The following are a collection of my github repos, web applications, and tools.
HR.SDET.us – a prototype tool written in Angular 2 and Firebase to poll data tracked by Fitbit wearables to show a user’s heart rate in near real time (delayed 5min.) Only updates when I’m using the Fitbit.
iCollectr.com – Written in Rails, iCollectr.com is a place for users to create accounts that allow them to upload items that they collect; set the costs they’ve paid, and the current value of the items; all collections have their value tallied in real time; Each user has their own gallery site – images hosted via AWS. Hosting provided via Heroku. Current user base: 150+ users.
Tools / Monitoring Systems
Dirgo – Written in Go (Golang), this utility simulates some of the basic functionality of the “dirb” tool found in Kali Linux. Using a dictionary.txt file it will enumerate a host with words in the dictionary to map out a site directory (of potential hidden URL’s.) Dirgo also allows for specific return codes to filter on (i.e. looking for URL’s that throw a 500 error response.)
Endpoint Attacker – Written in Python, this command line utility takes a list of application endpoints and enumerates a variety of OWASP attack vectors against them.
GoScan/GoBannerNabber – Written in Go (Golang), this command line utility takes a host and port range (user input) and iterates over the ports. Passing a GET request, the tool attempts to get a Banner returned from whatever is running on an open port. Using Go’s concurrency I’ve been able to scan 65,000 ports on a server in about 1min.
SITH – (private/internal web app) Written in Grails (backend) and Angular 2 (frontend), Sith (Sip Testing Harness) is an automated monitoring system. SITH monitors:
- SIP production VOIP Proxies
- Inbound and Outbound Carriers (international and domestic calls)
- Call Control & Cubes
- DB Replication
SITH sends out alerts on failures and performs retries where deemed necessary. The application runs about 6,000 tests a day, 24/hr, 7 Days a week.
To see a screenshot of the SITH UI, CLICK HERE.
I’ve used web automation frameworks (Watir, NightWatchJS, Selenium) over the years. I’ve also made web automated tools using API’s like Sikuli to automate closed source binaries… such as place day trades based on image data on a stock graph.