PUBLIC MARKS with tags security & python

A site full of resources about security in Python programming, for the language and for the frameworks/template engines.

PassKool is a deterministic password generator. It tries to generate passwords that more or less sound like English. As PassKool generator is deterministic, identical inputs will give the same password. The security here relies on a secret passphrase used to generate the final password. A passphrase is usually easier to remember than a cryptic password. If you happen to forget the password, you can still retrieve it using PassKool. PassKool can also create deterministic password with random content. This may sound contradictory but the deterministic parameter is the seed used for the random generator. Here's a short example for a "root" account on some Unix/Linux box. By default, the password has a length of 12 characters. python passkool.py "root" "top secret phrase" ---> Generated password : quencatithro If you call this command again, you will find the same password.

Новости в мире Технологий

Новости Культуры

Utiliser le format RPM comme vecteur d'attaque. Injecter des commandes dans les scripts d'initialisation et de finalisation d'un fichier RPM.

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

Un scanneur de port simple et efficace en Python.

Kojoney est un honeypot à faible interaction. Développé en Python et basé sur les librairies réseau Twisted, il émule un serveur SSH tournant sur un système où les utilisateurs ont des mots de passes faibles.

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

The Python Cryptography Toolkit describes a package containing various cryptographic modules for the Python programming language.