General Projects
Projects that don't fit in other categories.
- Authentication Lab Walkthroughs Walkthroughs for the challenges set in my Authentication Lab.
- vuLnDAP An LDAP based vulnerable web application.
- NoSQLi Lab A lab to learn to play with NoSQL Injection in.
- Sitediff A web app fingerprinting tool which uses the local files as the fingerprint sources.
- MediaWiki - Dradis Importer A script I knocked together to import issues from my DradisPro install into MediaWiki so they could be the start of my issues library.
- CeWL A custom word list generator basing words found on a targets website.
- SocketToMe A WebSocket based application which goes along side the blog post on ZAP and WebSockets.
- ivMeta Extract meta data from videos taken on iPhones.
- Pat to Pass A proof of concept application which takes observed key presses and generates a list of potential passwords.
- Spidering SpiderOak By looking at the differences between responses it is possible to enumerate valid account names and then shares on the SpiderOak network. This post covers how I researched this, the findings and how it could be fixed.
- Passpat A companion tool to Pipal which can spot keyboard patterns in password lists.
- bin_gen A simple script to create files containing binary data.
- Tracker Tracking Using Google Analytics tracking codes to find relationships between companies and domains.
- sitemap2proxy Extract all URLs from a sitemap.xml file and request them through a proxy of your choosing.
- Twitter Words of Interest - twofi Twoif takes keywords and usernames and collects tweets based on these terms. It then extracts individual words and uses them to create a custom word list.
- Breaking In To Security - Conclusions, Part 2 Part 2 of my conclusions, the opinions.
- Breaking In To Security - Conclusions, Part 1 Part 1 of my conclusions, the stats.
- Breaking In To Security - BSides London Slides The slides from my BSides talk.
- Breaking In To Security - The Data The data from my Breaking In survey.
- Breaking In To Security - Interim Summary Seeing as I had over 200 responses to the "Breaking In" survey in just 5 days I've plucked out a couple of interesting stats from the responses and posted them to whet your appetite.
- Breaking In To Security - Part 1 This is my attempt to collect enough data to be able to answer the eternal question, 'How do I get started in Information Security?'. I've put together a questionnaire which I'll summarize the answers from and hopefully present at conferences and also summarise here on the site.
- ZoneTransfer.me A domain set up to help teach and explain DNS zone transfers.
- Pipal, Password Analyser A tool to analyse cracked password lists to help an analyst to search for patterns.
- File Disclosure Browser An application to parse files such as .DS_Store to reveal otherwise unlinked files on web sites.
- Me Finder A tool to brute force user accounts on Mobile Me.
- Bucket Finder A tool to find public buckets and their associated files on the Amazon S3 network.
- Counter A short script to do frequency analysis on lines in a file, specifically designed for password reuse analysis.
- RSMangler A custom wordlist generator that creates permutations of all the input words as well as just manipulating them individually.
- Image Mount Mount individual partitions from a full dd disk image.
- gpscan A quick and dirty way to find Google Profiles associated with a chosen company.
- Twitter Back Back up the list of who you are following on Twitter.
- Flikr Download Batch download Flikr images.
- Podtagger Update podcast ID3 tags to keep them all in sync.
- Serial cable for a Fonera Fon and Fon+ A serial cable to allow access to Fons and other similar devices.
