ShadowIM - an Instant Messenger crafted with a strong emphasis on privacy. It seamlessly integrates the Matrix communication protocol to offer you state of the art message encryption and effortless communication with fellow Matrix Network users across various clients. ShadowIM ensures full client-side encryption, safeguarding your data against unauthorized access.
Allows the decryption of the Google Chrome Credentials/Cookie storage by using the Windows DPAI on the victims machine. Supports all Chrome editions in their newest versions. Perfect example of how easy Session-Hijacking can be realized to bypass modern Multi-Factor authentications.
Documentation
This project contains a server/client implementation for encrypted & integrity protected data-transfer through the inconspicuous DNS-Protocol. This exfiltration method allows attackers to possibly bypass Firewalls and establish a stealth connection to their C2-Server.
Documentation
Social engineering is a steadily evolving attack vector, often targeting companies that are not vulnerable on a technical level. With rapidly evolving technologies, a new category of Social Engineering is now upon us: Robot Social Engineering.
A very short technical explanation of the Bluekeep vulnerability (CVE-2019-0708). This paper is based on many blog articles and my own technical exploration of the vulnerability as Bluekeep itself isnt very popular as scientific research topic.