Navigation
News
Projects
Docs
Pictures
Advisories
Exploits (49)
LSM
Books
Movies
Blog
Fun
Shellcodes
About
Future
Friends
RISE Security
Priv8Security
M00
DSR
RFDS Labs
THC
Hack in The Box Conference
Troopers
Hackito
uCon Conference
Metasploit Project

RISE Security
I'm member of RISE Security

"There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies."
-- C.A.R. Hoare

"I have always wished for my computer to be as easy to use as my telephone; my wish has come true because I can no longer figure out how to use my telephone."
-- Bjarne Stroustrup

Hackers 2 Hackers Conference I'm one of the organizers of the Hackers 2 Hackers Conference, in Brazil... this is the 21 edition: http://www.h2hc.com.br


Projects

Ebizzy


ebizzy is designed to generate a workload resembling common web application server workloads. It is highly threaded, has a large in-memory working set, and allocates and deallocates memory frequently.

ebizzy have been developed by Val Henson and I'm helping to improve it (remove library dependencies, turn the code completely OS-independent, improving the thread performance...)
Download the source code here





SCMorphism Project - New Version 1.7


This is a personal project to implement some shellcode mutation engines. The intention is to understand evasion techniques, IDS Signatures, demonstrate of shellcode mutation and to have some relationship with other shellcode mutations. The source-code of the project isnt public because exists so much "code rippers"in the internet.

If you really like to contribute with the project, I need some stuffs (see TODO).

When you contribute with the project, I really apreciate to send the source-codeto you.

The Decoders of SCMorphism are almostly open, you can download the decoders (and tests programs for it) here



If you like to send me comments and sugestions, please, use rodrigo@kernelhacking.com. If you like to send me bug reports and criticals, please do it, but if you like to speak: "your project is closed source, you want to turn it commercial?" my answer is: "no, please, se README and you understand my motivations".

If you like more informations about the project, click here and see the README file or you can understand more about polymorphism reading this text

IMPORTANT: If you see errors, please, send me examples of the output generated. See the KNOW_BUGS file.

Click Here to Download the Tool - Run it as user in your system - (MD5)

BRAZILIAN PEOPLE NOTICE: I have wrote the HowItWorks Document in Portuguese too




Intrusion Detection System with "SandBox" Technology


This project began when i need to show in my presentations how a polymorphicshellcode can be detected.

By now, the project are in totally closed form, but, i have showed it in some presentations, and maybe it won't be turned public.

I have used libpcap and libids to capture and parser data, and my own ideas to "run" it.

A delay is presented, and turn its use impossible in the real life... some security bugs exist too.

Follow this link for a sample tool coded by Aleksander Nikolic




Linux Security Kernel Module


This project intend to be a substitute-like of PaX, GrSec or Lids like tools.

Im working in it now, but i have signed a contract to doesnt distribute it (i havent used any base GPL codes, etc)

Tell me if you have ideas or needs





StJude/StMichael


The Saint Jude Project is a Project to Develop a Kernel-Level IDS Mechanismis to Protect the Integrity of Host Systems


You can see more info into the oficial page @sourceforge

A FAQ about the project can be seen here

A lot of texts and presentations that refer to StMichael project (really old stuff made by different people)



Windows GINA Strong Authentication


This is my first attempt to develop into windows platform... i have coded a modified GINA.dll to change the authentication scheme of windows:

- Hooked all gina functions

- Addeded winlogon scheme

- Integrated the logon using RADIUS authentication

- Works fine with Terminal Services

- Integrated with the AD authentication

- Call the Novell client (for access novell shares)




Remote command execution system


Developed to permit remote password changes (integrating all unix-like servers)

Permit any command execution

Supports:

- Password authentication

- Certificate authentication

- Encrypted certificate (using passphrase)




FwSecVpop3d


Really old project that makes a pop3 server with the follow resources:

- Thread support (for scalability)

- Simple code (for security)

- Secure design (chroot, less privilegies)

- Easy to deploy (it uses simple files for authentication, with user:pass combination). As beta, I have inserted more ways to do the authenticatoin

- Virtual Users Support (authentication in the format of: user@domain)

- Official web site: http://sourceforge.net/projects/fwsecvpop3d

MSNiff


I have worked in an MSN Monitoring Solution

That solution will be merged with an open-source solution, to include the MySQL integration capabilities, support for log extraction and bug-fixes... when the merge gets finished, ill disponibilize the link here



Firmament


Site: www.sf.net/projects/firmament
FIRMAMENT runs, inside the Linux kernel, user supplied micro-programs over each processed message to emulate communication fault situations, using a script approach. The tool is appropriate to perform experiments over protocols and distributed systems.

:: copyleft 2004-2024 - Rodrigo Rubira Branco (BSDaemon) ::