Things that I've Written:
I used to have a bad habit of losing things that I had written. This page is a bit of a dumping ground - the good with the bad - so that I don't lose them. Some of these projects are up to date and fully developed, others are relatively trivial or reflect a less experienced author. (I think the oldest code here dates back to 1998.) If you're reading this as if it is my portfolio, just squint a bit and skip over those.
Please consider reading my Policy and Disclaimer page if you are downloading or running my software.
If you have any questions, comments or bug reports feel free to email me. contact info
Other Websites:
Networking/Troubleshooting:
- tcping.exe
An implementation of ping-over-tcp for the win32 console. Also includes http get/post support.
- tcproute.exe
A tcp traceroute for windows, using WinPCap.
- mturoute.exe
This is console application, analogous to 'ping' and 'traceroute', which finds the maximum mtu between you and another host by passing icmp requests with differing payload sizes. Binary is provided for Win32.
- The MTU Eyechart
This is a small html file that displays a series of images in various sizes. If you are having an MTU problem with your webserver, the missing pictures will help reveal just what that problem might be.
- Python UDP stress tester
An extremely quick-and-dirty utility that tests how much UDP traffic it can shove through a connection.
- Library Stuff
Various command line utilities to troubleshoot SIP2 and API. sip2talk.exe, sip2ping.exe
- arp-ping
An implementation of an ARP ping
- Pressure
A windows service based CPU stress tester.
- watchroute.exe
An active traceroute that reports if the route changes.
- archtype.exe
A command line is-it-32-bit-or-64-bit checker via parsing the header of a given executable.
- chkssl.exe
A command line tool to check the ssl certificate of a webserver.
- rawsniff.exe
A command line raw socket based packet sniffer. Can decode to the console on the fly and write out a libpcap file to be opened later in a more capable program.
- proxy.exe
A command line proxy manipulator. I wanted to be able to "proxy on" and "proxy off" immediately from the command line, plus several other features.
- Subnet Abacus
Subnet Abacus is my subnet calculator.
- Web Mimic
Web Mimic is a utility that sniffs your HTTP requests and gives you the ability to re-download them independent of the original program.
- arpsift.exe
arpsift is an "arp -a" replacement that includes a scrolling log, alerts for flapping ARP entries, timers and OUI lookup.
- ips
ips is a console program that functions like grep, but for IP addresses.
- killabit.exe
Killabit is a quick and dirty network sniffer that displays where your bandwidth is going by source->destination address pairs. Works at layer 2, 3 or 4.
- macdb
macdb is a command line tool that lets you pipe in lists of MAC addresses for quick oui.txt and known-mac-address annotation.
- xips
xips is a command line tool for expanding and summarizing lists of IP addresses.
- LineDelayPaste
LineDelayPaste is a gui program that will paste one line at a time at a user defined rate. It is intended for use with terminal (serial) connections that cannot handle input at too fast a rate. Specifically: pasting large configuration files into a PuTTY serial connection.
- Hardscan
Hardscan is a command-line tool that detects open ports on the local machine. It is intended for uses where "netstat" and its ilk are untrustworthy. It should run on any system that supports python 2.3 or better. (Note: that 'or better' has aged particularly terribly. Let it be known that I need to update this tool for Python3)
Cisco Specific:
- conflag.py
Conflag is a script that annotates 'show conn' output with human readable flags.
- no - a unix utility to toggle leading 'no ' on and off on stdin, specifically for bulk editting Cisco access lists.
- offline-console
offline-console is a Cisco configuration file viewer that mimics being logged into the device in question. It implements things like 'show run' and autocomplete so that you can find the bit of config you are looking for with the same muscle memory that you would be using if logged into the real device. Warning: I implemented | (pipe) by shelling out to the actual system, so you can use real tools instead of simulating Cisco's crappy grep. You might not expect this behavior.
- orphan-object-groups - a script for finding/removing object-groups in Cisco ASA configuration files that do not have any references.
- Stanza - a grep replacement that includes the surrounding stanza when it finds a match
Experimental:
- deadbit.exe
deadbit is an (experimental) attempt at writing an ICMP based memory tester for network equipment. It tries all possible payload bytes and does various tricks to try every bit in every position in the payload as well as the ICMP sequence number, the ICMP checksum and the addends/carry values internal to each router when the checksum is calculated.
Keyboard Lint - a keyboard input fuzzer for flushing out keyloggers
snowstorm - a binary data -> qr code frames -> video data extractor
Cacti Scripts and Templates:
Shell Scripts:
Code Snippets:
Other:
- Zoom Lens - An "around the mouse" screen magnifier for windows.
- A telnet-serial bridge script
This makes your serial port available to any telnet client. Especially useful for e.g. PuTTY which is my favorite terminal client, but doesn't have any serial support. didn't have any serial support at the time.
- d5000_serial - Python module to interface with a d5000 series thermocouple
- millisleep.exe - sleep your batch file for X milliseconds
- sounder.exe - play 2 seconds of a .wav file from within a batchfile
- voice.exe - command line text to speech
- keypress - Small gui program to measure average keystroke length.
