otter

wrks

.co

Main

Accolades

Projects

otter

wrks

.co

16yo fullstack programmer cybersecurity, programming, reverse engineering, embedded systems BMW E9X/N54 platform expert

hacked my school (Q1 2023)

hacked my school district (~50 different schools) in 8th grade; gained access to hundreds of linux+windows boxes, across many different schools, through a vuln chain.

used hashcat, jtr, responder, and some custom developed tools i created just for this

created a writeup in an hour or so, leading to everything being fixed by the end of the school day

bypassed windows AMSI (Q4 2023)

created a reverse shell that still bypasses windows defender, AMSI, and most DPI firewalls, as well as a malleable command-and-control framework with support for many many payloads

hacked into my school, again (Q4 2023)

hacked into my school's network, again, using SMBGhost on outdated windows clients and responder. used credentials to move vertically and horizontally across the network, leaving me with terabytes of student/teacher data. reported and fixed within a day

hacked into a mail server (Q1 2024)

hacked into a real, public mail server using SQL injection. had access to thousands of important company emails, then found an XSS vulnerability in the software itself on accident. reported both and got rewarded with a mcdonalds giftcard

Automotive CANBUS framework

Graphite is an intermediary framework that taps into your vehicle's CANBUS network, allowing you to datalog, view vehicle data, and integrate modifications tightly with your vehicle.

  • Modular - add virtual and real modules as you wish
  • Standalone - connect once and never worry again
  • Graph vehicle data - RPM, throttle, etc.
  • Extremely low latency (<1ms)
  • Complete data logger for the track
  • Tune your mods through the provided WebUI
    • Heatmaps visualization, graph curves
    • View and graph data from specific node
  • Wireless connectivity

* Your car must have CANBUS and an available .dbc file

A jack of all trades

Pwnhyve's main goal is to be an affordable and effective hacking tool.

  • WiFi hacking
    • Deauthentication, AP scanning, KARMA attacks, captive portal, evil twin attacks with EAPHammer
  • BLE hacking
    • Using the bettercap suite, you can search for devices and write to specific GATT characteristics
  • USB emulation
    • DuckyScript support, mass storage, keystroke reflection
  • RF hacking
    • Replay attacks using a CC1101, FM radio hijacking, RPITX toolset
  • GPIO playground
    • 2 channel 1.5mhz logic analyzer, breadboard companion to test LEDs, servos, distance sensors, etc.

Effective, even 2 years later

Azamuku is an HTTP based, multi-client reverse shell, with support for communication obfuscating/hiding using HTML pages.

Azamuku has been successfully bypassing AMSI, firewalls, DPI for two years now. Obfuscate your own payload, and you're set.

  • DPI, firewall bypass
  • Multi-client
  • Auto-run stagers
  • HTTPS support
  • Round-Robin endpoints
  • Automatic sysinfo extraction

Used in a couple of red-team operations, and have worked effectively every single time.

A malleable C² framework

Catwalk is a C2 framework targeted to manage all your shells, across many completely different payloads, and to simplify the control process.

With full multiplayer support and fully browser-based, Catwalk is able to be accessed almost anywhere there's an internet connection.

  • Multiplayer
  • Strong REST API
  • Modular
  • Auto run Jinja2 stagers w/ filters
  • Automatic target system info harvesting
  • Remote file browsing
  • Round-Robin support
  • Supports almost every payload

A better Hak5 RubberDucky

qt-kunai is a USB keyboard and mouse injection tool, meant to run different payloads extremely quickly

  • OLED display is completely programmable
  • DuckyScript 1.0 support
  • Extremely easy to add payloads
  • 1 button to control the entire system
  • Autorun can be set on the fly

If you try hard enough, you can use this as a FIDO key aswell

ISTA+ for all

OpenISTA's goal is to provide everyone with dealership-grade vehicle diagnostics for BMW, Mini, and Rolls-Royce, for free.

By using fully open source data from the charm.li project, OpenISTA can give you diagrams and descriptions of everything you'd need in diagnosing a problem.

  • Fully open source
  • Easy to use interface
  • Part diagrams
  • Ediabas job support
  • Interactive module tree
  • Scriptable REST API

Graphite

  • Standalone module
  • Linux based
  • Wireless or wired connectivity
  • Virtual modules
  • Browser based, view on any device

Pwnhyve

  • Modular, tiny hacking tool
  • Low price point - under 100 USD
  • Runs on Kali Linux
  • Extremely effective in the right hands

Azamuku

  • Bypasses Windows Defender, Kaspersky, SentinelOne, AMSI
  • Practically undetectable, HTTP beaconing
  • Bypasses firewalls, deep packet inspection
  • Multi-client command-and-control
  • Based off of t3l3machus' hoaxshell

Catwalk C²

  • Malleable
  • Automatically grabs target's system info
  • Browse and download files from target
  • Completely modular - stages, payloads, protocols
  • Compatibility with most dumb and smart shells

qt-kunai

  • Very tiny
  • DuckyScript support
  • Visible feedback via OLED screen
  • Easily add payloads
  • Switch payloads to autorun on the fly

OpenISTA

  • Supports every BMW vehicle that has an OBD port
  • Rolls Royce, BMW, Mini
  • Module tree, module diagrams and locations
  • Run custom jobs on modules
  • MHD universal/THOR adapter support
  • Windows based