Listed below are all the software projects i have developed till now . Though all the source code as well as the relevant presentations are ready to be published on this website , due to the fact that most of the code might be considered malicious and might be used for illegal purposes , i have refrained from putting them up .

In case the sources are required for educational purposes contact me at vivek_ece_iitg@yahoo.co.in .

• I am currently working on an anomalies based network intrusion detection system .
  The test data set is being taken from the MIT Lincoln Lab at http://www.ll.mit.edu/IST/ideval/
  
  Right now i am classifying the attacks so that i can prepare my network test bed accordingly . Updates will be available here as soon as more work is done .
  
      

• An arp man-in-the-middle spoofer which works by sending periodic spoofed arp replies to both the victims .
  
  
• An arp switch overflow tool , which overflows the arp cache of switches by sending thousands of spoofed arp replies to the switch , putting the switch in fail open mode .
  
  
• An arp flooder which performs a dos on xp pc's by sending sending spoofed gratitious arp with source address of the victim . XP complains about an ip conflict and the pop up messages crash it .
  
  
• Arp Spoofing detection based on an active method as documented in this file .
  
    

• A sniffer which decodes arp , ip , tcp , udp and icmp traffic and use arp spoofing to sniff on switches .
  
  
• A sniffer which searches for a specific data pattern in the ip traffic it sniffs of the line . It takes a phrase as an input and searches for it in the data payload .
  
  
• A yahoo messenger sniffer which decodes all messenger sessions taking place in the same broadcast network and shows a real time decoding . A combination of arp spoofing allows sessions to be decoded even in the presence of switches .
  
     

•   A sniffer detection tool which uses the ARP and ICMP methods to detect sniffers .
  
      

•   Fake host : The exact description of this tool is documented here . One could mention certain services which could be kept on on these fake hosts .
  
       

•   Icmp covert channel based on the echo request and response packets , it hides the encrypted data by appending it to the requests and responses . It uses a symmetric key for encryption / decryption .
  
  
• A root shell which binds to a specified port .
  
  
• A portless backdoor which sniffs the network for a particular pattern in the packet and executes commands encoded in it .
  
      

• SYN , ACK and RST flooders
  
  
• Smurf , Land , Ping Of Death and Teardrop reimplemented .
  
  
• Xerox : A new tool written by me which picks up all the network traffic it sniffs , and redirects it towards the victim , by changing the destination ip , recomputing the checksum and then sending it back on the network . The new thing is that as the tool is sending random traffic which it sniffs of the wire hence there is no pattern which can be observed in the traffic , making it quite tough to implement an ACL ( Access Control List ) .
  
  
• A Samba worm : Based on the latest ........vulnerability , this proof of concept code just spreads ! nothing else ...no payload included :-) !
  
       

• I have implemented a port scanner using vanilla , SYN , FIN , RST , XMAS , NULL , UDP and Fragmentation scanning techniques . I have also added the recently publicized port 0 and idle scan techniques .
  
  
• A Stateless syn scanner on the lines of the latest scanrand . Here the sending and receiving processes are separate . It is called stateless as the sender does not have to keep a record of the probes it sent out .
  The sequence no = f(source ip, source port , destination ip , destination port ). The receiver checks if ( ACK - 1 ) is same as the above for the reply it receives to know if it the reply to an actual probe .
  
       

• WLAN Security analysis paper .
  
  
• A wireless sniffer which decodes control , data and management frames .
  
  
• A stealth SSID sniffer which uses active and passive techniques to get the ssid of non broadcasting networks .
  
  
• MAC Address spoofer to penetrate networks using MAC filters on their Access Points .
  
  
• A keystream recovery tool for Shared key auth. It sniffs the challenge as well as the encrypted challenge and thus have the keystream , which could be used for replay attacks .
  
  
• A wireless network mapper which shows all the STA's and the respective AP's they are connected to . Also it recognizes STA's working in the ad-hoc mode .
  
  
• My wireless sniffer writing tutorial available here .
  
  
• Replay as well bit flipping attacks on wireless networks by injecting traffic .
  
  This was all part of my summer internship at the University of Applied Sciences , Rapperswil , Switzerland under
  Prof. Beat Stettler .
  
  
     

• ICMP redirection by sending a forged icmp redirect message to the victim .
  
  
• OS fingerprinting using icmp : i have implemented some of the techniques as proposed by Ofir Arkin . The methods are available at http://www.sys-security.com.
  
       

• A ping program which forges the source ip to that of a masqueraded pc on the local lan , and sniffs the replies to the ping queries . This shows how a masqueraded pc can be attacked from the inside .

• Mangler : This program reads packets from the network and modifies them as specified , computes the checksum and then places it back on the wire .
  
  
• Replay : Reads a tcpdump dump file and sends the packets
  back onto the network . It replays the saved packets taking into consideration their relative timing .
  
  

• A scanner which determines the presence/absence of firewalls by using the fact that if the layer 4 tcp checksum is wrong then a firewall might still send back a reset as it does not verify the L4 checksum . A host's network stack on the other hand will drop the packet . This scanner is based on the method given in phrack 60 at http://www.phrack.org.
  
  

•  Multicasting in a WAN & related Network Security Issues :

Made a software for sending and receiving multicast messages . The data consisted of both real time text & voice . Encryption of data using a symmetric key was implemented .                                                                  

• Audio Conferencing software on the linux platform .

      Download presentation .pdf

• Printer driver ( generic ) .                                                                   
• Parallel & serial port drivers for various hardware circuits .                      
• Hardware driver for a pc based infra-red remote control .
  
  

• Tiff to Jpeg conversion using matlab .
  
  
• Canny Edge Detection in matlab .
  
  
• Steaganography using LSB algo.
  
      

Data Compression software based on the following algorithms :-

• Huffmann Algo.
  
  
• Arithmetic Coding .
  

• Using Matlab implemented the following modulation / demodulation schemes viz AM , FM , SSBSC , DSBSC , FSK , BPSK , QPSK , 8-PSK .      
           
• Using C once again implemented the above .