reedphish

puncturing security, development and life. Stay on the right side of the law.

Reedphish Heavy Industries

Any code and projects I decide to release will be released under the name of “Reedphish Heavy Industries”. I have decided to put my projects on Bitbucket.

Current projects

Pendragon Suite

Pendragon Suite is a collection of tools I have developed for use at work and in my spare time. For now it is mostly conceptual and consists of only two materialized tools. See further information below. None of these tools are made public. Yet.

Pendragon Server

Pendragon server started out as a Ruby based web site crawler. This crawler was able to crawl and extract information from HTML, stylesheets and Javascripts. Pendragon Server is currently to be rewritten in either GO! or Java.

My main goal is to make Pendragon Server into a hosted penetration testing tool. Instead of having a dedicated vulnerability scanner installed locally you can instead host a centralized instance of Pendragon Server. For broader use it may be interconnected to other Pendragon Server instances on the net.

Future plans

  • Improved AI
  • Improved link probe
  • Improved Javascript analyzer engine
  • New back end: work flow engine with a dedicated information and communication bus
  • Front ends: Web and apps (Android)
  • Cross instance communication protocol

HttpDragon

Project startup February 2014 due to lack of tool to investigate how servers responds to faulty HTTP headers. It is also a tool for inspection of HTML (find hidden information).

Future plans

  • Extend the HTTP message editor with the DragonScript scripting language. This will shape HTTPDragon into a better pentesting tool.
  • Auto decrypt Viewstate
  • Visual representation of POI
  • HTTP Post (and other verbs)
  • Shift most back end functionality over to Pendragon Server
HTTPDragon
HTTPDragon Screenshot

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: