4828
Bottle: Python Web Framework — Bottle 0.11.dev documentation
Bottle is a fast, simple and lightweight WSGI micro web-framework for Python. It is distributed as a single file module and has no dependencies other than the Python Standard Library.
bottle  framework  library  python  web  webdev  cs_lang:python 
19 hours ago
LaTeXDraw - A graphical PSTricks generator and editor
LaTeXDraw is a graphical drawing editor for LaTeX. LaTeXDraw can be used to 1) generate PSTricks code; 2) directly create PDF or PS pictures. LaTeXDraw is developed in Java and thus runs on top of Linux, Windows, and Mac OS X. It's available in English, in Spanish, in French and in German. You need jre 1.6 to launch LaTeXDraw.
editor  graphics  latex  tex 
19 hours ago
Radamsa - ouspg - On fuzzing. - tools for the b[ei]tterment of mankind - Google Project Hosting
"Radamsa is a test case generator for robustness testing, aka a fuzzer. It can be used to test how well programs can stand malformed and potentially malicious inputs. It operates solely based on given samples and thus requires minimal effort to use. The main selling points of radamsa are that it is easy to use, contains several old and new fuzzing algorithms, is easy to script from command line and has already been used to find a slew of issues in real-world programs."
fuzzing  fuzzer  cs_lang:python  infosec  security_assessment 
2 days ago
Cryptogram
Cryptogram empowers users to protect their privacy when sharing photos online. By password-protecting photos with Cryptogram, users have better control over who can see photo content. Cryptogram takes regular JPEG images as input and produces images that look like random noise. With the correct password, the original images can be restored. The encoding format is designed to be robust to the levels of JPEG compression seen on social networking websites (e.g., Facebook and Google Plus). This means you can upload Cryptogram'd images (which look like noise) to the web and the original image can be decoding using the Cryptogram browser extension and right password.
crypto  photography  privacy  twitter  via:straup 
7 days ago
Thug by buffer
"Thug is a Python low-interaction honeyclient aimed at mimicing the behavior of a web browser in order to detect and emulate malicious contents."
honeypot  honeynet  thug  cs_lang:python  honeypot_client  security 
9 days ago
grwl/sslcaudit
"The goal of sslcaudit project is to develop a utility to automate testing SSL/TLS clients for resistance against MITM attacks. It might be useful for testing a thick client, a mobile application, an appliance, pretty much anything communicating over SSL/TLS over TCP."
ssl  ssl/tls  security  security_analysis  security_assessment  mitm  sslcaudit  tcp  infosec 
10 days ago
truecrack - Password cracking for truecrypt(c) volume files. - Google Project Hosting
"TrueCrack is a brute-force password cracker for TrueCrypt (Copyrigth) volume files. It works on Linux and it is optimized with Nvidia Cuda technology.

PBKDF2 (defined in PKCS5 v2.0) based on RIPEMD160 Key derivation function.
XTS block cipher mode of operation used for hard disk encryption based on AES.

TrueCrack can work in two different modes of use:

Dictionary attack: read the passwords from a file of words (one password for line).
Charset attack: generate the passwords from a charset of symbols defined by the user (for example: all possible strings of n characters from the charset "abc" )."
truecrypt  truecrack  encryption  filesystem_encryption  cryptography  crypto  brute-force 
12 days ago
Datavisualization.ch Selected Tools
"Datavisualization.ch Selected Tools" some well known and some less known.
data  tool  tools  visualization  infovis 
15 days ago
CaptureTheFlag – Hack.LU2012
At a presentation of a used as CSIRT training. Interesting but they should participate to public CTF like
CTF  tfcsirt  from twitter
16 days ago
DataparkSearch Engine - an open source search engine
"DataparkSearch Engine is a full-featured open sources web-based search engine released under the GNU General Public License and designed to organize search within a website, group of websites, intranet or local system."
indexing  search  searchengine 
16 days ago
Ubigraph: Free dynamic graph visualization software
"UbiGraph is a tool for visualizing dynamic graphs. The basic version is free, and talks to Python, Ruby, PHP, Java, C, C++, C#, Haskell, and OCaml."
graph  graphics  programming  python  visualization  infovis  infoviz  via:dotforward23  cs_lang:python 
17 days ago
Untitled (http://2012.hack.lu/hacklu2012-cfp.txt)
RT : hack.lu 2012 call for papers is now open - don't be shy to submit your security r ...
from twitter
18 days ago
Sign in - hack.lu 2012
RT : hack.lu 2012 call for papers is now open - don't be shy to submit your security r ...
from twitter
18 days ago
Main Page – Hack.LU2012
will be HAL style this year. CFP will be released in the next hours...
hacklu  luxembourg  conference  infosec  from twitter
18 days ago
Metasploit: Eternal Sunshine of the Spotless RAM | SecurityStreet
starting process in suspended state in memory and replacing it with another process.
infosec  metasploit  from twitter
18 days ago
dcramer/taskmaster
"You might ask, "Why not use Celery?". Well the answer is simply that normal queueing requires (not literally, but it'd be painful without) you to buffer all tasks into a central location. This becomes a problem when you have a large amount of tasks, especially when they contain a large amount of data.

