Code Repositories

My public code repositories are as follows:

  • GitHub which hosts the following projects:
    • Scala/Akka based DSL for building assessment workflows (complete with cloud based integration)
    • various Volatility plugins (e.g. file extraction, stack/heap analysis, debugging symbol extraction)
    • OCaml bindings to the Distorm and LLVM disassemblers
  • BitBucket which hosts the following project:
    • BAP/Volatility interface (allows BAP to analyse Volatility memory)

Volatility Framework

As part of an entry for the Honeynet Forensics Challenge 2010/3 (Banking Troubles), I wrote a series of plugins for the Volatility memory forensic framework that:

  • extracted cached data associated with file objects
  • extracted stack related data for each process thread
  • performed some basic heap data extraction (this code didn't really turn up anything useful for the challenge though!).
Details on this code may be found on GitHub and on the Volatility issue tracker.

ESC/Java

Responsible for reworking the verification condition generator interface to ESC/Java. In particular, two mechanisms for introducing new theorem provers have been defined:

  • new plugin theorem provers may be introduced by implementing a single interface
  • new plugin theorem provers may be specified using XSLT stylesheets to transform an output XML stream from the verification condition generator

QMail/Vpopmail Servers

Have built and administer a number of secure open-source servers for a variety of small/medium sized businesses. Server overview:

  • Debian operating system
  • Qmail email server with:
    • John Simpson’s combined patch applied – includes a bug fix by myself!
    • authenticated email transactions
    • roaming email access for clients
    • support for virtual email domains via vpopmail
    • automated email virus scanning via ClamAV
  • User administration via webmin
  • DNS and DHCP server for easy client network setup
  • ADSL support
  • Firehol capable firewall with client support for routing of network traffic
  • Hylafax based email/fax gateway. Incomming faxes electronically routed:
    • according to the faxes subbaddress (if available)
    • according to user demand (user may specify to pick up copies of the next n faxes or all faxes delivered within a given time period)
  • Netbios support (optional) for integration into a windows network environment

MythTV

Have a MythTV box built from some old computer parts that I’ve had hanging around for some time. System configuration:

  • Frontend/Capture Backend: 400MHz Pentium II
    • Debian linux 2.4.26 running with 256M RAM and a 4G IDE hard drive
    • TV capture/playback via a Hauppauge PVR-350 card
    • Homebrew IR blaster, controled via LIRC, used to control external boxes (eg. Sky digibox, TV, Video/DVD)
  • Storage Backend: dual 1GHz G4
    • OS X 10.3.6 with 1.5G RAM and a 600G serial ATA hard drive
    • NFS used, under the control of the frontend, to store video (initally in an MPEG-2 based format)
    • Quicktime used to transcode recorded MPEG-2 files into MPEG-4 files for storage efficiency

BlueJ/IDE Extensions

Debugging of the BlueJ IDE and its extension mechanism

SML/NJ Compiler

Ported the SML/NJ compiler to the Linux/PPC platform.