python-catalin

Sunday, November 30, 2025

News : the xonsh shell language and command prompt.

Xonsh is a modern, full-featured and cross-platform python shell. The language is a superset of Python 3.6+ with additional shell primitives that you are used to from Bash and IPython. It works on all major systems including Linux, OSX, and Windows. Xonsh is meant for the daily use of experts and novices.

The install is easy with pip tool:

python -m pip install 'xonsh[full]'

News : mitmproxy - part 001.

Mitmproxy is an interactive, open‑source proxy tool that lets you intercept, inspect, and modify HTTP and HTTPS traffic in real time. It acts as a "man‑in‑the‑middle" between your computer and the internet, making it possible to debug, test, or analyze how applications communicate online.

Why Python?

Mitmproxy is built in Python and exposes a powerful addon API
You can write custom scripts to automate tasks and traffic manipulation
Block or rewrite requests and responses with flexible logic
Inject headers or simulate server responses for testing
Integrate with other Python tools for advanced automation

Intercept and inspect HTTP and HTTPS traffic in real time
Modify requests and responses dynamically with Python scripts
Block specific hosts or URLs to prevent unwanted connections
Inject custom headers into outgoing requests for debugging or control
Rewrite response bodies (HTML, JSON, text) using regex or custom logic
Log and save traffic flows for later analysis and replay
Simulate server responses to test client behavior offline
Automate testing of web applications and APIs with scripted rules
Monitor performance metrics such as latency and payload size
Integrate with other Python tools for advanced automation and analysis
Use a trusted root certificate to decrypt and modify HTTPS traffic securely

Let's install:

pip install mitmproxy

Let's see the python script:

# addon.py
from mitmproxy import http
from mitmproxy import ctx
import re

BLOCKED_HOSTS = {
    "hyte.com",
    "ads.example.org",
}

REWRITE_RULES = [
    # Each rule: (pattern, replacement, content_type_substring)
    (re.compile(rb"Hello World"), b"Salut lume", "text/html"),
    (re.compile(rb"tracking", re.IGNORECASE), b"observare", "text"),
]

ADD_HEADERS = {
    "X-Debug-Proxy": "mitm",
    "X-George-Tool": "true",
}

class GeorgeProxy:
    def __init__(self):
        self.rewrite_count = 0

    def load(self, loader):
        ctx.log.info("GeorgeProxy addon loaded.")

    def request(self, flow: http.HTTPFlow):
        # Block specific hosts early
        host = flow.request.host
        if host in BLOCKED_HOSTS:
            flow.response = http.Response.make(
                403,
                b"Blocked by GeorgeProxy",
                {"Content-Type": "text/plain"}
            )
            ctx.log.warn(f"Blocked request to {host}")
            return

        # Add custom headers to outgoing requests
        for k, v in ADD_HEADERS.items():
            flow.request.headers[k] = v

        ctx.log.info(f"REQ {flow.request.method} {flow.request.url}")

    def response(self, flow: http.HTTPFlow):
        # Only process text-like contents
        ctype = flow.response.headers.get("Content-Type", "").lower()
        raw = flow.response.raw_content

        if raw and any(t in ctype for t in ["text", "html", "json"]):
            new_content = raw
            for pattern, repl, t in REWRITE_RULES:
                if t in ctype:
                    new_content, n = pattern.subn(repl, new_content)
                    self.rewrite_count += n

            if new_content != raw:
                flow.response.raw_content = new_content
                # Update Content-Length only if present
                if "Content-Length" in flow.response.headers:
                    flow.response.headers["Content-Length"] = str(len(new_content))
                ctx.log.info(f"Rewrote content ({ctype}); total matches: {self.rewrite_count}")

        ctx.log.info(f"RESP {flow.response.status_code} {flow.request.url}")

addons = [GeorgeProxy()]

Let's run it:

mitmdump -s addon.py
[21:46:04.435] Loading script addon.py
[21:46:04.504] GeorgeProxy addon loaded.
[21:46:04.506] HTTP(S) proxy listening at *:8080.
[21:46:18.547][127.0.0.1:52128] client connect
[21:46:18.593] REQ GET http://httpbin.org/get
[21:46:18.768][127.0.0.1:52128] server connect httpbin.org:80 (52.44.182.178:80)
[21:46:18.910] RESP 200 http://httpbin.org/get
127.0.0.1:52128: GET http://httpbin.org/get
              << 200 OK 353b
[21:46:19.019][127.0.0.1:52128] client disconnect
[21:46:19.021][127.0.0.1:52128] server disconnect httpbin.org:80 (52.44.182.178:80)

Let's see the result:

curl -x http://127.0.0.1:8080 http://httpbin.org/get
{
  "args": {},
  "headers": {
    "Accept": "*/*",
    "Host": "httpbin.org",
    "Proxy-Connection": "Keep-Alive",
    "User-Agent": "curl/8.13.0",
    "X-Amzn-Trace-Id": "Root=1-692c9f0b-7eaf43e61f276ee62b089933",
    "X-Debug-Proxy": "mitm",
    "X-George-Tool": "true"
  },
  "origin": "84.117.220.94",
  "url": "http://httpbin.org/get"
}

This means

The request successfully went through mitmproxy running on 127.0.0.1:8080. Your addon worked: it injected the custom headers (X-Debug-Proxy, X-George-Tool). The httpbin.org echoed back the request details, showing exactly what the server received.

