So recently, after almost a year in development, I finally published my iOS security app called TrustR. Frankly I’m quite surprised that no other security teams beat me to the release of this new type of security app – since it secures the iOS platform in such an obvious and necessary way. For years [...]
DNA-FAT performs a very rapid indexation of the uniqueness and repetitative buildup of fasta format DNA sequences using user assigned window sizes. The two output files contain the following: The number of unique sequences with the preset window size and the number of sequences present, any number of multiple times. Output of the actual sequences [...]
FISH version 0.0.3 beta with numerous improvements is now available for download. Expect to see trememdous performance increases in this release as well as many other improvements including the following: Version 0.0.3 (second public release): This version is at least 30 times faster than version 0.0.2 Implemented a new hash function Optimised the iterative function [...]
Recently whilst analysing the PSP2-BBB banker trojan, I discovered that this particular trojan, as well as many others, downloaded malicious payloads to the currently logged on user’s “Temp” and “Temporary Internet Files” directories, located in the “Local Settings” directory, on a Win32 system, and saved them as temp files with a random four character name [...]
IFAU is a simple utility that was written to analyse binary files and count how many times each hex byte is present in a given file. This is useful when attempting to identify frequently used op codes. The results are written to a hash which is dumped to an XML report as well as a [...]
FIT-sig (File Identification Tool-kit Signature Utility) is a tool designed to be used to aid in the identification of common signatures, of varying lengths, in two given files of any type (e.g. binary and non-binary files). FIT-sig was originally written to help when identifying Portable Executable packers/protectors. The general idea is that you take two [...]
SAJO is an automated MSSQL data-mining tool. Via the presence of a single SQL Injection vulnerability, SAJO can gather all table and field details including ids, name lengths and names. After all preliminary work is done, SAJO proceeds to dump all data in the first record in each table. The cool thing about SAJO is [...]
Recently whilst working on a project, I required a tool that was able to read a large number of large log files and identify attacks in them. Loads of web server log analysis tools exist but I haven’t come across one that focuses exclusively on identifying attacks. LAIT a generic tool that is able to [...]
DNA Extractor is an automated utility for extracting specifically formatted DNA sequences from data files such as those available at the National Center for Biotechnology Information. This can be done for both genomes and plasmids alike, as long as they keep the specific format. Genome and plasmid locations are read from genename files having the [...]