Things that I've Written:

I used to have a bad habit of losing things that I had written. This page is a bit of a dumping ground - the good with the bad - so that I don't lose them. Some of these projects are up to date and fully developed, others are relatively trivial or reflect a less experienced author. (I think the oldest code here dates back to 1998.) If you are interested in a more consise portfolio, a subset of my projects are listed here.

Please consider reading my Policy and Disclaimer page if you are downloading or running my software.

If you have any questions, comments or bug reports feel free to email me. contact info

Other Websites:

• http://www.whatismyproxy.com
  This site is a network connection debugging tool that reports on your current proxy settings.
• http://dnsparanoia.com
  A custom DNS resolver for debugging DNS funny business.

Networking/Troubleshooting:

• tcping.exe
  An implementation of ping-over-tcp for the win32 console. Also includes http get/post support.
• tcproute.exe
  A tcp traceroute for windows, using WinPCap.
• mturoute.exe
  This is console application, analogous to 'ping' and 'traceroute', which finds the maximum mtu between you and another host by passing icmp requests with differing payload sizes. Binary is provided for Win32.
• The MTU Eyechart
  This is a small html file that displays a series of images in various sizes. If you are having an MTU problem with your webserver, the missing pictures will help reveal just what that problem might be. This is something that can be set up on a local webserver and a non-technical contact at the far end of the network link will be able to look at and read the largest number that they see.
• Library Stuff - Patron Management System API Tools
  Various command line utilities to troubleshoot the SIP2 and API (III) protocols. sip2talk.exe, sip2ping.exe
• arp-ping
  An implementation of an ARP ping.
• watchroute.exe
  An active traceroute that reports if the route changes.
• rawsniff.exe
  A command line raw socket based packet sniffer. Can decode to the console on the fly and write out a libpcap file to be opened later in a more capable program.
• proxy.exe
  A command line proxy manipulator. I wanted to be able to "proxy on" and "proxy off" immediately from the command line, plus several other features.
• Subnet Abacus
  Subnet Abacus is my visual subnet calculator.
• arpsift.exe
  arpsift is an "arp -a" replacement that includes a scrolling log, alerts for flapping ARP entries, timers and OUI lookup.
• ips
  ips is a console program that functions like grep, but for IP addresses.
• xips
  xips is a command line tool for expanding and summarizing lists of IP addresses.
• Hardscan
  Hardscan is a command-line tool that detects open ports on the local machine. It is intended for uses where "netstat" and its ilk are untrustworthy. It should run on any system that supports python 2.3 or better. (Note: that 'or better' has aged particularly terribly. Let it be known that I need to update this tool for Python3)

Cisco Specific:

Tools that are either Cisco Specific or are designed with the Cisco-style CLI in mind.

• conflag.py
  Conflag is a script that annotates 'show conn' output with human readable flags. Use with warpzone to embed within the Cisco CLI.
• macdb
  macdb is a command line tool that lets you pipe in lists of MAC addresses for quick oui.txt and known-mac-address annotation. Use with warpzone to embed within the Cisco CLI.
• no - a unix utility to toggle leading 'no ' on and off on stdin, specifically for bulk editting Cisco access lists.
• offline-console
  offline-console is a Cisco configuration file viewer that mimics being logged into the device in question. It implements things like 'show run' and autocomplete so that you can find the bit of config you are looking for with the same muscle memory that you would be using if logged into the real device. Warning: I implemented | (pipe) by shelling out to the actual system, so you can use real tools instead of simulating Cisco's crappy grep. You might not expect this behavior.
• orphan-object-groups - a script for finding/removing object-groups in Cisco ASA configuration files that do not have any references.
• Stanza - a grep replacement that includes the surrounding stanza when it finds a match. Use with warpzone to embed within the Cisco CLI.
• LineDelayPaste
  LineDelayPaste is a gui program that will paste one line at a time at a user defined rate. It is intended for use with terminal (serial) connections that cannot handle input at too fast a rate. Specifically: pasting large configuration files into a PuTTY serial connection.
• Warpzone
  Warpzone is a *nix shell program that enables you to "warp back" to a parent shell in order to execute a piped command in that context rather than at your current level.

Experiments:

• deadbit.exe
  deadbit is an (experimental) attempt at writing an ICMP based memory tester for network equipment. It tries all possible payload bytes and does various tricks to try every bit in every position in the payload as well as the ICMP sequence number, the ICMP checksum and the addends/carry values internal to each router when the checksum is calculated.
• Keyboard Lint - a keyboard input fuzzer for flushing out keyloggers
• snowstorm - a binary data -> qr code frames -> video data extractor
• cavfill - Proof of concept experiment to fill in 'cavities' in executables - that is, long stretches of the 00 byte - to prevent malware insertion.