Imagine you have 1 billion tasks, each weighing in at 5k. Thats, uncompressed, at minimum 4 terabytes of storage required just to keep that around, and gains you very little.

Taskmaster on the other hand is designed to take a resumable iterator, and only pull in a maximum number of jobs at a time (using standard Python Queue's). This ensures a consistent memory pattern that can scale linearly."
mapreduce  python  distributed_computing  distributed  cs_lang:python 
22 days ago
Open the code or review it: Oracle CVE-2012-1675 - armoredcode.com - application security blog
Another nice example of why the "certification" path for proprietary software vendor is a bloody mess for security...
from twitter
23 days ago
redis-taxon 0.2.4 : Python Package Index
"Taxon is a tagged data store with persistence to a Redis backend. It allows you to organize and query Redis data sets with tags."
tagging  redis  taxon  tag  tags  cs_lang:python 
25 days ago
antirez/redis-sampler
"Small program to understand the composition of your Redis data set"
caching  redis  dataset  datastore  cs_lang:ruby 
26 days ago
[1204.6623] Off-Path Attacking the Web
If you still believe TCP injection is not practical, you should read this paper: "Off-Path Attacking the Web"
infosec  from twitter
26 days ago
Cubism.js
"Cubism.js is a D3 plugin for visualizing time series. Use Cubism to construct better realtime dashboards, pulling data from Graphite, Cube and other sources. Cubism is available under the Apache License on GitHub."
d3  javascript  library  programming  visualization  infovis  timeseries  cs_lang:javascript 
26 days ago
libforensic1394
"An open source (GNU LGPLv3+) library for performing live memory forensics over the IEEE 1394 (“FireWire”) interface. Currently supported under GNU/Linux and Mac OS X, libforensic1394 improves upon existing libraries by providing a simple and clean interface to the the direct memory access functionality available over FireWire. In addition to a C API Python bindings are also available."
firewire  forensic  forensic_analysis  memory  macos 
27 days ago
haveged - a simple entropy daemon
"The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers. Current development of haveged is directed towards improving overall reliablity and adaptability while minimizing the barriers to using haveged for other tasks."
entropy  prng  random  randomness  security  via:doegox  cs_lang:c 
29 days ago
Vided.org
"Asynchronous I/O that doesn’t get in your way, written in D"
libraries  web-dev  async  redis  cs_lang:d 
4 weeks ago
[0912.4569] Continuous Monitoring of Distributed Data Streams over a Time-based Sliding Window
"The past decade has witnessed many interesting algorithms for maintaining statistics over a data stream. This paper initiates a theoretical study of algorithms for monitoring distributed data streams over a time-based sliding window (which contains a variable number of items and possibly out-of-order items). The concern is how to minimize the communication between individual streams and the root, while allowing the root, at any time, to be able to report the global statistics of all streams within a given error bound. This paper presents communication-efficient algorithms for three classical statistics, namely, basic counting, frequent items and quantiles. The worst-case communication cost over a window is $O(frac{k} {epsilon} log frac{epsilon N}{k})$ bits for basic counting and $O(frac{k}{epsilon} log frac{N}{k})$ words for the remainings, where $k$ is the number of distributed data streams, $N$ is the total number of items in the streams that arrive or expire in the window, and $epsilon < 1$ is the desired error bound. Matching and nearly matching lower bounds are also obtained."
large-scale  dataset  analysis  datamining  mapreduce 
4 weeks ago
Yate | Main / HomePage
"
is a next-generation telephony engine; while currently focused on Voice over Internet Protocol (VoIP) and PSTN, its power lies in its ability to be easily extended. Voice, video, data and instant messenging can all be unified under Yate's flexible routing engine, maximizing communications efficiency and minimizing infrastructure costs for businesses. "
asterisk  pbx  voip  sip  cs_lang:cpp  license:gpl 
4 weeks ago
ghost.py
"ghost.py is a webkit web client written in python."
javascript  programming  python  testing  webkit  cs_lang:python 
4 weeks ago
AdulauWikiDiary: Testing Simtec Entropy Key
I did a quick test with the Simtec Entropy Key a good improvement compared to entropy gathering from OS state
crypto  from twitter
4 weeks ago
Ideas to improve the Belgian tech entrepreneurship ecosystem « Coworking in Brussels with the BetaGroup: Better than a Business Center
"Ideas to improve the Belgian tech entrepreneurship ecosystem « Coworking in Brussels with the BetaGroup: Better than a Business Center"
startup  belgium  belgian  innovation  entrepreneur  entrepreneurship 
4 weeks ago
Avería – The Average Font
"One idea which seemed obvious was to simply take the blurry results of the first experiment, and use a threshold to create monochrome images. "
design  font  fonts  typeface  typography 
4 weeks ago
Open Source Initiative OSI - The BSD 3-Clause License | Open Source Initiative
Yep, it's free software/opensource. It's released under a BSD 3 clause license - .
from twitter
5 weeks ago
FDTC 2012
"The 9th Workshop on Fault Diagnosis and Tolerance in Cryptography will be held in Leuven, on September 9, 2012."
from twitter
5 weeks ago
Google Summer Of Code 2012 Student Applications - Deadline Approaching | The Honeynet Project
RT : Last day to apply for 2012 - - HoneyProxy, Wireshark, Androguard, Cuckoo, IPv6, etc.
gsoc  from twitter
5 weeks ago
(500) http://news.ycombinator.com/item?id=3862796
If you are curious about the OpenSSL vulnerability in OpenSSH, you should have a look at :
infosec  from twitter
5 weeks ago
Untitled (http://www.openssl.org/news/secadv_20120419.txt)
RT : "Any application which uses BIO or FILE based functions to read untrusted DER
format data is vulnerab ...
from twitter
5 weeks ago
fiorix/freegeoip
"This is the software running behind the IP Geolocation Web Service at freegeoip.net. The database is not shipped with the package. However, there are instructions for downloading and generating a local version of the database, using the database/createdb.py python script."
freegeoip  geoip  geocoding  cs_lang:python 
5 weeks ago
Google Python Style Guide
"Python is the main scripting language used at Google. This style guide is a list of dos and don'ts for Python programs."
google  programming  python  reference  style  cs_lang:python 
5 weeks ago
[1204.3543] Functional Magnetic Resonance Imaging and the Challenge of Balancing Human Security with State Security
"Functional Magnetic Resonance Imaging and the Challenge of Balancing Human Security with State Security" Aie aie...
from twitter
5 weeks ago
xcampo - A XSS payload generator - Google Project Hosting
This website will help you to generate different payloads to your XSS demos. Use them responsible in your own website or in these where you are allowed to do.

