Hello! I’m Sharon Brizinov, a security researcher. I specialize in vulnerability research and OT/IoT security. Most of the vulnerabilities I have found can be found here. I’ve present my research in various security conferences including BlackHat, DEFCON, HITCON, BlueHatIL, SANS, S4, HackInParis, and others.
I also participated in Pwn2Own five times including ICS 2020, ICS 2022, IoT 2022,ICS 2023, IoT 2023, got SANS Institue “Researcher of the Year” Award and won DEFCON 27’s ICS CTF, earning a DEFCON black badge.
Besides security research, I also like to develop mobile applications and games. You can find most of my projects on GitHub.
Type | Name | Description |
---|---|---|
Misc | BrachotPlus | Free, online AI generated greeting cards, mostly for Jewish holidays. |
Security | ScanMySMS | Detecting smishing (SMS-Phising). Enter SMS content with a potentially malicious URL and let us verify it for you. |
Networks | Ultimate Pcap | Capture file containing a wide variety of protocols, useful for stress-testing and fuzzing. Covers almost all of Wireshark protocol dissectors with great code coverage. |
Misc | secfeed | Stupid simple solution to keep track of various cyber security related sources including research blogs, CVEs, advisories, etc. The script will query a list of websites and extract urls matching to specific regexs. If there are new sources (e.g. new CVE was released), a notification will be sent to Slack with the relevant link. |
Misc | Slack Anti-Delete & Slack Sounds | Some research I did on Slack - I patched my Slack client to keep messages that others delete, simple tool to customize Slack sound notifications. |
Dev | DumpRequests | Simple stupid class for globaly auto patching the entire python requests library to dump all requests and responses, for debug purposes. |
Security | Unboxing Busybox - BusyBox Fuzzing | Created a detailed guides & tools to fuzz the popular BusyBox software suite (several Unix utilities in a single executable file). |
Security | EtherNet/IP & CIP Stack Detector | EtherNet/IP & CIP Stack Detector that can help both cyber-security researchers, OT engineers, and asset owners to identify devices that are running a specific EtherNet/IP protocol stack. |
Security | s3viewer | Free tool for security researchers that lists the content of publicly open storages and helps to identify leaking data. |
Security | Windows Keylogger | Simple Windows keylogger using Windows Hooks. Also supports foreign languages |
Game | #Yo | #Yo is a fun mobile app game and a super-challenging way to enjoy the good old and crazy-fun Simon Says game. |
Game | Assembly iCopter | The old iCopter game written in assembly. |
Misc | Whatsapp Analyzer | Native iOS application for analyzing whatsapp conversations freely on your own iOS device. Written in Objective-C. |
Misc | Meme Generator | Meme generator - create memes from a ready library images with over dozens of different memes, or take photos from your camera or from your saved images. |