Code Monkey home page Code Monkey logo
Martin Gallo photo

martingalloar Goto Github PK

followers: 355.0 following: 86.0 repos: 18.0 gists: 1.0

Name: Martin Gallo

Type: User

Company: @hyprcorp

Bio: InfoSec Leader/Innovation | 👨🏾‍💻PdM @HYPRCorp | 🙆Co-org @TandilSec | 🧐CFP @EkoParty | ✊Knowledge sharing and community building | 🏀#12 | 🗨️Words are mine

Twitter: martingalloar

Location: Sur

🙌 I'm Martin Gallo! Experienced information security professional and leader. Security, privacy, usability and diversity advocate.

👨🏾‍💻 Senior Product Manager at @HYPRCorp | 🙆 Founder and co-organizer at @TandilSec | 🕵️‍ Technical Comitte @ekoparty

Publications

This is my personal repository of publications and presentation at public conferences.

Conference Presentations

Conference Presentations

Presentation Title Conference Presentation Date
Recent Identity Threats and Trends: Lessons to improve Identity Security Identiverse 2021 June 2021
Hunting crypto secrets in SAP systems Troopers 18 March 2018
Intercepting SAP SNC-protected traffic Troopers 17 March 2017
Deep-dive into SAP archive file formats Troopers 16 March 2016
HoneySAP: Who really wants your money? Troopers 15 March 2015
SAP’s Network Protocols Revisited Troopers 14 March 2014
Uncovering SAP vulnerabilities - Reversing and breaking the Diag protocol BruCon 2012 September 2012
Uncovering SAP vulnerabilities - Reversing and breaking the Diag protocol Defcon 20 July 2012
Security Advisories

Security Advisories

Title CVEs Release Date
SAUTH-2020-0001 / SAP HANA SAML Assertion Improper Validation Vulnerability CVE-2020-26834, CVE-2021-21474 09/12/2020
CORE-2017-0011 / SAP Note Assistant Insecure Handling of SAP Notes Signature Vulnerability CVE-2017-16691 30/11/2017
CORE-2017-0001 / SAP SAPCAR Heap Based Buffer Overflow Vulnerability CVE-2017-8852 10/05/2017
CORE-2016-0006 / SAP CAR Multiple Vulnerabilities CVE-2016-5845, CVE-2016-5847 10/08/2016
CORE-2016-0004 / SAP Download Manager Password Weak Encryption CVE-2016-3685, CVE-2016-3684 09/03/2016
CORE-2015-0010 / Sendio ESP Information Disclosure Vulnerability CVE-2014-0999, CVE-2014-8391 22/05/2015
CORE-2015-0009 / SAP LZC/LZH Compression Multiple Vulnerabilities CVE-2015-2282, CVE-2015-2278 12/05/2015
CORE-2014-0007 / SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability CVE-2014-0995 15/10/2014
CORE-2014-0003 / SAP Router Password Timing Attack CVE-2014-0984 15/04/2014
CORE-2012-1128 / SAP Netweaver Message Server Multiple Vulnerabilities CVE-2013-1592, CVE-2013-1593 13/02/2013
CORE-2012-0123 / SAP Netweaver Dispatcher Multiple Vulnerabilities CVE-2012-2611, CVE-2012-2612, CVE-2012-2511, CVE-2012-2512, CVE-2012-2513, CVE-2012-2514 08/05/2012

Martin Gallo's Projects

ansible icon ansible

Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy. Avoid writing scripts or custom code to deploy and update your applications— automate in a language that approaches plain English, using SSH, with no agents to install on remote systems.

dvwa icon dvwa

Damn Vulnerable Web Application (DVWA)

escrutinio-social icon escrutinio-social

Una aplicación web para validar colaborativamente el escrutinio provisorio

honeysap icon honeysap

HoneySAP: SAP Low-interaction research honeypot

lsa-whisperer icon lsa-whisperer

Tools for interacting with authentication packages using their individual message protocols

pysap icon pysap

pysap is an open source Python library that provides modules for crafting and sending packets using SAP's NI, Diag, Enqueue, Router, MS, SNC, IGS, RFC and HDB protocols.

pyshark-legacy icon pyshark-legacy

Python wrapper for tshark, allowing python packet parsing using wireshark dissectors (Python2 legacy version)

sap_ms icon sap_ms

SAP Message Server research presented at OPCDE 2019

scapy icon scapy

Scapy: the python-based interactive packet manipulation program & library

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.