Adding a scoring system in peepdf

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible to see all the objects in the document showing the suspicious elements, supports the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files. With the installation of PyV8 and Pylibemu it provides Javascript and shellcode analysis wrappers too. Apart of this it is able to create new PDF files, modify existing ones and obfuscate them.
In addition to providing the tools for analyzing PDF documents, we also wanted to provide some indication about how likely it is that a given PDF file is malicious. Adding such a scoring system in peepdf was one of the projects of Honeynet Google Summer of Code (GSoC) 2015 program, and the student Rohit Dua did a great job.
The scoring system has the goal of giving valuable advice about the maliciousness of the PDF file that’s being analyzed. The first step to accomplish this task is identifying the elements which permit to distinguish if a PDF file is malicious or not, like Javascript code, lonely objects, huge gaps between objects, detected vulnerabilities, etc. The next step is calculating a score out of these elements and test it with a large collection of malicious and not malicious PDF files in order to tweak it. Read more »

mitmproxy: HTTP/2 Support and GSoC 2016

HTTP2 Support for mitmproxy
We are happy to announce the immediate availability of mitmproxy 0.16! As a major new feature, Thomas Kriechbaumer – who joined us as a Google Summer of Code (GSoC) Student last year – contributed a brand new HTTP/2 implementation built on top of hyper-h2. HTTP/2 requests now blend into the mitmproxy UI just like regular HTTP 1 requests, making mitmproxy the first interactive HTTPS proxy with HTTP/2 support! All HTTP/2 features from RFC7540 are supported - including PUSH_PROMISE, RST_STREAM, and as many concurrent streams as you want. We are super excited about the improvements Thomas is bringing us here and we encourage you to try them out. To make a transition as seamless as possible, HTTP/2 needs to be enabled manually for now by passing --http2 to mitmproxy. We plan to remove this requirement with one of the next releases. For a full list of changes, take a look at the changelog posted below!

Google Summer of Code 2016

2012 was a big year for me - being only just out of my freshman year, Honeynet accepted my application as a GSoC Student and I got introduced to the world of free and open-source software development and started contributing to mitmproxy. Long story short, I think this program is one of the major reasons why I am now writing this blog post as one of mitmproxy’s core contributors. Last year, I was in the fortunate position to mentor a student myself - we’re super happy that not only Thomas’ project was a great success, but we also gained a very strong new mitmproxy contributor who is contributing well beyond his GSoC.
I am very happy to announce that we are applying under the umbrella of Honeynet as a GSoC Organization this year again. The last six years’ projects have generated long-lasting successes at Honeynet, so we can’t wait to get in touch with students this year again!
  Read more »

ARTDroid: an easy-to-use framework for hooking under ART

During Google Summer of Code 2015, in the Honeynet Project open-source org, Valerio Costamagna and Cong Zheng (mentor) worked on ARTDroid, an easy-to-use framework for hooking virtual-method under latest Android runtime (ART). Read more »

Honeynet Project Accepted for Google Summer of Code 2015

After a tense few days of waiting, which is always the most stressful part of GSoC for mentoring organizations and org admins, 19:00 UTC today was the moment of truth when some lucky orgs found out that they were accepted for GSoC 2015, and other orgs sadly discovered that they would not be taking part. Read more »

Google Summer of Code 2015

With winter in the northern hemisphere beginning to turn into spring, it is once again time to think about summer. And of course, for many open source organizations, that means Google Summer of Code (GSoC).
  Read more »

GSoC 2014 Mentoring Organization Applications

Over the past five years, The Honeynet Project has been had the pleasure of mentoring over 70 lucky bachelors, masters and PhD students from all over the world through Google Summer of Code (GSoC), Google's ongoing programme of support for international students working on free open source software (FOSS). Together we have worked on a large number of information security tools, including some that have gone on to be the leading examples of tools in their chosen field. Read more »

GSoC2013 Blog Online

To have a better visibility of this years GSoC projects we have created a blog for the students and their mentors. This blog is the place where students should post weekly updates about their progress. It is also the place where students and mentors can share their findings and experiences about and during the GSoC projects as they happen. The first updates have already started to drip in and it is getting interesting.

A hot summer, cool drinks and happy coding to all the participants.

GSoC 2013 Student Selection Officially Announced

After a pretty hectic few weeks of student application review, setting and scoring coding challenges, and assessing proposals, mentoring organizations participating in GSoC 2013 had to confirm their student slot allocations and final short list of preferred candidates by Friday May 24th at 19:00 UTC. Read more »

Google Summer Of Code 2013 Student Applications now closed and some statistics

Having being very pleased to be accepted once again by Google as one of the lucky mentoring organization for GSoC 2013, we had eagerly awaited the student application period starting and the excitement (and occasional drama) that always brings. Read more »

Google Summer of Code 2013 Student Application Deadline Friday May 3rd 19:00 UTC

With less that 24 hours now remaining until the official deadline for Google Summer of Code (GSoC) 2013 student applications (19:00 UTC Friday May 3rd 2013), this is our final call for interested and eligible GSoC students. Read more »

Syndicate content