Welcome on my Github summary page! I work in IT for almost 25 years. Previously I worked for big global companies like Wikia or Allegro Group. Since 2013, I run my own company. Below you'll find some of my projects.
Drive Badger in an open source platform for covert data exfiltration operations, ranging from small computers to big servers, supporting any version of Windows, Linux and Mac OS, also with Bitlocker, LUKS, VeraCrypt or Apple FileVault full disk encryption.
Written in 2020 strictly for law enforcement officers, private investigators, corporate Red Teams etc. (see legal details), as cold attack complement to my closed source Sherlock platform.
Funkcjonariusz is a version dedicated for Poland: translated documentation with lots of additional content specific to Poland and polish legal system.
- drivebadger/drivebadger - main repository (see more Wiki links there)
- drivebadger/deployment-scripts - scripts for deploying a large number of Drive Badger / Mobile Badger devices
- drivebadger/injectors-playground - examples, how to modify exfiltrated filesystem (injecting backdoors, access keys, evidence files etc.)
- drivebadger/ext-mobile-drivers - display drivers for various Pimoroni, Waveshare, Adafruit, Uctronics and Bakebit LED/LCD devices
- drivebadger/hook-fstab - hook for processing
/etc/fstabfiles and exfiltrating NFS and SMB shares - drivebadger/hook-wcxftp - hook for processing Total Commander
wcx_ftp.inifiles and exfiltrating FTP accounts - drivebadger/exclude-windows - example exclusion repository (there are 13 such repos, each with different set of exclusions)
- drivebadger/bitlocker-demo - example repository showing how to configure Bitlocker keys
- drivebadger/target-demo - example repository with UUIDs of target partitions for Mobile Badger
Server Farmer is a framework for server management, created around January 2008 and still maintained. Technically, quite similar to Ansible. Business-wise, something completely different, written specifically for small software houses with multiple customers.
- serverfarmer/serverfarmer - main repository (there are ~80 extensions in separate repositories, only the most important ones are listed below)
- serverfarmer/heartbeat-linux - Heartbeat monitoring subproject (can be used separately)
- serverfarmer/heartbeat-server - Heartbeat server part
- serverfarmer/sf-backup - backup (client part)
- serverfarmer/sm-backup-collector - backup (server part)
- serverfarmer/sm-farm-manager - inventory and management tools
- serverfarmer/sf-ip-allocs - includable lists of IP address ranges allocated for several ISPs, mainly from Poland - you can use it separately, as a part of your custom firewall script
Zone Manager is a central DNS/DHCP database with replication to Amazon Route53, BIND, MikroTik routers and other DNS services. Created in 2016 (initially as an internal tool meeting HIPAA requirements for some commercial project) and still maintained.
Polynimbus is a multi-cloud infrastructure management tool, supporting over 10 major cloud providers. In short it does 2 things: provides an unified API to create and manage VM instances, and provides a web panel with inventory on all connected accounts. Created in 2015 and still maintained.
- polynimbus/polynimbus - main repository (to be run on the server with credentials for all connected cloud accounts)
- polynimbus/polynimbus-panel - web panel (can be installed on different server)
- polynimbus/polynimbus-backup - Backup subproject; fully automatic local backup for object storage (to be installed on storage server)
Planter (also known as Harry or Dirty Harry) is an open source, mobile, wearable, USB evidence planter based on Raspberry Pi. Created in 2017 as a tool strictly for police officers, then redesigned and rewritten from scratch in 2019.
- pisecurity/planter - main repository (the only one with "business logic", all the rest is use case-agnostic)
- pisecurity/planter-drives - drive management component
- pisecurity/camera-utils - photo camera (MTP/PTP devices) management component
- pisecurity/blinkt-persistence - driver for Pimoroni Blinkt! LED device
- pisecurity/bakebit-nanohat-driver - driver for BakeBit NanoHat OLED display device
- pisecurity/minimal-provisioning - several configuration templates taken from Server Farmer, for manual installation (if Server Farmer is too much for you)
- pisecurity/mc-black - black theme for Midnight Commander (the same as in Server Farmer, but Debian/Ubuntu-only, and without support for OS versions older than 2009)
- serverfarmer/sf-thermal-utils - read CPU temperature on various computer architectures, including Raspberry Pi and clones, QNAP devices, and many others
- erpekspert/optima-integrator-przyklady - integration solution between PHP applications and polish Comarch ERP Optima sales management system (linked repository containts example client code, actual solution is closed source/commercial)
- tomaszklim/klim-framework - my old PHP framework, mainly focused on connecting with many databases; still used in some of my commercial projects
- pisecurity/opencv-manager - scripts for compiling OpenCV (including contrib modules and OpenVINO support) on Raspberry Pi and other ARM platforms (see releases for details)
- pisecurity/phpopencv-manager - scripts for compiling php-opencv on ARM platforms
- payloadpl/stylometria - attempts to recreate real stylometric tools used by polish police (see more in polish language)
- payload.pl - offensive IT security magazine (polish language)
- asperger15k.pl - career and life success with Asperger Syndrome (polish language)
If you use one of my projects, I'd love to hear from you! Don't be shy and let me know what you liked and what needs being improved.
Got an issue? Open a ticket, and I'll try to help.
Want me to implement a specific feature for you? Custom extensions or payloads for Drive Badger, Planter or Hak5 devices? I'm open for help. Contact me and we'll discuss the details.
- Twitter: https://twitter.com/PayloadPl
- LinkedIn: https://www.linkedin.com/in/tomaszklim/
- Email: [email protected]