By the end of this book you should have a thorough understanding of the inner workings of a programming language interpreter. The source code is presented in full, and several iterations add more features until it could be considered pretty complete. The interpreter is written to be as easy to understand as possible; it has …
Tag: open source
Permanent link to this article: https://www.darknessgate.com/2016/10/25/exploring-programming-language-architecture-in-perl/
Mft2Csv
Extract $MFT record info and log it to a csv file. This tool is for parsing, decoding and logging information from the Master File Table ($MFT) to a csv. It is logging a large amount of data and that has been the main purpose from the very start. Having all this data in a csv …
Permanent link to this article: https://www.darknessgate.com/2016/10/07/mft2csv/
Evolve
Web interface for the Volatility Memory Forensics Framework https://github.com/volatilityfoundation/volatility Works with any Volatility module that provides a SQLite render method (some don’t) Automatically detects plugins – If volatility sees the plugin, so will eVOLve All results stored in a single SQLite db stored beside the RAM dump Web interface is fully AJAX using jQuery & …
Permanent link to this article: https://www.darknessgate.com/2016/09/16/evolve/
ProtonMail | Best secure email provider (Free)
Secure Email Based in Switzerland which has many security enhancing features: End-to-End Encryption Messages are encrypted at all times Messages are stored on ProtonMail servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between ProtonMail users are also transmitted in encrypted form within our secure server …
Permanent link to this article: https://www.darknessgate.com/2016/09/10/protonmail-best-secure-email-provider-free/
JPHIDE and JPSEEK
JPHIDE and JPSEEK are programs which allow you to hide a file in a jpeg visual image. There are lots of versions of similar programs available on the internet but JPHIDE and JPSEEK are rather special. The design objective was not simply to hide a file but rather to do this in such a way …
Permanent link to this article: https://www.darknessgate.com/2016/06/08/jphide-and-jpseek/
sslstrip
This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which …
Permanent link to this article: https://www.darknessgate.com/2015/03/15/sslstrip/
Wfuzz
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc. Some features: * Multiple Injection points capability with multiple dictionaries * Recursion (When doing …
Permanent link to this article: https://www.darknessgate.com/2015/02/26/wfuzz/
Crowbar
Crowbar (crowbar) is brute forcing tool that can be used during penetration tests. It is developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key. So SSH keys, …
Permanent link to this article: https://www.darknessgate.com/2015/02/23/crowbar/
The web-application vulnerability scanner
Wapiti allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, …
Permanent link to this article: https://www.darknessgate.com/2015/02/12/web-application-vulnerability-scanner/
srm – secure file deletion for posix systems
srm is a secure replacement for rm(1). Unlike the standard rm, it overwrites the data in the target files before unlinking them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examination of the disk, although it’s unlikely that it can completely prevent that type …
Permanent link to this article: https://www.darknessgate.com/2015/02/06/srm-secure-file-deletion-posix-systems/
OpenStego
OpenStego is an open-source software distributed under the terms of the GNU General Public License v2.0. OpenStego provides two main functionalities: Data Hiding: It can hide any data within a cover file (e.g. images). Watermarking (beta): Watermarking files (e.g. images) with an invisible signature. It can be used to detect unauthorized file copying. Features: OpenStego …
Permanent link to this article: https://www.darknessgate.com/2015/01/23/openstego/