Category: Tools

Huge changes. Added -x –proxy proxy server.

more –>  http://www.e-things.org/go/?p=52

proxyScan-0.3.tgz

An update to proxyScan.pl

Changes:

Improved the documentation and added README and LICENSE (GPL2).

Download:
proxyScan-0.2.tgz

MD5SUM:  8bfa5e39fa502b98dde95206b5b9bfc8
SHA1SUM: d7e1235ade2ba8ca884d87926b4f24b58191ad84

proxyScan.pl v0.2

During security penetration testing you may find web proxies, or web servers that will proxy connections. Like any red blooded penetration tester I set about testing for connections through the proxy, for example I’ll telnet to the proxy port a try stuff like;

CONNECT localhost:22 HTTP/1.1\n\n

- and -

GET HTTP://some-other-host/ HTTP/1.1\n\n

I couldn’t find a tool that would scan for hosts and ports through a web proxy, so I wrote one. This tool takes the leg work out of testing for connections through a proxy.
» Continue Reading…

Often it can be useful to deal with IP addresses in their hex, decimal or binary equivalent. Once such example would be if you have to determine if an IPv4 address is within a certain range, say within 172.16.0.0 and 172.31.255.255. Although this can be achieved using tools such as regular expressions it can sometimes be quicker to convert it to decimal and check if it’s within a range. This example would be 2,886,729,728 to 2,887,778,303.

Here’s some sample code.

Firewall log Perl module (fwlog.pm)

Firewall log Perl module extracts connection information from firewall logs. Documentation is available here

Download fwlog-1.3.tgz

MD5SUM -  1ecaba4d22a7b584737b546f1f760cd9
SHA1SUM -  2019c1a480a9354336e5ddaf60cdeb5ca3928d23

» Continue Reading…

smspasswd is an application I wrote back in December of 2005. There reason I wrote this was because of all the pesky SSH brute force attacks, which continue to build in numbers. I didn’t want to waste money and time on using tokens because the few people who have accounts on my machines also have mobile phones.
» Continue Reading…