berzerk0’s GitPage

About Me | Blog | CTF Writeups | How-To Guides

Research

• Prototype Pollution Primer for Pentesters and Programmers - An analysis of client-side prototype pollution written Phil Sofia and I, published under WithSecure Labs. Archive Link

Projects and Tools

• Probable Wordlists - Up to 20GB of passwords, sorted by popularity. Make sure your passwords aren’t popular! Completely overhauled version 2 released.

• BEWGor - Bull’s Eye Wordlist Generator: Does your password rely on predictable patterns of accessible info?

• (Currently Non-Operational) @WorstPasswords - Twitter bot inspired by @redteamwrangler that tweets out one of the world’s most common 747 passwords twice a day. More info.

These projects have gained some attention and has been mentioned in articles, a podcast, and even a book! I’d like to return the favor. Check out the Shoutout Page for the (incomplete) list of mentions!

Other

• OSINT Work - Open-Source Intelligence is fascinating to me. I’ve helped out a few friends by demonstrating what I was able to find on them based on a piece of seed information like an email address - all with their informed consent, of course. Here is an example.