m0nad.github.io

Logo

PGP: 713C 6C1C 7F4A B3B2 B852 2C48 798D 5DA2 95D0 B116

View My GitHub Profile

Welcome to m0nad’s Page :)

As a constant learner and explorer, I build, break or fix systems to acquire better knowledge about computer and information security.

Open Source Projects

Diamorphine - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64).

HellRaiser - Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

DNS-Discovery - Multithreaded subdomain brute-forcer meant to be used by pentesters during the initial stages of testing. It uses a wordlist that concatenates with a given domain to search for subdomains.

Msfsuggester - Metasploit exploit suggester using OpenVAS XML output.

Awesome Privilege Escalation - A curated list of awesome privilege escalation.

ARP-Poison - ARP-Poison - also known as an - ARP Spoofing tool.

Blog - Blog with some technical stuff.

And more! Check my Github

Open Source Contributions

Nmap - Patch to fix ftp-vsftpd-backdoor.nse script detection issue.

Linux Kernel - Commit to the Linux Kernel fixing a memory leakage in clk-sunxi.c.

Presentations

MBConf@home 2020 - Linux Local Privilege Escalation. Talk about the methodology, tips, and tricks on Linux privilege escalation. [Slides]

Alligator Conference 2019 - cLoWn 3steRlionate: mak1ng m0ney fr0m li3s. A presentation about how to crack small RSA keys in 50’s seconds. [Slides]

NullByte Security Conference 2017 - Diamorphine for today’s kernels. A presentation about how can we write a rootkit for current Linux kernels taking into account changes that happened in the kernel from the time of the LKM HACKING paper and the heroin.c code. [Slides]

Alligator Conference 2014 - Diamorphine for today’s kernels. A presentation about how can we write a rootkit for current Linux kernels taking into account changes that happened in the kernel from the time of the LKM HACKING paper and the heroin.c code. [Slides]

OWASP Floripa Day 2012 - Return-Oriented Programming. Presentation on the exploitation technique known as Return Oriented Programming, useful to circumvent protections like NX bit or Data Execution Prevention. [Slides]

Alligator Conference 2012 - Return-Oriented Programming. Presentation on the exploitation technique known as Return Oriented Programming, useful to circumvent protections like NX bit or Data Execution Prevention. [Slides]

First Tecland Meeting 2012 - Buffer Overflows for dummies. A presentation about the exploitation of buffer overflows from the basics. [Slides]

First Tecland Meeting 2012 - Building Shellcodes. Presentation on shellcode development, machine code used as the payload in the exploitation of a software vulnerability. [Slides]

Check out how to donate.

Contact

Twitter - Keybase - GPG