Scripts & Configs

SSH Labs

The SSH Labs are a learning resource on SSH security showing how SSH works, possible attacks and how you can securely configure and use SSH. It includes a presentation with slides, as well as a Docker-based hands-on lab where you can learn how the attacks work by compromising several systems.

Burp Extension: SAML Raider

SAML Raider is a Burp Suite extension for testing SAML authentication flows. This software was created as a bachelor thesis during my studies at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security.

Demo

Burp Extension: Copy Request & Response

The Copy Request & Response Burp Suite extension adds new context menu entries that can be used to simply copy the request and response from the selected message to the clipboard. I wrote this extension at work at Compass Security to improve the documentation workflow.

Demo

A link collection to online resources & tools I created for our web application / network security trainings at Compass Security.

Company Blog

The blog posts I wrote for my employer Compass Security can be found here.

There is a series about bypassing web filters:

Some explanations about vulnerabilities I found during assessments: