Dhaval Kapil

Projects

I am quite active on Github which has many of my open source projects. To see a complete list of my projects, see my Linkedin profile. Below, is a list of some of my selected projects.
icmptunnel Star
  • Tunnels IP traffic over ICMP - bypass firewalls and captive portals
  • Can be used to make an encrypted communication channel
  • Exploites RFC 792's allowance of ICMP packets of arbitrary data length
  • Covered by PenTest Magazine
Technologies involved: Raw sockets in C, linux 'tun' driver, iptables, route View Source
Heap Exploitation (a short book) Star
  • A short book on internals of glibc's memory allocation techniques and its exploitation
  • An in depth analysis of glibc's source code, particularly malloc.c
  • Listing of all security checks performed by glibc
  • Demonstration of various attacks possible on glibc's heap
. View Source
luaver (Lua Version Manager) Star
  • Command line tool in shell similar to nvm and rvm
  • Manage and switch easily between different versions of Lua, LuaJIT and Luarocks
  • Easily maintain a different environment in separate terminal sessions
Technologies involved: POSIX compatible shell scripting, Lua View Source
Backdoor
  • Capture the Flag styled always online wargame with frequent computer security competitions
  • Developed the entire backend of the website, see blog
  • Developed a secure sandboxed environment to run vulnerable challenges, see blog
  • Designed 25 challenges ranging from web, binary and cryptography
  • Hosted various international competitions and managed the server
  • 5000+ registered users, >200 submissions every week
Technologies involved: PHP(MVC), MySQL, Memcache, chroot, xinetd, system administration
elasticsearch-lua Star
  • A low level client for Elasticsearch in Lua
  • Maintains multiple connections to Elasticsearch server using load balancing algorithms
  • 2000+ downloads
Technologies involved: Lua, HTTP, REST API, Elasticsearch, Unit Testing View Source
Falcon
  • A central and secure OAuth 2.0 server for all applications by SDSLabs
  • OAuth tokens shared using the Client Credentials Grant
  • A custom session management system to maintain user state
Technologies involved: OAuth 2.0, PHP(MVC), MySQL, Redis