@ErrataRob

Robert David Graham

Elite
@robertdavidgraham

I created BlackICE, sidejacking, masscan.

masscan. TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

26k

rdpscan. A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.

921

heartleech. Demonstrates the "heartbleed" problem using full OpenSSL stack

712

robdns. A fast DNS server based on C10M principles

611

pemcrack. Cracks SSL PEM files that hold encrypted private keys. Brute forces or dictionary cracks. This code is extraordinarily slow, DON'T JUDGE ME!!!

314

isowall. This is a mini-firewall that completely isolates a target device from the local network.

309

wc2. Investigates optimizing 'wc', the Unix word count program

288

telnetlogger. Simulates enough of a Telnet connection in order to log failed login attempts.

246

hunter-dkim. Discusses how to verify DKIM signatures in old emails, namely one of the Hunter Biden emails in the news

101

whats-dec. WhatsApp end-to-end media decryptor

94

wifi-mon. Web-based WiFi monitor

69

ecb-penguin. Demonstrating the famous ECB penguin so that you can repeat the process yourself.

68

cve-2015-5477. PoC exploit for CVE-2015-5477 BIND9 TKEY assertion failure

64

hamster. A proxy server for cookie sidejacking. Works with 'ferret'.

56

whats-enc. Reverse engineering WhatsApp Web.

55

cybersymposium. Mike Lindell's cybersymposium files

48

sockdoc. Sample programs demonstrating how to program in C using the Sockets API.

39

iotpasswds. Recording default/backdoor passwords from IoT devices I come across

38

packetdump. A packet-sniffer for 10gig networks that writes to compressed files. I created this because

28

scanme. A lightweight/secure honeypot using Lua scripts.

27

non-math-crypto. A non-math, but still technical, guide to cryptography

25

hellolua. Simple examples of integrating the Lua scripting language into C programs.

24

dnsparse. Parses DNS responses in a secure, rigorous manner

24

ferret. A continuation of my 'ferret' project that extracts useful information from networks.

22

mp4dec. Prototype program to decode a video file looking for exploits/malware.

17

bluetoothid. Identifies Bluetooth Low-energy devices

17

smb-logger. Logs incoming attempts to connect to NetBIOS/SMB

15

echobench. A simple implementation of an 'echo' (port 7) server using epoll (Linux), kqueue (FreeBSD), and IOCompletionPorts (Windows).

14

papers. This project is various snippets of code for academic papers.

13

c10mbench. C

13

scan-results. Results from some of our scans using masscan.

13

montyhall-js. The Monty Hall problem, in JavaScript

13

krackips. C

12

applevfbi. A collection of all the court filings in the case of Apple being forced to help the FBI unlock the San Bernadino shooter's phone, plus some commentary.

12

robutils. A bunch of library code that can easily be included in new/prototype projects with few (usually zero) dependencies, even on themselves.

12

nmap. Nmap - the Network Mapper. Github mirror of official SVN repository.

10

webshell. This is a webshell open source project

10

altivore. Alternate implementation of FBI's Carnivore packet-sniffer

9

blxtract. An extractor that grabs CSV files from BLX files for Mike Lindell's cyber-symposium, from code by Dennis Montgomery.

9

modern-sockets.

8

RussiaDNSLeak. Summary and archives of leaked Russian TLD DNS data

8

faq-covid-vaccine. Answers to frequently asked covid vaccine questions.

7

cgminer. ASIC and FPGA miner in c for bitcoin

7

nxbench. Like Apache Bench for benchmarking websites, but using 10,000 concurrent connections instead of 100

7

blurt. Data over audio

5

pcap-strip. Strips out datalink headers (like Ethernet), leaving behind just the raw IP packets.

5

microvulns. Prominent open-source vulnerabilities extracted into just a few files so they can be easily built, fuzzed, tested, mediated, and so on.

5

youtube-dl. Command-line program to download videos from YouTube.com and other video sites

5

deprogrammer. Students are indoctrinated in a multitude of outdated and wrong concepts.

5

regexx. My unfinished regex library for multi-pattern matching.

4

securedrop. an open source whistleblower platform

4

snivel. Automatically exported from code.google.com/p/snivel

4

model-s-api. :oncoming_automobile: A Ruby gem and unofficial documentation of the Tesla JSON API

3

buildharden. https://github.com/robertdavidgraham/buildharden

3

rednoise-stick. Reproducing the climate change Hockey Stick with simple rednoise/whitenoise generator.

2

str2long_contest. code corresponding to a coding contest posted here: http://blog.regehr.org/archives/909

1

box-scrape. incomplete project for scraping videos from Box.com

1
57
Apply