This is a small change to my FileScanner tool to make it long path aware.
FileScanner_V0_0_0_9.zip (http)MD5: 2BCD526792C76890CC6EF7EED9396BE2
SHA256: 9063221557F2EBACDC5B1CA977828250A2524B9795369AB4918B9287CAEB7DBF
Monday 10 June 2024
Update: FileScanner Version 0.0.0.9
MD5: 2BCD526792C76890CC6EF7EED9396BE2
SHA256: 9063221557F2EBACDC5B1CA977828250A2524B9795369AB4918B9287CAEB7DBF
Sunday 9 June 2024
Update: what-is-new.py Version 0.0.4
Added option -D –dumpformat to specify the format of the dumped information when using option -d.
what-is-new_V0_0_4.zip (http)MD5: B2BED149AF949C058E19CD6077D64D2D
SHA256: 8C7C475C62D7F79AE45150309AB47757CE308760FAB2BE93D0E03C56D0DA59F6
Saturday 8 June 2024
Update: simple_listener.py Version 0.1.5
I added IPv6 support to simple_listener.py.
Although it was not by design, it turned out that simple_listener.py only works for IPv4. So I made some small changes to add IPv6 support.
When you use dictionary to define your listeners, use THP_TCP6 and THP_UDP6 to define TCP IPv6 and UDP IPv6 listeners respectively. The meaning of THP_TCP and THP_UDP has not changed, that’s for IPv4 listeners.
When you use port options to define your listeners, use prefix t6: and u6: to define TCP IPv6 and UDP IPv6 listeners respectively. The meaning of t: and u: has not changed, that’s for IPv4 listeners.
And by default, listening takes place on all IPv4 interfaces (0.0.0.0) when IPv4 listeners are defined, and listening takes place on all IPv6 interfaces (::) when IPv6 listeners are defined. That’s governed by option -a –address’ default value 0.0.0.0,::.
To explicitly specify an interface with option -a, you will need to provide an IPv4 address and an IPv6 address separated by a comma.
simple_listener_v0_1_5.zip (http)MD5: 3FAC80E7D6E3CE71AD4276125AD080E8
SHA256: BA716A27401DB4A76D3FE826A21BA4F7C74DC26AF4B96EA965D5E85517F94214
Friday 7 June 2024
Update: count.py Version 0.3.2
This new version brings option –encoding, to handle different text encodings.
count_v0_3_2.zip (http)MD5: 552B7E8C92D07FB422AF6956A88B3C6E
SHA256: B0CA909EC5CDA7471D80B7562D93388D81225EEB73A6421D4784F2DAD785AC0B
Thursday 6 June 2024
Update: zipdump.py Version 0.0.30
I added a –stats option, extra processing for PK END records and a new choice for -W –write option: alphanumhashvir.
zipdump_v0_0_30.zip (http)MD5: 890E9000F6CD7CD91BA9FC75D4297D8D
SHA256: 2A266E7E35D7DEF8A63964E73B105992752E51AA32CD20C97D3383FBB77F1587
Wednesday 5 June 2024
Update: strings.py Version 0.0.9
This update to strings.py brings option -V to add extra statistics for the 10 longest strings when option -a –stats is used.
strings_V0_0_9.zip (http)MD5: 5611044374DDCA8E7C1A74D88ED9B9C2
SHA256: C198D543F4D46B1330D1A4778829F534E77AA320CE500DF2B1F78910A50ADCCF
Tuesday 4 June 2024
Update: myjson-filter.py version 0.0.6
This new version of myjson-filer brings a new choice for option -W (–write): hashext.
This write files where the filename is the sha256 hash + provided extension. For example, option -W hash:jpeg will create files with extension .jpeg, and the name is the sha256 hash of the content of the file.
myjson-filter_V0_0_6.zip (http)MD5: 379880AF93E312F8A8D80A7F8E0825E5
SHA256: E1B09AEEFB437ECDF3A6223BE3D72A3D552EF5A3B2E9CC42D06A83E4230EA9D1
Monday 3 June 2024
Update: hash.py Version 0.0.12
This new version of hash.py adds JSON input support: –jsoninput.
hash_V0_0_12.zip (http)MD5: 087C9DB7D2C22449B568F7F35015A2D1
SHA256: 1021D93E0048F2196AA4D4018C1FA3DC61BAA28E6A00F97AB48442BAF7FB8C12
Sunday 2 June 2024
Update: file-magic.py Version 0.0.8
I’ve added opion -B –bin to move analyzed files into folders per detected file type.
file-magic_V0_0_8.zip (http)MD5: A495B1CAC80D027AB9CABC76E796A418
SHA256: 5A67274B81BC493ED94D50A375EEC850DFB4065894FD8814D4B3CF5006810F73
Saturday 1 June 2024
Overview of Content Published in May
Here is an overview of content I published in May:
Blog posts:
YouTube videos:
Videoblog posts:
SANS ISC Diary entries:
Didier Stevens 