Overview

During 2007 and 2008, I was starting out in Cyber Security, and was able to develop and release a number of platform security analysis and scanning tools for Windows (XP and Vista at the time). Unfortunately, I haven’t been able to update them since 2008, and wasn’t able to publicly release new code until late 2021.

I’ve grouped a number of the more interesting/amusing ones below, but there are a bunch more available on my GitHub… These are all old, obsolete, XP-era curiosities!

Network Scanners

The following tools were my implementation of common network discovery scanning techniques, built for Windows using WinPcap. Think nmap, ping, traceroute, etc.

Scant is an ARP discovery and TCP/UDP port scanner

Scamp is an ICMP scanner

Traffic Tampering

The following tools allow various forms of interception and modification of network traffic to/from services running on the local machine. Back in 2007/08, SSL/TLS wasn’t so prevalent!

All of these use a different technique to capture traffic, and then allow filtering/modification through dynamically loadable Python scripts.

IpPyProxy - A classic proxy, binding to a local port and forwarding to a remote host:port to capture traffic.

LspPyFilter - Uses a Windows Layered Service Provider to capture traffic.

SslPyFilter - Hooks Windows SSL functions EncryptMessage and DecryptMessage APIs to intercept SSL traffic.

WwwPyFilter (based on WwwProxy library) - A simple web proxy (think Burp).

Other

Droute - Windows prototype tool to create/route/NAT traffic on “virtual network interfaces”.

SslCat - Like netcat, but using Windows SSL/TLS APIs.