Skip to main content

A concept to a product (Kimidori [ 黄緑]) - Part 3

 The previous post explored the report part of the malicious link(s) with as many details as possible. So far the tool can be used any number of times to figure out whether a link is malicious or safe to use. Kimidori [ 黄緑] is not limited to only malicious link detection. This tool can be leveraged to detect the browsers installed on the system along with their executable as well as cookie path. So, far it can detect the following browsers if present / installed in the system. 

1. Brave
2. Chrome
3. Edge
4. Firefox
5. Ice Dragon
6. Opera
7. SeaMonkey
8. Vivaldi
9. and WaterFox

Support for other browsers will be given eventually. 

Here is a glimpse of the page where it shows the browser details fetched by the tool:








More browser support will be added soon along with cookie analysis for the user to let the user know what kind of cookies gets created by surfing the internet web pages by different browsers. This part will revisit soon.

Along with browser-related stuff, this tool also digs into Windows and gets the list of security software got installed into the system and their status.

A glimpse of the details fetched from Windows Security Center:


In the next post will see more features. (To be continued... )



Labels:

Comments

Post a Comment

Popular posts from this blog

Reversing char array without splitting the array to tokens

 I was reading about strdup, a C++ function and suddenly an idea came to my mind if this can be leveraged to aid in reversing a character array without splitting the array into words and reconstructing it again by placing spaces and removing trailing spaces. Again, I wanted an array to be passed as a function argument and an array size to be passed implicitly with the array to the function. Assumed, a well-formed char array has been passed into the function. No malformed array checking is done inside the function. So, the function signature and definition are like below: Below is the call from the client code to reverse the array without splitting tokens and reconstructing it. Finally, copy the reversed array to the destination.  For GNU C++, we should use strdup instead _strdup . On run, we get the following output: Demo code
Post a Comment
Read more

A simple approach to generate Fibonacci series via multi-threading

T his is a very simple approach taken to generate the Fibonacci series through multithreading. Here instead of a function, used a function object. The code is very simple and self-explanatory.  #include <iostream> #include <mutex> #include <thread> class Fib { public:     Fib() : _num0(1), _num1(1) {}     unsigned long operator()(); private:     unsigned long _num0, _num1;     std::mutex mu; }; unsigned long Fib::operator()() {     mu.lock(); // critical section, exclusive access to the below code by locking the mutex     unsigned long  temp = _num0;     _num0 = _num1;     _num1 = temp + _num0;     mu.unlock();     return temp; } int main() {     Fib f;          int i = 0;     unsigned long res = 0, res2= 0, res3 = 0;     std::cout << "Fibonacci series: ";     while (i <= 15) {         std::thread t1([&] { res = f(); }); // Capturing result to respective variable via lambda         std::thread t2([&] { res2 = f(); });         std::thread t3(
Post a Comment
Read more

Close a Window Application from another application.

 This is just a demo application code to show how the WM_CLOSE message can be sent to the target process which has a titled window to close the application. To achieve this, either we can use SendMessage or PostMessage APIs to send required Windows messages to the target application. Though both the APIs are dispatching WM_XXXXX message to target application two APIs has some differences, these are as below: 1. SendMessage () call is a blocking call but PostMessage is a non-blocking call(Asynchronous) 2. SendMessage() APIs return type is LRESULT (LONG_PTR) but PostMessage() APIs return type is BOOL(typedef int). In Short, SendMessage () APIs return type depends on what message has been sent to the Windowed target process. For the other one, it's always a non-zero value, which indicates the message has been successfully placed on the target process message queue. Now let's see how can I close a target windowed application "Solitaire & Casual Games" from my custom-
Post a Comment
Read more