Student Ravinder Nehra contributed this post as a project summary of his GSoC2017 experience MySQL Emulator Previously, Tanner supported SQL Injection using SQLITE but since MySQL is widely used so it is badly needed in my opinion. Also with MySQL, Time-based Blind SQLI can be emulated which can’t be done in SQLITE based emulator. It is implemented using aiosql library using the same approach used in SQLITE emulation previously.
MySQLI emulator https://github.
This is a contribution by GSoC student Ziyue Yang, find him on Github yzygitzh.
My project for GSoC 2017 is Android Sandbox Detection and Countermeasure, which came out to be the ReDroid toolbox. This post was presented for the final evaluation of my GSoC 2017 project.
ReDroid is a toolbox for automatically detecting and countering anti-sandbox behaviors in Android apps. You can:
View source on GitHub Download as zip file View usage example Before GSoC 2017 begins, my GSoC mentor Yuanchun Li discussed with me about the proposal for the GSoC project.
The summer is coming to the end as well as my GSoC17 happy days. So, now it’s time to sum up the results and say goodbye to the GSoC until the next year.
My impressions about working on the Heralding project Working on the Heralding project was awesome experience for me. I feel I did something helpful, fun and challenging at the same time. I hadn’t wanted anything else before the summer!
Hi, I’m Matthew Shao from China. This year, I got the honor to be selected as a Google Summer of Code student for the mitmproxy project. With the help of my kindly mentors Maximilian Hils and Clemens Brunner, I managed to improve the source code of mitmweb, which is a web interface for mitmproxy, and added some exciting new features for it. Here I’m going to present you the work I’ve done during this fulfilling summer.
At the end of February we were very happy to announce that The Honeynet Project had once again been selected to be a mentoring organization for Google Summer of Code (GSoC) 2017. Since then, there has a been a flurry of activity: We received more than 50 project proposals during the application phase, selected 14 fantastic students, set them up to work with us during the community bonding period, and now completed the first month of actual work!
On May 25, 2017, Representative Tom Graves released the second draft of proposed amendments to 18 U.S.C. 1030 (known as the Computer Fraud and Abuse Act). Representative Graves’ bill is known as the Active Cyber Defense Certainty Act (or ACDC Act). There is no universally accepted umbrella term for this, but it is variously called “Active Defense”, “Active Cyber Defense”, “hacking back,” “hackback”, and “strike back.” You will find the word “active” applied almost universally in these discussions, though it frequently results in establishing a simple (though false) dichotomy of “passive defense” vs.
This is a contribution by Tan Kean Siong, follow him on Twitter @gento_ .
The open source honeypot Dionaea supported SMB since long but lacked support for the recent WannaCry ransomware SMB vulnerability and the most recent Samba RCE vulnerability CVE 2017-7494 dubbed “SambaCry” wormable attacks. With the recent changes, both attack vectors are supported and respective samples caught in the wild.
Dionaea is a low interaction, server side honeypot which emulates a vulnerable system or device.
With Google Summer of Code (GSoC) 2017 being around the corner, we’d like to do a short flashback to 2016, our most successful GSoC year for mitmproxy so far! GSoC 2016 was mitmproxy’s fourth time participating in the program under the umbrella of the Honeynet Project. For the first time, we were able to mentor three students over the summer to work on both our Python core and the brand new web interface.
After successfully participating in GSoC between 2009 and 2016, and having created or extended many honeynet technologies that have since gone on to become industry standard tools, we are very happy to annouce that The Honeynet Project has applied to be a mentoring organization once again in GSoC 2017.
This year sees significant changes in the GSoC program with a new payment model and an added third evaluation! We are excited about those changes and very curious to see how they play out.