Windows Apps by FS1
|Unless otherwise noted, the applications available here require Windows 7 or later, and are 100% free for home use.
For use in business/production environments, please contact me for licensing details.
Follow @hexatomium on Twitter to be notified of new releases.
Note: Content and software posted here are solely my own and do not represent my current employer or any other organization.
Making and maintaining these tools takes lots of time. If you can, please help cover development costs.
||Identifies several classes of privilege escalation vulnerabilities. (x64 only - Beta)
||A tiny auto-save notepad. For your quick notetaking needs. (Portable)
||A simple command-line version of the 'Run as administrator' Windows functionality. (Portable)
||Cobbler is a simple and robust vault for sensitive text-based information, with a focus on bruteforce resistance and keeping a low attack surface.
Uses battle-tested AES256_HMAC_SHA1 for strong encryption and data authentication.
- Note: the recent SHA1 collision does NOT affect HMAC_SHA1.
- Deniable output formats and other unique features are in the pipeline. More info to follow!
||A small file hash utility, with convenient VirusTotal integration. (Portable)
||A scanner for root certificates in Microsoft Windows and Mozilla Firefox. Highlights potentially rogue certs based on reference baselines and additional metadata.
||Root Exposure Manager - Reduce your exposure to unnecessary root CAs.
||Automatic clipboard wiper, to prevent accidental pastes.
||A lightning-fast command-line Shannon entropy estimator. Optimized for large (up to 2GB) files.
||Generates time-based tokens for self-discipline. Use as password with software such as NetNanny or K9. (Evaluation version)
||A tiny random wallpaper generator. Useful for making some quick 'sectioned' backgrounds.
||Displays on-screen text, OSD style.
||Windows currently trusts 374 root certificates but Certificate Manager only displays a subset. Examine the full list using CTLInfo.
||Command-line scanner for disguised PE executables. DEP/ASLR support.
||View the UTC compilation timestamp of a Windows executable (command line).
||Native curl-like tool for Windows, tiny, with VirusTotal output.
Who am I?
I am an Infosec professional, currently based in Brussels, Belgium.
Vulnerability hunting log
- 2017 Facebook Undisclosed Medium
- 2017 KeePass CVE-2017-1000066 High (CVSS 7.5)
- 2017 BitDefender Undisclosed High
- 2016 LastPass Undisclosed High
- 2016 Firefox CVE-2016-5251 Medium (CVSS 4.3)
- 2016 Dropbox Undisclosed (H1:107729) High