Unless directly linked here all the code is freely available from CPAN or GitHub.
- SSL/TLS related software
- IO::Socket::SSL - SSL/TLS support for Perl
- Net::SSLGLue - force proper certificate checking
- Net::SSLGLue::SMTP - provide full SSL support for Net::SMTP
- Net::SSLGLue::POP3 - provide full SSL support for Net::POP3
- Net::SSLGLue::FTP - provide full SSL support for Net::FTP
- Network security, network traffic inspection and manipulation
- Net::IMP - Interface between IDS, proxy etc and analyzer for layer 4 traffic inspection and manipulation
- Net::IMP::HTTP, APP::HTTP_Proxy_IMP - layer 7 (live) HTTP traffic inspection and manipulation
- Net::IMP::Remote - RPC for the IMP protocol, e.g. run analyzer in different process or even different host than data provider (IDS, proxy..)
- Net::Inspect - flexible framework for parsing network data starting with pcap up to HTTP
- App::DubiousHTTP - test behavior of browsers and security systems regarding dubious HTTP responses
- Net::SIP - VoIP/SIP handling in Perl
- Mail related
- Mail::SPF::Iterator - non-blocking resolving of SPF queries
- Net::SSLGLue::SMTP - provide full SSL support for Net::SMTP
- IPv6 and Perl
- Net::INET6Glue::INET_is_INET6 - hack modules depending on the IPv4-only IO::Socket::INET to support IPv6.
- Net::INET6Glue::FTP - hack Net::FTP to support IPv6
- Net::SSLGlue::FTP - hack Net::FTP to support IPv6 and SSL
- Testing and development
- Net::PcapWriter - create pcap files for TCP/UDP connections for testing
- Devel::TrackObjects - track creation and destruction of objects to find memory leaks
- various mostly unsupported stuff
IO::Socket::SSL
This is a widely used SSL abstraction layer for Perl.
It wraps the function style interface of Net::SSLeay into
an interface similar to other IO::Socket modules and thus can be used to make existing applications
easily SSL aware.
It also provides serveral utility functions to read, write and create certificates and keys and
supports SSL interception (i.e. man in the middle).
I took over development of this module in 2006.
Net::SSLGlue
Although using IO::Socket::SSL looks like a drop-in replacement for other IO::Socket modules, it is not.
Thus lots of modules fail to properly check certificates.
Net::SSLGlue provides a way to hack stronger checks into these modules.
Net::SSLGlue::SMTP
While Net::SMTP is a mature core Perl module and provides easy support for sendings mails, including
authorization, it misses support for speaking SSL with a mail server. Years ago two modules tried
to fix this problem, but each provided only a partial solution. While Net::SMTP::SSL offered support
for SSL from the start of the connection by hacking into Net::SMTP, it did not provide upgrade of an
existing unencrypted connection using the STARTTLS command. This command was instead offered by
Net::SMTP::TLS, which tried to re-implement the Net::SMTP interface from scratch. Unfortunatly
Net::SMTP::TLS only offers STARTTLS and does not implement SSL at connection start.
And none of these modules does proper verification of the SSL certificates.
Thus Net::SSLGlue::SMTP was created, which implements certificate checking and supports both kinds of SSL with SMTP, i.e. direct SSL connect and later upgrade to SSL. It does this by small hacks into Net::SMTP, i.e. only improving Net::SMTP instead of re-implementing it.
Thus Net::SSLGlue::SMTP was created, which implements certificate checking and supports both kinds of SSL with SMTP, i.e. direct SSL connect and later upgrade to SSL. It does this by small hacks into Net::SMTP, i.e. only improving Net::SMTP instead of re-implementing it.
Net::SSLGlue::POP3
Net::SSLGlue::POP3 provides for Net::POP3 what Net::SSLGlue::SMTP provides for Net::SMTP, i.e.
support for both kind of SSL setups.
Net::SSLGlue::FTP
Net::SSLGlue::FTP enhances Net::FTP with support for SSL (explicite via AUTH TLS and implicite at client connect).
It also provides support for IPv6.
Net::IMP
This Perl module implements the Inspection and Modification Protocol (IMP), an common interface
between a data provider like IDS, firewall or proxy and an analyzer.
