Projects

Tethr is an Android application that demonstrates CVE-2017-0554, a vulnerability that allows bypassing carrier tethering provisioning checks on unrooted devices. The proof-of-concept app exploits system property manipulation to enable mobile hotspot functionality without carrier approval. The vulnerability affects Android versions prior to 7.1.2 by allowing modification of tethering-related system properties through reflection and system service manipulation. This research was conducted to highlight security weaknesses in Android’s tethering permission model.

CertGraph crawls SSL certificates to map domain relationships through certificate alternate names. The tool builds a directed graph where domains are nodes and certificate alternative names create edges between related domains. The program performs hostname enumeration by following certificate relationships, revealing domain connections that may not be apparent through traditional DNS enumeration. It outputs data in various formats including graphical representations for network topology analysis.

A collection of proof-of-concept exploits demonstrating critical vulnerabilities in ImageMagick (CVE-2016-3714 through CVE-2016-3717). These vulnerabilities allow remote code execution, server-side request forgery, file deletion, and local file disclosure through maliciously crafted image files. The project provides test scripts and example payloads to help developers and security researchers understand the attack vectors and implement proper mitigations. The vulnerabilities affect web applications using ImageMagick or related libraries for image processing, making this a significant security concern for many web services.

WiFi Recovery is an Android application that retrieves saved WiFi passwords from the device’s system files. The app requires root access to read the wpa_supplicant.conf file where Android stores network credentials in plain text format. The application uses libraries including ActionBarSherlock, ZXING for QR code generation, and RootTools for system-level file access. It provides a simple interface to view saved network passwords and can generate QR codes for easy network sharing. The project has been archived as modern Android versions have changed WiFi credential storage mechanisms.

DNS.coffee is a web platform that collects and archives DNS zone file statistics to provide insights into DNS growth and changes over time. The service tracks domain distribution across zones, TLD root zone growth patterns, and overall internet domain expansion through comprehensive data visualization. The platform includes tools for domain record searches, nameserver lookups, IP information queries, and advanced search capabilities. DNS.coffee also provides an API for programmatic access to DNS data, making it a valuable resource for researchers and network administrators analyzing DNS infrastructure trends and domain name system evolution.