I enjoy researching information security and participating in Capture the Flag events when I can find the time; this page collects my publicly-available work in this domain.

  • Camelflage - A rails application that is purposely vulnerable to SQL injection and timing attacks. Timing attack vulnerabilities can be configured by the attacking client to test toolchains.
  • timing_attack - A CLI timing attack tool.
  • The Lab - My honeynet and a smattering of other small projects. NB: The Lab is not actively maintained, and is hosted on an oversold dirt-cheap provider. It goes down frequently and often takes me a while to notice and reboot the instances.
  • SANS Holiday Hack 2015 Writeup - My writeup for the 2015 SANS Holiday Hack Challenge. I received an honorable mention for my work.