Software
I have been known to write some code from time to time. You can find it here.
- nmap tools
Perl based tools that utilize nmap. There are 4 tools, and they all work together. The data is stored in nmap’s grepable output. - nmap grepable output
Back in 2003 I wrote a paper on nmap’s grepable output. This is it… Most of this almost make it into Fyodor’s new book on nmap that should be on shelves soon, if it isn’t already. - count
Another perl based tool that is to keep score on some of the mailing lists I have been on for a while. What it does is count the emails, domains or suffixes to tell how many emails, lines and new lines have been posted to the list.
- marconi
At this time Marconi is just a simple perl module that I use with many of my security and network programs. It only has a few functions built in. The POD info is not up to date, but it is a work in progress.
- nbtscan
100% perl nbtscan. This is a simple script that uses Marconi to scan a range of hosts for their NetBIOS name and MAC address. UDP port 137 must be open for it to work.
- route detector
The idea behind this is to detect multi-homed boxes on a secured network. Signed ICMP packets are sent with spoofed source IPs to hosts on an internal, protected network. On the box with the spoofed IP is, the listener watches for the ICMP packet and where they are coming from. - scanner (yet another security scanner, mainly http)
This is a vulnerability scanner than can do some really nifty things and is simple to use. I tried to make it as fast as possible to be able to scan large numbers of hosts in short time frames with as few false positives as possible. - spa
Single Packet Authentication
Click on the link, details are there. POC code for a presentation Simple Nomad and I did at BlackHat a few years back. - hosts
Another perl script (now with a web interface). Usage:hosts [-v] <ip/subnetmask_combo>
   returns list of IPs    supported formats are:      a.b.c.d/n      - 10.0.0.1/25      a.b.c.*        - 10.0.0.*      a.b.c.d/w.x.y.z - 10.0.0.0/255.255.224.0 (standard format)      a.b.c.d/w.x.y.z - 10.0.0.0/0.0.16.255   (cisco format)      a.b.c.d-z      - 10.1.2.0-12      a.b.c-x.*      - 10.0.0-3.*      a.b.c-x.d      - 10.0.0-3.0      hostname       - unspecific.com    can also use a comma or space seperated list    can also point to a file with host list (lines starting with # are ignored)    if a single IP is used, hostname will be displayed by default    -v will also add in host names when using subnets
- Burble
This is another app that stemmed from a discussion on dc-stuff
Blame ‘chuck
It reads standard mbox file and will randomize phrases and pull data from websites to write a new email as the person specified on the command line. Used to gain knowledge of peoples inner workings. Has been know to piss people off, make people cry and/or unscribe. - binify.pl
Creates or decodes binary. If passed a file, it will output binary data that represents the file in one long stream. If passed binary data, it will convert to raw data… It can also take text that you type in and convert it. - boustrophedon
From another discussion on the dc-stuff mailing list a few years back about being able to reverse every other line in an email or text document. - Kaiko
Kaiko is a perl based SILC bot that I wrote to run on the DC214 silc server under #dc214. She is often not there anymore.