Python Tornado - part 001.

Python Tornado is a high‑performance web framework and asynchronous networking library designed for extreme scalability and real‑time applications. Its standout capability is handling tens of thousands of simultaneous connections efficiently, thanks to non‑blocking I/O.

This is an open source project actively maintained and available on tornadoweb.org.

Python Tornado – Key Capabilities

Massive Concurrency: Tornado can scale to tens of thousands of open connections without requiring huge numbers of threads.
Non‑blocking I/O: Its asynchronous design makes it ideal for apps that need to stay responsive under heavy load.
WebSockets Support: Built‑in support for WebSockets enables real‑time communication between clients and servers.
Long‑lived Connections: Perfect for long polling, streaming, or chat applications where connections remain open for extended periods.
Coroutines & Async/Await: Tornado integrates tightly with Python’s asyncio, allowing developers to write clean asynchronous code using coroutines.
Versatile Use Cases: Beyond web apps, Tornado can act as an HTTP client/server, handle background tasks, or integrate with other services.

Tornado setup: The script creates a web server using the Tornado framework, listening on port 8888.

Route definition: A single route /form is registered, handled by the FormHandler class.

GET request: When you visit http://localhost:8888/form, the server responds with an HTML page (form.html) that contains a simple input form.

POST request: When the form is submitted, the post() method retrieves the value of the name field using self.get_argument("name").

Response: The server then sends back a personalized message

Let's see the script:

import tornado.ioloop
import tornado.web
import os

class FormHandler(tornado.web.RequestHandler):
    def get(self):
        self.render("form.html")  # Render an HTML form

    def post(self):
        name = self.get_argument("name")
        self.write(f"Hello, {name}!")

def make_app():
    return tornado.web.Application([
        (r"/form", FormHandler),
    ],
    template_path=os.path.join(os.path.dirname(__file__), "templates")  # <-- aici
    )

if __name__ == "__main__":
    app = make_app()
    app.listen(8888)
    print("Server pornit pe http://localhost:8888/form")
    tornado.ioloop.IOLoop.current().start()

Monday, November 3, 2025

News : DjangoCon Europe 2026!

We’re excited to share that DjangoCon Europe returns in 2026 — this time in the historic and sun-soaked city of Athens, Greece 🇬🇷, with three days of talks from April 15–17, 2026!

This is the 18th edition of the Conference and it is organized by a team made up of Django practitioners from all levels. We welcome people from all over the world.

Our conference seeks to educate and develop new skills, best practices, and ideas for the benefit of attendees, developers, speakers, and everyone in our global Django Community, not least those watching the talks online.

This year it will take place in the beautiful city of Athens. Don't miss the chance to join us for three days of talks, workshops, and sprints.

Read more abot this event on the official webpage.

News : Hyperflask - web stack on top of Python !

The goal of the Hyperflask stack is to provide a single unified web stack, built on top of Python and proven technologies, where all components have been designed to work together seamlessly.

It intends to provide solo devs and small teams a solution that allows them to build and operate a website/web app with minimal boilerplate and overhead. All the focus can go to work on the actual product.

Thursday, October 30, 2025

News : xAI A.P.I. with regional endpoint on xai_sdk python package.

Grok is a family of Large Language Models (LLMs) developed by xAI.

Inspired by the Hitchhiker's Guide to the Galaxy, Grok is a maximally truth-seeking AI that provides insightful, unfiltered truths about the universe.

xAI offers an API for developers to programmatically interact with our Grok models. The same models power our consumer facing services such as Grok.com, the iOS and Android apps, as well as Grok in X experience.

If you want to use a regional endpoint, you need to specify the endpoint url when making request with SDK. In xAI SDK, this is specified through the api_host parameter.

Is not free models available for xAI A.P.I.

See this example from the official website:

import os

from xai_sdk import Client
from xai_sdk.chat import user

client = Client(
api_key=os.getenv("XAI_API_KEY"),
api_host="us-east-1.api.x.ai" # Without the https://
)

chat = client.chat.create(model="grok-4")
chat.append(user("What is the meaning of life?"))

completion = chat.sample()

Thursday, October 23, 2025

News : OneByteRadar - pymem python package.

Today, I found this GitHub project about how to write to exe files with python programming language

The author say:

CS:GO radar hack achieved by patching one byte of game memory. Written in Python 3.

I don't test it, but good to know how can use these python modules.

The pymem Python library that allows you to interact with the memory of running Windows processes.

Reading and writing memory values of other processes
Scanning memory for byte patterns
Allocating and freeing memory inside another process
Accessing modules (DLLs) loaded by a process
This is often used in game hacking, automation, or debugging tools.

NOTE: I used artificial intelligence to write this simple example, it is more productive in programs with more complex syntax, but the basics of programming must be known...

Let's see one example with edge browser open:

import pymem
import pymem.process
import re

# Open the Edge process (make sure it's running)
pm = pymem.Pymem("msedge.exe")

# Get the main module of the process
module = pymem.process.module_from_name(pm.process_handle, "msedge.exe")
base = module.lpBaseOfDll
size = module.SizeOfImage

# Read the module's memory
data = pm.read_bytes(base, size)

# Search for a test pattern (generic example)
pattern = re.search(rb'\x48\x89\x5C\x24\x08\x57\x48\x83', data)

if pattern:
    address = base + pattern.start()
    print(f"Pattern found at: {hex(address)}")

    # Read 8 bytes from the found address
    raw = pm.read_bytes(address, 8)
    print("Raw bytes:", raw)

    # Interpret the bytes as a little-endian integer
    value = int.from_bytes(raw, byteorder='little')
    print("Integer value:", value)

    # Write a new value (e.g., 12345678)
    new_value = (12345678).to_bytes(8, byteorder='little')
    pm.write_bytes(address, new_value, 8)
    print("Value overwritten with 12345678.")

else:
    print("Pattern not found.")

# Close the process handle
pm.close_process()

What is that patern:

pattern = re.search(rb'\x48\x89\x5C\x24\x08\x57\x48\x83', data)

These bytes correspond to x86-64 assembly instructions. For example:


48 89 5C 24 08 → mov [rsp+8], rbx
57 → push rdi
48 83 → the start of an instruction like add/sub/cmp with a 64-bit operand

This sequence is typical for the prologue of a function in compiled C++ code — saving registers to the stack.

This is a simple example, you don't see anything in edge because is just one search and one overwritten:

python pymem_exemple_002.py
Pattern found at: 0x7ff7180cb3d5
Raw bytes: b'H\x89\\$\x08WH\x83'
Integer value: 9459906709773125960
Value overwritten with 12345678.

You replaced those 8 bytes with the integer 12345678, encoded as: 4E 61 BC 00 00 00 00 00 (in hex)

This corrupts the original instruction, which may crash Edge or cause undefined behavior.

Not crash, maybe my edge browser use protections (ASLR, DEP, CFG) that can make modification unstable.

--------

1. ASLR (Address Space Layout Randomization)

2. DEP (Data Execution Prevention)

3. CFG (Control Flow Guard)

Wednesday, October 22, 2025

Python 3.11.11 : Colab simple tests with Protocol Buffers - part 054.

Today, something simple into colab_google GitHub project, see catafest_071.ipynb - simple example with altair and vega-datasets python packages.

The result comes with some charts example.

Tuesday, October 21, 2025

Python 3.12.12 : Google colab example - satellite sentinel-2-l2a.

Tested today, location my home, this is the result of satellite sentinel-2-l2a - octomber 2025.

Monday, October 20, 2025

Python Qt6 : tool for remove duplicate files ...

Today I created a Python script with PyQt6 that allows me to remove duplicate files based on three ways of selecting the type of duplicate.

The script also makes an estimate of the execution time...

Because the source code is relatively simple and can be very easily reconstructed with the help of artificial intelligence, I am not adding it to the posts.

Here is what the application looks like with PyQt6.

This is the source code :

import sys
import os
import shutil
from PyQt6.QtWidgets import QApplication, QWidget, QPushButton, QVBoxLayout, QFileDialog, QMessageBox
from PyQt6.QtCore import QDateTime

class FileRenamer(QWidget):
    def __init__(self):
        super().__init__()
        self.setWindowTitle("Redenumire fișiere cu dată și index")
        self.setGeometry(100, 100, 400, 150)

        layout = QVBoxLayout()

        self.button = QPushButton("Selectează folderul și redenumește fișierele")
        self.button.clicked.connect(self.rename_files)
        layout.addWidget(self.button)

        self.setLayout(layout)

    def rename_files(self):
        folder = QFileDialog.getExistingDirectory(self, "Selectează folderul")
        if not folder:
            return

        files = [f for f in os.listdir(folder) if os.path.isfile(os.path.join(folder, f))]
        files.sort()  # Sortează pentru consistență

        for index, filename in enumerate(files, start=1):
            old_path = os.path.join(folder, filename)
            try:
                creation_time = os.path.getctime(old_path)
                dt = QDateTime.fromSecsSinceEpoch(int(creation_time))
                date_str = dt.toString("yyyyMMdd_HHmmss")
                ext = os.path.splitext(filename)[1]
                new_name = f"{date_str}_{index:03d}{ext}"
                new_path = os.path.join(folder, new_name)

                # Evită suprascrierea fișierelor existente
                if not os.path.exists(new_path):
                    shutil.move(old_path, new_path)
            except Exception as e:
                QMessageBox.critical(self, "Eroare", f"Eroare la fișierul {filename}:\n{str(e)}")
                continue

        QMessageBox.information(self, "Succes", "Fișierele au fost redenumite cu succes!")

if __name__ == "__main__":
    app = QApplication(sys.argv)
    window = FileRenamer()
    window.show()
    sys.exit(app.exec())