ebizzy is designed to generate a workload resembling common web application server workloads. It is highly threaded, has a large in-memory working set, and allocates and deallocates memory frequently.
ebizzy have been developed by Val Henson and I'm helping to improve it (remove library dependencies, turn the code completely OS-independent, improving the thread performance...)
Download the source code here
SCMorphism Project - New Version 1.7
This is a personal project to implement some shellcode mutation engines. The
intention is to understand evasion techniques, IDS Signatures, demonstrate of
shellcode mutation and to have some relationship with other shellcode mutations.
The source-code of the project isnt public because exists so much "code rippers"in the internet.
If you really like to contribute with the project, I need some stuffs (see TODO).
When you contribute with the project, I really apreciate to send the source-codeto you.
The Decoders of SCMorphism are almostly open, you can download the decoders (and tests programs for it) here
If you like to send me comments and sugestions, please, use firstname.lastname@example.org. If you like to send me bug reports and criticals, please do it, but if you
like to speak: "your project is closed source, you want to turn it commercial?"
my answer is: "no, please, se README and you understand my motivations".
If you like more informations about the project, click here and see the README file or you can understand more about polymorphism reading this text
IMPORTANT: If you
see errors, please, send me examples of the output generated. See the KNOW_BUGS file.
Click Here to Download the Tool - Run it as user in your system - (MD5)
BRAZILIAN PEOPLE NOTICE: I have wrote the HowItWorks Document in Portuguese too
Intrusion Detection System with "SandBox" Technology
This project began when i need to show in my presentations how a polymorphicshellcode can be detected.
By now, the project are in totally closed form, but, i have showed it in some presentations, and maybe it won't be turned public.
I have used libpcap and libids to capture and parser data, and my own ideas to "run" it.
A delay is presented, and turn its use impossible in the real life... some security bugs exist too.
Follow this link for a sample tool coded by Aleksander Nikolic
Linux Security Kernel Module
This project intend to be a substitute-like of PaX, GrSec or Lids like tools.
Im working in it now, but i have signed a contract to doesnt distribute it (i havent used any base GPL codes, etc)
Tell me if you have ideas or needs
The Saint Jude Project is a Project to Develop a Kernel-Level IDS Mechanismis to Protect the Integrity of Host Systems
You can see more info into the oficial page @sourceforge
A FAQ about the project can be seen here
A lot of texts and presentations that refer to StMichael project (really old stuff made by different people)
Windows GINA Strong Authentication
This is my first attempt to develop into windows platform... i have coded
a modified GINA.dll to change the authentication scheme of windows:
- Hooked all gina functions
- Addeded winlogon scheme
- Integrated the logon using RADIUS authentication
- Works fine with Terminal Services
- Integrated with the AD authentication
- Call the Novell client (for access novell shares)
Remote command execution system
Developed to permit remote password changes (integrating all unix-like
Permit any command execution
- Password authentication
- Certificate authentication
- Encrypted certificate (using passphrase)
Really old project that makes a pop3 server with the follow resources:
- Thread support (for scalability)
- Simple code (for security)
- Secure design (chroot, less privilegies)
- Easy to deploy (it uses simple files for authentication, with user:pass combination). As beta, I have inserted more ways to do the authenticatoin
- Virtual Users Support (authentication in the format of: user@domain)
- Official web site: http://sourceforge.net/projects/fwsecvpop3d
I have worked in an MSN Monitoring Solution
That solution will be merged with an open-source solution, to include the MySQL integration capabilities, support for log extraction and bug-fixes... when the merge gets finished, ill disponibilize the link here
FIRMAMENT runs, inside the Linux kernel, user supplied micro-programs over each
processed message to emulate communication fault situations, using a script approach. The tool is appropriate to perform experiments over protocols and distributed systems.