GitHub
Some stuff I share on GitHub:
- Configuration files: https://github.com/emanuelduss/Configs
- Scripts: https://github.com/emanuelduss/Scripts
Burp Extension: SAML Raider
SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates.
This software was created by Roland Bischofberger and me as a bachelor thesis at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG.
Demo:
More Infos:
- GitHub: https://github.com/SAMLRaider/SAMLRaider
- PortSwigger BappStore: https://portswigger.net/bappstore/c61cfa893bb14db4b01775554f7b802e
Burp Extension: Copy Request & Response
The Copy Request & Response Burp Suite extension adds new context menu entries that can be used to simply copy the request and response from the selected message to the clipboard. I wrote this extension at work at Compass Security.
More Infos:
- GitHub: https://github.com/CompassSecurity/burp-copy-request-response
- PortSwigger BappStore: https://portswigger.net/bappstore/0d05f52c00a64cb2b2bea68744f6316c
- Compass Security Blogpost: https://blog.compass-security.com/2020/10/burp-extension-copy-request-response/
Security Resources Link Collection
A link collection to online resources & tools used for web application / network security trainings. Available at https://git.io/secres. I compiled this list at work at Compass Security for our security trainings.
Hacking Tools Cheat Sheet
I created a cheat sheet that contains lots of commands and tools that we often use during our penetration tests, security assessments or red teaming engagements. I created this cheat sheet at work at Compass Security for our security trainings.
- Download at GitHub: https://github.com/CompassSecurity/Hacking_Tools_Cheat_Sheet
- Compass Security Blogpost: https://blog.compass-security.com/2019/10/hacking-tools-cheat-sheet/
Security Advisories
See Downloads for security advisories.
Company Blog
Blogposts I wrote for my employer Compass Security: https://blog.compass-security.com/author/eduss/
Bluetooth Low Energy Beertalk
A talk I made about the basics and security of Bluetooth Low Energy. This is the result of a research time I had at Compass Security.
- Slides Compass Beer-Talk: bluetooth_low_energy_ble_beertalk_2020-05-07.pdf
- Slides Full Version: bluetooth_low_energy_ble_protocol_security_attacks_full_version_v1.0.pdf
- Compass Beer-Talk Video Recording (07.05.2020, German): https://www.youtube.com/watch?v=hmhj3HyO48U
- More Resources (Videos, Links, …): https://github.com/CompassSecurity/Bluetooth_Low_Energy_BLE
Seminar Paper XSLT & SSRF
A seminar paper by Roland Bischofberger and me at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG.
- Seminar Paper: https://eprints.ost.ch/id/eprint/414/1/sa_eduss_rbischof_eprints.pdf
- OWASP Switzerland Talk: https://owasp.org/www-pdf-archive/OWASP_Switzerland_Meeting_2015-06-17_XSLT_SSRF_ENG.pdf