Code I wrote when I was a kid nearly a decade ago, when I still thought programming in Perl was a good idea.
Some of this stuff is mildly cute.
- Lightgate: cut-and-paste miniature perl servers
- lightftp: lightftp is an extremely short, yet handy file transfer client
- lightftpd: the worlds smallest (practical) file transfer daemon EVER
- lightgated: Lightgated is an extremely short shell daemon
- lightunnel: Lightunnel is an extremely short reverse-tunnel remote access program
- lightunneld: Lightunneld is an extremely short tunnel daemon
- Xexec: Parallel execution templates
- Xexec is a cool little Perl utility. Xexec lets the user run a specific command/code/program using as many processes he wants to. You'll need the bundled JobControl? module to be installed first.
- UniShare?: magic perl front-end to Unix shared memory
- IPC::UniShare? is the most wicked tie voodoo perl code I've yet come across. It's a stab at transparent perl support for shared memory. UniShare? allows you to share objects, scalars, arrays, and hashes between processes through IPC shared memory with seamless transparent ease.
- Perl ORB: transparent Object Request Broker
- ORB is an object request broker for Perl, featuring support for sandbox support and encryption + authentication using SiriSSL. Tie interfaces, and other high-level interpreted features of Perl makes it possible to transparently network enable any perl code almost instantly with minimal overhead. It's really neat, try it out!
- SiriSSL: magic perl front-end to OpenSSL
- SiriSSL was developed for rapid application development of cryptographic software. SiriSSL implements a simple, clean perl interface to OpenSSL that hides all of OpenSSL's unnecessary complexity under the carpet, adhering to the perl philosophy of making simple things simple and hard things possible. SiriSSL allows you to SSL enable old perl code transparently. For the unintiated, OpenSSL is a huge encryption library covering public and symmetric cryptography, X509 certificate handling code, cryptographic hash routines, and a full implementation of SSL. It's just too bad it's so difficult to use.
- Libasm: nice shellcode with simple bufferoverflow API
- Have you ever noticed how overflow exploits re-implement the same old bufferoverflow code over and over again, and pretty badly too? Libasm implements a bufferoverflow assembly library with a simple API, for rapid exploit development. Includes well documented quality assembler shellcode.
- SSH ESP: SSH over raw IP packets (ICMP/UDP)
- SSH_ESP a hacked version of SSH that establishes an SSH session over raw ICMP, UDP or TCP packets. SSH_ESP implements a TCP like (including error and flow control) transfer protocol on top of whatever IP protocols (TCP, UDP, ICMP) are available. SSH_ESP allows it's user to tunnel through many firewalls, and does not register with the kernel as a network connection (which means it's connections won't show under netstat, making the sessions more difficult to detect).
- BASS v1.0 (1998): Bulk Auditing Security Scanner
- Security scanner I developed for the Internet Auditing Project. Scanned the entire Internet for 18 common security vulnerabilities with it. Later versions of BASS have not yet been released.
- libpcloak (1998): process stealth via direct memory manipulation
- Process cloak. A direct memory manipulation technique that can conceal and protect a process, by making it:
- immune to signals.
- invisible on the process list.
- Bindscan (1996) a simple BIND vulnerability scanner, the last single purpose scanner written before BASS.