Recent Articles

WEP Attack »

WepAttack is a WLAN open source Linux tool for breaking 802.11 WEP keys. This tool is based on an active dictionary attack that tests millions of words to find the right key. Only one packet is required to start an attack.

The  requirements:

The network data has been captured by a WLAN card in monitor mode. A network sniffer captures the data to a dumpfile. The use of a Lucent Orinoco Gold Card in combination with Kismet seems to work without any problems.

A working WLAN card is required to work with WepAttack.

WepAttack accepts every dumpfile of pcap structure. Every Tool that can handle dumpfiles in pcap format, as Kismet, Tcpdump or Ethereal does, can be used for sniffing data. Kismet is highly recommended because it offers lots of convenience.

Open Source Wireless Network Sniffer and IDS »

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.

Kismet also sports a plugin architecture allowing for additional
non-802.11 protocols to be decoded.

Open Source IDE for C++ »

UDev is an Integrated development environment for C++. Its main asset is its exclusive package system which allows to create projects using libraries or SDK in a simple and efficient way. It has also a form editor to make the design of your applications a painless task. The priority goes to ease-of-use for efficient and quick programming with advanced compilers support, automatic project creation, etc.

Either you want to program console or windowed applications, precise code control remains. The code execution speed level only depends on the used compiler : all requirements can be achieved, including office applications, advanced 3D video games and plugins development (DLL), your creativity is your only limit…


RAD C++ Studio is a Visual IDE like VB/VC/Kylix/Borland CB. A truely Rapid Application Development tool. Also generates source for WIN32 API, Dev C++ Project, and best for exporting resource .rc files.



Dev-C++ is an full-featured Integrated Development Environment (IDE) for Win32. It uses GCC, Mingw or Cygwin as compiler and libraries set.

Open Source RAD Tool for Database Application »

The aim of dataweb project is to create a rapid development tool for applications oriented to the manipulations of database. The applications created with this tool are immediately usable in net. The main features of dataweb are:

Architecture Client/Server

Dataweb Project is composed of a Server part that manages the access to the data store and a client application that acts as a user interface. The two components comunicate over the tcp-ip protocol with the possiblity to encrypt the comunication.


Both Server and Client can run con all java runtime compatible operating systems:

  • Linux
  • Windows
  • Apple
  • Solaris

Thanks to an interface implementation Dataweb Project suppots a number of databases. Currently it can use the following database engines:

  • PostgreSQL
  • Hsqldb

Dataweb Project is a multiuser environment with the following capabilities:

  • Possibility  to set various object permissions (tables,views,masks,prints,etc..).
  • User operation logging.
  • Record concurrency management.

Dataweb Project is a multilingual platform and offers the users the possiblity to set the language they wish to use through out their interaction with the system.

Reduced size client, auto-installing and auto-updating.

The client is very small in size (roughly 900 kb), it is installable via browser, once downloaded it also verifies if the java runtime is available else it proposes it’s installation. Client updating is automatic from the moment that you connect to the server. Once the connection is established the client checks its version with the one on the server so it is also up to date.

Application management in packages

Dataweb Project groups all the objects (Tables, Views, Forms, Reports, etc..) required by a specific application into a package, there for there will be as many packages as applications.

Remote development, administration and usage of the packages

By installing the client it is possible to reach and server local or remote by specifying a name or ip. From this point on with the right permissions you are able to develope packages (create Tables, Views, Forms, Reports, etc…), administer the server (Users, Services, etc…) or use the created application.

Package version management

When a change is made to a package Dataweb Project automatically creates a script to manage the update assigning a version. This way al clients will be updated on the next connection

Installation management and package update

Dataweb Project generates installation/update packages in a file. To install the file you need to connect to the server you wish to update in administrator mode and choose the installation procedure which will install the package or update it if it already exists.

Integration with third party modules

Dataweb Project is a data-store oriented application, but thanks to the possiblity to add third party modules (jar) it is possible to manage practically any applciation.

Creation and use of webservices

Webservices are the best way to allow the comnunication of two processes in complete transparency.

With Dataweb Project we havethe possbility to create functions that can be invoked by any programming language that supports SOAP protocol (.net, php, java, etc..).
Viceversa it is also possible to call other webservices from Dataweb Project.

Good Read: SOA Best Practices »

Service-Oriented Architecture (SOA) is creating a lot of buzz across the IT industry. Propelled by standards-based technologies like XML, Web Services, and SOAP, SOA is quickly moving from pilot projects to mainstream applications critical to business operations.

One of the key standard accelerating the adoption of SOA is Business Process Execution Language (BPEL) for Web Services. BPEL enables organizations to automate their business processes by orchestrating services. It forces organizations to think in terms of services: Existing functionality is exposed as services. New applications are composed using services. Services are reused across different applications. Services everywhere!

In this cookbook, 10 SOA practitioners share their SOA best practices and provide practical viewpoint to tackle many of the common problems SOA promises to solve. It’s organized into three sections: "Service Oriented Integration," "Building Modern Applications," and "SOA Techniques." Sections 1 and 2 will "inspire" you to take the plunge into the world of services and test-drive SOA yourself; Section 3 will "equip" you with best-practice techniques for building a better SOA application.

The cookbook is available here.

Open Source Python IDE »

Boa Constructor is a cross platform Python IDE and wxPython GUI Builder. It offers visual frame creation and manipulation, an object inspector, many views on the source like object browsers, inheritance hierarchies, doc string generated html documentation, an advanced debugger and integrated help.


Zope support: Object creation and editing. Cut, copy, paste, import and export. Property creation and editing in the Inspector and Python Script debugging.

It is written in Python and uses the wxPython library which wraps wxWindows.

Project Lombok »

This is an interesting project – Project Lombok

@Getter / @Setter

Never write public int getFoo() {return foo;} again.
No need to start a debugger to see your fields: Just let lombok generate a toString for you!
Equality made easy: Generates hashCode and equals implementations from the fields of your object.
All together now: A shortcut for @ToString, @EqualsAndHashCode, @Getter on all fields, and @Setter on all non-final fields. You even get a free constructor to initialize your final fields!
Automatic resource management: Call your close() methods safely with no hassle.
synchronized done right: Don’t expose your locks.
To boldly throw checked exceptions where no one has thrown them before!

PHP for Applications »

P4A (PHP For Applications) is a PHP5 RAD and object oriented PHP framework for building event-driven stateful web applications. It is based on Zend Framework and features tableless HTML, multiple databases, accesskey support, auto data type recognition, transparent AJAX, UTF-8, i18n/l10n.

P4A is empowered by Zend Framework, jQuery, jQuery UI and FCKEditor and is:

  • 100% PHP5
  • Compatible with PHP 5.2.x, Apache 1.3.x/2.0.x and Microsoft IIS 6.0 web servers on Linux/Unix/Windows operating systems
  • Completely object oriented and event based programming
  • Based on Zend Framework 1.5 (using Zend_Date, Zend_Db, Zend_Locale, Zend_Validate, Zend_Translate)
  • Stateful as a classical client application
  • Easy access to all major database engines (MySQL, PostgreSQL, Oracle, SQLite) through Zend_DB, with automatic data input mask generation
  • Multiple database connections at the same time
  • Automatic database data type recognition and consequent functionalities for automatic formatting and normalizing (integers, decimals, floats, date and time formats, booleans) coherent with the national locale settings
  • Many user interface elements (Widgets) such as single line or multiple lines text fields with advanced rich WYSIWYG text editing support, checkboxes, single/multiple selection fields, tables, buttons, tree navigators, toolbars, fieldsets etc…
  • WYSIWYG advanced editor (FCKEditor) with file upload
  • Transparent AJAX support (forget about javascript programming, everything is AJAX based in P4A but you can completely disable ajax with a single line of code, redesign one or more or every widgets on the screen after every AJAX call only using PHP instructions)
  • methods calls chainability
  • 440 locales supported (numeric and date formats) thanks to the ZF implementation of the Unicode’s CLDR
  • More than 40 translations bundled
  • Completely UTF-8
  • Hyper customizable with color schemas, icons packs, additional CSS

Alternative for HSQLDB and Derby »

H2 is another Java SQL database that you can use other than HSQLDB or Derby. The main features of H2 are:

  • Very fast, open source, JDBC API
  • Embedded and server modes; in-memory databases
  • Browser based Console application
  • Small footprint: around 1 MB jar file size