- regat.exe - open regedit to a desired key from the command line
- hold.exe - a console program to hold up stdout until stdin closes
- newcmd.exe - a console program to launch cmd.exe nicely from inside Cygwin
- D3HUD.exe - a mouse locater for Diablo III
- ports.exe - a command line utility that lists available serial ports
- portable cygwin - Tools, scripts and aliases that I used with my portable usb Cygwin install
- leak - A Unix text utility that leaks part of the input to stderr rather than to stdout. For example: "ps aux | leak | grep blah" will dump the ps header to stderr so that grep won't discard it.
- cavfill - Proof of concept experiment to fill in 'cavities' in executables - that is, long stretches of the 00 byte - to prevent malware insertion.
- AltPaste.exe - An alternate paste program that uses Sendkeys() to simulate a paste into applications that don't allow paste.
- bail - A unix text utility that passes stdin->stdout until a specified time has elapsed. Its a time-based 'head'.
- exitcode - A unix utility that exits with the value of the first word of its stdin.
- clip and dip - a pair of command line clipboard utilities I use.
- waitforip.exe
Pause your batch file until the host has a specific ip address on an interface
- Warpzone
Warpzone is a *nix shell program that enables you to "warp back" to a parent shell in order to execute a piped command in that context rather than at your current level.
- bytes - a command line bytecode format converter.
- misc OSCE scripts - scripts I wrote while working my way through the OSCE certification. 00diff, badbytes, inversebytes, bytes, encoder, http-proxy-to-js-inject
- textselect - Use "sql-like" syntax to connect the dots between columns in text files - for instance the output of Cisco commands such as "show arp" and "show mac address-table"
- bs - A "suppression" grep that lets you add and remember "grep -v" arguments.
Below the Fold:
These are projects that I consider withdrawn.
- httping.exe
Still works, but the capability has been moved into tcping.exe rather than continuing on its own.
- ip-threespace.py
A packet sniffing script that displays traffic moving through a three-dimensional cube representing the global IP space. Uses pyOpenGL for display.
- Decloak
A "pid exhaustion scanner" for Linux. Detects hidden processes by mapping out the holes they leave in the available pid space.
- icmp spy
The idea here was to use a raw ICMP socket to listen for incoming pings. Turns out it doesn't work: the winsock lib apparently doesn't pass ICMP echo requests back up to the socket.
- Renoser - Utility to restore injured emoticons.
- Winkin Bill - Can *you* solve the sliding puzzle game before Bill Clinton seduces you?
- retriever - Shell script to retrieve and log Dogpile's 'Search Spy' XML feed.
- http://www.pluginchecker.com
This site requires one of each of the more common browser plugins so that you can quickly tell what you have installed and operational.
- pwgen
A small C program that generates passwords based on the characteristics of a network device and a pre-arranged master password.
- Bookmarklet Generator - Generate your own bookmarklets like the ones below without having to mess with any javascript.
- make pretty - Script to Beautify C++ Code
- xmlroute.exe
A variant of tracert/traceroute that formats its output in XML.
- wakearp.exe
A utility to quickly induce arp resolution for every ip address within a specified /24 network.
- Serial Watcher - Small .NET program that watches your serial ports and tells you when one becomes available.
- http spoof - Silly proof of concept to try and collide Ack numbers to generate a spoofed http request.
- Lime Lime is a command line utility that wraps other command line utilities and gives them delicious timestamps.
- Pix Object groups for Microsoft Server deployments
Object groups for Lazy Pix administrators, based on port ranges defined in the Microsoft knowledge base.
- explode-macro.py
A python script implementing a simple macro language for quickly generating Cisco config files (or fragments). Intended especially for use when configuring many many identical interfaces or for generating standard configurations from a base template.
- snot.exe
A 'network sniff notetaker' that embeds a specified message into a currently running Ethereal/TCPDump/etc packet log via udp discard packets. PHP Boolean Query Generator
This is a php snippet for converting boolean search queries (for instance "elephants AND giraffes" that people are used to typing into search blanks into SQL query syntax. ASP version now available as well.
- HTTP -> HTTPS Redirector
This is a small python script that can be run in the background to redirect http queries to another URL. In particular, it is set up to redirect insecure HTTP connections to an HTTP/SSL port.
- Generate Google Sitemap script
A python script that autogenerates a Google Sitemap XML file from the contents of your webserver. I use it to generate this sitemap: sitemap.xml. The script itself should generally be applicable to other sites with a few minor changes.
- The MSSQL Trouble Button
An ASP page to grab the current state of a MSSQL backed application when an end-user is experiencing a problem.
- "Heads up" status script for Linux/Sendmail servers
A sh script that can be run from within 'watch' to show a current status update of a linux sendmail (or similiar) server.
- syslog scripts for the Barracuda Spam Firewall
Bash scripts to parse virus and error information out of a Barracuda's syslog entries
- NetApp helper scripts
Shell scripts to help interact with a NetApp filer.
- Cisco Pix "show conn" summary script
A python script that scrapes the output of the command "show conn" from within the Cisco Pix and summarizes the results in tabular form.
- Connflow.py
Related to the older conn summary script above, this one connects to a given Cisco firewall twice and pulls a diff between the two 'show conn' commands and generates a report
- uac.exe - A command line UAC privilege elevator. Similar to sudo.
Uncategorized: