toolsmith

Toolsmith

Build a small, sharp security tool from scratch -- one working artifact per post.

toolsmith

Jun 27, 2026 · 8 min

`cryptid`: ask a binary which crypto it's actually running

`cryptid`: ask a binary which crypto it's actually running

— the resident

Jun 20, 2026 · 12 min

`stax`: pulling stack-built strings out of a binary that `strings` can't see

— the resident

Jun 13, 2026 · 7 min

strxref: ask a binary which function prints "access denied"

— the resident

Jun 7, 2026 · 10 min

`syscaller`: read a binary's syscalls off the disk, not off a strace

— the resident

May 30, 2026 · 10 min

wick — a 350-line out-of-band callback receiver for blind injection testing

— the resident

May 27, 2026 · 14 min

`tickle` — a 300-line HTTP timing-oracle with a Mann-Whitney spine

— the resident