Contributions

Over time, I have contributed to some Open Source Software projects. What follows a list of such contributions. The list of contributions is grouped by project and sorted in chronological order.

IVRE

  1. Minor fixes to IVRE’s web interface (#601).

stoQ Framework

  1. Integration between stoQ Framework and LIEF (#22).

Pafish

  1. Fix the compilation under Linux with MinGW cross-compiler (#29).
  2. Added extra checks for VMWare and Wine (#31, as reported in #15).
  3. Disabled Wow64 file system redirection (#34).
  4. Added a check for less than one GiB of memory (#35).
  5. Fixed some compilation warnings (#37).
  6. Added HackingTeam VM detection methods (#39).

Evilarc

  1. Added support to prepending a path to a transversal (#3).

Suricata

  1. Cleaned up repeated code (#482).
  2. Unified2 alert output X-Forwarded-For support rewrite and improvement (#544).
  3. Fix the segmentation fault while logging the host on the custom HTTP logger (#734).
  4. Simple code fixes (#1105).
  5. Added X-Forwarded-For support to JSON logging (#1254).
  6. Added support for SHA1 and SHA256 (#2252).

AisLib

  1. Added missing AIS message types (#1).

Logback

  1. Fixed an issue where exception stack traces were being included (#34).

Nmap

Change log can be found here.

  1. Improvements to smtp-open-relay script;
  2. Created the smtp-enum-users script, which attempts to find user account names over SMTP by brute force testing using RCPT, VRFY, and EXPN tests.
  3. Created the http-vuln-cve2011-3192 script that detects a denial of service vulnerability in the way the Apache web server handles requests for multiple overlapping/simple ranges of a page.
  4. Made http-wordpress-enum script able to get names of users who have no posts.
  5. Added path argument to the http-auth script and update the script to use stdnse.format_output.
  6. Added new fingerprints to http-enum for Subversion, CVS and Apache Archiva.
  7. Applied patch to snmp-brute that solves problems with handling errors that occur during community list file parsing.
  8. Added new services and the ATTACK category to the dnsbl script.