duper/blackbag
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Blackbag: A miscelleny of poorly-coded network testing tools. Don't forget to read INSTALL for dependency and compilation info. ## replug replug [-b] target[:port[@localport]] A plugboard proxy which (with -b flag) will log all I/O to uniquely-name files, along with a "spans..." file with the read boundaries (to break streams into messages with). ## telson / blit telson target[:port] [local:port | port] echo "foo" | blit telson/blit are a binary alternative to netcat. telson shuttles data between a localhost UDP port and the TCP connection to target:port. blit consumes stdin and feeds it out to the telson UDP port. You can use "netcat" to feed data to telson, but you have to feed it arguments and netcat will wait uselessly after each run until you C-C it. telson prints input and output to to stdout as canon hex. If you want to log telson sessions, aim telson at replug. telson and blit are reasonably fast and scalable; you can cat whole kernel files into blit and have blit, telson, and replug keep up. ## binhex binhex 41414100abadcafe00 | blit binhex consumes all arguments (ignoring spaces), interprets them as hex character codes, and prints the resulting binary data to stdout. ## nstrz nstrz this is a test | blit nstrz consumes all arguments, including spaces, appends the 32-bit count of bytes in the resulting string, and prints the resulting octet string to stdout. ## c c 4096 helu | blit c consumes its second argument and repeats it by the count in the first argument. ## sextract sextract <pcapfile> [filter] # run w/o args for usage sextract processes the packets in a pcap filter matching the filter, reassembles the TCP streams in those packets, and prints the contents of the resulting streams to stdout: sextract -bhdi <pcapfile> prints the binary contents of the inbound side of the selected streams to stdout, with no intervening content (suitable for layer 7 decoding): sextract -bhdo <pcapfile> prints the outbound side of the selected streams. ## genacl genacl <pcapfile> genacl processes the packets in a pcap file and infers a matching set of access control list entries, with netmasks and port ranges, along with the count of bytes matching each entry. ## dedump hexdump -C file | dedump > file.orig Converts canonical hexdumps back to binary data; reads hexdump -C and hexdump() output, syncs to first actual hexdump line. ## modhookah A Solaris .so to LD_PRELOAD on executables to capture I/O. ## httpcat httpcat http://foo/bar?baz httpcat -t application/marimba -d 1&2&3 post://foo/bar?baz Like curl or wget in 400 lines of our own code; possibly simpler syntax, possibly not (METHOD can replace HTTP in the URL, easy to set content-type); definitely easier to add functionality to, can output to stdout for use with telson. httpcat -Y post://foo/bar Behaves like "telson", waiting for the input "%MARSH%" to wrap all data read so far into a POST with valid content-type. ## b64 / d64 cat file | b64 | d64 > file.orig Base64 and un-base64 things. ## hexify binhex `cat file | hexify` > file.orig Hex-encode binary data --------------------------------------------------------------------------- blackbag, libfirebert, all related tools, all otherwise unpublished source code and documentation in these directories - 20051201 - Copyright 2005 Matasano Security, LLC <tqbf@matasano.com> All Rights Reserved
About
[fork of] blackbag tool suite version 0.9.1 - a collection of security scripts/programs by Matasano LLC (now NCC Group PLC)
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published