Home |About | Partners | Careers | Contact | News

Labs

» Blog » Tools

Contact GDS Labs

Send all tool questions or comments to us via email:

tools [at] gdssecurity.com

Tools

Transformer.NET

Transformer.NET is a bi-directional HTTP transformation module for Microsoft IIS6 & IIS7. The current Beta version provides support for regex-based URL re-writing, allowing URLs in both incoming HTTP requests and outbound HTTP responses to be re-written on-the-fly. This flexibility gives website administrators the ability to alter website URLs without the need to modify any underlying website/application source code.

Transformer.NET supports inbound and outbound transformation of content rendered with any HTTP handler on IIS7 (PHP, Classic ASP, ASP.NET, Java, ColdFusion, etc). Outbound transformation support on IIS6 is limited to only ASP.NET applications (this is a limitation of IIS6), however incoming requests to any handler can be re-written. Additional information can be found on the GDS Blog.

Transformer.NET - Version 1.0.8.226 Beta (2/26/2008)

SHA1: 02063ae1cc6753f8a31e1bc4ce2d70da99e607de


Deflate Burp Plugin

The Deflate Burp Plugin is a plug-in for Burp Proxy (it implements the IBurpExtender interface) that decompresses HTTP response content in the ZLIB (RFC1950) and DEFLATE (RFC1951) compression formats.

At present, Burp Proxy only unpacks gzip compressed data. The plug-in will attempt to decompress every HTTP response body it handles, irrespective of whether the "Content-Encoding: deflate" HTTP response header is present. If decompression fails, the original response message will be passed on by the plug-in unchanged.

In addition to the source and binaries for the plug-in, the download also includes an example servlet that generates RFC1950 and RFC1951 compressed HTTP response bodies for testing the plug-in.

More information can be found on the GDS Blog.

DeflateBurpPlugin

SHA1: 958977e242b02fcca6c6f33195dee405bd143977


AntiXSS for Java

AntiXSS for Java is a port of the Microsoft Anti-Cross Site Scripting (AntiXSS) v1.5 library for .NET applications. The library requires Java 1.4 or higher, but has no other prerequisites.

For those not familiar with the Microsoft AntiXSS library, it is an output encoding library for avoiding Cross Site Scripting vulnerabilities. Specifically it is intended to safely encode information written to the user's browser within a specific context (i.e. if writing a string into the HTML of a page, you need to use the correct function - HtmlEncode). Unlike some other solutions the library implements a white listing approach, and encodes everything except characters known to be harmless. For example, the string <script> will be HTML encoded as &#60;script&#62;.

A description of the methods supported, and the encoding performed, can be found on the GDS Blog.

AntiXSS for Java - source package - Version 0.02

SHA1: 473b4dd3f8ffed5cd870da88fdb82f59cc1d137c

AntiXSS for Java - binary package - compiled Jar file only

SHA1: f7abd9ebbc597f258e65a00c49a1154ba15c611e


SQL Brute

SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn't require non-standard libraries. A walkthrough of using SQLBrute can be found on Justin Clarke's personal blog.

sqlbrute.py

SHA1: d5e2c53cb843a91a4e0c64a5496bc82b09bb399c

sqlbrute.zip (Windows binary)

SHA1: 80f87b6bab7c2542f9cf6aa3d20cadf6227b3d2d


Content from "Network Security Tools"

The following are some of the tools developed for the book Network Security Tools, Writing, Hacking, and Modifying Security Tools, published April 2005 by O'Reilly (ISBN 0-596-00794-9). These examples, along with the rest of the examples from the book, are also available from O'Reilly.

PMD SQL Injection Rules

PMD is a static source analysis tool for analysing Java source code. In Chapter 6 of Network Security Tools, Joe Hemler discussed how to write rules for PMD that could be used to detect SQL Injection vulnerabilities.

pmdrules.zip

SHA1: 0603b2c57d766d2b3857f2d46b7c00a468884b30

Simple/Extended Scanner

In Chapters 8 and 9 of Network Security Tools, Brian Holyfield explores the design and implementation of a simple web application scanning (Chapter 8) and exploitation (Chapter 9) engine in Perl. Chapter 8 is the sample chapter for this book, and is available online from O'Reilly.

extendedscanner.zip

SHA1: c785f94b416dda4c0042fa5155e499d2ba9101db

Privacy Statement | © 2008 Gotham Digital Science All Rights Reserved.