Tag: open source

Exploring Programming Language Architecture in Perl

By the end of this book you should have a thorough understanding of the inner workings of a programming language interpreter. The source code is presented in full, and several iterations add more features until it could be considered pretty complete. The interpreter is written to be as easy to understand as possible; it has …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2016/10/25/exploring-programming-language-architecture-in-perl/

Mft2Csv

Extract $MFT record info and log it to a csv file. This tool is for parsing, decoding and logging information from the Master File Table ($MFT) to a csv. It is logging a large amount of data and that has been the main purpose from the very start. Having all this data in a csv …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2016/10/07/mft2csv/

Evolve

Web interface for the Volatility Memory Forensics Framework https://github.com/volatilityfoundation/volatility Works with any Volatility module that provides a SQLite render method (some don’t) Automatically detects plugins – If volatility sees the plugin, so will eVOLve All results stored in a single SQLite db stored beside the RAM dump Web interface is fully AJAX using jQuery & …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2016/09/16/evolve/

ProtonMail | Best secure email provider (Free)

Secure Email Based in Switzerland which has many security enhancing features: End-to-End Encryption Messages are encrypted at all times Messages are stored on ProtonMail servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between ProtonMail users are also transmitted in encrypted form within our secure server …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2016/09/10/protonmail-best-secure-email-provider-free/

JPHIDE and JPSEEK

JPHIDE and JPSEEK are programs which allow you to hide a file in a jpeg visual image. There are lots of versions of similar programs available on the internet but JPHIDE and JPSEEK are rather special. The design objective was not simply to hide a file but rather to do this in such a way …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2016/06/08/jphide-and-jpseek/

sslstrip

This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2015/03/15/sslstrip/

Wfuzz

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc. Some features: * Multiple Injection points capability with multiple dictionaries * Recursion (When doing …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2015/02/26/wfuzz/

Crowbar

Crowbar (crowbar) is brute forcing tool that can be used during penetration tests. It is developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key. So SSH keys, …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2015/02/23/crowbar/

The web-application vulnerability scanner

Wapiti allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2015/02/12/web-application-vulnerability-scanner/

srm – secure file deletion for posix systems

srm is a secure replacement for rm(1). Unlike the standard rm, it overwrites the data in the target files before unlinking them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examination of the disk, although it’s unlikely that it can completely prevent that type …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2015/02/06/srm-secure-file-deletion-posix-systems/

OpenStego

OpenStego is an open-source software distributed under the terms of the GNU General Public License v2.0. OpenStego provides two main functionalities: Data Hiding: It can hide any data within a cover file (e.g. images). Watermarking (beta): Watermarking files (e.g. images) with an invisible signature. It can be used to detect unauthorized file copying. Features: OpenStego …

Continue reading

Permanent link to this article: https://www.darknessgate.com/2015/01/23/openstego/