GitHub

Some stuff I share on GitHub:

Burp Extension: SAML Raider

SAML Raider is a Burp Suite extension for testing SAML authentication flows. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates.

This software was created by Roland Bischofberger and me as a bachelor thesis at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG.

Demo

Burp Extension: Copy Request & Response

The Copy Request & Response Burp Suite extension adds new context menu entries that can be used to simply copy the request and response from the selected message to the clipboard. I wrote this extension at work at Compass Security.

Demo

A link collection to online resources & tools used for web application / network security trainings. I compiled this list at work at Compass Security for our security trainings. Available at git.io/secres.

Hacking Tools Cheat Sheet

I created a cheat sheet that contains lots of commands and tools that we often use during our penetration tests, security assessments or red teaming engagements. I created this cheat sheet at work at Compass Security for our security trainings.

Preview

Security Advisories

See Downloads for security advisories.

Company Blog

The blog posts I wrote for my employer Compass Security can be found here.

Bluetooth Low Energy Beertalk

A talk I made about the basics and security of Bluetooth Low Energy. This is the result of a research time I had at Compass Security.

Seminar Paper XSLT & SSRF

A seminar paper by Roland Bischofberger and me at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG.