Last change
on this file since 22 was
21,
checked in by tmorgan, 12 years ago
|
fixed IV propagation to the oracle
documentation
|
File size:
1.1 KB
|
Line | |
---|
1 | Near Term |
---|
2 | ========= |
---|
3 | |
---|
4 | * Ciphertext block brute-force classes |
---|
5 | |
---|
6 | * A stream ciphertext probe tool to build a map of different error messages |
---|
7 | |
---|
8 | * A tool that behaves like http2py, but generates a POA script |
---|
9 | |
---|
10 | |
---|
11 | |
---|
12 | Future |
---|
13 | ====== |
---|
14 | |
---|
15 | * Codetective |
---|
16 | Consider using parts of this, if useful |
---|
17 | https://github.com/blackthorne/Codetective |
---|
18 | |
---|
19 | * nextrand |
---|
20 | - Expand capabilities to handle nextInt calls with arguments |
---|
21 | - Transition code to a library that could be called by Python |
---|
22 | |
---|
23 | * Consider using an SMT solver for certain problems (linear PRNGs?) |
---|
24 | http://en.wikipedia.org/wiki/Satisfiability_Modulo_Theories |
---|
25 | |
---|
26 | * Add tools for testing and conducting hash length-extension attacks. |
---|
27 | One tool: https://github.com/bwall/HashPump |
---|
28 | |
---|
29 | * Add tool to test for LCG without knowing LCG parameters |
---|
30 | See: Inferring Sequences Produced by Pseudo-Random Number Generators by JOAN BOYAR |
---|
31 | |
---|
32 | * Add Mersenne Twister attack tool |
---|
33 | See: http://seclists.org/fulldisclosure/2012/Oct/190 |
---|
34 | |
---|
35 | * Add tools for helping one determine the character set used by |
---|
36 | randomly generated passwords, as well as determining the mapping |
---|
37 | from numbers to characters |
---|
Note: See
TracBrowser
for help on using the repository browser.