projects
If you like my projects, please say thanks or buy me a beer.
bop
Unique pattern generator and offset finder in perl. Based on the previous work of HDmoore, metasploit crew and Immunity.
Use this to find the offset where crashes occurs in buffer overflow vulnerabilities.
Dugong-fuzz
A simple genetic file fuzzer written in perl6. It works by mixing "X" and "Y" chunks of data from two parent files. This allows it to operate on files without knowing the file format of the files it is fuzzing.
Evil Website Testing Suite
A collection of web pages that behave badly or provide malicious content in an attempt to break web based applications or cause malicious code inclusions in third party output, for example a RSS feed reader, link checker report, etc.
Graudit
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder. Received the security database excellent award in 2009.
htshells
A number of self contained htaccess file based shells and attacks.
Jason
A set of tools for butchering password lists.
WWW-TamperData
WWW::TamperData is a perl module that lets you replay web requests exported to xml from the "Tamper Data" firefox extension. By using the request and response hooks you can use this for active or passive security testing like fuzzing SQL injection.
bop
Unique pattern generator and offset finder in perl. Based on the previous work of HDmoore, metasploit crew and Immunity.
Use this to find the offset where crashes occurs in buffer overflow vulnerabilities.
Dugong-fuzz
A simple genetic file fuzzer written in perl6. It works by mixing "X" and "Y" chunks of data from two parent files. This allows it to operate on files without knowing the file format of the files it is fuzzing.
Evil Website Testing Suite
A collection of web pages that behave badly or provide malicious content in an attempt to break web based applications or cause malicious code inclusions in third party output, for example a RSS feed reader, link checker report, etc.
Graudit
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder. Received the security database excellent award in 2009.
htshells
A number of self contained htaccess file based shells and attacks.
Jason
A set of tools for butchering password lists.
WWW-TamperData
WWW::TamperData is a perl module that lets you replay web requests exported to xml from the "Tamper Data" firefox extension. By using the request and response hooks you can use this for active or passive security testing like fuzzing SQL injection.
