Training set and testing set
Machine learning is about learning some properties of a data set and applying them to new data. This is why a common practice in machine learning to evaluate an algorithm is to split the data at hand in two sets, one that we call a training set on which we learn data properties, and one that we call a testing set, on which we test these properties.(from sklearn website)
The main API implemented by scikit-learn is that of the estimator. An estimator is any object that learns from data; it may a classification, regression or clustering algorithm or a transformer that extracts/filters useful features from raw data.
UDP 53 Indicators of Exfiltration
Packet Capture Creation
tcpdump -i en1 -w dns-file udp dst port 53
Python DNS Data Exfiltration Tool
Data Exfiltration SME job
DNS RFC (not Real Fried Chicken)
DNS Exfil Tool
First project at Hacker School demonstrating my humble beginnings.
Collection of concept ideas written in python. Like memcache, round robin, bloomfilter and hashes.
Collection of techniques and methods. Technique to commit list, dict and object storage into ZODB.
Variety of scripts created in the first week of Hacker School. Screenscraper, keylogger, iSight capture, Hacker School map, lambda, reduce brain teaser.
Collection of scripts testing ideas about access to Netflix API, using Flask
Collection of programs created from the Twisted Framework. Finger Server, HTTP Server, UpperCase Server, Caching Proxy HTTP Server. I also contributed to Twisted and I documented the contributions.
Using the KDD Cup 1999 dataset, I built an IDS anomaly detection engine for identifying 4 categories of network security attacks. This python system was built to learn about the fundamentals of python network programming, machine learning and lexing – parsing. This system is a slow python POC version of commercial systems available today written in C.
Using ideas and concepts around Python Network Programming I built a bunch of tools in python. Network Scanners, Packet sniffers, Network Stress testing tools, DNS tools, Proxy Caching Server (later converted to Twisted), Chat Server.
Domain Name Service File Transfer Protocol (DFTP) Client and Server. Exfiltration with text files, pdf etc.