ebizzy is designed to generate a workload resembling common web application server workloads. It is highly threaded, has a large in-memory working set, and allocates and deallocates memory frequently.

ebizzy have been developed by Val Henson and I'm helping to improve it (remove library dependencies, turn the code completely OS-independent, improving the thread performance...)
Download the source code here

SCMorphism Project - New Version 1.7

This is a personal project to implement some shellcode mutation engines. The intention is to understand evasion techniques, IDS Signatures, demonstrate of shellcode mutation and to have some relationship with other shellcode mutations. The source-code of the project isnt public because exists so much "code rippers"in the internet.

If you really like to contribute with the project, I need some stuffs (see TODO).

When you contribute with the project, I really apreciate to send the source-codeto you.

The Decoders of SCMorphism are almostly open, you can download the decoders (and tests programs for it) here

If you like to send me comments and sugestions, please, use rodrigo@kernelhacking.com. If you like to send me bug reports and criticals, please do it, but if you like to speak: "your project is closed source, you want to turn it commercial?" my answer is: "no, please, se README and you understand my motivations".

If you like more informations about the project, click here and see the README file or you can understand more about polymorphism reading this text

IMPORTANT: If you see errors, please, send me examples of the output generated. See the KNOW_BUGS file.

Click Here to Download the Tool - Run it as user in your system - (MD5)

BRAZILIAN PEOPLE NOTICE: I have wrote the HowItWorks Document in Portuguese too

Intrusion Detection System with "SandBox" Technology

This project began when i need to show in my presentations how a polymorphicshellcode can be detected.

By now, the project are in totally closed form, but, i have showed it in some presentations, and maybe it won't be turned public.

I have used libpcap and libids to capture and parser data, and my own ideas to "run" it.

A delay is presented, and turn its use impossible in the real life... some security bugs exist too.

This project intend to be a substitute-like of PaX, GrSec or Lids like tools.

Im working in it now, but i have signed a contract to doesnt distribute it (i havent used any base GPL codes, etc)

Tell me if you have ideas or needs

The Saint Jude Project is a Project to Develop a Kernel-Level IDS Mechanismis to Protect the Integrity of Host Systems

This is my first attempt to develop into windows platform... i have coded a modified GINA.dll to change the authentication scheme of windows:

- Hooked all gina functions

- Addeded winlogon scheme

- Integrated the logon using RADIUS authentication

- Works fine with Terminal Services

- Integrated with the AD authentication

- Call the Novell client (for access novell shares)

Remote command execution system

Developed to permit remote password changes (integrating all unix-like servers)

Permit any command execution

Supports:

- Password authentication

- Certificate authentication

- Encrypted certificate (using passphrase)

FwSecVpop3d

Really old project that makes a pop3 server with the follow resources:

- Thread support (for scalability)

- Simple code (for security)

- Secure design (chroot, less privilegies)

- Easy to deploy (it uses simple files for authentication, with user:pass combination). As beta, I have inserted more ways to do the authenticatoin

- Virtual Users Support (authentication in the format of: user@domain)

- Official web site: http://sourceforge.net/projects/fwsecvpop3d

MSNiff

I have worked in an MSN Monitoring Solution

That solution will be merged with an open-source solution, to include the MySQL integration capabilities, support for log extraction and bug-fixes... when the merge gets finished, ill disponibilize the link here

Firmament