just another infosec blog

Reedphish Heavy Industries

Any code and projects I decide to release will be released under the name of “Reedphish Heavy Industries”. I have decided to put my projects on Bitbucket.

Current projects

Pendragon Suite

Pendragon Suite is a collection of tools I have developed for use at work and in my spare time. For now it is mostly conceptual and consists of only two materialized tools. See further information below. None of these tools are made public. Yet.

Pendragon Server

Pendragon server started out as a Ruby based web site crawler. This crawler was able to crawl and extract information from HTML, stylesheets and Javascripts. Pendragon Server is currently to be rewritten in either GO! or Java.

My main goal is to make Pendragon Server into a hosted penetration testing tool. Instead of having a dedicated vulnerability scanner installed locally you can instead host a centralized instance of Pendragon Server. For broader use it may be interconnected to other Pendragon Server instances on the net.

Future plans

  • Improved AI
  • Improved link probe
  • Improved Javascript analyzer engine
  • New back end: work flow engine with a dedicated information and communication bus
  • Front ends: Web and apps (Android)
  • Cross instance communication protocol


Project startup February 2014 due to lack of tool to investigate how servers responds to faulty HTTP headers. It is also a tool for inspection of HTML (find hidden information).

Future plans

  • Extend the HTTP message editor with the DragonScript scripting language. This will shape HTTPDragon into a better pentesting tool.
  • Auto decrypt Viewstate
  • Visual representation of POI
  • HTTP Post (and other verbs)
  • Shift most back end functionality over to Pendragon Server
HTTPDragon Screenshot



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: