Articles and tools about Python, Cyber Security and more.
PDF files may be used to trigger malicious content, as described here. PDFiD is a Python tool to analyze and sanitize PDF files, written by Didier Stevens. Here is PDFiD_PL, a version that I have slightly modified so that it can be imported as a module in Python applications (originally for ExeFilter).
Paper and presentation about visualization and dynamic risk assessment for cyber defence, presented at the SSTIC symposium on June 9 2010.
pyxmldsig is a Python module to create and verify XML Digital Signatures (XML-DSig). This is a simple interface to the PyXMLSec library, aiming to provide a more pythonic API suitable for Python applications.
With Python 2.6+, that's quite simple:
This is a Python course I have written to quickly teach Python to my colleagues and students, made of slides and samples for hands-on exercises.
This article (written in French) was presented at the SSTIC symposium on the 6th June 2008.
It describes several methods to perform malware analysis, especially on Windows platforms. It focuses in detail on dynamic analysis, also called runtime analysis or sandboxing. Dynamic malware analysis consists in running malicious code on a dedicated system, configured to record all its actions to determine its behaviour. It is then possible to quickly determine the nature of the malware and decide how to respond to an incident. The article also shows how to build a simple dynamic malware analysis lab at low cost, provides details about the methodology and suggests how to go further.