Don't expect the code will works in all the scenario, probably you will need to tweak it most of the times... but I'm pretty sure you know how to do it ;)
xss  security  security_analysis  webdev  reverse_engineering  reversing  cs_lang:javascript  license:l 
5 weeks ago
INetSim: Internet Services Simulation Suite - Project Homepage
"INetSim is a software suite for simulating common internet services in a lab environment, e.g. for analyzing the network behaviour of unknown malware samples."
inetsim  honeypot  analysis  network  malware_analysis  malware  security_analysis 
5 weeks ago
2012 diginorm paper -- Lab of Genomics, Evolution, and Development @ Michigan State
"A single pass approach to reducing sampling variation, removing errors, and scaling de novo assembly of shotgun sequences"
assembly  bioinformatics  normalization  paper  scalability 
6 weeks ago
Samba - Security Announcement Archive
"root" credential remote code execution in Samba.
infosec  from twitter
6 weeks ago
Käthe Kollwitz - Wikipedia, the free encyclopedia
"Käthe Kollwitz (July 8, 1867 – April 22, 1945) was a German painter, printmaker, and sculptor whose work offered an eloquent and often searing account of the human condition, and the tragedy of war, in the first half of the 20th century. Her empathy for the less fortunate, expressed most famously through the graphic means of drawing, etching, lithography, and woodcut, embraced the victims of poverty, hunger, and war.[1][2] Initially her work was grounded in Naturalism, and later took on Expressionistic qualities.[3]"
art  artists  banksy 
6 weeks ago
Fermn J. Serna - Zhodiac - Vast and Infinite Net Dreams...
" Flash CVE-2012-0769: the case of the perfect info leak " ASLR bypass mmm...
infosec  from twitter
6 weeks ago
Watch Out, White Hats! European Union Moves to Criminalize 'Hacking Tools' | Threat Level | Wired.com
So I should stop to use tools to modify the execution path of malware. It's an offence against malware.
wtf  legal  from twitter
6 weeks ago
chrisballinger/Off-the-Record-iOS · GitHub
RT : ChatSecure is an OTR-enabled XMPP client for iOS: (can also be found in the App Store).
from twitter
6 weeks ago
UNIQPASS - Large password list
The leaked password dataset market... if some years ago, you told me about this, I wouldn't believe you.
infosec  from twitter
6 weeks ago
digital art conservation
"The project digital art conservation aims firstly to document and catalogue the collections of digital art in the region of the Upper Rhine Valley and secondly to make a contribution to the international discussions around the conservation of digital art. This contribution will be based on the long-standing engagement of the partners with the conservation and presentation of computer-based new media art."
archive  art  conservation  digital  digital_preservation  free_information  free_society  free_art  freedom  society 
6 weeks ago
Politique du Netz
"L'actualité du numérique d'Outre-Rhin, régulièrement mise à jour"
copyright  freedom  author  authorrights  lang:fr  lang:de 
7 weeks ago
web-malware-collection - Collection of web application backdoors and malware, in PHP, JSP, ASP, etc. - Google Project Hosting
"Basically, after I fucked up the SVN for my web-backdoors-collection I realized "backdoors" was only one half of the story.