Main Features

  • Very fast database engine
  • Open source
  • Written in Java
  • Supports standard SQL, JDBC API
  • Embedded and Server mode, Clustering support
  • Strong security features
  • The PostgreSQL ODBC driver can be used
  • Multi version concurrency
Additional Features
  • Disk based or in-memory databases and tables, read-only database support, temporary tables
  • Transaction support (read committed and serializable transaction isolation), 2-phase-commit
  • Multiple connections, table level locking
  • Cost based optimizer, using a genetic algorithm for complex queries, zero-administration
  • Scrollable and updatable result set support, large result set, external result sorting, functions can return a result set
  • Encrypted database (AES or XTEA), SHA-256 password encryption, encryption functions, SSL
SQL Support
  • Support for multiple schemas, information schema
  • Referential integrity / foreign key constraints with cascade, check constraints
  • Inner and outer joins, subqueries, read only views and inline views
  • Triggers and Java functions / stored procedures
  • Many built-in functions, including XML and lossless data compression
  • Wide range of data types including large objects (BLOB/CLOB) and arrays
  • Sequence and autoincrement columns, computed columns (can be used for function based indexes)
  • Collation support, users, roles
  • Compatibility modes for IBM DB2, Apache Derby, HSQLDB, MS SQL Server, MySQL, Oracle, and PostgreSQL.
Security Features
  • Includes a solution for the SQL injection problem
  • User password authentication uses SHA-256 and salt
  • For server mode connections, user passwords are never transmitted in plain text over the network (even when using insecure connections; this only applies to the TCP server and not to the H2 Console however; it also doesn’t apply if you set the password in the database URL)
  • All database files (including script files that can be used to backup data) can be encrypted using AES-256 and XTEA encryption algorithms
  • The remote JDBC driver supports TCP/IP connections over SSL/TLS
  • The built-in web server supports connections over SSL/TLS
  • Passwords can be sent to the database using char arrays instead of Strings
Other Features and Tools
  • Small footprint (smaller than 1 MB), low memory requirements
  • Multiple index types (b-tree, tree, hash)
  • Support for multi-dimensional indexes
  • CSV (comma separated values) file support
  • Support for linked tables, and a built-in virtual ‘range’ table
  • EXPLAIN PLAN support, sophisticated trace options
  • Database closing can be delayed or disabled to improve the performance
  • Web-based Console application (translated to many languages) with autocomplete
  • The database can generate SQL script files
  • Contains a recovery tool that can dump the contents of the database
  • Support for variables (for example to calculate running totals)
  • Automatic re-compilation of prepared statements
  • Uses a small number of database files
  • Uses a checksum for each record and log entry for data integrity
  • Well tested (high code coverage, randomized stress tests)

Good Reading: BigTable – Distribute Storage System »

Bigtable is a distributed storage system for managing structured data that is designed to scale to a very large size: petabytes of data across thousands of commodity servers. Many projects at Google store data in Bigtable, including web indexing, Google Earth, and Google Finance. These applications place very different demands on Bigtable, both in terms of data size (from URLs to web pages to satellite imagery) and latency requirements (from backend bulk processing to real-time data serving). Despite these varied demands, Bigtable has successfully provided a flexible, high-performance solution for all of these Google products. In this paper we describe the simple data model provided by Bigtable, which gives clients dynamic control over data layout and format, and we describe the design and implementation of Bigtable.

Open Source Java SSHD »

Apache SSHD is a 100% pure java library to support the SSH protocols on both the client and server side.

This library is based on Apache MINA, a scalable and high performance asynchronous IO library.

SSHD does not really aim at being a replacement for the SSH client or SSH server from Unix operating systems, but rather provides support for Java based applications requiring SSH support.

Open Source Git Based Code Review Tool »

Gerrit is a web based code review system, facilitating online code reviews for projects using the Git version control system.

Gerrit makes reviews easier by showing changes in a side-by-side display, and allowing inline comments to be added by any reviewer.

Gerrit simplifies Git based project maintainership by permitting any authorized user to submit changes to the master Git repository, rather than requiring all approved changes to be merged in by hand by the project maintainer. This functionality enables a more centralized usage of Git.

The Swift Open Source PHP Framework »

Kohana is a PHP 5 framework that uses the Model View Controller architectural pattern. It aims to be secure, lightweight, and easy to use.



  • Highly secure
  • Extremely lightweight
  • Short learning curve
  • Uses the MVC pattern
  • 100% UTF-8 compatible
  • Loosely coupled architecture
  • Extremely easy to extend


  • Strict PHP 5 OOP
  • Simple database abstraction using SQL helpers
  • Multiple session drivers (native, database, and cookie)
  • Powerful event handler allows small modifications dynamically
  • Originally based on CodeIgniter

Open Source Billiard Game »

FooBillard is a free (libre; licensed under GPL2) OpenGL billiard game for Linux.


Open Source Mobile Content Delivery Platform III »

The Sony Ericsson WebSDK enables web developers to produce mobile apps that work across different phone platforms. It is an open source tool created in collaboration with the PhoneGap open source community. Applications are written using HTML, CSS and JavaScript. Bridge capability enables the JavaScript code to access platform functionality and data:

  • Geolocation (GPS co-ordinates)
  • Accelerometer (x, y, z co-ordinates)
  • Camera
  • Contacts data
  • Sound
  • Vibrator


The Sony Ericsson WebSDK currently supports Android (e.g. XPERIA™ X10) and Symbian (e.g. Satio™) platforms.