Other:

• Zoom Lens - An "around the mouse" screen magnifier for Windows.
• A telnet-serial bridge script
  This makes your serial port available to any telnet client. Especially useful for e.g. PuTTY which is my favorite terminal client, but doesn't have any serial support. didn't have any serial support at the time.
• d5000_serial - Python module to interface with a d5000 series thermocouple
• sounder.exe - play 2 seconds of a .wav file from within a batchfile
• voice.exe - command line text to speech
• regat.exe - open regedit to a desired key from the command line
• hold.exe - a console program to hold up stdout until stdin closes
• D3HUD.exe - a mouse locater for Diablo III
• ports.exe - a command line utility that lists available serial ports
• portable cygwin - Tools, scripts and aliases that I used with my portable usb Cygwin install
• leak - A Unix text utility that leaks part of the input to stderr rather than to stdout. For example: "ps aux | leak | grep blah" will dump the ps header to stderr so that grep won't discard it.
• AltPaste.exe - An alternate paste program that uses Sendkeys() to simulate a paste into applications that don't allow paste.
• clip and dip - a pair of command line clipboard utilities I use.
• waitforip.exe
  Pause your batch file until the host has a specific ip address on an interface
• bytes - a command line bytecode format converter.
• misc OSCE scripts - scripts I wrote while working my way through the OSCE certification. 00diff, badbytes, inversebytes, bytes, encoder, http-proxy-to-js-inject
• textselect - Use "sql-like" syntax to connect the dots between columns in text files - for instance the output of Cisco commands such as "show arp" and "show mac address-table"
• bs - A "suppression" grep that lets you add and remember "grep -v" arguments.

Not Quite Below The Fold:

Things that are less interesting to me now, I never used very much and/or haven't aged well.

• Python UDP stress tester
  An extremely quick-and-dirty utility that tests how much UDP traffic it can shove through a connection.
• Pressure
  A windows service based CPU stress tester.
• archtype.exe
  A command line is-it-32-bit-or-64-bit checker via parsing the header of a given executable.
• chkssl.exe
  A command line tool to check the ssl certificate of a webserver.
• killabit.exe
  Killabit is a quick and dirty network sniffer that displays where your bandwidth is going by source->destination address pairs. Works at layer 2, 3 or 4.
• millisleep.exe - sleep your batch file for X milliseconds
• keypress - Small gui program to measure average keystroke length.
• bail - A unix text utility that passes stdin->stdout until a specified time has elapsed. Its a time-based 'head'.
• exitcode - A unix utility that exits with the value of the first word of its stdin.

Below the Fold:

These are projects that I consider withdrawn.

