A Django site.
October 30, 2009

Inside Security News
insecnews
is about »
» Python 2.6 and 3.0 compatibility

If you will be writing any new programs in the Python programming language then check Lennart Regebro's presentation[1] and slides[2] on their compatibility issues. It is interesting to see the amount of changes they have made to make the language more robust and correct. This does mean that programs written in Python 2.x , to some extent, will be incompatible with Python 3.x so keep it in mind when deciding on which one to pick.

Links Used:
[1] Lennart Regebro's presentation - http://blip.tv/file/1949281

[2] Lennart Regebro's slides - http://liwo.polsl.pl/pycon-pl2008/materia142y/python-3-compatibility.pdf

September 16, 2009

Inside Security News
insecnews
is about »
» Graphviz, Python and Tkinter

When creating a specific program that does one thing it is sometimes useful to provide a generic solution and build upon those foundations. This is what I present in todays posting, what I call graphing[1] .

Graphviz [2] is a great tool that allows you to create diagrams and flow-charts and almost any type of graph. I wont go into the details about Graphviz as this is not a tutorial, the site has more details.

What I have done is create a parser that converts a .gv file (e.g., [3, 4]) into a dot file (through the dot package) and then this is read to create the layout on a Tkinter Canvas in Python. The advantage to this is that you can add your own code and make these items interactive (e.g. mouse interactive, etc). You will need to install at least dot which is part of Graphviz[2].

Dependencies:
Graphviz (dot is needed)
Tkinter part of Python

Links Used:
[1] graphing by Konstantinos Xynos (2008) - http://www.comp.glam.ac.uk/staff/kxynos/dot_parser2Tk.zip
[2] Graphviz - http://www.graphviz.org/
[3] Example: Finite Automaton - http://www.graphviz.org/Gallery/directed/fsm.html
[4] Example: Finite Automaton gv file - http://www.graphviz.org/Gallery/directed/fsm.gv.txt

August 18, 2009

Inside Security News
insecnews
is about »
» Book Review: Grey Hat Python

This is my first "short" book review, but it is more of a book recommendation really. I am a member of the safaribooksonline.com site that provides the 'Safari Library' subscriber full access to all their books. It is a researcher's paradise. All these books freely available to scroll through and legally.

As I was sifting through some books I came across 'Grey Hat Python' (details bellow). I am a fan of the Python Programming/ Scripting Language. It is so powerful and easy the majority of Bachelor and Master students can pickup and develop prototypes and proof of concepts with. The hacking community has also picked up on the fact (yes, Google Code and many others out there) and many projects/add-on modules have been developed in order to expand Python's capabilities.

From skimming through this book I see that it has some really nice examples of doing: debugging, hooking, dll and code injection, fuzzying (software testing) and fuzzying techniques and demonstrates how to work IDAPython and PyEmu.

Overall a good hands-on book and we await for more like it to cover more topics, as the book has only scrapped the surface.

Book Details:
Grey Hat Python
Publisher: No Starch Press
Pub Date: April 20, 2009
Print ISBN-13: 978-1-593-27192-3
Pages: 216
http://my.safaribooksonline.com/9781593271923