In 2023, I contributed my first exploit module to the Metasploit Framework. At the Austrian Institute of Technology, I frequently create testbeds, such as the AttackBed, and simulate networks under attack. This time, I was looking for a webmail software and stepped over the webmail plugin for Nextcloud. I discovered that in 2023, a remote code execution vulnerability was found in Nextcloud. Such a vulnerability would be very useful in our AttackBed and therefor I decided to write an exploit. Since there were only hazy information about that vulnerability in the security advisory on GitHub at the time, I read the Nextcloud patches and created an exploit module for the Metasploit Framework.

There are some amazing keyboards like dygma or uhk available. Beside of ergonomics they also support to have multiple function layers and custom layouts. They ship with easy to use software to customize the layouts and function layers. I am fine with my keyboard, but I always envy my friends for having keyboards that allow switching custom layers easily. So I asked a little bit around and someone recommended me the free open-source software kanata. It is a cross-platform software keyboard mapper for Linux, macOS and Windows and allows me to switch my keyboard layout dynamically. As an addition, I will also try to integrate kanata in my i3wm environment smoothly and create a custom menu with rofi.

Automating attack chains is not only necessary for testing cybersecurity mechanisms, but also very practical for cybersecurity training and pentests. Most existing tools are not primarily concerned with the attacks manifesting themselves in the logs as if they had been carried out by a human attacker. AttackMate was written with the intention of performing realistic attacks and allows attacks to be chained across all phases of the killchain. I wrote that tool as part of my work at the AIT, where we need realistic logs for anomaly detection. It is Free Open Source Software and available on GitHub

This year was my first time at the balccon conference. This infosec event takes place in Serbia and is a community oriented congress very similar to the CCC Congress in Germany. I felt very comfortable there right from the start. There were incredibly good talks and fantastic installations built by the community.