxy for MikroTik RouterOS WebFig sessions.
• hb-test.py :: Proof-of-Concept code for Heartbleed (CVE-2014-0160).
• CTFPWN :: An exploit scheduling and flag submission framework for attack-defense CTFs implemented with Python's asyncio module.
• ILSpy-CosturaPlugin :: A plugin for ILSpy that loads references that have been embedded as resources with Costura.
• tskmgr :: Simple task/project management tool with a console UI.
• xss-board :: Example app for a simple Cross-Site Scripting (XSS) CTF challenge using Zombie.js.
• laf :: An abandoned old script that searches for administrative login pages.
• sstp-tools :: Initial information gathering for SSTP research.
• ip-https-tools :: Basic information gathering and tools for the IP-HTTPS protocol used by DirectAccess..