Asynchronous Web Service using WS-Addressing »

WS-Addressing provides way to specify message addressing information independent of transport layer. WS-Addressing provides a way to specify delivery, reply-to, and fault-handler addressing information in a SOAP envelope. WS-Addressing can be used in conjunction with other specifications such as WS-Security to authenticate and WS-Policy to define policies for the service.

WS-Addressing has two key constructs or artifacts:

  • Endpoint reference
  • Message information headers

Endpoint references in the WS-Addressing specification contain the information needed to identify/reference a Web service endpoint. Endpoint references can also be used to provide addresses for individual messages sent to and from Web services.

The WS-Addressing specification defines a set of message information headers that allow uniform addressing of messages independent of underlying transport. These message information headers convey end-to-end message characteristics, including addressing for source and destination endpoints as well as message identity. The WS-Addressing specification comes with WS-Addressing schema, which has complex types defined for endpoint references and messaging properties.

WS-Addressing specification provides a standard mechanism to send message information independent of the transport layer.

WS-Addressing provides number of benefits that include the transport layer not being restricted to HTTP, and working in conjunction with other WS-* specifications it can be used for different patterns such as request/response, one-way, or conversational Web services.

Oracle: Order of Index Fields »

Here are some general guidelines for the order of index fields in Oracle.

The order of columns in the CREATE INDEX statement can affect query performance. In general, specify the most frequently used columns first.

If you create a single index across columns to speed up queries that access, for example, col1, col2, and col3; then queries that access just col1, or that access just col1 and col2, are also speeded up. But a query that accessed just col2, just col3, or just col2 and col3 does not use the index.

There are guidelines for

All the guidelines are available from Managing Indexes

Windows: Remove File Permanently »

Eraser is an advanced security tool for Windows which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 98, ME, NT, 2000, XP, Vista, Windows Server 2003 and Server 2008.


  • It works with Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008.
  • Windows 98, ME, NT, 2000 can still be used with version 5.7!
  • It works with any drive that works with Windows
  • Secure drive erasure methods are supported out of the box
  • Erases files, folders and their previous deleted counterparts
  • Works with an extremely customisable Scheduler

With File Shredder you can remove files from your hard drive without fear they could be recovered. There are quite a few software tools today for retrieval of deleted files under Windows OS. Those tools, often referred to as "file recovery" software, are taking advantage of shortcoming of Windows "delete" command that we all use regularly to delete files. Actually, the "delete" operation in Windows only removes bits of information from files so they appear deleted in OS. It is easy to retrieve those files using aforementioned specialized file recovery software.

In order to remove, or shred files permanently from your system you have to use a program that is capable of rewriting the files with random series of binary data multiple times. This process is often called shredding. That way, the actual content of the file has been overwritten and the possibilities to recover such a shredded file are mostly theoretical.

C# MMS Library »

I have just released the C# MMS encoder and decoder library. The library can be used to encode MMS message to be sent through MM1 and MM7 protocol.



The library is a subproject of MessagingToolkit and eventually will be bundled together with it.

C# Generic Collection Library »

C5 is a library of generic collection classes for C# and other CLI languages and works with Microsoft .Net version 2.0 and later, and Mono version 1.2 and later.

C5 provides functionality and data structures not provided by the standard .Net System.Collections.Generic namespace, such as persistent tree data structures, heap based priority queues, hash indexed array lists and linked lists, and events on collection changes. Also, it is more comprehensive than collection class libraries on other similar platforms, such as Java. Unlike many other collection class libraries, C5 is designed with a strict policy of supporting "code to interface not implementation".

The C5 collection library provides the following collection concepts, described by C# interfaces: Directed enumerable, collection value, directed collection value, extensible collection, collection, sequenced collection, indexed collection, sorted collection, indexed sorted collection, persistent sorted collection, list, LIFO stack, FIFO queue, priority queue, dictionary, and sorted dictionary.

The C5 collection library provides the following data structures, described by C# classes: array list, doubly linked list, hash-indexed array list, hash-indexed linked list, hash set, hash bag (multiset), sorted array, wrapped array, tree set, tree bag (multiset), stack, double-ended queue, circular queue, priority queue (interval heap), hash dictionary, and tree dictionary.

See the relation between interfaces and classes for collections and for dictionaries.

The C5 collection library provides the following unusual functionality on collections and dictionaries: collection update events, multiple updatable list views, reversible enumeration, hash indexes on lists, snapshottable tree-based collections, priority queues with item handles, and in general a design with emphasis on orthogonality, flexibility, and preservation of invariants.