Bottle is a fast, simple and lightweight WSGI micro web-framework for Python. It is distributed as a single file module and has no dependencies other than the Python Standard Library.

LaTeXDraw is a graphical drawing editor for LaTeX. LaTeXDraw can be used to 1) generate PSTricks code; 2) directly create PDF or PS pictures. LaTeXDraw is developed in Java and thus runs on top of Linux, Windows, and Mac OS X. It's available in English, in Spanish, in French and in German. You need jre 1.6 to launch LaTeXDraw.

"Radamsa is a test case generator for robustness testing, aka a fuzzer. It can be used to test how well programs can stand malformed and potentially malicious inputs. It operates solely based on given samples and thus requires minimal effort to use. The main selling points of radamsa are that it is easy to use, contains several old and new fuzzing algorithms, is easy to script from command line and has already been used to find a slew of issues in real-world programs."

Convert clamav ruleset to YaRa ruleset.

"DIstributed Firewall and Flow-shaper Using Statistical Evidence (DIFFUSE)"

Cryptogram empowers users to protect their privacy when sharing photos online. By password-protecting photos with Cryptogram, users have better control over who can see photo content. Cryptogram takes regular JPEG images as input and produces images that look like random noise. With the correct password, the original images can be restored. The encoding format is designed to be robust to the levels of JPEG compression seen on social networking websites (e.g., Facebook and Google Plus). This means you can upload Cryptogram'd images (which look like noise) to the web and the original image can be decoding using the Cryptogram browser extension and right password.

"Thug is a Python low-interaction honeyclient aimed at mimicing the behavior of a web browser in order to detect and emulate malicious contents."

"The goal of sslcaudit project is to develop a utility to automate testing SSL/TLS clients for resistance against MITM attacks. It might be useful for testing a thick client, a mobile application, an appliance, pretty much anything communicating over SSL/TLS over TCP."

"iodeflib - a python library to create, parse and edit IODEF incident reports"

"TrueCrack is a brute-force password cracker for TrueCrypt (Copyrigth) volume files. It works on Linux and it is optimized with Nvidia Cuda technology.

PBKDF2 (defined in PKCS5 v2.0) based on RIPEMD160 Key derivation function.
XTS block cipher mode of operation used for hard disk encryption based on AES.

TrueCrack can work in two different modes of use:

Dictionary attack: read the passwords from a file of words (one password for line).
Charset attack: generate the passwords from a charset of symbols defined by the user (for example: all possible strings of n characters from the charset "abc" )."

"This talk has a lot of quotes from well known graffiti artist Banksy."

"Datavisualization.ch Selected Tools" some well known and some less known.

At #tfcsirt a presentation of a #CTF used as CSIRT training. Interesting but they should participate to public CTF like

"DataparkSearch Engine is a full-featured open sources web-based search engine released under the GNU General Public License and designed to organize search within a website, group of websites, intranet or local system."

"UbiGraph is a tool for visualizing dynamic graphs. The basic version is free, and talks to Python, Ruby, PHP, Java, C, C++, C#, Haskell, and OCaml."

RT @hack_lu: hack.lu 2012 call for papers is now open - don't be shy to submit your security r ...

RT @hack_lu: hack.lu 2012 call for papers is now open - don't be shy to submit your security r ...

will be HAL style this year. CFP will be released in the next hours... #infosec #hacklu #conference #luxembourg

starting process in suspended state in memory and replacing it with another process. #metasploit #infosec

"You might ask, "Why not use Celery?". Well the answer is simply that normal queueing requires (not literally, but it'd be painful without) you to buffer all tasks into a central location. This becomes a problem when you have a large amount of tasks, especially when they contain a large amount of data.

Imagine you have 1 billion tasks, each weighing in at 5k. Thats, uncompressed, at minimum 4 terabytes of storage required just to keep that around, and gains you very little.

Taskmaster on the other hand is designed to take a resumable iterator, and only pull in a maximum number of jobs at a time (using standard Python Queue's). This ensures a consistent memory pattern that can scale linearly."

Another nice example of why the "certification" path for proprietary software vendor is a bloody mess for security...

"Taxon is a tagged data store with persistence to a Redis backend. It allows you to organize and query Redis data sets with tags."

"Small program to understand the composition of your Redis data set"

If you still believe TCP injection is not practical, you should read this paper: "Off-Path Attacking the Web" #infosec

"Cubism.js is a D3 plugin for visualizing time series. Use Cubism to construct better realtime dashboards, pulling data from Graphite, Cube and other sources. Cubism is available under the Apache License on GitHub."

"Better, faster scanner to analyze the configuration of SSL servers. "

"An open source (GNU LGPLv3+) library for performing live memory forensics over the IEEE 1394 (“FireWire”) interface. Currently supported under GNU/Linux and Mac OS X, libforensic1394 improves upon existing libraries by providing a simple and clean interface to the the direct memory access functionality available over FireWire. In addition to a C API Python bindings are also available."

"The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers. Current development of haveged is directed towards improving overall reliablity and adaptability while minimizing the barriers to using haveged for other tasks."

"Asynchronous I/O that doesn’t get in your way, written in D"

"The past decade has witnessed many interesting algorithms for maintaining statistics over a data stream. This paper initiates a theoretical study of algorithms for monitoring distributed data streams over a time-based sliding window (which contains a variable number of items and possibly out-of-order items). The concern is how to minimize the communication between individual streams and the root, while allowing the root, at any time, to be able to report the global statistics of all streams within a given error bound. This paper presents communication-efficient algorithms for three classical statistics, namely, basic counting, frequent items and quantiles. The worst-case communication cost over a window is $O(frac{k} {epsilon} log frac{epsilon N}{k})$ bits for basic counting and $O(frac{k}{epsilon} log frac{N}{k})$ words for the remainings, where $k$ is the number of distributed data streams, $N$ is the total number of items in the streams that arrive or expire in the window, and $epsilon < 1$ is the desired error bound. Matching and nearly matching lower bounds are also obtained."

