Cedric 🏴󠁧󠁢󠁳󠁣󠁴󠁿 @cedric@fosstodon.org

"A Taxonomy of Access Control"

https://www.schneier.com/blog/archives/2022/08/a-taxonomy-of-access-control.html

#security

"Remove my password from lists so hackers won't be able to hack me"

https://github.com/danielmiessler/SecLists/pull/155

#security

New release of MONARC FO is available:

https://github.com/monarc-project/MonarcAppFO/releases/tag/v2.12.0

#security

https://github.com/CERTCC/VINCE

VINCE is the #Vulnerability Information and Coordination Environment developed and used by the #CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a #Python based web platform.

#security #threat #django

Thanks to the guy who wrote the robthree/twofactorauth #PHP library. It's just awesome. So easy to use.

#2FA #security #software

A #blog post about the new release of #Freshermeat :

https://www.cedricbonhomme.org/2022/05/10/freshermeat-0-8-1/

#python #opensource #security

I just published a new release of #Freshermeat :

https://github.com/cedricbonhomme/freshermeat/releases

The code is live here:
https://open-source-security-software.net

#security #software #directory #python

If one day you need to add #2FA in a #PHP app, this is a really really really nice library:

https://github.com/RobThree/TwoFactorAuth

#security

#RFC 9116: A File Format to Aid in #Security #Vulnerability Disclosure
https://www.rfc-editor.org/rfc/rfc9116

Reminder. You can submit your Open Source #Security Software to Freshermeat:

https://open-source-security-software.net/submit/

😉

This night I finished the migration to the new API of Freshermeat (https://sr.ht/~cedric/freshermeat) and updated the production server:

https://open-source-security-software.net

Lot of changes in backend and frontend. And still, lot of things to improve. The API is way more complete:
https://open-source-security-software.net/api/v2/

#python #security #flask #opensource

"Interoperability without sacrificing privacy: Matrix and the DMA" with @matrix

https://matrix.org/blog/2022/03/25/interoperability-without-sacrificing-privacy-matrix-and-the-dma

#dma #privacy #security #matrix

An #analysis framework to discover if a file is suspicious with a simple UI

https://news.ycombinator.com/item?id=30596779

#security

#Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results

https://github.com/pandora-analysis/pandora

#security #infosec #malware

Best practices in times of tense geopolitical situations

https://www.circl.lu/pub/tr-68/

#security #ukraine

Integration of ISO/IEC 27002:2022 into an ongoing risk analysis

https://youtu.be/N45p3fw_G2U

#security #monarc #mosp

A collaborative platform for creating, editing and sharing #JSON objects.
https://github.com/CASES-LU/MOSP

#security #selfhosting #python

Stats Service - dashboard that summarizes the current #cybersecurity landscape

https://www.reddit.com/r/cybersecurity/comments/sxrcf7/stats_service_dashboard_that_summarizes_the/

#security #python

Fit4CybersecurityStats: Agglomerates stats of several Fit4Cybersecurity instances.

https://github.com/CASES-LU/Fit4CybersecurityStats

#python #security #foss #opensource

A New #HOPE

https://www.hope.net

#hacker #security #learning