The basic interface provides layer 4 (TCP, UDP) inspection and modification.
The implementation comes with some useful analyzers and two data providers which can use these
analyzers: a TCP proxy and a filter which reads packet captures, analyzes them and writes
modified pcap files.
Net::IMP::HTTP, App::HTTP_Proxy_IMP
Based on Net::IMP, Net::IMP::HTTP implements the Inspection and Modification Protocol for layer 7
inspection and manipulation of HTTP traffic. Using Net::IMP::HTTP, App::HTTP_Proxy_IMP then
implements a http proxy with the ability to inspect and manipulate live HTTP traffic in various ways.
The proxy also supports SSL interception.
Net::IMP::Remote
This implements a special IMP analyzer, which just forwards the data and results to a remote
server (included) which includes the real analyzer.
Net::Inspect
This framework provides a way to feed data from a lower layer like pcap or TCP into an analyzer to
inspect them at a higher layer like HTTP. The flexibility offers a range of uses, like extracting
HTTP requests from a pcap file or implementing an HTTP proxy (as done with App::HTTP_Proxy_IMP).
App::DubiousHTTP
This provides an app usable as an HTTP server, which will generate dubious HTTP responses, e.g.
responses either not fully conforming to the standard or using features which are rarely used.
It can be used to test behavior of browsers and security systems (i.e. IDS, firewalls...).
If the security system and the browser it should protect differ in the interpretation of the
HTTP response this might be used to circumvent the security system.
See also for current results regarding various browsers and security systems.
See also for current results regarding various browsers and security systems.
Net::SIP
This Perl module implements basic SIP handling.
While it is probably not possible to write a full featured SIP client with it, it can be used to
implement SIP proxies or registrars and for easy testing of SIP environments. It provides
rudimentary support for sending and receiving RTP data and can send and understand DTMF signals.
Mail::SPF::Iterator
This Perl module implements SPF (Sender Permitted Framework, RFC 4408) processing.
Contrary to the blocking Mail::SPF it works as an iterator. I.e. for each SPF lookup it provides an
iterator object, which will generate (but not submit) the necessary DNS queries. After the
query got resolved outside of Mail::SPF::Iterator, preferable using an asynchronous lookup
like with AnyEvent::DNS, the answer gets fed into the iterator object and will result in
more queries or in the final result.
The iterator can be easily integrated into an existing event based architecture like AnyEvent
or POE and provide a lightweight way to process hundrets of SPF queries in parallel without
using multiple threads or processes.
Net::INET6Glue::INET_is_INET6
While lots of established modules simply use IO::Socket::INET for sockets,
IO::Socket::INET can only deal with IPv4 and not with IPv6.
This module hacks IO::Socket::INET to behave like IO::Socket::INET6 (which can do both IPv4
and IPv6), which magically enables IPv6 support in lots of useful packages.
Net::INET6Glue::FTP
Additionally to make the sockets used in Net::FTP IPv6 aware, the package extends
Net::FTP with transparent support for the IPv6 specific FTP commands EPRT and EPSV.
Net::PcapWriter
This module makes constructing pcap-files for TCP and UDP connections easy.
Devel::TrackObjects
This module redefines CORE::bless to track the creation and destruction of objects.
This helps to finding memory leaks resulting from cross-referenced objects.
Various mostly unsupported stuff
- daily-tom.pl - script to get current and if possible older version of TOM Touche comic from taz.de.
- daily-dilbert.pl - script to get current and if possible older version of dilbert comic from dilbert.com.
- Script collection I used to convert my iPhoto 06 collection to Digikam while keeping the meta information for the images. Used once, not maintained but maybe of use for somebody with the same problem.
- Bulkdns - fast (parallel) reverse DNS resolver for logfiles. Old, not maintained anymore.
- JavaScript I use together with the Firefox Keyconfig extension to make the page more readable (replace background, colors and fonts, hide iframes). When applied twice the changes are made back.
- Bookmarklet to show the plain text password instead of stars in HTML password fields and enable autocompletion.
- Bookmarklet to show hidden fields.
- Recent presentations also use my own javascript, while older ones are done with OpenOffice or S5.