"
is a next-generation telephony engine; while currently focused on Voice over Internet Protocol (VoIP) and PSTN, its power lies in its ability to be easily extended. Voice, video, data and instant messenging can all be unified under Yate's flexible routing engine, maximizing communications efficiency and minimizing infrastructure costs for businesses. "

"ghost.py is a webkit web client written in python."

I did a quick test with the Simtec Entropy Key a good improvement compared to entropy gathering from OS state #crypto

"Ideas to improve the Belgian tech entrepreneurship ecosystem « Coworking in Brussels with the BetaGroup: Better than a Business Center"

"One idea which seemed obvious was to simply take the blurry results of the first experiment, and use a threshold to create monochrome images. "

My summary photo shooting for the Today's weather:

"Trans Generational Immune Priming"

works well but just need to decode the instruction in 16 bits (distorm3.Decode16Bits) @DidierStevens @gleeda

@cbuchler Yep, it's free software/opensource. It's released under a BSD 3 clause license - .

"The 9th Workshop on Fault Diagnosis and Tolerance in Cryptography will be held in Leuven, on September 9, 2012."

RT @y0m: Last day to apply for #gsoc 2012 - - HoneyProxy, Wireshark, Androguard, Cuckoo, IPv6, etc.

If you are curious about the OpenSSL vulnerability in OpenSSH, you should have a look at : #infosec

RT @circl_lu: "Any application which uses BIO or FILE based functions to read untrusted DER
format data is vulnerab ...

"This is the software running behind the IP Geolocation Web Service at freegeoip.net. The database is not shipped with the package. However, there are instructions for downloading and generating a local version of the database, using the database/createdb.py python script."

"Python is the main scripting language used at Google. This style guide is a list of dos and don'ts for Python programs."

"Functional Magnetic Resonance Imaging and the Challenge of Balancing Human Security with State Security" Aie aie...

This website will help you to generate different payloads to your XSS demos. Use them responsible in your own website or in these where you are allowed to do.

Don't expect the code will works in all the scenario, probably you will need to tweak it most of the times... but I'm pretty sure you know how to do it ;)

"INetSim is a software suite for simulating common internet services in a lab environment, e.g. for analyzing the network behaviour of unknown malware samples."

RT @cudeso: Interesting write up from @foxit on "nu.nl" hack

"Shopping For Zero-Days: A Price List For Hackers' Secret Software Exploits - Forbes"

"A single pass approach to reducing sampling variation, removing errors, and scaling de novo assembly of shotgun sequences"

Another good reason to check all the flashcard that you get from vendors or suppliers: #infosec

"root" credential remote code execution in Samba. #infosec

"Käthe Kollwitz (July 8, 1867 – April 22, 1945) was a German painter, printmaker, and sculptor whose work offered an eloquent and often searing account of the human condition, and the tragedy of war, in the first half of the 20th century. Her empathy for the less fortunate, expressed most famously through the graphic means of drawing, etching, lithography, and woodcut, embraced the victims of poverty, hunger, and war.[1][2] Initially her work was grounded in Naturalism, and later took on Expressionistic qualities.[3]"

" Flash CVE-2012-0769: the case of the perfect info leak " ASLR bypass mmm... #infosec

just released Forban 0.0.32 - #p2p #forban

So I should stop to use tools to modify the execution path of malware. It's an offence against malware. #wtf #legal

RT @runasand: ChatSecure is an OTR-enabled XMPP client for iOS: (can also be found in the App Store).

The leaked password dataset market... if some years ago, you told me about this, I wouldn't believe you. #infosec

"The project digital art conservation aims firstly to document and catalogue the collections of digital art in the region of the Upper Rhine Valley and secondly to make a contribution to the international discussions around the conservation of digital art. This contribution will be based on the long-standing engagement of the partners with the conservation and presentation of computer-based new media art."

"L'actualité du numérique d'Outre-Rhin, régulièrement mise à jour"

"@teamcymru: The ultimate anti-debugger reference [pdf] "

"Basically, after I fucked up the SVN for my web-backdoors-collection I realized "backdoors" was only one half of the story.

The new updated version of it (v3 now!) is going to cover:

PHP/ASP/JSP Backdoors/Other "DoS Scripts" Scanning scripts Bots that are found spreading via Web App Vulns And "eratta" - random nasty shit we find in our webroots. There will also be a folder named "honey" that will contain stuff found in my day to day searching of honeynet logs and google searching for broken stuff that was "interesting". "

@Piratebox_Lille @daviddarts commited 2 fixes to improve Forban on the PirateBox The symlink and a rebuild factor.

"This repository contains examples of how you can use SystemTap to do interesting, fun and questionable things very easily."

Hiding processes in user-land processes

Application Security Matters by Daniel E. Geer. The must read of the weekend. #infosec

"... finding membership and top-k in streams for which it is infeasible to store all events" #infosec #datamining

@eff so what's your recommendation for ethical/responsible disclosure? full and public anonymous disclosure? #infosec

RT @pretorienx: (Calling IDA APIs from IDAPython with ctypes) @PhysicalDrive0

An excellent overview from Rob Pike why you don't have to take care of byte order except if there is a bug somewhere...

"Inline annotation for the web. Select text, images, or (nearly) anything else, and add your notes."

When reversing some Flash exploits/malware, the archive of older Flash players is very handy...

"guymager is a free forensic imager for media acquisition."