Really nifty dataset for running static analysis against

NIST Collection of 100k Insecure Code Examples for Testing Static Analysis Tools’ Ability to Spot 118 Different CWEs

https://samate.nist.gov/SRD/testsuite.php

Micro-controller Roundup!!

This is a really cool round up of $1 microcontrollers https://jaycarlson.net/microcontrollers/ by Jay Carlson

Cloakify-Powershell

I just ported Cloakify to Powershell.

The original project was written in Python 2.x and lets you turn any file into a text based list to avoid detection/suspicion.

Today I’m releasing a Powershell port of Cloakify
https://github.com/johnaho/Cloakify-Powershell

You can use it to turn spreadsheets into lists of IP addresses, geo-cordinates, pokemon sightings etc in plain text then use the same tools to turn it back into the original file.

Works with text and binary files. Tested with text and image files.

Previously I had upgraded it to use Python 3
https://github.com/johnaho/Cloakify/tree/python3

I *haven’t* tested python/powershell cloak/decloak inter-operability yet.

A huge thanks to TryCatchHCF for putting out the original Cloakify in python!!!

Upgraded Cloakify to Python3!

I upgraded Cloakify to Python3!

I still have to test out prepend noise stuff but you can cloak/decloak files using python 3 now.

Here it is

*Not the originator of Cloakify, just a fan.

Playing with python again

I’ve been playing with python again. This weekend I remembered a neat project I’d seen a talk on https://github.com/TryCatchHCF/Cloakify and played with it.

Cloakify is a really cool steganography program written in python that lets you convert information into text lists so that it can be exfiltrated in plain sight, say from a remote server.

I fixed one small issue with it and right now I’m in the process of converting it to Python3, now with more snek! I can cloak/decloak files using the star trek cipher but not the others just yet.

EDIT:
Turns out the error I was getting: “‘charmap’ codec can’t encode characters in position 3-4: character maps to ” was because the windows console not python. A quick search (and up-boat) on stack overflow revealed that the answer was to run this in the command line “chcp 65001”. That did the trick and I was able to get it converted to python3.

I’ll be uploading the python3 version to github shortly.

Worms make me WannaCry

If you have a windows computer, make sure it is up to date. If you have XP/win 2003/ win 8 – Microsoft has special patches for you to protect against this recent worm. Good idea to patch up old systems because this worm was a doozy. https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Special thanks to https://twitter.com/MalwareTechBlog for stopping the spread. They registered the kill switch domain and the worm stopped propagating.

The vulnerability is still out there and waiting to byte so patch people!

I’m an expert…

I’ve seen this happen a few times.

Big changes are afoot

It’s a new year and big changes are afoot.

I’ve got a new home office with more space for electronic projects and more!

Meet the Artist Reception out at Boyce Thompson Arboretum November 9th 1-4pm

artist_reception_meet_the_artist_JohnAho

Poking through Qt dev IDE

I did a little bit of research on Reddit and based on a few recommendations on good stuff to look into on C++ I’m taking Qt for a spin.

Qt is a framework that’s been around for quite awhile and it’s come a long way and has a bunch of neat stuff in it.

If you want to check out Qt head over here to http://qt-project.org/

Return top