Essentially Crypsaurus is a full forensic collection stack that, when registered with a client name, gives the consultant a Windows executable. It's incredibly similar to Google Turbinia, but generously predates it. When they run this executable, it transmits key data regarding the machine over an encrypted link using AWS SDK to S3. Once it lands in S3, it triggers an SNS notification, which triggers an SQS message and is then injested in "processors", effectively Docker containers sitting in EC2 that polls SQS for evidence and uploads analysis results. File conventions and configured prefixes ensure result data isn't processed as evidence data. All data is encrypted at rest. The full presentation I gave along with Paul at NovaHackers is available here.All of this is using the AWS Ruby v2 SDK. The stack predates v3.
A unique challenge we faced in starting our student organization at GMU was our funding was essentially just a series of limited AWS educational credits.This means we were limited quite aggressively in our cost solutions. I determined a serverless architecture would make the most sense with such a simple solution, so I developed an API endpoint in Python 2.7 that, provided a valid GMU ID (that is verified through another seperate call), invites their GMU email address into our student organization's Slack via my token.
|mike-bailey.github.io||Literally this website.||Link|
|CCDC-Scripts||Scripts to secure images. Adapting very gradually from CyberPatriot to industry grade.||Link|
|hockey-hacks||PHP page to hack together embedder code for hockey videos before we knew the call to autoplay. Favour for russianmachineneverbreaks. Also, a CLI client to dump play-by-plays of games, but that wasn't committed.||Link|
|php-web-shell||Covert, no-frills shell in the event someone gets arbitrary file upload or PHP code execution to escalate to code execution on unrestricted (shell_exec is unblocked) web servers.||Link|
|scoring||CyberPatriot has no practice scorebot for linux so I improvised one.||Link|
|ducky_scripts||Temporary repository for payloads for my rubber ducky keystroke injection tool.||Link|
|javalessons||Refresher for learning java. This was with the help of a community I belong to called "Day One" that assumes day one knowledge of a particular topic||Link|
|rumpwn||Implementation of the popular cipher cracking site "Rumkin" for Chrome's developer console to brute force just a little harder. Outdated repo and proved inefficient since you're restricted to the processing power of a browser...||Link|