High-level dynamic language developed by Guido van Rossum, particularly popular for server-side web programming and scripting.
3
votes
0answers
78 views
How to implement client side encryption for CalDav & CardDav content?
I'm looking for a client-side encryption implementation that would be able to secure CardDav & CalDav data so that they couldn't be compromised even by the hosting provider.
Server side: PHP or ...
0
votes
1answer
48 views
Is there any reason to allow Python fetches of my Web server's pages?
I keep seeing "python-requests/1.1.0 CPython/2.7.4 Linux/3.8.0-19-generic" requests e.g. from Amazon's servers of my website.
It's kind of creepy.
Who would set up an Amazon server to scan websites? ...
3
votes
1answer
82 views
SQLMap: How to test JavaScript generated field names?
I have a pretty simple HTML page that submits a username and password to the server via POST method:
<doctype html>
<head>
<title>SQLMap dynamic parameters</title>
...
0
votes
2answers
208 views
Tor via Python - can the real IP address leak?
I was thinking about how safe it really is to use Tor as a "local proxy" to grab information from webpages anonymously. Is it possible that the real IP address can be seen?
On the official Tor ...
-1
votes
3answers
98 views
How could i totally secure a connection between two nodes?
I've posted this question on stack overflow a bit earlier and lazy functor redirected me here. Thank you !
I'm building an authentication server in python and was wondering about how i could secure ...
10
votes
2answers
323 views
Does bcrypt have a maximum password length?
I was messing around with bcrypt today and noticed something:
hashpw('testtdsdddddddddddddddddddddddddddddddddddddddddddddddsddddddddddddddddd', salt)
Output: ...
-2
votes
1answer
63 views
What are some good user login/authentication libraries or protocols to use with Python on Google App Engine? [closed]
I've read elsewhere (http://forums.udacity.com/questions/6028436/bcrypt-not-suitable-for-pythongae) that bcrypt is not suitable for use on Google App Engine. What are some good ways to create a user ...
2
votes
1answer
169 views
Study roadmap to write a crypter / backdoor
Recently I came across a site called SecurityTube.net, which has a ton of amazing security stuff. I'm following their Python Scripting Expert videos which are totally worth it. I also came across the ...
-2
votes
1answer
59 views
w3af plugin development example [closed]
I'm new to w3af, and I would like to build my own plugin. I have searched on w3af web and googled it for some examples but no luck...
Can anyone give me an example how to start building plugins or ...
2
votes
2answers
140 views
Can clients execute my python CGI at will?
I have a site where the main database is interacted with via python scripts located in public_html\cgi-bin\. To run commands, various JavaScript scripts, located in \public_html\scripts\, use jQuery ...
6
votes
1answer
181 views
Reconstructing bittorrent data from PCAP
I am doing a CTF flag for my school project with a PCAP flag based on this CTF write-up: eindbazen.net - Plaid CTF 2012 - Torrent
I setup a local torrent file containing an .mp3 (the audio is my ...
1
vote
1answer
150 views
Custom Python Server - how to secure it?
I'm going to purchase my own dedicated server service soon and run few python server scripts on it.
Firstly, let me tell you that I am total noob when it comes to internet security and was unable to ...
3
votes
2answers
167 views
Proper Linux user authentication through PAM aware applications
Currently I'm building an authentication system using Linux PAM for a python daemon process. It will need to authenticate remote users from a variety of front-ends against the local user list. ...
0
votes
1answer
209 views
How to conduct a disguised LSA attack against OSPF?
I want to do disguised LSA attacks on OSPF network and be able to more analyze, so I do not know how it works in practice. This is a penetration test.
The attack is described in the address [+]. I ...
-4
votes
1answer
163 views
Secure Web application Password vault/manager [duplicate]
I would like to build an open source online password vault which allows users to securely store their passwords, like Keepass or roboform, but where a user can access their passwords through a ...
2
votes
1answer
246 views
Maltego transform samples
I'm playing around with Maltego for target recon and investigation, and have started writing my own transforms in Python. Unfortunately, the current developer documentation is a little light on ...
