Matthias Deeg

@deeg
109 Followers
53 Following
88 Posts
Interested in IT and likes to see whether security assumptions in soft-, firm-, or hardware hold true when taking a closer look.
Websitehttps://deeg.xyz
Books Websitehttps://books.deeg.xyz
Twitterhttps://twitter.com/matthiasdeeg
Matthias DeegApr 14

Additionally, there is also a blog article titled "Intercepting WCF Traffic with wcfproxy", and a short tool tip video demonstrating wcfproxy.

The blog article is available in the SySS Tech Blog:
https://blog.syss.com/posts/wcfproxy/

And the video on YouTube:
https://www.youtube.com/watch?v=UMYAd-d5N5Y

#infosec #cybersecurity #software #tool

Intercepting WCF Traffic with wcfproxy

Windows Communication Foundation (WCF) is still a commonly used .NET framework for client-server communication. Specifically, when Net.TCP is used for transport, the binary encoding of messages makes the network communication challenging to analyze. This in turn poses an obstacle for the security analysis of WCF-based software products. For this reason we developed “wcfproxy”, a tool to facilitate the analysis of Net.TCP-based WCF communication.

SySS Tech Blog
Matthias DeegApr 14

Today, the software tool wcfproxy developed by my colleague Sebastian Rauch was published as open source software. This tool is useful for intercepting/analyzing Net.TCP-based WCF network traffic.

You can find it in the SySS Research GitHub respository:
https://github.com/SySS-Research/wcfproxy

#infosec #cybersecurity #software #tool

GitHub - SySS-Research/wcfproxy: A proxy for net.tcp-based WCF traffic.

A proxy for net.tcp-based WCF traffic. . Contribute to SySS-Research/wcfproxy development by creating an account on GitHub.

GitHub
Matthias DeegMar 3
Matthias KesenheimerMar 3
Hacking a Keyboard for Fun and Profit - Can It Run #Doom? https://blog.syss.com/posts/rog-azoth-will-it-run-doom/
Hacking a Keyboard for Fun and Profit - Can It Run Doom?

The Asus ROG Azoth is a high-end gaming keyboard built to be a bit smarter than normal keyboards. Solid tactile switches, fully customizable RGB lighting, and a crisp built-in OLED display put it a step above the usual. That little screen isn’t just for looks: It can show system stats, adjust lighting profiles, tweak volume, and act as a quick access hub for keyboard settings without touching your OS.

SySS Tech Blog
Matthias DeegMar 3

A new blog article titled "Hacking a Keyboard for Fun and Profit - Can It Run Doom?" by @mkesenheimer was published today.

If you want to read about some Asus ROG Azoth keyboard hacking, follow this link.

https://blog.syss.com/posts/rog-azoth-will-it-run-doom/

#hardware #hacking #keyboard

Hacking a Keyboard for Fun and Profit - Can It Run Doom?

The Asus ROG Azoth is a high-end gaming keyboard built to be a bit smarter than normal keyboards. Solid tactile switches, fully customizable RGB lighting, and a crisp built-in OLED display put it a step above the usual. That little screen isn’t just for looks: It can show system stats, adjust lighting profiles, tweak volume, and act as a quick access hub for keyboard settings without touching your OS.

SySS Tech Blog
Matthias DeegFeb 24

A short blog article titled "Why Regular Employees Should Not Boot Their Computers From External Media" by Micha Borrmann explains why boot restrictions for regular employees is a good idea.

https://blog.syss.com/posts/no-boot/

#cybersecurity #infosec

Why Regular Employees Should Not Boot Their Computers From External Media

In this blog article, we want to explain why regular employees should not be able to boot their work computers from external media, even if their devices are encrypted.

SySS Tech Blog
Matthias DeegFeb 24

Today, I've pulished a new proof of concept video on YouTube demonstrating how the UEFI boot password feature can be bypassed.

This security issue concerning Dell and HP computers was already published at the end of 2025 by my colleague Micha Borrmann in the two security advisories SYSS-2025-059 and SYSS-2025-060.

https://www.youtube.com/watch?v=oN1UZOanWEg

#infosec #cybersecurity

UEFI Boot Password Bypass

YouTube
Matthias DeegFeb 12

There is also a YouTube short demonstrating an attack against a vulnerable Linksys MX4200 router.

https://www.youtube.com/shorts/03DivoLmsTU

#cybersecurity #infosec #video

Hacking a Linksys Router Over the Internet

YouTube
Matthias DeegFeb 12

Today, a tech blog article by my colleague Christian Zäske titled "MeshHacks: Exploiting Linksys Intelligent Mesh from the Internet" concerning six security vulnerabilities in different Linksys routers was published.

https://blog.syss.com/posts/meshhacks/

#infosec #cybersecurity #hacking

MeshHacks: Exploiting Linksys Intelligent Mesh from the Internet

In this blog post, we describe multiple vulnerabilities we found in Linksys Wi-Fi routers, especially exploiting the “Intelligent Mesh™” functionality, which can be used to wirelessly link routers to act as a Wi-Fi mesh.

SySS Tech Blog
Matthias DeegFeb 8
jiska 🦄Feb 7

In this video, I'm analyzing a really confusing dialog on macOS. Let's dig a bit deeper into what it should do and what it's actually doing. #reverseengineering

https://youtu.be/P7hYg2GpsTk

Matthias DeegJan 28

Today, I have published a new video about browser swapping attacks, demonstrating and explaining a security issue in OAuth 2.0 that my colleague Jonas Primbs found.

https://www.youtube.com/watch?v=hDrfwKSUlvo

#infosec #cybersecurity #hacking #webdev

OAuth 2.0 Browser Swapping Attacks

YouTube