Shadow Daemon: Web Application Firewall

Shadow Daemon is a web application firewall that functions on the application layer. Though I did not contribute to the coding of the firewall itself, I worked on the deployment and testing of the firewall both personally and for a client scenario. It provides the user with both blacklist and whitelist security models, as well as provides the ability/option to do hash verification on scripts being run. In addition it allows http requests to be stored and then will use statistics to generate rules based on thresholds set by the user. Aside from deploying it for clients, in my personal research I used it when pentesting my dev box running extremely outdated or vulnerable web apps such wordpress and joomla as well as stuff like shellshock. I did this in order to practice circumventing such measures as well as learning the foundation of attacking a web application.

Shadowd Website Shadowd Project Page

The BRO Framework

The BRO Framework is an intrusion detection system that is able to be setup in both a cluster and individual environment. It can be used to detect things like files being uploaded, nmap scans, and a ton more. Though the functionality and accuracy of detection depend on the scripts and rules put in place which is something to keep in mind. In my case I deployed this on my dev box to see what rules I can put in place when testing the security of (intentionally) vulnerable web apps, see what sort scans I can pick up on, and just get an introduction to using an IDS in a live environment.

Bro Website Shadowd Project Page

Social Engineering Payloads

In this project I took on the task of creating a payload to be used with a social engineering context. The base idea was to take a desireable android app, find a good cracked version, then decompile it and add the backdoor/hook, and then resign/recompile it. After the technical step was done the would be attacker would use any social engineering method of choice to get a user to install the app. The most important step assuming you are going to for a targetted attack, would be to gain the trust of your target. The perks/benefits of doing things this way was that you could either ensure the installation yourself then use the backdoor to gain additional persistence, but you would have full access to their phone. This type of attack is nothing new, it just put a much cleaner skin compared to many other attacks being used this way. It also provide the user with a working and functional app which would lower suspicion. There are draw backs to this method however, as the user would still need to install a third party app and okay the permissions in the app. Though there were workarounds that could be used such as a canvas exploit to create/modify files without having the permission you could also make it a targetted attack if you only want to access certain permissions.

Backdoor Project Page

Hello, world!

This is a template for a simple marketing or informational website. It includes a large callout called the hero unit and three supporting pieces of content. Use it as a starting point to create something more unique.

Learn more