|
Last change
on this file since 22 was
21,
checked in by tmorgan, 11 years ago
|
|
fixed IV propagation to the oracle
documentation
|
|
File size:
1.1 KB
|
| Line | |
|---|
| 1 | Near Term |
|---|
| 2 | ========= |
|---|
| 3 | |
|---|
| 4 | * Ciphertext block brute-force classes |
|---|
| 5 | |
|---|
| 6 | * A stream ciphertext probe tool to build a map of different error messages |
|---|
| 7 | |
|---|
| 8 | * A tool that behaves like http2py, but generates a POA script |
|---|
| 9 | |
|---|
| 10 | |
|---|
| 11 | |
|---|
| 12 | Future |
|---|
| 13 | ====== |
|---|
| 14 | |
|---|
| 15 | * Codetective |
|---|
| 16 | Consider using parts of this, if useful |
|---|
| 17 | https://github.com/blackthorne/Codetective |
|---|
| 18 | |
|---|
| 19 | * nextrand |
|---|
| 20 | - Expand capabilities to handle nextInt calls with arguments |
|---|
| 21 | - Transition code to a library that could be called by Python |
|---|
| 22 | |
|---|
| 23 | * Consider using an SMT solver for certain problems (linear PRNGs?) |
|---|
| 24 | http://en.wikipedia.org/wiki/Satisfiability_Modulo_Theories |
|---|
| 25 | |
|---|
| 26 | * Add tools for testing and conducting hash length-extension attacks. |
|---|
| 27 | One tool: https://github.com/bwall/HashPump |
|---|
| 28 | |
|---|
| 29 | * Add tool to test for LCG without knowing LCG parameters |
|---|
| 30 | See: Inferring Sequences Produced by Pseudo-Random Number Generators by JOAN BOYAR |
|---|
| 31 | |
|---|
| 32 | * Add Mersenne Twister attack tool |
|---|
| 33 | See: http://seclists.org/fulldisclosure/2012/Oct/190 |
|---|
| 34 | |
|---|
| 35 | * Add tools for helping one determine the character set used by |
|---|
| 36 | randomly generated passwords, as well as determining the mapping |
|---|
| 37 | from numbers to characters |
|---|
Note: See
TracBrowser
for help on using the repository browser.
