A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle




Apps/Scripts

Apps/Scripts

        I'll be the first person to tell you I'm not a world class coder, but here are some little scripts/programs that may be of use to some of you. Enjoy.

Code:

Unicode Text Steganography Encoders/Decoders
The idea of this page is to demo different ways of using Unicode in steganography, mostly I'm using it for Twitter. :)
(Posted 08/24/2013)
ASAReaper: Grab Configs From Multiple Cisco Devices Over SSH (Demos PExpect and AES Encrypted INI Files in Python)
Simple script I wrote for backing up Cisco ASAs.
(Posted 02/01/2013)
Irongeek's Logwatch Script To Grep For RFI, Webshells, Password Grabs, Web Scanners, Etc.
This is a simple script I put together for those using shared hosting providers. It let's you grep through your logs for things like RFIs, likely webshells, passwords grabs, web scanners, etc. The video below gives more details. This can be a great tool for collecting webshells.
(Posted 09/15/2012)
Homoglyph Attack Generator (Posted 03/03/2012)
Shared Hosting MD5 Change Detection Script (Posted 02/28/2012)

Barcode Laser Emitter: Evil checks-out at a distance
If you read my article "Barcode Fuzzer, Bruteforcer, SQL/XSS Injector using a flashing LED", or watched my video on the same subject, you know I've been playing around with barcodes. Now I have two new units to show off. The core code and device (Teensy 2.0) is the same in these units as the previous one, so please read the first article for the relevant details if you want to make one.

(Posted 01/23/2011)
Barcode Fuzzer, Bruteforcer, SQL/XSS Injector using a flashing LED (Posted 08/09/2010)
Office XML Steganography Tool
This is some relatively crappy code I wrote to hide files inside of Microsoft Office 2007 (and I hope 2010, though I have yet to test) docs (DOCX, XLSX, PPTX, etc). Since the newer Office docs are basically just zip files containing XML and resources, it's fairly easy.
(Posted 04/15/2010)
Unicode and LSB Steganography program examples
I wrote these Autoit3 code examples to illustrate some of the ways that steganography (hiding data in other data, or as I like to call it "hiding your stuff in other stuff so people can't find your stuff") can be done. These sorts of techniques can be of great use in passing messages without others knowing, in anti-forensics activities, or as covert command and control channels for botnets (as I plan to study for my final project in the malware class I'm enrolled in).
(Posted 02/24/2010)
ARPFreeze: A tool for Windows to protect against ARP poisoning by setting up static ARP entries (Posted 06/07/2009)
Mutillidae: A Deliberately Vulnerable Set Of PHP Scripts That Implement The OWASP Top 10 (Posted 03/01/2009)
Tor or not Tor: How to tell if someone is coming from a Tor exit node, in PHP  (Posted 02/01/2009)
Paros Proxy Without Changed User Agent (Posted 12/20/2008)

OSfuscate: Change your Windows OS TCP/IP Fingerprint to confuse P0f, NetworkMiner, Ettercap, Nmap and other OS detection tools

(Posted 10/03/2008)
Cain RDP Sniffing Log Parser (Posted 08/04/2008)
DecaffeinatID: A Very Simple IDS / Log Watching App / ARPWatch For Windows (Posted 06/19/2008)
PEBKAC Attack (Posted 06/11/2008)
Thumbscrew: Software USB Write Blocker (Posted 10/17/2007)
Thumb Suck
Thumb drive backup software.
(Posted 10/16/2007)
WinPenguins Modified for Visual Studio 2005 (Posted 09/10/2007)
IGiGLE: Irongeek's WiGLE WiFi Database to Google Earth Client for Wardrive Mapping
A little app I wrote that lets you directly import data from the online WiGLE WiFi Wardrive database into a KML file, then view it in Google Earth.
(Posted 02/28/2007)
MadMACs: MAC Address Spoofing And Host Name Randomizing App For Windows (Posted 12/10/2006)
VBScript to Randomize Host Name by Glj12 (Posted 12/08/2006)
IPIterator: The IP Iterator. (Posted 03/25/2006)
Irongeek's Wall of Social Science Majors (inspired by the Wall of Shame/Wall of Sheep Code) (Posted 03/01/2006)
Keymail the KeyLogger: An E-mailing Key Logger for Windows with C Source. (Posted 12/20/2005)
Wigle-to-Google-Earth Script (Posted 7/26/2005)
Fun with Ettercap Filters (Posted 6/13/2005)
PacketFountain: Network Sniffing Screensaver (Posted 5/03/2005)
Irongeek's Signature Image (Posted 9/16/2004)
Security and Hacking Plugins for Bart's PE Builder (Posted 7/15/2004)
Irongeek's JetDirect Hack Program (Posted 3/14/2004)
HP Printer Display Hack (Posted 3/12/2004)
ADSReaper for collecting info about Windows boxes using WMI and ADS (Posted 3/10/2004)
Brute force Windows passwords from across the network (Posted 2/26/2004)

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast