Updating the site. Removing older content. Adding some fun JavaScript tools

I'm speaking at BlackHat Federal in January. The topic is Web Application Worms and Viruses. Here is the outline of my presentation.

Major site update. I've spent the last week or so updating all my old conference presentations. They can be downloaded in multiple formats or viewed online as Flash. I updated them to a common template and updated the content and graphics used on many of them. 6 presentations are available

I have also added some more documents to the Technical Documents section and been fixing some of the backend structure of the website.

I just uploaded TinyDisk, the TinyURL/NanoURL-based file system, which I demoed at Phreaknic this past weekend. You can download my lecture slides, Layer 7 Fun: Extending Web Applications in Interesting Ways, in PDF and Open Document Format, or view it online in Flash. I've also started an FAQ to answer concerns about TinyURL getting screwed, accusations of being a horrible bastard, future design ideas for TinyDisk and more.

Update: The video of my presentation at Phreaknic is available on Google Video

Toorcon ruled this year! Props to H1kari and George and the rest of the crew for letting me speak again and making me feel so welcomed. You can download the lecture slides for my Phuture of Phishing talk, as well as the source code from my anti-XSS/phishing proxy Line Breaker from SPI Dynamics.

I got to meet a lot of folks I had only read about. Chatting with the Shmoo crew was very cool. They are working on this neat hacker arcade for the upcoming Shmoocon, which should let me test out my hardware hacking skills. Best of all was eating food with a bunch of friends like Mike Lynn and Dan Kaminski, brainstorming fun hacks. IP over RSS anyone? You subscribe to my RSS feed (which is really a CGI script), I do yours, Volla! Traffic!

URLParser started because Java's URL parser built into their URL class, well, sucks.URL doesn't allow complete access to all the URL fields! It returns incorrect data for the path and filename of a URL!

On a side note, URLs are insane to parse. RFC's contradict each other, each field has different case sensitivity issues, different reserved characters. In short, I want to punch Tim Berners Lee in the face.

aes-crypt started as part of a larger project where I needed to encrypt some data files. Java makes this pretty easy, though as normal it takes 4 or 5 classes to do something simple. Factory, Stream, Reader, Buffer... Bullshit! Anyway, I decided to throw in some Exception handling and create an instance as a stand alone program. It's certainly isn't the first command line AES program (I'm a big fan of ccrypt), but I find it handy. I hope to convert it to a signed applet soon, so that I can encrypt and decrypt files anywhere I haev net access. Very helpful for hacking your internet connected kiosks!

Phasmatis, is an open source project that can read and write the SPT datafile used by the spy software Specter. It is hosted on Source Forge, and is still in the alpha stage. Work has been stagnant for many months now, and I will not be able to work on this until I graduate in May.

htmlstrip, a command line filter to strip "<" and "> delimited markup language tags has been uploaded. I use it to strip my HTML before passing it to a spell checker. Have fun.

Welcome to Most Significant Bit Labs. Here you will find a mix of articles and projects on computer security, hardware hacking, and whatever else we dream up. An extensive collection of technical documents and references we find useful is also available.

This site is currently under heavy construction, transitioning from my old site