VSR Tools

Here you will find various security software tools released by VSR and its consultants.

Security Testing Tools

• FuzzDiff -- A simple tool designed to help out with crash analysis during fuzz testing. It selectively "un-fuzzes" portions of a fuzzed file that is known to cause a crash, re-launches the targeted application, and sees if it still crashes. Eventually, this will yield a file that still causes the crash, but contains a minimum set of changes from the original un-fuzzed file.

Sample Code

• Forms-based HTTP Authentication Proof of Concept -- A self-contained web server and application implemented in Python to demonstrate how forms-based HTTP authentication is possible with combination of AJAX and clever use of HTTP response codes. See this paper for more details on the reasons why this is interesting.

Miscellaneous Exploits

• WebLogicPlugin-HRS-PoC.sh -- A simple script to demonstrate the exploitation of the HTTP Request Smuggling vulnerability (CVE-2010-2375) in the WebLogic web server plugin. This script can be used to steal other users HTTP responses when used against a vulnerable web server. See the original advisory for more details.
• WebsenseBypassProxy.java -- A tool for bypassing WebSense filtering proxies when used in conjunction with certain Cisco devices. See the original advisory for more details.

Forensics and Incident Response

• RegLookup -- A utility for analyzing Windows registry hives.
• GrokEVT -- Interprets Windows event logs
• tableau-parm -- A tool for interacting with Tableau forensics write blockers under UNIX.