Picture of Jack

Jack Barradell-Johns

Student - Security Enthusiast - Developer

  • Student

  • Security Enthusiast

  • Developer

About Me

University of Sheffield Logo
I am a third-year student at The University of Sheffield, studying for an MComp in Computer Science with a year in industry. Entering my third-year I had to decide on a dissertation topic, for this I chose to develop a browser extension to detect vulnerabilities in web-apps.
One of my main passions is Cyber Security, I enjoy completing challenges such as capture the flags and wargames. I also find other topics such as malware analysis, binary and web exploitation, and creating tools and scripts to help incredibly interesting. As such I am working towards multiple certifications to further my learning in these fields and maintain a blog where I discuss topics I find interesting, as well as post writeups of work.
Placeholer image
Placeholer image
Developing is a large part of my life, working on everything from small scripts to full web applications. I have varying degrees of experience using a wide range of languages such as Python, Ruby + Rails, JavaScript and C as well as other tools such as git and gdb.

Portfolio

Bitsquat Detector



While watching some old DEFCON videos, I came across one on the topic of “Bitsquatting”. The basic principle was due to random memory errors in computers, there will be occurrences where memory representing a domain may change, leading to clients connecting to the wrong domain.
I found the whole idea of bitsquatting to be very intriguing, and as such developed a tool to generate all domains which bitsquat on a given domain, and check if they have been registered.


CTF Writeups



To practice my skills, I regularly challenge myself with CTFs, vulnerable machines and other security challenges. As I complete these challenges I write up how I did them, what I tried and what I learnt in the process. I then publish these writeups on my blog in hopes that they may prove to be a interesting and useful resource to others.
My writeups include challenges from vulnhub, hack this site and hack the box, as well as assorted challenges sourced from elsewhere which means I add new writeups regularly.


Scripts



Over time I have built up a collection of scripts which do something useful or interesting and aggregated them into a collection. Some are sourced and modified from resources such as books, websites and videos, others are of my own design.
Developing many of these scripts acted as a way for me to learn about a range topics such as ARP. I published them so they may be of use to others either to use or as a learning resource. As I develop more scripts they will be added to this repository.


Twitgit.py



Twitgit is a tool I developed utilising flask and github webhooks to create a twitter bot. This bot automatically tweets out the commit messages of linked github repositories. This allows automatic alerts to be sent out to people interested in your work whenever you make a change.
The whole app is contained within a docker image which can be built or extended for customisation, with configuration being passed in at runtime using environment variables.


Exploits


While completing CTF challenges, I often find myself requiring an exploit. When using these exploits, I sometimes decide I need to modify the standard exploit, or I don’t really understand it very well, and when this happens I decide to implement the exploit myself, this helps me gain a better understanding of how it works and to configure it for my own needs.
I then release these exploits publicly encase they can help others and to store them for when I need them again.


Alexa - SWC News



This was my first time working with the Alexa skills kit, and I decided to develop a skill which could get me the news from an online Star Wars based rpg. Having just bought an Amazon Echo I decided it would be the perfect time to learn about development for it, and after a bit of research and work, Unofficial Combine News was born. It is now able to pull Sim, GNS and Flash news, with more features planned.
The skill has been built using the Alexa Skills Kit, AWS Lambda and python 3.6


And More!



This is a selection of projects I have worked on, more of my work can be found on my github account, and details can often be found on my blog.
I am always looking for new and exciting projects to begin to work on, to further expand my skills and gain a deeper understanding of technologies, how they work and how to use them myself.