I am a research and teaching assistant at the University of Applied Sciences Upper Austria, campus Hagenberg. On this website you will find various code snippets and documents which are all related to computer science and information security.
All of the code listed on this page is licensed under the GPLv3 unless stated otherwise.
| Name | Description | Size |
|---|---|---|
| filewatch.tar.bz2 | C program to monitor the file access of a specific program. Makes use of LD_PRELOAD. | 732 B |
| pkgrewr.c | C program to rewrite network package payload in realtime using the ip_queue mechanism of the Linux kernel. | 3738 B |
| genpwd.py | Primitive Python password generator which generates passwords of arbitrary length. | 395 B |
| arpalert.py | Python daemon which is able to detect ARP poisoning attempts. On detection an E-Mail can be sent to the network operator. | 6791 B |
| pytropy.py | Python script for entropy-based analysis of PE sections. Useful for determining whether a given PE file is packed or not. Screenshot before and after packing a binary. gnuplot and pefile are needed. | 2700 B |
| datropy.py | Python script for determining the information density of arbitrary data. An example to test if each character of /dev/urandom's 8-bit alphabet is equally probable: dd if=/dev/urandom bs=100 count=10000 | ./datropy.py | 737 B |
| hthackess.pl | Perl script to brute-force .htaccess-protected websites using wordlists. | 992 B |
| aptwrap.pl | Perl wrapper for aptitude which colors parts of the output. Screenshot of aptitude show zsh. | 1763 B |
| np.pl | now_playing script written in Perl for irssi in combination with Amarok. | 825 B |
| htmlfuzz.pl | Primitive HTML fuzzer written in Perl which is run as CGI script. Just some how-it-can-be-done code. | 4372 B |
| Name | Description | Size |
|---|---|---|
| Theses | ||
| Master's Thesis | My master's thesis, entitled ``Inductive Intrusion Detection in Flow-Based Network Data using One-Class Support Vector Machines'' (BibTeX). | 1642 KB |
| Technical Reports | ||
| Conficker Analysis | A detailed analysis in german which covers the functionality and activity of the worm named w32/{conficker,kido,downadup}. The analysis deals (among other things) with the distribution, the infection and the download of additional payload. | 462 KB |
| Presentations | ||
| Multiple Precision Integer Arithmetic | A presentation I held about efficient multiple precision integer arithmetic. Beside some basic theory, the paper contains information about the classical methods (add/sub/sqr/mul/div) and the datastructure/API I finally came up with. | 515 KB |
| Address Resolution Protocol | A presentation I held together with a colleague covering the Address Resolution Protocol. The presentation covers the basic functionality, various dialects (RARP, Inverse ARP,...) and ARP security. | 1115 KB |
For E-Mail, please use my PGP/GnuPG public key and encrypt all mail if possible. My fingerprint is: 8F5C 4B7C B431 527A 3CBA 4303 866F 0B8E 1E88 0898
Finally, I am running a blog.
$Id: index.php 41 2009-12-09 17:56:17Z philipp $ |
