#java#adversary_emulation#adversary_exposure_validation#aev#attack_simulation#breach_simulator#cybersecurity#purple_team
OpenBAS is a free, open-source platform that helps you plan and run cyberattack simulations to find security weaknesses in your organization. It supports teamwork, real-time monitoring, and detailed feedback, letting you test defenses against real-world threats using up-to-date intelligence from OpenCTI. You can simulate attacks through emails, SMS, social media, and more, making your training realistic and comprehensive. OpenBAS offers both a Community Edition and a more advanced Enterprise Edition. It’s easy to install with Docker or manually, and you can try it online before using it. This helps you improve your cybersecurity by practicing and identifying gaps before real attacks happen.
https://github.com/OpenBAS-Platform/openbas
https://pypi.python.org/pypi/oauthlib
A generic, spec-compliant, thorough implementation of the #OAuth request-signing logic for python
OAuth often seems complicated and difficult-to-implement. There are several prominent libraries for handling OAuth requests, but they all suffer from one or both of the following:
They predate the OAuth 1.0 spec, AKA RFC 5849.
They predate the OAuth 2.0 spec, AKA RFC 6749.
They assume the usage of a specific HTTP request library.
OAuthLib is a generic utility which implements the logic of OAuth without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library, or provide support onto your favourite web framework. If you’re a maintainer of such a library, write a thin veneer on top of OAuthLib and get OAuth support for very little effort.
https://aaronparecki.com/2012/07/29/2/oauth2-simplified#others
OAuth 2 Simplified
Sun, Jul 29, 2012 9:30am -07:00
Many services such as #Facebook, #Github, and #Google have already deployed OAuth 2 servers, and deployed implementations win.
The #OAuth 2 spec itself leaves many decisions up to the implementor. Instead of describing all possible decisions that need to be made to successfully implement OAuth 2, this post makes decisions that are appropriate for most implementations.
This post is an attempt to describe OAuth 2 in a simplified format to help developers and service providers implement the protocol.