These days, most files that are compressed come in 7zip, zip or tar/gunzip format, though there are a myriad of other types out there. I first cut my teeth on arj, but those were the days of DOOM, Slackware 3.0 and floppy disks. When you do come across an unfamiliar format, it can slow down your workflow to look for the right switches, which is where dtrx - “Do the Right Extraction” comes in. It will extract bz2, cab, cpio, deb, gem, gz, lzh, lzma, rar, rpm, xz, 7z and a variety of other niche compressions. It depends on Python, and you can install it with:

Read More

HTTP fingerprinting on windows normally uses a windows based gui, like httprint, but there are some excellent command line options as well. Whatweb is a ruby program that identifies websites, their frameworks, language version, server version, etc. The current stable build is 0.4.6, which won’t work on cygwin, since it’s written for ruby 1.9, and cygwin currently ships with 2.0. Fortunately the git development copy 0.4.8 works just fine.

Read More

Meld is a graphical diff and merge program for comparing files. It is particularly good at helping you review the differences between differing code. The project’s homepage is http://meldmerge.org, and like many good programs, it can run on Cygwin, though you will need X Windows up and running. Note that there is a Windows Installer at http://sourceforge.net/projects/meld-installer/, but the result won’t be integrated into your cygwin environment.

Read More

Both very handy tools, Nmap allows you to scan an object for listening ports, discover services on a network and more. Wireshark lets you log network traffic and analyse it. Both leverage winpcap to work on Windows.

Read More

Siege is one of many website stress testers. It spawns multiple processes and begins requesting the pages from the target website as rapidly as it can. There is no attempt at obfuscation; it’s very obvious, traceable and blockable, but it is good for seeing how your server will handle under load. You can get the source code from http://www.joedog.org/siege-home

Read More

Sqlmap is a tool for automating SQL injection discovery and exploitation on your websites, or your clients. Fortuitously it works well via cygwin, though it requires some setting up.

Read More