News: Now with no 140 character limit!
IDA Plug-in Writing in C/C++ Tutorial, v1.1 released
An updated version of the IDA Plug-in Writing Tutorial and associated source files is now available. This version has been updated to be consistent with IDA 5.4, includes some minor error corrections plus an additional sample plug-in.
22 May 2009
SpiderFoot v0.1b approaches 10,000 downloads
I'm not sure if I should be shocked or impressed, but this will be quite a milestone for a product that - for at least a couple of years - has had limited functionality thanks to Google ending their search API/service. Version 2 is probably a month or two away, depending on my workload.
24 April 2009
SpiderFoot v2 in the works
Considering the positive feedback I continue to receive for SpiderFoot, I figured it was time to take it to the next level. Some core features I'm looking at for the next version are:
- Plug-in architecture: Probably using Python (Jython, specifically) for custom scan and analysis tasks.
- More vulnerability focused: Using the mined information to perform web security scans (once again, using plug-ins).
- Re-written in Java: Platform independent and some richer APIs that I can make use of for scanning and analysis.
- Cleaner UI: As I said in the first release, I'm no UI design pro, but hopefully my experiences over the last few years will contribute to something more useable.
- Reporting: This may be offered as some sort of enterprisey plug-in that actually costs money (I have to eat).
I'm pretty excited about this release because I think the plug-in architecture will open it up to people who want to extend the tool to meet their specific needs. If you have any ideas that you'd like to share, or gripes with the first version that you'd like to see addressed, let me know.
20 April 2009
IDA Plug-in Writing in C/C++ Tutorial, v1.1
It's been some years since the first version was released, and I've received a lot of positive feedback from people all over the world whom it has helped. The next version will be updated to cover IDA 5.4, though from an initial glance the guys at Hex-Rays have done a brilliant job of keeping the API backwards-compatible, so it may just be some minor tweaks in this release.
I'm soliciting feedback via OpenRCE, so drop me a line if there's anything you'd like to see covered. You can expect to see something early May.
18 April 2009
IDA Plug-in Writing Tutorial in print (sort of)
It's great to see some highly respected people in the field reference your work. Somehow it's a little more special when it's in dead tree format..
- Gray Hat Hacking, Second Edition
- Reverse Engineering Code with IDA Pro
- The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler
24 March 2009
SpiderFoot in print!
SpiderFoot has been covered in some books:
- Network Security Assessment: Know Your Network
- Penetration Tester's Open Source Toolkit, Volume 2
- Chained Exploits: Advanced Hacking Attacks from Start to Finish
10 March 2009
SpiderFoot a part of CEH
I stumbled upon this today. It turns out that SpiderFoot is a part of the Certified Ethical Hacker curriculum.
1 February 2009