Resources

Blogs list

Samiux blog -Open Source is a great idea and it has changed the world! Open Source forever.
Carnal0wnage – Carnal0wnage &; Attack Research Blog
McGrew Security – McGrew Security Blog
Blog | GNUCITIZEN – Information Security Think Tank
Darknet – Don`t Learn to HACK – Hack to LEARN
spylogic.net – A personal blog of Tom Eston
TaoSecurity – Richard Bejtlich’s blog on digital security
Room362.com – Blatherings of a Security Addict
SIPVicious – By EnableSecurity
PortSwigger.net – PortSwigger Web Security blog
Blog – pentestmonkey.net – Taking the monkey work out of pentesting
Jeremiah Grossman – Jeremiah Grossman on web application security
omg.wtf.bbq. – Arshan Dabirsiaghi’s security tools
C????�� (in)s??u?it? – Chris John Riley’s blog on security
SkullSecurity – Just another security weblog
Metasploit – Rapid7 Community
Security and Networking – Security and Networking
Skeptikal.org – Mike Bailey’s blog on security
Digital Soapbox – Down the Security Rabbithole!
Tssci security – Top secret/sensitive compartmentalized information
GDS Blog -Blog -Gotham Digital Science
Reiners� Weblog – Anything about web security
Bernardo Damele A. G. – Information technology thoughts
Laramies Corner – Edge-Security team
Andlabs.org – Attack and Defense Labs
Billy (BK) Rios – Thoughts on Security in an uncivilized world
Common Exploits – Exploitation tools &; techniques for penetration testers
Extern blog SensePost – SensePost blog
Wepma.blogspot.com – Weapons of mass analysis
Exploit KB – Blog|exploit KB
Security Reliks – Tips,tools, and research for penetration testers andincident handlers
MadIrish.net – Open source security
Sirdarckcat – Security and programming blog
Reusable Security – Password cracking,and crypto
Myne-us – Myne-us blog
Notsosecure.com – From pentesters to pentesters
SpiderLabs Anterior – Official blog of SpiderLabs
Corelan Team | Peter Van Eeckhoutte(corelanc0d3r) – Knowledge is not an object, it’s a flow
DigiNinja – Something about security
PaulDotCom – Security podcast
Attack Vector – Information & network security
Deviating.net – Lockpicking etc.
Alpha One Labs – Community hackerspace in Brooklyn
SmashingPasswords.com – Informaion security policy, procedures and checklist
Wirewatcher – Looking beyond the obvious
Gynvael.coldwind//vx.log – Gynvael.coldwind//vx.log
Nullthreat Security – Nullthreat security
Archangel Amael’s BT Tutorials – Simple blog about Back Track pen-testing tutorials
Memset’s blog – Yet another computer science blog
Ihasomgsecurityskills – Just another Security/Pentesting blog
Punter-infosec – VA/PT,ethical hacking,information Security
Security Ninja – Security research, news & guidance
Security and risk – Information security is based on outsmarting the other side
GRM n00bs – A blog for noobs by noobs
Kioptrix – Learning security together
::eSploit:: – Security news blog
PenTestIT – Information security news

Forums

BackTrack Forums – BackTrack Linux Forums
EH – EliteHackers.info
InterN0T – InterN0T forum
Government Security – Government security forums
Hack This Site – Hack this site forum
iExploit – iExploit Hacking Forum
Security Override – Security override forum
Bright Shadows – bright-shadows.net
EH – Ethicalhacker.net
Sla.ckers.org – Web application security forum

Magazines

(IN)SECURE Magazine – Sample Text
Hakin9.org – hakin9.org security magazine
THN – The Hacker News Network
Phrack -the best, and by far the longest running hacker zine.

Video

Security Tube – Security tube videos
Irongeek – Irongeek -Hacking Illustrated
SecCon Archive – SecCon video Archive
27c3-stream – 27c3-stream/releases/mkv
YouTube – ChRiStIaAn008’s Channel – YouTube – ChRiStIaAn008’s Channel
YouTube – HackingCons’s Channel – YouTube – HackingCons’s Channel
Hak5– Put together by a band of IT ninjas, security professionals and hardcore gamers, Hak5 isn’t your typical tech show.

