pyxmldsig is a Python module to create and verify XML Digital Signatures (XML-DSig). This is a simple interface to the PyXMLSec library, aiming to provide a more pythonic API suitable for Python applications.
This article explains how many common file formats (DOC, XLS, PDF, HTML, XML, RTF, ...) may hide or trigger malicious code (virus, Trojan horse, ...) using their native features such as active content (macros, Javascript, etc). It was presented at the SSTIC symposium and OSSIR in 2003.
This article describes the OpenDocument file format (ODF), related security issues and useful resources. [WORK IN PROGRESS]
For now, see http://www.decalage.info/opendocument_openxml
This article describes the Microsoft Office Open XML file formats (docx, xlsx, pptx), related security issues and useful resources. [WORK IN PROGRESS]
This short article shows how ExeFilter can be used to disable JavaScript in PDF files, which is effective against many Adobe Reader exploits discovered in 2009, including the recent zero-day CVE-2009-4324.
OVALdi, also named the OVAL Interpreter, is an open-source tool developed by MITRE to demonstrate how the OVAL language may be used to scan a computer for vulnerabilities. This article provides a few hints about how to use this tool.
This article (written in French) was presented at the SSTIC symposium on the 6th June 2008.
It describes several methods to perform malware analysis, especially on Windows platforms. It focuses in detail on dynamic analysis, also called runtime analysis or sandboxing. Dynamic malware analysis consists in running malicious code on a dedicated system, configured to record all its actions to determine its behaviour. It is then possible to quickly determine the nature of the malware and decide how to respond to an incident. The article also shows how to build a simple dynamic malware analysis lab at low cost, provides details about the methodology and suggests how to go further.
This page provides a few methods to create X509 certificates for testing purposes.
Article and presentation about security issues in OpenDocument and Open XML formats (OpenOffice and MS Office 2007) - published in the Journal of Computer Virology in Oct 2007 and presented at the PacSec 2006 conference.