GitHub
Some stuff I share on GitHub:
- Configuration files: emanuelduss/Configs
- Scripts: emanuelduss/Scripts
Burp Extension: SAML Raider
SAML Raider is a Burp Suite extension for testing SAML authentication flows. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates.
This software was created by Roland Bischofberger and me as a bachelor thesis at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG.
- GitHub: CompassSecurity/SAMLRaider
- PortSwigger BappStore: SAML Raider
Demo
Burp Extension: Copy Request & Response
The Copy Request & Response Burp Suite extension adds new context menu entries that can be used to simply copy the request and response from the selected message to the clipboard. I wrote this extension at work at Compass Security.
- GitHub: CompassSecurity/burp-copy-request-response
- PortSwigger BappStore: Copy Request Response
- Compass Security Blogpost: Burp Extension: Copy Request & Response
Demo
Security Resources Link Collection
A link collection to online resources & tools used for web application / network security trainings. I compiled this list at work at Compass Security for our security trainings. Available at git.io/secres.
Hacking Tools Cheat Sheet
I created a cheat sheet that contains lots of commands and tools that we often use during our penetration tests, security assessments or red teaming engagements. I created this cheat sheet at work at Compass Security for our security trainings.
- GitHub: CompassSecurity/Hacking_Tools_Cheat_Sheet
- Compass Security Blogpost: Hacking Tools Cheat Sheet
Security Advisories
See Downloads for security advisories.
Company Blog
The blog posts I wrote for my employer Compass Security can be found here.
Bluetooth Low Energy Beertalk
A talk I made about the basics and security of Bluetooth Low Energy. This is the result of a research time I had at Compass Security.
- Slides Compass Beer-Talk: bluetooth_low_energy_ble_beertalk_2020-05-07.pdf
- Slides Full Version: bluetooth_low_energy_ble_protocol_security_attacks_full_version_v1.0.pdf
- Compass Beer-Talk Video Recording on YouTube (07.05.2020, German): Compass Security Beer-Talk: Bluetooth Low Energy - Protocol, Security & Attacks (07.05.2020, German)
- More Resources on GitHub (Videos, Links, …): CompassSecurity/Bluetooth Low Energy BLE
Seminar Paper XSLT & SSRF
A seminar paper by Roland Bischofberger and me at the Hochschule für Technik Rapperswil (HSR). Our project partner and advisor was Compass Security Schweiz AG.
- Seminar Paper: SA_Studienarbeit_Server_Side_Request_Forgeries_and_XSLT_Processing_Security_eduss_rbischof.pdf
- OWASP Switzerland Talk: XSLT_SSRF_OWASP_Switzerland_Meeting_2015-06-17.pdf