Software

Acts as a web server that generates an exploit to target a vulnerability (CVE-2010-0249) in Internet Explorer. The exploit was tested using Internet Explorer 6 on Windows XP SP2. The exploit's payload spawns the calculator.

Generates a PDF file that exploits a vulnerability (CVE-2009-4324) in Adobe Reader and Acrobat. The generated PDF file was tested using Adobe Reader 9.2.0 on Windows XP SP3. The exploit's payload spawns the calculator.

Acts as a web server that generates an exploit to target a vulnerability (CVE-2009-1233) in the Apple Safari browser. The exploit was tested using Safari 3.2.2 and 4 (BETA) on Windows. The exploit causes the browser to crash and terminate.

Acts as a web server that generates an exploit to target a vulnerability (CVE-2009-1234) in the Opera browser. The exploit was tested using Opera 9.64 on Windows. The exploit causes the browser to crash and terminate.

Acts as a web server that generates an exploit to target a vulnerability (CVE-2009-1136) in an ActiveX control (Microsoft Office Web Components) used by Internet Explorer. The exploit was tested using Internet Explorer 7.0.5730.13 on Windows XP SP3 with owc10.dll and owc11.dll installed on the system. The exploit causes the browser to spawn the calculator.

Exploits a vulnerability (CVE-2009-0927) in Adobe Reader via the web. The exploit was tested using Firefox 3.0.8 on Windows XP SP3 that has Adobe Reader 9.0.0 installed. The exploit's payload spawns the calculator.

Acts as a web server that generates an exploit to target a vulnerability (CVE-2009-0075) in Internet Explorer 7. The exploit was tested using Internet Explorer 7.0.5730.11 on Windows XP SP2 and Internet Explorer 7.0.5730.13 on Windows XP SP3. The exploit causes the browser to spawn the calculator.

Acts as a web server that generates an exploit to target a vulnerability (CVE-2008-0015) in an ActiveX control (Microsoft MPEG2TuneRequest) used by Internet Explorer. The exploit was tested using Internet Explorer 7.0.5730.13 on Windows XP SP3. The exploit causes the browser to spawn the calculator.

Python wrapper for the vmrun command-line tool from VMware. Vmpy supports VMware Workstation and wraps all the important functions that can be used to control a virtual machine. It was tested with VMware Workstation 6.5.

Tool for retrieving the absolute addresses of APIs.

Graphical tool for loading and unloading Windows drivers.

Tool for checking the connectivity of proxies.

Kkeleton code for a loadable kernel module that can show you how to you can modify the pointers in the system call table to point to your code. In the code I'm intercepting the mkdir system call. Once you load the module, you can only create a directory called "example". Note that the address of the system call table is hardcoded in the code. You can find the address of the system call table on your system by looking in /boot/System.map*.

Tool to identify duplicate files in a given folder. The tool groups the paths of the duplicate files in the output file.

File system manipulation utility.

Tool for converting x86 assembly code to a nicely formatted shellcode, which is displayed in hex and UTF-16. The tool relies on NASM to convert the assembly instructions to raw machine code.

Tool to move data from tables in a Microsoft Word document to cells in a Microsoft Excel document. The tool relies on the Win32 extensions for Python to communicate with Microsoft Word and Excel.

Tool to compute and display the MD5 and SHA-1 message digests for a given file.

pGINA is a substitute for GINA (in Windows) that can dynamically load plug-ins which can be created to use any method of authentication. I implemented a plug-in for pGINA that allows you to authenticate your Windows users against an SSH server.

Tool for injecting a DLL into a running process. The tool optionally displays the process IDs of all running processes in the system.

pGINA is a substitute for GINA (in Windows) that can dynamically load plug-ins which can be created to use any method of authentication. I implemented a plug-in for pGINA that allows you to authenticate your Windows users an email server (POP3/IMAP) with or without SSL.

RSA is an algorithm for public-key encryption. My implementation of the RSA algorithm can be used for encrypting/decrypting files and creating/verifying signatures with SHA-1. I used both the GMP and NTL libraries to do all the number theory stuff. The current implementation does the encryption and decryption correctly but it does not store the keys for later use. I will be adding more features to my implementation in the future.

Ray tracing is a technique used to model the path taken by light and its interaction with optical surfaces. I implemented a distributed ray tracer that can render soft phenomena. My implementation ray traces spheres and planes and simulates soft shadows, blurry reflections and refractions, depth of field, and motion blur.

Bayesian spam filter that can classify messages into one of two categories (spam or non-spam) with high accuracy. The paper describing spambye can be found here. I implemented the GUI using SWT.

A pseudorandom number generator (PRNG) is an algorithm that generates a sequence of numbers which are not truly random. These numbers approximate some of the properties of random numbers. I implemented the Blum-Blum-Shub pseudorandom number generator which can be used in Cryptographic applications. I used the GMP library to do all the number theory stuff.