The new updated version of it (v3 now!) is going to cover:

PHP/ASP/JSP Backdoors/Other "DoS Scripts" Scanning scripts Bots that are found spreading via Web App Vulns And "eratta" - random nasty shit we find in our webroots. There will also be a folder named "honey" that will contain stuff found in my day to day searching of honeynet logs and google searching for broken stuff that was "interesting". "
web  web_security  backdoor  rootkit  web_rootkit  infosec  security  malware  cs_lang:php 
7 weeks ago
Commit History · adulau/Forban · GitHub
commited 2 fixes to improve Forban on the PirateBox The symlink and a rebuild factor.
from twitter
7 weeks ago
SystemTap as key logger, process hiding and alike
"This repository contains examples of how you can use SystemTap to do interesting, fun and questionable things very easily."
systemtap  unix  kernel  infosec  rootkit  security  tap  dtrace  linux 
7 weeks ago
The Shell Game
Hiding processes in user-land processes
backdoor  rootkit  security  infosec  unix 
7 weeks ago
Untitled (http://geer.tinho.net/geer.owasp.4iv12.txt)
Application Security Matters by Daniel E. Geer. The must read of the weekend.
infosec  from twitter
7 weeks ago
clearspring/stream-lib · GitHub
"... finding membership and top-k in streams for which it is infeasible to store all events"
datamining  infosec  from twitter
7 weeks ago
“Zero-day” exploit sales should be key point in cybersecurity debate | Electronic Frontier Foundation
so what's your recommendation for ethical/responsible disclosure? full and public anonymous disclosure?
infosec  from twitter
7 weeks ago
command center: The byte order fallacy
An excellent overview from Rob Pike why you don't have to take care of byte order except if there is a bug somewhere...
from twitter
7 weeks ago
okfn/annotator
"Inline annotation for the web. Select text, images, or (nearly) anything else, and add your notes."
annotator  annotate  annotation  web  cs_lang:javascript 
7 weeks ago
Archived Flash Player versions
When reversing some Flash exploits/malware, the archive of older Flash players is very handy...
from twitter
7 weeks ago
guymager homepage
"guymager is a free forensic imager for media acquisition."
forensic  forensic_analysis  guymager  aff  media_acquisition 
7 weeks ago
« earlier      
#infosec academic activism algorithm algorithms analysis api archive archiving art article audio belgium biology bittorrent blog book books browser business c classification code collaboration community company computer_science conference copyright copyright_delirium copyrights crypto cryptography cs_lang:c cs_lang:cpp cs_lang:javascript cs_lang:perl cs_lang:python cs_lang:ruby culture data database datamining dataset datastore debugging del.icio.us design development distributed distributed_computing diy dns documentation ebook ebooks ecology editor education electro electronic_music embedded fa:archive flickr folksonomy forensic forensic_analysis framework free free_information free_society free_software freedom freesoftware fun funny geo geotagging git goodiff google graph graphics hack hacking hacklu hardware hash hashing history honeypot html http ietf indexing information_representation information_retrieval information_security infosec infovis innovation internet ipv4 ipv6 jabber java javascript kernel lang:fr language latex law legal libraries library license:bsd-like license:gpl license:gpl3 license:mit linux malware management mapreduce math media mediawiki metadata mobile monitoring music network network_analysis network_security networking networks opensource p2p paper papers patent patent_delirium pcap pdf pentest performance perl photo photography politics presentation privacy productivity programming protocol publishing python radio rdf redis reference research reverse_engineering reversing rss ruby scalability science scm search searchengine security security_assessment semantic semanticweb server shell social society software standards startup statistics storage streaming tag tagging tags tcp tcp/ip technology testing tex text tools typography unix via:chl via:doegox video visualization vty web web2.0 web_services webdev wiki wikipedia win32 windows work writing xml xmpp

Copy this bookmark:



description:


tags: