Blog

Compute the code coverage of your tests with java and maven

So you have a java project, and Junit tests. But which lines of your code are correctly tested, and more importantly, which lines are not tested?

Read more
Build a bare-metal kubernetes cluster

kubernetes is a very powerful system, with a lot of available plugins to handle different situations. That's why tools like minikube exist that handle the whole configuration for you. In this blog post we show you how it works under the hood, and how to manually configure a kubernetes cluster.

Read more
Welcome to our new researcher!

Today we are welcoming a new colleague! He will work on phishing prevention techniques.

Read more
Dockerize your Laravel app - part 2 : GitLab and multi-stage build

When dockerizing an application, the main goal is to keep images small. Hence the build process should be split in 2 steps:

Read more
Press review

The magazine Athena mentioned us in edition 347 of May-June 2020.

Read more
Dockerize your Laravel app

For this tutorial we will start with a very simple Laravel app that has no database, or that uses a sqlite database located in the storage directory. The main goal is to show you the main pitfalls to keep in mind when dockerizing a Laravel application.

Read more
Static code analysis for Laravel

In a previous blog post we presented PHPStan, a static code analyzer for PHP. If you are developing a Laravel application, you can of course use PHPStan to validate your code. However, Laravel has a lot of subtleties and auto-magic that make static code analysis challenging. This is where Larastan comes into play: a wrapper around PHPStan that adds support specifically for Laravel.

Read more
MASFAD 2 at EDA CapTech Cyber

Today we are proud to present the Multi-Agent System for APT Detection project (MASFAD 2) at the first meeting of the Capability Technology Area Cyber (CapTech Cyber) of the European Defense Agency (EDA).

Read more
Publish GitLab notifications to Mattermost

Mattermost is a wonderful messaging and collaboration tool for developer teams. It is also a great open source alternative to Slack. In this short blog post we show how to connect Mattermost and GitLab together.

Read more
We are hiring!

We are looking for a new colleague to help us on a project related to social engineering.

Read more
Detect unused composer dependencies

If you are using composer to manage the dependencies of your PHP project (and you certainly should), it is very easy to end up using a lot of dependencies. And if your project lives long enough, some (or lots of them) will not be used anymore.

Read more
How to aggregate scores in a multi-heuristic detection system : A comparison between WOWA and Neural Networks

Cyber-attacks are becoming increasingly complex and therefore require more sophisticated detection systems. A lot of these are actually combine multiple detection algorithms. A crucial step is then to aggregate all detection scores correctly.

Read more
Implement CRUD operations in Laravel, and automatic code generation

When working with model objects in Laravel, you will typically have to implement the CRUD operations: Create, Read, Update and Delete objects from the database. To support these operations you will need to write:

Read more
Man-In-The-Middle (MITM) with arpspoof

In this post we show how to easily perform a L2 man-in-the-middle attack using arpspoof on a standard Ubuntu computer...

Read more
Mobile Device Security Training

On Wednesday 15 April 2020, we are organizing a special training session dedicated to Mobile Devices Security.

Read more
Cyber Range release 0.0.22

Today we released version 0.0.22 of our Cyber Range tool.

Read more
Stealthy website scanning thanks to archive.org

Scanning a website is an important step of the reconnaissance phase. Different tools, like BlackWidow, can automate the process. We present here another tool that allows to scan a website without leaving traces on the target servers : waybackurls.

Read more
Laravel : Quickstart

Laravel is an extremely powerful PHP framework for building web applications, but the first steps can be quite intimidating. In this tutorial we guide you through the first steps to get you started as a breeze.

Read more
Static code analysis in PHP (and GitLab)

In the PHP toolbox for testing, you'll often find phpunit for unit testing, PHP_CodeSniffer for code style analysis, and here we present PHPStan for static code analysis.

Read more
Information gathering with BlackWidow

BlackWidow is a python script that automatically crawls a website to gather information like phone numbers, email addresses, form URL's etc. Very useful during the reconnaissance phase!

Read more
Manage VirtualBox with PHP

phpVirtualBox is a well known web interface for managing virtual machines. There is however another less known library that allows to manage virtual machines from your own PHP applications : php-vbox-api. The API allows you to do stuff like:

Read more
Understanding Laravel middleware : admin users

In Laravel, a Middleware is basically a piece of code that should be executed for every http request. Middlewares are typically used to:

Read more
Distributed k-nn graphs and similarity search

Today we are presenting distributed k nearest neighbors (k-nn) graphs and similarity search algorithms at the ULB.

Read more
Modify your static IP on Ubuntu server

This seems easy, but... When you modify your static IP address in /etc/network/interfaces, the old IP is not removed. The new IP is simply added to your interface.

Read more
Disable user registration in your Laravel application

Laravel is a powerful framework that comes with a lot of boilerplate code to handle most common cases. One of these is users management (register, login, reset password etc.)

Read more
Easy testing with Python doctest and GitLab

When developing some new Python code, you will usually open another terminal to test your function or class using a Python shell... and repeat until you obtain the expected result.

Read more
Type hinting in Python, and testing with GitLab

Python is a dynamically typed language, meaning that the type of a variable can change during execution. This participates to the user friendliness of the language.

Read more
Collecting and processing NetFlow on Ubuntu

NetFlow is a feature that was introduced on Cisco routers around 1996 that provides the ability to collect and process network traffic summary.

Read more
CyberSecurity Tournament 2020

In February 2020, ULB will organize a CyberSecurity Tournament for students. This is a unique opportunity to challenge your skills and get in touch with major companies of the field.

Read more
MongoDB sharding on a single server

Sharding is a method for distributing data (and load) across multiple machines. In this blog post we show how to test MongoDB sharding by running multiple MongoDB instances on a single Ubuntu 16.04 machine.

Read more
Apache Spark MapReduce with PHP

When it comes to Big Data processing, I'm a huge fan of the Apache Spark project. Spark is a very powerful tool to analyse very large datasets in parallel, and at the same time it provides a nice API that allows to write clean distributed code.

Read more
Using LaBrea Tarpit to hinder network scans

When hackers prepare a network attack, they usually start with a network scan to detect running computers and installed software.

Read more
BeMilCIS2019 : Blockchain for dummies

Today we are proud to present a paper at BeMilCIS conference entitled Blockchain for dummies.

Read more
A simple java implementation of Blockchain

Blockchain is currently a very hot research topic. To understand how it works and what it can achieve, here is a simple java implementation.

Read more
Blockchain

These last few years everyone everywhere went crazy about cryptocurrencies and more in particular about Bitcoin. The value of the star cryptocurrency did indeed sky-rocket in December 2017 to 19.783$, a 1824% increase in less than a year [2]. However, even though everybody has probably heard about this digital currency, it's likely that very few understand the fascinating technology behind it called blockchain. Bitcoin value

Read more
ICMCIS2019

This week we presented two papers at the International Conference on Military Communications and Information Systems (ICMCIS) in Budva, Montenegro:

Read more
Automatic release with GitLab and SimpleRepos

SimpleRepos is a simple file sharing website that allows to upload files using a REST API. Here is how to use it in conjunction with GitLab to automatically release your binaries...

Read more
Using PHP CodeSniffer in a Laravel project

PHP CodeSniffer is a great tool that enforces everybody is using the same coding standard when contributing to a project. For a Laravel project, there are however a few caveats to handle...

Read more
Using font awesome in a Laravel project

Font Awesome is a fantastic icon set to improve your web application. The integration in Laravel requires a few additional steps...

Read more
Avoid leaking secrets in your GitLab repository

Shit happens! Chances are great that you or one of the developers in your team will one day commit a file containing secrets or private keys to a public GIT repository...

Read more
Automatic bug detection with SpotBugs and Maven

SpotBugs is a fantastic tool to help you write beter java code! It performs static code analysis (SA) and uses a database of more then 400 bug patterns to detect potential bugs in your code.

Read more
GitLab : Automatically testing your Python project

Whatever programming language your are using for your project, GitLab continuous integration system (gitlab-ci) is a fantastic tool that allows you to automatically run tests when code is pushed to your repository. Java, PHP, Go, Python or even LaTeX, no limit here! In this blog post we review a few examples for the Python programming language.

Read more
ECHO Project : Kick Off Meeting

ECHO (European network of Cybersecurity centres and competence Hub for innovation and Operations) is a project funded by the European Commission to establish and operate a Cybersecurity Competence Network. The project was officially launched today at the Conference Hall of the Royal Military Academy, in the presence of the 30 participating institutions.

Read more
Using GridFS to store files in MongoDB (Java)

MongoDB is a fantastic tool for storing large quantities of data in a JSON-like format.

Read more
Maven not running all JUnit tests

Here is a trick for solving a tricky and vicious maven bug...

Read more
Phising with 2FA bypass using Evilginx

Phising is a well-known method used by hackers to steal usernames and passwords by imitating a website.

Read more
An introduction to Laravel ORM : Eloquent

When working with an object oriented language, like PHP, Java or Python, an Object-Relational Mapping (ORM) tool allows to automatically convert model objects into rows in a database and vice-versa. It allows to easily save objects in a database, without worrying about writing appropriate SQL requests.

Read more
Using Laravel with a SQLite database

For a development environment or for small web applications, a SQLite database may be perfectly sufficient to store your data. It is also much lighter than a full blown MySQL database.

Read more
Using custom Docker images with GitLab

One of the interesting features of GitLab is the possibility to automatically run tests when code is pushed to the repository (Continus Integration): https://cylab.be/blog/7/gitlab-quickstart

Read more
GitLab : Quickstart

GitLab is a git repository management tool, like GitHub or BitBucket. Like them, it offers issue tracking and wikis. However, GitLab also offers some very powerful features like Continuous Integration (CI) and Continuous Delivery (CD).

Read more
A java introduction to OrientDB document database

OrientDB is a NoSQL document database, like the very popular MongoDB. It has some very interesting additional features:

Read more
Students projects 2017-2018

Today 6 students from the Master in CyberSecurity presented their project:

Read more