Hi!
Excuse my bad english.
I have the idea to construct a "Framework" to support Security-Issues.
As somebody who's interested in Network-Security and loves to program
in Smalltalk, i think it would be wonderfull to have something like
the nasl (nessus attack scripting language - www.nessus.org) - for
Smalltalk. The Framework should implement classes that can easily be
used to build exploits for known security-holes and to test Network-
Security.
As a Smalltalk-Platform I think Squeak (www.squeak.org) would be great.
I guess it should be simple to build exploits like buffer overflows,
format-string-attacks, cgi-vulnarabilities or all those IIS-vulns in
Squeak-Smalltalk. And with enough energy it should be possible to
implement low-level network attacks with packet-capturing and packet-
injection. At this point Squeak has to be extended (primitives,
written in C/C++).
Ok. This is just a first "brainstorming". If anyone has Ideas or
comments or want's to join this project - drop me a line or post it
here.
Bye,
Stefan