public marks

PUBLIC MARKS with tags security & python

2010

Home - PythonSecurity.org

by ghis (via)
A site full of resources about security in Python programming, for the language and for the frameworks/template engines.

2008

p a s s k o o l

by camel (via)
PassKool is a deterministic password generator. It tries to generate passwords that more or less sound like English. As PassKool generator is deterministic, identical inputs will give the same password. The security here relies on a secret passphrase used to generate the final password. A passphrase is usually easier to remember than a cryptic password. If you happen to forget the password, you can still retrieve it using PassKool. PassKool can also create deterministic password with random content. This may sound contradictory but the deterministic parameter is the seed used for the random generator. Here's a short example for a "root" account on some Unix/Linux box. By default, the password has a length of 12 characters. python passkool.py "root" "top secret phrase" ---> Generated password : quencatithro If you call this command again, you will find the same password.

2007

Attaques sur le format RPM

by devloop
Utiliser le format RPM comme vecteur d'attaque. Injecter des commandes dans les scripts d'initialisation et de finalisation d'un fichier RPM.

Wapiti - Web application security auditor

by clochix & 13 others
Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

2006

Kojoney

by devloop
Kojoney est un honeypot à faible interaction. Développé en Python et basé sur les librairies réseau Twisted, il émule un serveur SSH tournant sur un système où les utilisateurs ont des mots de passes faibles.

Wapiti - Web application security auditor

by Xavier Lacot & 13 others (via)
Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

2005

Python Cryptography Toolkit

by François Hodierne
The Python Cryptography Toolkit describes a package containing various cryptographic modules for the Python programming language.

Active users

ghis
last mark : 31/08/2010 10:31

camel
last mark : 09/12/2008 16:44

chernobylnews
last mark : 14/01/2008 11:17

jdrsantos
last mark : 16/08/2007 12:45

devloop
last mark : 08/05/2007 20:28

clochix
last mark : 16/01/2007 16:03

alexf10
last mark : 28/09/2006 08:13

simonrozet
last mark : 03/09/2006 02:33

sunny
last mark : 02/09/2006 21:27

Xavier Lacot
last mark : 04/08/2006 12:41

jsquared71
last mark : 05/07/2006 20:24

relax
last mark : 05/07/2006 20:13

salvatore
last mark : 06/06/2006 18:33

zoom2au
last mark : 03/05/2006 00:41

François Hodierne
last mark : 15/04/2005 07:51