Tools and Papers
Here you may find a selection of my tools and papers/presentations and research supervised.
Windows application helping you pentesters to sort out the relevant parts from your favorite Windows password dumping tool (Metasploit, pwdumpX, gsecdump, fgdump, etc.). pwClean can remove systems, history and built-in accounts, as well as select administrative accounts only.
More details in my blogpost
Current version is version 0.5.
Papers and presentations
August 2010 Article for Datalossbarometer(.com) about the security risks on new mobile devices like iPhone’s and Android devices.
The added value of IT security testing for IT auditing
January 2010 Thesis research paper on combining IT security testing and IT auditing. Looking for added value, situations where added value is found and how these different types of research can be combined to provide the added value.
June 2009 Co-author of Dutch article for Compact(.nl) on the need and added benefits of combining Penetration Testing with traditional IT auditing.
Covert channels en andere ‘geheime’ technieken die uw netwerkbeveiliging omzeilen
November 2008 Presentation at the Infosecurity NL conference about network covert channels, explaining how they work and what can be done to detect and prevent.
November 2008 Dutch article for ‘Platform voor Informatie Beveiliging’ on the security risks of virtualisation technology that IT auditors and IT security experts should be aware of.
SABA: IT-audit tooling 2.0
June 2008 Dutch article for Compact(.nl) about a the workings of a new generation IT audit tooling created by KPMG IT Advisory.
June 2006 Thesis research paper on acceleration techniques and results of LAN protocols in different WAN environments. This research was performed at Juniper Networks.
January 2006 Thesis research paper on the current state of use of Covert Channels in common protocols used on the Internet and their effective use. The research was performed at KPMG Information Risk Management.
Network Security, a look at at the network of Tennessee Technological University
June 2005 Thesis research paper focused on the current state of the campus wide network security of the Tennessee Technological University, including providing both short and long term solutions.
Research projects supervised
Synergy of social networks defeats online privacy by Eleonora Petridou and Marek Kuczynski
GPU-based password cracking by Marcus Bakker, Roel van der Jagt
Browser security by Wouter S. van Dongen
Security analysis of Dutch smart metering systems by Sander Keemink, Bart Roos
Security and Reliability of Automated Waste Registration in The Netherlands by Dick Visser and Thijs Kinkhorst