General Projects

Projects that don't fit in other categories.

  • Authentication Lab Walkthroughs Walkthroughs for the challenges set in my Authentication Lab.
  • vuLnDAP An LDAP based vulnerable web application.
  • NoSQLi Lab A lab to learn to play with NoSQL Injection in.
  • Sitediff A web app fingerprinting tool which uses the local files as the fingerprint sources.
  • MediaWiki - Dradis Importer A script I knocked together to import issues from my DradisPro install into MediaWiki so they could be the start of my issues library.
  • CeWL A custom word list generator basing words found on a targets website.
  • SocketToMe A WebSocket based application which goes along side the blog post on ZAP and WebSockets.
  • ivMeta Extract meta data from videos taken on iPhones.
  • Pat to Pass A proof of concept application which takes observed key presses and generates a list of potential passwords.
  • Spidering SpiderOak By looking at the differences between responses it is possible to enumerate valid account names and then shares on the SpiderOak network. This post covers how I researched this, the findings and how it could be fixed.
  • Passpat A companion tool to Pipal which can spot keyboard patterns in password lists.
  • bin_gen A simple script to create files containing binary data.
  • Tracker Tracking Using Google Analytics tracking codes to find relationships between companies and domains.
  • sitemap2proxy Extract all URLs from a sitemap.xml file and request them through a proxy of your choosing.
  • Twitter Words of Interest - twofi Twoif takes keywords and usernames and collects tweets based on these terms. It then extracts individual words and uses them to create a custom word list.
  • Breaking In To Security - Conclusions, Part 2 Part 2 of my conclusions, the opinions.
  • Breaking In To Security - Conclusions, Part 1 Part 1 of my conclusions, the stats.
  • Breaking In To Security - BSides London Slides The slides from my BSides talk.
  • Breaking In To Security - The Data The data from my Breaking In survey.
  • Breaking In To Security - Interim Summary Seeing as I had over 200 responses to the "Breaking In" survey in just 5 days I've plucked out a couple of interesting stats from the responses and posted them to whet your appetite.
  • Breaking In To Security - Part 1 This is my attempt to collect enough data to be able to answer the eternal question, 'How do I get started in Information Security?'. I've put together a questionnaire which I'll summarize the answers from and hopefully present at conferences and also summarise here on the site.
  • ZoneTransfer.me A domain set up to help teach and explain DNS zone transfers.
  • Pipal, Password Analyser A tool to analyse cracked password lists to help an analyst to search for patterns.
  • File Disclosure Browser An application to parse files such as .DS_Store to reveal otherwise unlinked files on web sites.
  • Me Finder A tool to brute force user accounts on Mobile Me.
  • Bucket Finder A tool to find public buckets and their associated files on the Amazon S3 network.
  • Counter A short script to do frequency analysis on lines in a file, specifically designed for password reuse analysis.
  • RSMangler A custom wordlist generator that creates permutations of all the input words as well as just manipulating them individually.
  • Image Mount Mount individual partitions from a full dd disk image.
  • gpscan A quick and dirty way to find Google Profiles associated with a chosen company.
  • Twitter Back Back up the list of who you are following on Twitter.
  • Flikr Download Batch download Flikr images.
  • Podtagger Update podcast ID3 tags to keep them all in sync.
  • Serial cable for a Fonera Fon and Fon+ A serial cable to allow access to Fons and other similar devices.

Support The Site

I don't get paid for any of the projects on this site so if you'd like to support my work you can do so by using the affiliate links below where I either get account credits or cash back. Usually only pennies, but they all add up.