Fuzzball2 updated 03/07/2014 02:24
Posted by: warlord
I finally updated my TCP/IP options fuzzer 'fuzzball2'. I was quite embarassed when I had to realize that the checksums for many of the packets were bad in older versions. The new release fixes all of these. Happy fuzzing!

Poison 1.5.3 released 04/23/2013 04:59
Posted by: warlord
It took me way too long, but finally I have a new release of my portscanner Poison. Here's the changelog from 1.5.3:

-- Added code to automatically save every single scan into ~.poison/poison-scans.csv
- Open ports won't be reported twice when banner grabbing is enabled
- Http banner only collects useful information
- Http banner grabbing now speaks HTTP/1.1 instead of HTTP/1.0
- Added portmapper support for banner grabbing. Now shows which services a portmapper offers
- Made OS fingerprinting a flag. Removes a lot of clutter from the output if disabled (-o)
- Added daemon mode (-d)
- Improved telnet banner grabbing
- Updated the random IP exclude list (random.c)
- Added country (top level domain) display to the scans
- Removed option -I
- Removed option -t
- Added flag to allow logging to a remote host (-z)
- Improved OS fingerprint handling

It's available for download in the 'code' section

Uninformed #11 02/14/2010 15:35
Posted by: warlord
It's high time for a new release of Uninformed. Submissions are being accepted. Contact me at warlord / or rjohnson at rjohnson /

Defending Passwords Against Keyloggers And Malicious Keyboards 01/07/2010 01:47
Posted by: warlord
Even the most well-encrypted harddrive with the best chosen password may fall for a very simple, very low-tech attack employing a hardware keylogger. This paper shows a potential way to defend against these devices.
Find the paper in the respective section or download it here.

New code added: file2pcap 08/13/2009 09:45
Posted by: warlord
Description: Creates pcaps showing input files being downloaded from the web.

This handy utility takes any sort of input file and creates a pcap showing this file being downloaded from a remote web server. The pcap is a full tcp stream from syn to fin and all the sequence numbers and checksums and all that are correct.