• httping.exe
  Still works, but the capability has been moved into tcping.exe rather than continuing on its own.
• ip-threespace.py
  A packet sniffing script that displays traffic moving through a three-dimensional cube representing the global IP space. Uses pyOpenGL for display.
• Decloak
  A "pid exhaustion scanner" for Linux. Detects hidden processes by mapping out the holes they leave in the available pid space.
• icmp spy
  The idea here was to use a raw ICMP socket to listen for incoming pings. Turns out it doesn't work: the winsock lib apparently doesn't pass ICMP echo requests back up to the socket.
• Renoser - Utility to restore injured emoticons.
• Winkin Bill - Can *you* solve the sliding puzzle game before Bill Clinton seduces you?
• retriever - Shell script to retrieve and log Dogpile's 'Search Spy' XML feed.
• http://www.pluginchecker.com
  This site requires one of each of the more common browser plugins so that you can quickly tell what you have installed and operational.
• pwgen
  A small C program that generates passwords based on the characteristics of a network device and a pre-arranged master password.
• Bookmarklet Generator - Generate your own bookmarklets like the ones below without having to mess with any javascript.
• make pretty - Script to Beautify C++ Code
• xmlroute.exe
  A variant of tracert/traceroute that formats its output in XML.
• wakearp.exe
  A utility to quickly induce arp resolution for every ip address within a specified /24 network.
• Serial Watcher - Small .NET program that watches your serial ports and tells you when one becomes available.
• http spoof - Silly proof of concept to try and collide Ack numbers to generate a spoofed http request.
• Lime Lime is a command line utility that wraps other command line utilities and gives them delicious timestamps.
• Pix Object groups for Microsoft Server deployments Object groups for Lazy Pix administrators, based on port ranges defined in the Microsoft knowledge base.
• explode-macro.py
  A python script implementing a simple macro language for quickly generating Cisco config files (or fragments). Intended especially for use when configuring many many identical interfaces or for generating standard configurations from a base template.
• snot.exe
  A 'network sniff notetaker' that embeds a specified message into a currently running Ethereal/TCPDump/etc packet log via udp discard packets.
PHP Boolean Query Generator
This is a php snippet for converting boolean search queries (for instance "elephants AND giraffes" that people are used to typing into search blanks into SQL query syntax. ASP version now available as well.
• HTTP -> HTTPS Redirector
  This is a small python script that can be run in the background to redirect http queries to another URL. In particular, it is set up to redirect insecure HTTP connections to an HTTP/SSL port.
• Generate Google Sitemap script
  A python script that autogenerates a Google Sitemap XML file from the contents of your webserver. I use it to generate this sitemap: sitemap.xml. The script itself should generally be applicable to other sites with a few minor changes.
• The MSSQL Trouble Button
  An ASP page to grab the current state of a MSSQL backed application when an end-user is experiencing a problem.
• "Heads up" status script for Linux/Sendmail servers
  A sh script that can be run from within 'watch' to show a current status update of a linux sendmail (or similiar) server.
• syslog scripts for the Barracuda Spam Firewall
  Bash scripts to parse virus and error information out of a Barracuda's syslog entries
• NetApp helper scripts
  Shell scripts to help interact with a NetApp filer.
• Cisco Pix "show conn" summary script
  A python script that scrapes the output of the command "show conn" from within the Cisco Pix and summarizes the results in tabular form.
• Connflow.py
  Related to the older conn summary script above, this one connects to a given Cisco firewall twice and pulls a diff between the two 'show conn' commands and generates a report
• uac.exe - A command line UAC privilege elevator. Similar to sudo.
• Web Mimic
  Web Mimic is a utility that sniffs your HTTP requests and gives you the ability to re-download them independent of the original program.
• newcmd.exe - a console program to launch cmd.exe nicely from inside Cygwin

Cacti Scripts and Templates:

• Cacti Template for the Cisco Aironet
  A cacti template for tracking the Cisco Aironet via SNMP.
• Cacti Templates for the Cisco Pix
  Cacti templates for tracking the memory and connection count on a Cisco Pix.
• Cacti Template (and polling script) for the Sensorsoft SSA7008 Environmental Sensor
  Cacti template for tracking temperature and humidity with a Sensorsoft SSA7008 Enviromental Sensor. Also a perl script for doing the polling, as this device is a bit more complicated than squid likes by itself.
• Cacti Template for the Alvarion BreezeAccess VL
  Cacti template for tracking the SNR and frequency of an Alvarion BreezeAccess VL.
• Additional SNMP information and scripts for the Alvarion BreezeAccess VL
• Cacti Template and polling XML script for the NetApp filer. Graphs interface usage, cpu, cifs, nfs, cache age and per volume usage, files and inodes.

Shell Scripts:

• Pathos.bat
  A windows batchfile for easily manipulating your $PATH.
• more shell scripts in my snippets dump folder...

Code Snippets:

• Split-Respect-SingleQuotes - a version of python 'split()' that treats single-quoted text as unsplittable
• FormatTable - tries to fairly draw a set of columns with variable sized data to the console
• ARIN Lookup - Scrape ARIN for information about an IP address
• RGB Gradation - Functions for blending RGB colors as specified on web pages
• RGB Blending Tables - Script that generates RGB color blends
• 16K Python Mud - A tradewars type mud written in 16k of code
• Subnet Allocator - A python script for breaking down larger networks into smaller ones along subnet boundaries.
• 'Safe' Python module reload - A python script to dynamically recompile/reload a python module with built-in syntax checking.
• One time popups - PHP + javascript to add one-time (per visitor) popups to a webpage.
• Double URL-encode - Python function to Double-URL-encode text, as per the documentation for the Google Search Appliance.
• Function for checking if one string is a prefix of another under PHP
• ccmod10.py - Python module for testing and generating credit card numbers.
• php recaptcha via proxy - Patch for the PHP recaptcha lib to use a proxy server rather than a direct connection to the web.
• more snippets in my snippets dump folder...

Uncategorized:

• uncategorized stuff - Some things don't deserve their own pages, or aren't done yet.