Greg Foss

Security Researcher & Penetration Tester



Stuff and Things...


tar.gzAttacking Drupal
Scripts, presentation, security checklist, and videos which demonstrate common Drupal vulnerabilities and insecure configurations. The goal of this project is to assist with the exploitation and security of said flaws.

tar.gzSnowFroc 2013 - Capture The Flag
Team-based Capture the Flag competition, comprised of mainly web-application security challenges at varying stages of difficulty. This was a one-day event with a time-limit of 8-hours. All of the source code has been released to the public, complete with detailed walkthroughs of each challenge to help shed light on common web application weaknesses and improve the security industry's web-fu.

tar.gzCleanSweep.sh
Port Sweeper script that utilizes nmap for scanning, netcat for banner-grabbing, and curl for pulling the source of discovered web pages.

tar.gzphpMyAdmin Honeypot
Simple honeypot that you can use to track hack attempts made against your website.



*Click on the topics for more information / to download the software*