Things that I've Written:
I used to have a bad habit of losing things that I had written. This page is a bit of a dumping ground - the good with the bad - so that I don't lose them. Some of these projects are up to date and fully developed, others are relatively trivial or reflect a less experienced author. (I think the oldest code here would dates back to 1998.) If you're reading this as if it is my portfolio, just squint a bit and skip over those.
If you have any questions, comments or bug reports feel free to email me. contact info
This site is a network connection debugging tool that reports on your current proxy settings.
Hardscan is a command-line tool that detects open ports on the local machine. It is intended for uses where "netstat" and its ilk are untrustworthy. It should run on any system that supports python 2.3 or better.
An implementation of ping-over-tcp for the win32 console. Also includes http get/post support.
A tcp traceroute for windows, using WinPCap.
Pause your batch file until the host has a specific ip address on an interface
A 'network sniff notetaker' that embeds a specified message into a currently running Ethereal/TCPDump/etc packet log via udp discard packets.
This is console application, analogous to 'ping' and 'traceroute', which finds the maximum mtu between you and another host by passing icmp requests with differing payload sizes. Binary is provided for Win32.
- The MTU Eyechart
This is a small html file that displays a series of images in various sizes. If you are having an MTU problem with your webserver, the missing pictures will help reveal just what that problem might be.
- Python UDP stress tester
An extremely quick-and-dirty utility that tests how much UDP traffic it can shove through a connection.
- Library Stuff
Various command line utilities to troubleshoot SIP2 and API. sip2talk.exe, sip2ping.exe
An implementation of an ARP ping
A windows service based CPU stress tester.
An active traceroute that reports if the route changes.
A command line is-it-32-bit-or-64-bit checker via parsing the header of a given executable.
A command line tool to check the ssl certificate of a webserver.
A custom DNS resolver for debugging DNS funny business.
A command line raw socket based packet sniffer. Can decode to the console on the fly and write out a libpcap file to be opened later in a more capable program.
A command line proxy manipulator. I wanted to be able to "proxy on" and "proxy off" immediately from the command line, plus several other features.
- Subnet Abacus
Subnet Abacus is my subnet calculator.
Lime is a command line utility that wraps other command line utilities and gives them delicious timestamps.
- Web Mimic
Web Mimic is a utility that sniffs your HTTP requests and gives you the ability to re-download them independent of the original program.
arpsift is an "arp -a" replacement that includes a scrolling log, alerts for flapping ARP entries, timers and OUI lookup.
ips is a console program that functions like grep, but for IP addresses.
deadbit is an (experimental) attempt at writing an ICMP based memory tester for network equipment. It tries all possible payload bytes and does various tricks to try every bit in every position in the payload as well as the ICMP sequence number, the ICMP checksum and the addends/carry values internal to each router when the checksum is calculated.
offline-console is a Cisco configuration file viewer that mimics being logged into the device in question. It implements things like 'show run' and autocomplete so that you can find the bit of config you are looking for with the same muscle memory that you would be using if logged into the real device. Warning: I implemented | (pipe) by shelling out to the actual system, so you can use real tools instead of simulating Cisco's crappy grep. You might not expect this behavior.
Killabit is a quick and dirty network sniffer that displays where your bandwidth is going by source->destination address pairs. Works at layer 2, 3 or 4.
macdb is a command line tool that lets you pipe in lists of MAC addresses for quick oui.txt and known-mac-address annotation.
- Cisco Pix "show conn" summary script
A python script that scrapes the output of the command "show conn" from within the Cisco Pix and summarizes the results in tabular form.
Related to the older conn summary script above, this one connects to a given Cisco firewall twice and pulls a diff between the two 'show conn' commands and generates a report
- Pix Object groups for Microsoft Server deployments
Object groups for Lazy Pix administrators, based on port ranges defined in the Microsoft knowledge base.
A python script implementing a simple macro language for quickly generating Cisco config files (or fragments). Intended especially for use when configuring many many identical interfaces or for generating standard configurations from a base template.
