ProxyStrike plugins

Recently I released the last version of ProxyStrike, but I did't write anything about plugins development.

Now a howto is available to write plugins.

The plugin engine is showed in the following picture:

You can see an example of an email gatherer plugin below:

It's very easy!!!. I recommend you to visit the howto page for more information.

See you soon!
deepbit

Detecting encodings

I'd like to write about chardet. This software allows to know what the encoding type of a text is, as for example of a web page (html) or any file. This is very usefull when you are connecting several tools for information interchange.

However, in python versions lower than Python3k, working with encodings is horrible, so a lot of times you have troubles when trying to guess the encoding source.

Chardet gives information about the encodings that should match for a given source with a probability set. Below you can see an example of how to use chardet, it's very easy!

>>> import urllib

>>> urlread = lambda url: urllib.urlopen(url).read()

>>> import chardet
>>> chardet.detect(urlread("http://google.cn/"))
{'encoding': 'GB2312', 'confidence': 0.99}

>>> chardet.detect(urlread("http://yahoo.co.jp/"))
{'encoding': 'EUC-JP', 'confidence': 0.99}

weBreak, breaking trends...

To begin with fresh news I'd like to present my new tool. Ok..., It's not really a new tool, it's another interface to wfuzz,
but it's a new interface concept that I began to study in order to develop new tools with a web-based GUI.

weBreak has a RIA (Rich internet Applicartion) interface based on ExtJS. It's very usefull and is cross-browser, so it
makes my tool more portable and more standard.

I' think that In my opinion the future of app interfaces is merging with web browsers, (eg: metasploit, wmware server, etc.)
It implies a new pattern design and new technologies to familiarize with, but it improves the compatibility, and the app
becomes more standard, moreover you can execute the tool on a computer and use it collaboratively.

Nevertheless, the programmig isn't so comfortable, since you have to code (in my case) in python, and javascript
and connect it properly using a web server (I used cherrypy).

So I've planned to develop a framework to join the three technologies (core+webserver+JavaScript)
In my case (python+cherrypy+extJs), I hope it can be portable to other platforms easily.

Next, some screenshots are shown:

Deesec!

Wellcome to deesec.

Deesec is a blog which serves the purpouse of publishing my own
projects, related to security and other stuff. They are
focused basically in python development.

See you soon!

Deepbit