GitHub

Some stuff I share on GitHub:

Burp Extension: SAML Raider

SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates.

This software was created by Roland Bischofberger and me as a bachelor thesis at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG.

Demo:

More Infos:

Burp Extension: Copy Request & Response

The Copy Request & Response Burp Suite extension adds new context menu entries that can be used to simply copy the request and response from the selected message to the clipboard. I wrote this extension at work at Compass Security.

More Infos:

A link collection to online resources & tools used for web application / network security trainings. Available at https://git.io/secres. I compiled this list at work at Compass Security for our security trainings.

Hacking Tools Cheat Sheet

I created a cheat sheet that contains lots of commands and tools that we often use during our penetration tests, security assessments or red teaming engagements. I created this cheat sheet at work at Compass Security for our security trainings.

Security Advisories

See Downloads for security advisories.

Company Blog

Blogposts I wrote for my employer Compass Security: https://blog.compass-security.com/author/eduss/

Bluetooth Low Energy Beertalk

A talk I made about the basics and security of Bluetooth Low Energy. This is the result of a research time I had at Compass Security.

Seminar Paper XSLT & SSRF

A seminar paper by Roland Bischofberger and me at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG.