About Me
Hi! My name is Sharon Brizinov and I’m a security researcher. I specialize with vulnerability research and ICS/SCADA security. You can check most of the vulnerabilities I have found here. In addition, I’m a practitioner of CTFs, took part of Pwn2Own 2020 and won the DEFCON 27’s ICS CTF and earned a DEFCON black badge.
Besides security research, I also like to develop mobile applications and games. You can find most of my projects on GitHub.
Writeups, competitions, and presentations
- 2019 - [CTF] S4x19 - ICS CTF
- 2019 - [CTF] DEFCON 27 - ICS CTF
- 2019 - [Presentation] DEFCON 27 - Magical Change-IP Packets In the Wild
- 2020 - [CTF] Pwn2Own 2020 - ICS Miami
- 2020 - [Writeup] License to Kill: Leveraging license management to attack ICS networks
- 2020 - [Writeup] ZDI - Performing SQL backflips to achieve code execution on Schneider Electric’s Ecostruxure software
- 2020 - [Writeup] EXPLORING THE OPC ATTACK SURFACE
- 2021 - [Presentation] Hack the Capitol - Attacking Your OT Network
- 2021 - [Presentation] DEFCON 29 - Bottom-Up and Top-Down: Exploiting Vulnerabilities In the OT Cloud Era
- 2021 - [Writeup] Blog - Crashing SIP Clients With a Single Slash
Projects
| Type | Name | Description |
|---|---|---|
| Security | s3viewer |  Free tool for security researchers that lists the content of publicly open storages and helps to identify leaking data. |
| Security | Windows Keylogger |  Simple Windows keylogger using Windows Hooks. Also supports foreign languages |
| Game | #Yo |  #Yo is a fun mobile app game and a super-challenging way to enjoy the good old and crazy-fun Simon Says game. |
| Game | Assembly iCopter |  The old iCopter game written in assembly. |
| Misc | Whatsapp Analyzer |  Native iOS application for analyzing whatsapp conversations freely on your own iOS device. Written in Objective-C. |
| Misc | Meme Generator |  Meme generator - create memes from a ready library images with over dozens of different memes, or take photos from your camera or from your saved images. |