
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
ipython-notebook-proxy
Advanced tools
This is basically a thin wrapper around node http-proxy and repl to be able to launch multiple notebook server on the same port, and accessible at different URLs.
It also allows to host other applications than ipython notebook.
Unlike other proxy the routing scheme can be changed while the proxy is running without deconnecting the current clients, and it works out of the box with websockets.
Soon availlable on npm, I need to learn how to do it.
Righ now, Install node 0.8+ (works with 0.6 with minimal modification), install npm
clone git repository, run npm install
in root or repo.
$ ./bin/notebook-proxy.js
==================================
QuickStart
> start("/ipython/",8888)
go to "localhost:8000/ipython/"
> start("/ipython-more/",7777
go to "localhost:8000/ipython-more/"
> stop_all()
> help()
For more info
==================================
>
It now listen on localhost:8000 (not on 127.0.0.1 but I have no idea why...) and you can now spawn as many notebook server using.
start($url, localport)
The proxy will now redirect any request to localport:8000/$url/
to the server.
You can start as many as you want with different url/port.
Stop all servers with stop_all()
also it's a full node repl, so have fun.
PR welcome.
FAQs
A small IPython-Notebook proxy
We found that ipython-notebook-proxy demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.