I've made an initial release of Bletchley, which is a collection of cryptanalysis tools I've been working on for a while. The focus of the project is to make black-box detection and exploitation of common cryptography problems easier. Bletchley is still in the early stages of development and consists of tools which provide:
* Automated token encoding detection (36 encoding variants) * Passive ciphertext block length and repetition analysis * Script generator for efficient automation of HTTP requests * A flexible, multithreaded padding oracle attack library with CBC-R support More info can be found here: https://code.google.com/p/bletchley/ I'd love to hear any feedback. Also note, I am teaching a 2-day course on application cryptanalysis class at AppSec USA that will rely heavily on Bletchley to implement realistic attacks in a lab environment. Schedule and info here: http://sched.co/19n00R5 Thanks, tim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/