Quick Email

Quick Email is an iOS universal (iphone/ipod/ipad) app to facilitate sending of emails in an efficient manner.

I wrote this because I found myself sending emails to only a certain set of people and it was time consuming to find the names in the address book, type in a subject, then finally write the message. By predefining the recipients and subject line, you can just write out the message and hit send. This drastically eliminates time and allows you to get back to other tasks. Check it out and let me know how it works for you!

IMG_1768IMG_1751 IMG_1766  IMG_1783 IMG_1784

Putty Launcher

Do you have multiple saved sessions in Putty and find it annoying to load a session through the application? Do  you hunt through the settings tabs to find the right parameter you want to change for a session? While I love and use putty often, these were the common annoyances on my end and I decided to have a tool to address these things.

With Putty Launcher you can organize and create putty sessions. The built in session editor gives you quick access to the common settings eliminating the need to hunt around multiple option tabs.

Go from:

putty-scrollbar-sessions

To:

putty-launcher-main-window-organized

Session Editor:

putty-launcher-session-editor

Get it via Gumroad:

Sense8 TV show

Last year I supported a new TV show called ‘Sense8’ which is a Netflix original. I provided them some hacking equipment and provided input into hacking scenes.

A few months ago it was released and I finally got to see all the episodes and I’m super excited on how it turned out. The hacking scenes made sense to me and the equipment was used in a proper manner!

Below are some screens from the show that had various equipment I supplied them with.

sense8-s1e7-sc-prox3-ltp-rPi

sense8-s1e7-simplewifi

sense8-s1e8-u1.ironkey.datalocker

sense8.s1e11-hackrf.tplink.alfa.rPi.ironkey.rfexplorer

sense8.s1e11-rPi.datalocker.beaglebone.tplink.alfa

I heard the series got renewed for a second season which is awesome as well.

Image Auto Download plugin for Firefox

I needed a plugin that I could automatically save images based on regex or dimensions and couldn’t find any available so I decided to get one coded instead. It is in beta form right now as there are a couple features and bugs needing to be resolved still but the basic functions work. I use it to save ads so that I could see patterns or get design inspiration from others.

image-auto-download-0.1-main

image-auto-download-0.1-rules-fixed

Download link: image auto download firefox plugin version 0.1.

Please provide feedback on it in the comments section below.

Kindle Rapid Research Tool

Are you an author that wants to keep track of the competition? Or perhaps you want to see what topics are being written about and the structure of other books. I coded this tool to save time with kindle research related tasks.

Main Screen:

20140413-main

Keyword Search:

20140416-kw-search

20140317-04-search-results

Additional Data Gathering:

20140413-fetch-options

20140322-editbook

 

Options:

20140413-global-settings

Requirements:

Reports and Analysis:

   20140413-report-options20140322-analysis-report20140322-data-report

20140322-data-report-2

 

 

Nessus Tools: HTML reports revisited

On a recent engagement, I noticed that people were wasting time scrolling through nessus reports to find vulnerabilities in which they either need to confirm, or dig into deeper. There were many findings that would automatically be written up because there is nothing to further exploit, and the supporting information in the output was good enough. And of course there is informational things in the report like traceroute output, ping times, mac address, operating system, etc. Good information to have, but not really needed while in vulnerability assessment / penetration testing mode.

I really needed something to just show me the interesting things to focus on. Since I had all the nessus data in a database already via nbe2sql, I quickly wrote some sql statements and parsers to solve my problem and make a pretty report.

The latest release of the nessus tools has two more html reports.

  • One script is called report_auto which generates html that contain findings to simply write up. For each vulnerability type there is a table with IP and supporting information columns. 
  • The other script is called report_manual which generates html that contain findings or information to pursue.

Do note that only a handful of nessus pluginid’s are supported in the script. If you want other checks included please provide me with some sample data and I will get it included.

Code:

I do hope that others find these additions useful. I really hate it when testers have to spend time on low level findings. Yes they still need to be looked at and written up, but testers should be focusing on the interesting stuff.