Blog
Find secret API token in Android application
In May 2019, Google announced there are 2.5 billion active Android devices. Thereby, most companies develop their own application. Not only the richest companies like Google, Facebook, Amazon,... but also a lot of smaller businesses.
Read moreStatic code analysis in PHP (and GitLab)
In the PHP toolbox for testing, you'll often find phpunit for unit testing, PHP_CodeSniffer for code style analysis, and here we present PHPStan for static code analysis.
Information gathering with BlackWidow
BlackWidow is a python script that automatically crawls a website to gather information like phone numbers, email addresses, form URL's etc. Very useful during the reconnaissance phase!
MARK release 0.0.28
Today we released version 0.0.28 of our Multi-Agent Ranking Framework (MARK).
Read moreManage VirtualBox with PHP
phpVirtualBox is a well known web interface for managing virtual machines. There is however another less known library that allows to manage virtual machines from your own PHP applications : php-vbox-api. The API allows you to do stuff like:
Understanding Laravel middleware : admin users
In Laravel, a Middleware is basically a piece of code that should be executed for every http request. Middlewares are typically used to:
Read moreDistributed k-nn graphs and similarity search
Today we are presenting distributed k nearest neighbors (k-nn) graphs and similarity search algorithms at the ULB.
Modify your static IP on Ubuntu server
This seems easy, but... When you modify your static IP address in /etc/network/interfaces, the old IP is not removed. The new IP is simply added to your interface.
Read moreDisable user registration in your Laravel application
Laravel is a powerful framework that comes with a lot of boilerplate code to handle most common cases. One of these is users management (register, login, reset password etc.)
Read moreEasy testing with Python doctest and GitLab
When developing some new Python code, you will usually open another terminal to test your function or class using a Python shell... and repeat until you obtain the expected result.
Read moreType hinting in Python, and testing with GitLab
Python is a dynamically typed language, meaning that the type of a variable can change during execution. This participates to the user friendliness of the language.
Read moreCollecting and processing NetFlow on Ubuntu
NetFlow is a feature that was introduced on Cisco routers around 1996 that provides the ability to collect and process network traffic summary.
Read moreCyberSecurity Tournament 2020
In February 2020, ULB will organize a CyberSecurity Tournament for students. This is a unique opportunity to challenge your skills and get in touch with major companies of the field.
Read moreCreate a local Python pip repository
Python is a very interesting programming language because it is possible to prototype a lot of things in a few minutes. The Python Package manager, called pip, is a very simple tool that allows the user to import/install easily any Python package and its dependencies.
Read moreCreate a local apt-mirror for offline usage
In some cases, it is necessary to work on offline machines because of sensitive data for example. To install a Ubuntu version on an offline computer is quite easy. Problems begin when it is needed to install some programs/debian packages for your development. With the default configuration, it is not possible to install anything without an Internet connection.
Read moreGenerate ROC curve and compute AUC in Java
It is very common to implement a model to classify elements in different categories. A very important step in classification is the evaluation of the model efficiency.
Read moreMongoDB sharding on a single server
Sharding is a method for distributing data (and load) across multiple machines. In this blog post we show how to test MongoDB sharding by running multiple MongoDB instances on a single Ubuntu 16.04 machine.
Read moreApache Spark MapReduce with PHP
When it comes to Big Data processing, I'm a huge fan of the Apache Spark project. Spark is a very powerful tool to analyse very large datasets in parallel, and at the same time it provides a nice API that allows to write clean distributed code.
Read moreHow does work WPA/WPA2 WiFi security and how crack it?
The number of Wi-Fi access points is bigger day after day. Everywhere in the street, it is possible to see a lot of Access Point (AP)
How to upload your files to Nextcloud "File Drop" using curl
Nextcloud is a great tool for self-hosting your data in the vein of Dropbox. It facilitates exchange of information and files in a team, with the extra benefit of providing a robust monitoring and protection capabilities. There are Nextcloud clients available for Windows, Linux and MacOS, which are easy to install and use. With one click you can upload your files to your personal cloud and share them. But sometimes the need arises to upload files from machines that don't use a Graphical user Interface (for example Ubuntu Server distribution). Luckily there exists a way to still be able to upload your files to Nextcloud using the command line and Curl.
Read morePublishing your Python project to the PyPI repository
Sometimes we might want to play with python scripts that are usefull for us when ran locally. But othertimes the script you have been playing with starts to be more and more important and involved in different projects. In such cases it is an interessting option to upload the python script to an internet repository so it can easily be accessed by you, your team members or other people that might need the same functionalities your script offers.
