TinyApps.Org
Small is beautiful


 HOME

  0. Internet
  1. Text
  2. Graphics
  3. System
  4. File
  5. Misc
  6. Palm
  7. OS X

 BLOG

 DOCS

 FAQ

 RSS (?)



Cleaning Microsoft Word HTML #
Microsoft's Office 2000 HTML Filter 2.0 combined with TidyGUI has performed well for me in the past when converting MSWord-generated HTML. Sadly, the former does not work with Office 2003, so I tried half a dozen or so alternatives (including the latest version of Tidy) to no avail. At long last I stumbled upon CleanWordHtml, a 3k .NET console app that (along with TidyGUI and a little batch replace) did a wonderful job of cleaning up the mess.

/windows | May 24, 2008

Relocating default directories with symbolic links (symlinks) #
While helping a friend setup his new 1TB RAID array, we discovered that iMovie '08 does not provide any apparent mechanism to change its default save directory (~/Movies). So we decided on the same technique I had previously used to move the Music, Pictures, and Movies folders out of a FileVault-encrypted home directory: symlinks. Wikipedia describes them best: "Symbolic links operate transparently: programs which read or write to files named by a symbolic link will behave as if operating directly on the target file." The following process worked great for our purposes, but please be aware that the slightest mistake or misunderstanding can cause irreparable data loss.
  1. Create Movies directory on RAID
    $ mkdir /Volumes/RAID/Movies
  2. Move existing files and folders from ~/Movies to Movies on RAID
    $ mv ~/Movies/* /Volumes/RAID/Movies/
  3. Delete the now empty ~/Movies folder so we can create the symbolic link
    $ rmdir ~/Movies
  4. Create symbolic link named ~/Movies which points to the new location on RAID
    $ ln -s /Volumes/RAID/Movies ~/Movies

/mac | May 23, 2008

Identifying suspicious executable files #
Last year, the folks at Panda found that "79% of new malware is using some type of packing technique". Here are two apps to help you identify such suspicious executables:
  • Red Curtain "examines multiple aspects of an executable, looking at things such as the entropy (in other words, randomness), indications of packing, compiler and packing signatures, the presence of digital signatures, and other characteristics to generate a threat 'score.'" (via Grand Stream Dreams)
  • PEiD "detects most common packers, cryptors and compilers for PE files. It can currently detect more than 600 different signatures in PE files." Features include: heuristic scanning options, disassembler, hex viewer, and many more.
UPDATE: James kindly informs us of findssv, an app his professor built to "statically analyze an executable file for its administrative content, its layout and various security vulnerabilities". Further details can be found in this research paper (PDF) or this PowerPoint slideshow. For those who prefer plain text, here's the gist (quoted from the PPT):
  • It quickly pares down a group of executable files to the ones in which secure programming was not an objective of the software developers
  • It can do in seconds what could take a security analyst days or weeks to do using hex editors and file dump utilities
    • It knows what to look for and where to look for it in the PE format
    • It knows when to stop looking when specific security vulnerability indicators are not present
  • Determine the compiler and linker used to build an executable file
  • Establish the relationship between DLL function use and program purpose
  • Provide more details on unknown regions
  • Reveal the names of files stored in compressed file regions
  • Detect the use of standard C functions by way of function call signatures searched for in the code sections of a PE file

/windows | May 11, 2008

ThreatExpert - Like your own automated malware testing sandbox #
Yet another post on the aforementioned Offensive Computing has turned up an excellent resource: ThreatExpert (developed by PC Tools). You upload a threat, their system apparently runs and monitors the threat in a sandbox, and then spits out a report listing file system, memory, and registry modifications - very cool!

UPDATE 1: A similar submission service is available from Sunbelt: CWSandbox.
UPDATE 2: CastleCops has a list of these sandboxing scan services here.

/windows | May 11, 2008

A few anti-malware links #
After reading Reverse Engineering Malware, I wanted to find a white hat malware sample site. Google turned up this post on Bugtraq from a few years ago announcing just such a site called Offensive Computing. It is still going strong, with almost 285,000 malware samples available. As an added bonus, a quick trip to the forums revealed OSAM, an autorun manager with a number of unique features for combatting malware (including rootkits). A portable version is available here; you may need the DLLs at the bottom of the page as well.

UPDATE: Just stumbled on this Offensive Computing presentation from DEFCON 15: Malware Secrets. A bit more digging has revealed a list of their videos.

/windows | May 11, 2008

Batch downloading and naming videos from YouTube #
Rafal (author of Duplicate Files Searcher) has crafted another cross-platform Java app: YouTube Downloader+. Simply paste one or more YouTube URLs into the text box and YTD+ will not only download the FLV(s), but also name the file(s) appropriately (unlike many tools which label YouTube downloads as "get_video" with no extension).   Screenshot

/misc | May 03, 2008

Categories
/blosxom
/mac
/misc
/nix
/palm
/windows

Blosxom Archive
2010: 9 8 7 6 5 4 3 2 1
2009: 12 11 10 9 8 7 6 5 4 3 2 1
2008: 12 11 10 9 8 7 6 5 4 3 2 1
2007: 12 11 10 9 8 7 6 5 4 3 2 1
2006: 12 11 10 9 8 7 6 5 4 3 2 1
2005: 12 11 10

Blogger Archive
2005: 10 9 8 7 6 5 4 3 2 1
2004: 12 11 10 9 8 7 6 5 4 3 2 1
2003: 12 11 10 9 8 7 6

Ezine Archive
2004: 4 3 2 1
2003: 12 9 8 7 6 5 4 2 1
2002: 12 10 9 8 7 6 5 3 2 1
2001: 12 11 10