|
https://sec-com.appspot.com/
Google App Engine running Flash for 1-to-many group secure discussions using Adobe's RTMFP protocol.
http://superhttprequest.appspot.com
Google App which mirrors back the Http request received, great for debugging and testing. Supports GET, PUT and POST verbs, will display the URL parameters and the body received if present. Supports https as well.
Example,
curl -v -X [PUT|POST] "http://superhttprequest.appspot.com/?test=1&day=4&Montreal=snow" -d 'this=isgood&HopeitHelps=1'
SuperCleaner
Applet to remove Personally Identifiable Information from IE and Windows.
SuperChrome
Applet to browse the sqllite cookies database used by Chrome.
Spycraft
Next generation Key Logging utility. See ReadMe.txt for details, here are some highlites:
- Uploads encrypted key logs to News Server and News Group of your choosing.
- Allows one to peruse logs from anywhere NNTP postings can be read.
- Easy to use decryption tool, allows copy and pasting of encrypted news posting to convert to plaintext.
- Entirely configurable, you can set Google alerts to subject line of your choosing for near realtime notifications
Espresso
Can be used as a COFEE (Computer Online Forensic Evidence Extractor) Add-on , or stand-alone.
See page 22 of the "User Guide for COFEE v112.pdf" where how to Add a tool is described.
Much of COFEE's output is 'who-am-I' like data. Espresso on the other hand, allows an investigator to very quickly pick up potentially incriminating data from a computer, by pinpointing those file locations most susceptible to contain incriminating information.
If a PC cannot be brought back to a forensics lab, yet can be accessed for even a brief period of time, running Espresso may yield some high value information.
SuperShield
How come IE is the only app running in Low Integrity mode on Vista?
This tool allows you to run any application in a very restrictive environment.
I use a combination of low Integrity Level along with SAFER_LEVELID_CONSTRAINED to severely limit what an application can do on your PC.
Network Impact Tool
Network Impact Tool (NIT tool). Used to measure the added overhead of software on your PC's networking speed.
I do not know of any other tool which can measure the real impact of software, to this granularity.
This tool allows you to:
- Edit a text file with a list of domains the tool will use
- Will eliminate the DNS lookup from thr equation
- Use the real IE engine to actually load the web page
You can use this tool to measure differences:
- the overall response at different times of the week/day
- the differences in response time when used from differing ISPs
- or the differences in response time when used in different countries, etc..
Superconfigure, A Windows PC Hardening and Rejuvenating Application and SDK
Today's Anti-Virus and Anti-Spyware solutions do a good job of removing malware files, unfortunately this often leaves the machine in an unusable state (broken networking for example). That's why I wrote a small utility to re-configure Windows to a clean state, and prevent future infections by disabling common vulnerabilities.
I've designed my implementation such that the functionality is done through a Windows DLL which exports the C++ APIs, for example:
Disabling 3rd Party Tracking cookies (IE)
Disabling Vulnerable ActiveX controls from running (IE, currently > 27)
Disabling Malicious ActiveX controls from running (IE, currently > 863)
Re-initializing the TCP/IP stack
Re-initializing Winsock Catalog
Disabling malicious IE Toolbars (currently > 149 known bad)
Disabling malicious IE BHOs (currently > 1350 known bad)
Resetting IE home page and search page
Disabling automatically running applications from registry, startup folders, etc.
Disabling common hooking locations for spyware (scheduled jobs, screen saver, etc.)
|