Sécurité

Sécurité Informatique

CherryProxy - a filtering HTTP proxy extensible in Python

CherryProxy is a simple HTTP proxy written in Python 2.x, based on the CherryPy WSGI server and httplib, extensible for content analysis and filtering.

Portable ExeFilter

If you want to test or use ExeFilter on Windows but you cannot or you do not want to install a Python interpreter, Portable ExeFilter is a simple solution. You just need to unzip it in any folder on a hard drive or a USB stick and it should run anywhere.

CanSecWest08 - ExeFilter

This is a presentation at the CanSecWest08 conference about ExeFilter, an open-source tool and framework to filter files and active content.

EUSecWest 2010 - Fighting PDF malware with ExeFilter

This is a presentation given at the EUSecWest 2010 conference in Amsterdam on the 16 June about recent PDF vulnerabilities and malware, showing how a tool such as ExeFilter may be used to provide additional protection as a complement to antivirus engines.

Origapy - a Python module to sanitize PDF files

Origapy is a Python interface to Origami, a PDF parser written in Ruby. It provides access to pdfclean.rb, in order to sanitize PDF files by disabling all active content (javascript, launch actions, embedded files, etc). Because Origami is a full PDF parser, it is much more effective than PDFiD (when sanitizing/disarming PDF files), but also quite slower.

PDFiD - a Python module to analyze and sanitize PDF files

PDF files may be used to trigger malicious content, as described here. PDFiD is a Python tool to analyze and sanitize PDF files, written by Didier Stevens. Here is PDFiD_PL, a version that I have slightly modified so that it can be imported as a module in Python applications (originally for ExeFilter).

pyxmldsig - a Python module to create and verify XML Digital Signatures (XML-DSig)

pyxmldsig is a Python module to create and verify XML Digital Signatures (XML-DSig). This is a simple interface to the PyXMLSec library, aiming to provide a more pythonic API suitable for Python applications.

ExeFilter vs. the Escape from PDF (CVE-2010-1240)

On the 29 March 2010, Didier Stevens revealed in his blog that he found a way to launch an executable file stored in a PDF document, without using any JavaScript or buffer overflow. This short article shows how ExeFilter can be used to sanitize such PDF files to block this type of attack.

SSTIC10 - Visualisation et Analyse de Risque Dynamique pour la Cyber-Défense

Article à propos de la visualisation et l'analyse de risque dynamique en cyber-défense, présenté au symposium SSTIC le 9 juin 2010.

ODF / OpenDocument format security

This article describes the OpenDocument file format (ODF), related security issues and useful resources. [WORK IN PROGRESS]

For now, see http://www.decalage.info/opendocument_openxml

Syndiquer le contenu