Read moreRunning GITLAB Tests locally with Docker CE
The possibility to test integration on our projects when using Gitlab gives us a powerful testing tool to be sure that the code we submit to the repository will work as intended and wont break anything. The way that Gitlab does Continuous Integration (CI) tests is by using Docker containers that can be deployed at demand to test specific aspects of our project.
Read moreUsing LaBrea Tarpit to hinder network scans
When hackers prepare a network attack, they usually start with a network scan to detect running computers and installed software.
Read moreBeMilCIS2019 : Blockchain for dummies
Today we are proud to present a paper at BeMilCIS conference entitled Blockchain for dummies
Read moreA simple java implementation of Blockchain
Blockchain is currently a very hot research topic. To understand how it works and what it can achieve, here is a simple java implementation.
Blockchain
These last few years everyone everywhere went crazy about cryptocurrencies and more in particular about Bitcoin. The value of the star cryptocurrency did indeed sky-rocket in December 2017 to 19.783$, a 1824% increase in less than a year [2]. However, even though everybody has probably heard about this digital currency, it's likely that very few understand the fascinating technology behind it called blockchain.
ICMCIS2019
This week we presented two papers at the International Conference on Military Communications and Information Systems (ICMCIS) in Budva, Montenegro:
Read moreAutomatic release with GitLab and SimpleRepos
SimpleRepos is a simple file sharing website that allows to upload files using a REST API. Here is how to use it in conjunction with GitLab to automatically release your binaries...
Read moreUsing PHP CodeSniffer in a Laravel project
PHP CodeSniffer is a great tool that enforces everybody is using the same coding standard when contributing to a project. For a Laravel project, there are however a few caveats to handle...
Read moreUsing font awesome in a Laravel project
Font Awesome is a fantastic icon set to improve your web application. The integration in Laravel requires a few additional steps...
Read moreAvoid leaking secrets in your GitLab repository
Shit happens! Chances are great that you or one of the developers in your team will one day commit a file containing secrets or private keys to a public GIT repository...
Read moreAutomatic bug detection with SpotBugs and Maven
SpotBugs is a fantastic tool to help you write beter java code! It performs static code analysis (SA) and uses a database of more then 400 bug patterns to detect potential bugs in your code.
Read moreGitLab : Automatically testing your Python project
Whatever programming language your are using for your project, GitLab continuous integration system (gitlab-ci) is a fantastic tool that allows you to automatically run tests when code is pushed to your repository. Java, PHP, Go, Python or even LaTeX, no limit here!
In this blog post we review a few examples for the Python programming language.
ECHO Project : Kick Off Meeting
ECHO (European network of Cybersecurity centres and competence Hub for innovation and Operations) is a project funded by the European Commission to establish and operate a Cybersecurity Competence Network. The project was officially launched today at the Conference Hall of the Royal Military Academy, in the presence of the 30 participating institutions.
Read moreUsing GridFS to store files in MongoDB (Java)
MongoDB is a fantastic tool for storing large quantities of data in a JSON-like format.
Read moreMaven not running all JUnit tests
Here is a trick for solving a tricky and vicious maven bug...
Read more
Phising with 2FA bypass using Evilginx
Phising is a well-known method used by hackers to steal usernames and passwords by imitating a website.
Read moreAn introduction to Laravel ORM : Eloquent
When working with an object oriented language, like PHP, Java or Python, an Object-Relational Mapping (ORM) tool allows to automatically convert model objects into rows in a database and vice-versa. It allows to easily save objects in a database, without worrying about writing appropriate SQL requests.
Read moreUsing Laravel with a SQLite database
For a development environment or for small web applications, a SQLite database may be perfectly sufficient to store your data. It is also much lighter than a full blown MySQL database.
Read moreUsing custom Docker images with GitLab
One of the interesting features of GitLab is the possibility to automatically run tests when code is pushed to the repository (Continus Integration): https://cylab.be/blog/7/gitlab-quickstart
Read moreGitLab : Quickstart
GitLab is a git repository management tool, like GitHub or BitBucket. Like them, it offers issue tracking and wikis. However, GitLab also offers some very powerful features like Continuous Integration (CI) and Continuous Delivery (CD).
Read moreA java introduction to OrientDB document database
OrientDB is a NoSQL document database, like the very popular MongoDB. It has some very interesting additional features:
Read moreStudents projects 2017-2018
Today 6 students from the Master in CyberSecurity presented their project:
Read moreICMCIS 2018
We are proud to present 2 papers at the International Conference on Military Communications and Information Systems (ICMCIS) in Warsaw:
Read more