Cacti Scripts and Templates
- PHP Boolean Query Generator
This is a php snippet for converting boolean search queries (for instance "elephants AND giraffes" that people are used to typing into search blanks into SQL query syntax. ASP version now available as well.
- HTTP -> HTTPS Redirector
This is a small python script that can be run in the background to redirect http queries to another URL. In particular, it is set up to redirect insecure HTTP connections to an HTTP/SSL port.
- Generate Google Sitemap script
A python script that autogenerates a Google Sitemap XML file from the contents of your webserver. I use it to generate this sitemap: sitemap.xml. The script itself should generally be applicable to other sites with a few minor changes.
- The MSSQL Trouble Button
An ASP page to grab the current state of a MSSQL backed application when an end-user is experiencing a problem.
- Zoom Lens - An "around the mouse" screen magnifier for windows.
- A telnet-serial bridge script
This makes your serial port available to any telnet client. Especially useful for e.g. PuTTY which is my favorite terminal client, but
doesn't have any serial support. didn't have any serial support at the time.
- d5000_serial - Python module to interface with a d5000 series thermocouple
- millisleep.exe - sleep your batch file for X milliseconds
- sounder.exe - play 2 seconds of a .wav file from within a batchfile
- voice.exe - command line text to speech
- keypress - Small gui program to measure average keystroke length.
- Webmail Chooser - a registry file and accompanying website to fix problems with having to install a mailto: client on public computers
- Keyboard Lint - a keyboard input fuzzer for flushing out keyloggers
- uac.exe - A command line UAC privilege elevator. Similar to sudo.
- snowstorm - a binary data -> qr code frames -> video data extractor
- regat.exe - open regedit to a desired key from the command line
- hold.exe - a console program to hold up stdout until stdin closes
- newcmd.exe - a console program to launch cmd.exe nicely from inside Cygwin
- D3HUD.exe - a mouse locater for Diablo III
- ports.exe - a command line utility that lists available serial ports
- portable cygwin - Tools, scripts and aliases that I used with my portable usb Cygwin install
- leak - A Unix text utility that leaks part of the input to stderr rather than to stdout. For example: "ps aux | leak | grep blah" will dump the ps header to stderr so that grep won't discard it.
- cavfill - Proof of concept experiment to fill in 'cavities' in executables - that is, long stretches of the 00 byte - to prevent malware insertion.
- AltPaste.exe - An alternate paste program that uses Sendkeys() to simulate a paste into applications that don't allow paste.
Below the Fold:
These are projects that I consider withdrawn.
Still works, but the capability has been moved into tcping.exe rather than continuing on its own. OBSOLETE
A packet sniffing script that displays traffic moving through a three-dimensional cube representing the global IP space. Uses pyOpenGL for display. TOO BRITTLE/UNFINISHED
A "pid exhaustion scanner" for Linux. Detects hidden processes by mapping out the holes they leave in the available pid space.TOO SIMILAR TO ANOTHER PROGRAM +NOT AS GOOD
- icmp spy
The idea here was to use a raw ICMP socket to listen for incoming pings. Turns out it doesn't work: the winsock lib apparently doesn't pass ICMP echo requests back up to the socket.DOESN'T WORK
- Renoser - Utility to restore injured emoticons.DUMB
- Winkin Bill - Can *you* solve the sliding puzzle game before Bill Clinton seduces you?AMAZING
- retriever - Shell script to retrieve and log Dogpile's 'Search Spy' XML feed.NO LONGER WORKS
This site requires one of each of the more common browser plugins so that you can quickly tell what you have installed and operational.UGLY
A small C program that generates passwords based on the characteristics of a network device and a pre-arranged master password.MEH
- make pretty - Script to Beautify C++ CodeSTILL MEH
A variant of tracert/traceroute that formats its output in XML.POOR
A utility to quickly induce arp resolution for every ip address within a specified /24 network.PING THE BROADCAST, LUKE
- Serial Watcher - Small .NET program that watches your serial ports and tells you when one becomes available.REPLACED
- http spoof - Silly proof of concept to try and collide Ack numbers to generate a spoofed http request.