Posts From Category: Open Source

BinPeek - an app to determine if a #Windows executable is managed or unmanaged.

BinPeek is an application that checks to see if a Windows application is managed(.NET) or unmanaged(native). It handles x86 and x84 executables. If doing it manually, you must check several values in the PE (Portable Executable) file header that differ slightly based on whether the executable is 32-bit or 64-bit. BinPeek does that work for you.

Usage

D:\source\repos\BinPeek>binpeek BinPeek.exe
BinPeek.exe --> Unmanaged

Project Page on Github

Installation

Build with Visual Studio or just use the release version in the repo.

License

MIT

Read More

The Witchcraft Compiler Collection by @endrazine

In case you missed Defcon 24 or were there and happened to miss this talk, this is some amazing stuff. It’s called the Witchcraft Compiler Collection (WCC) by my co-worker and friend, Jonathan Brossard.

Some things you can do with WCC:

Read More

PwnedCheck updated to also check for Snapchat

PwnedCheck is a ruby gem that I wrote that checks an email address, phone number, or username against the new site by Troy Hunt called haveibeenpwned.com. His site aggregates data from breaches and allows you to check to see if your data has been compromised. Use it as follows-

Installation

gem install PwnedCheck

Usage:

require 'pwnedcheck'

# The 4 cases.
# foo@bar.com is a valid address on the site
# foo232323ce23ewd@bar.com is a valid address, but not on the site
# foo.bar.com is an invalid format
# mralexgray is a user id in snapchat
list = ['foo@bar.com', 'foo232323ce23ewd@bar.com', 'foo.bar.com', 'mralexgray']

list.each do |item|
  begin
    sites = PwnedCheck::check(item)
    if sites.length == 0
      puts "#{item} --> Not found on http://haveibeenpwned.com"
    else
      sites.each do |site|
        puts "#{item} --> #{site}"
      end
    end
  rescue PwnedCheck::InvalidEmail => e
    puts "#{item} --> #{e.message}"
  end
end

Output:

foo@bar.com --> Adobe
foo@bar.com --> Gawker
foo@bar.com --> Stratfor
foo232323ce23ewd@bar.com --> Not found on http://haveibeenpwned.com
foo.bar.com --> Not found on http://haveibeenpwned.com
mralexgray --> Snapchat

The code is available at http://github.com/sampsonc/PwnedCheck and the gem page is http://rubygems.org/gems/PwnedCheck.

Read More

PwnedCheck passed 1000 downloads!

I’m so excited. My first experiment with creating and publishing a ruby gem seems to have been successful! As of this post it’s been downloaded 1069 times in the past 4 days. PwnedCheck is a ruby gem that I wrote that checks an email address against the new site by Troy Hunt called haveibeenpwned.com. His site aggregates password dumps from breaches and allows you to check to see if your password has been compromised. Use it as follows-

Installation

gem install PwnedCheck

Usage:

require 'pwnedcheck'

# The 3 cases.
# foo@bar.com is a valid address on the site
# foo232323ce23ewd@bar.com is a valid address, but not on the site
# foo.bar.com is an invalid format
addresses = ['foo@bar.com', 'foo232323ce23ewd@bar.com', 'foo.bar.com']

addresses.each do |address|
  begin
    sites = PwnedCheck::check(address)
    if sites.length == 0
      puts "#{address} --> Not found on http://haveibeenpwned.com"
    else
      sites.each do |site|
        puts "#{address} --> #{site}"
      end
    end
  rescue PwnedCheck::InvalidEmail => e
    puts "#{address} --> #{e.message}"
  end
end

The code is available at http://github.com/sampsonc/PwnedCheck and the gem page is http://rubygems.org/gems/PwnedCheck.

Read More

1st Goal Achieved!

Well, I achieved my first technical goal of 2013- contribute to an open source application. I just submitted a plugin for the OWASP Zed Attack Proxy (ZAP) project. The plugin adds a context menu to the tree of sites that allows you to recursively expand/collapse the node based on it’s current state. I originally talked about doing it last summer, so I’m only a little late. 🙂

Read More