Methodologies

Penetration Testing Framework – Who is lookup
The Penetration Testing Execution Standard – Who is lookup
WASC – Web Application Security Consortium
OWASP top 10 – Who is lookup
Social-engineer.org – Who is lookup

OSINT

                -Presentations

Part 1 – Social Networks spylogic.net
Part 2 – Blogs, Message Boards and Metadata spylogic.net
Part 3 – Monitoring and Social Media Policies spylogic.net
Tactical Information Gathering – Who is lookup
Document metadata – The silent killer 32974 (application/pdf Object)
Footprinting – Passive information gathering before a pentest

People and Organizational

Spokeo.com – People search
123people.com – Search people online
Spokeo.com – Business Directory
Business Network – Social network for business professionals
ZoomInfo – ZoomInfo
Pipl – People Search
ZabaSearch! – Free people search by ZabaSearch
SearchBug – Free people finder and company search
Free people search – Free People Search
Addictomatic – Inhale the web
Social Mention – Real time search
EntityCube – EntityCube
Yasni.com – Free people search
Tweepz.com – Search interesting people on twitter
TweepSearch – Twitter profile and bio search
Glassdoor.com – Company salaries and reviews
Jigsaw – Business contact directory
Full Text Search – Full Text Search
TinEye – Reverse image search
PeekYou – PeekYou
PicFog – Quick image search
Twapper Keeper – Tweets archive
The Ultimates – Email lookup/find people

Infrastruture

Netcraft – Uptime survey
SHODAN – Search online devices
Domain Tools – Whois lookup and domain suggestions
Centralops – Free online network utilities
Hackerfantastic.com – Hackerfantastic.com
Whois – Whois and reverse IP service
MSN IP search – MSN IP search
SSL Labs – Public SSL server database
MyIPNeighbors – Reverse IP lookup
GHDB – Google hacking-dorks Database
Domain reports – All about ips, networks and dns
Clez.net – Net toolkit
IHS|GHDB – IHS|GHDB

Vulnerability and exploit databases

Exploit-db – The Exploit database
.:[ packet storm ]:. – .:[ packet storm ]:.
SecurityFocus – SecurityFocus
SecurityForest – SecurityForest
NIST – NIST
OSVDB – The open source vulnerability database
SecDocs – IT security and hacking knowledge base
Nullbyte – Nullbyte.org.il
CVE-details – CVE security vulnerability database
Secunia.com – Secunia.com
CVE – Common vulnerabilities and exposures

Cheat sheets

Big Port DB|Cirt – Big Port DB|Cirt
Cheat Sheet – All cheat sheets in one page
Security cheat sheets – Security advancements at the monastery
GNUcitizen – A homegrown Telnet-based portscanner
Command line – Command line kung fu
Directory bruteforcing – Simple yet effective
WMIC – The grammar of WMIC
WMIC – Windows Command-Line kung fu with WMIC
Windows CMD – Windows CMD commands
Mac – Running a command on every mac
Syn – Command line ninjitsu
WMIC – the other OTHER white meat
Windows – RST – Hacking without tools
Pentesting Ninjitsu 1 – Windows command line
Pentesting Ninjitsu 2 – Netcat without Netcat
PenTester scripting – PenTester scripting
Scripting – Windows scripting: COM-tricks
Blackhat presentations – Advanced command-exploitation
IPv4 Subnetting – reference Wikipedia
SHELLdorado – Shell tips & tricks (Beginner)
Linux Survival – Where learning Linux is easy
BashPitfalls – Greg’s Wiki
Port numbers – Port numbers
Windows CMDs – Useful commands for Windows administrators
Cheat sheets – All the best Linux cheat sheets
Rubular – A Ruby regular expression editor
Netcat – Cheat sheet (ed skoudis)
Hping3 – Hping3 cheatsheet v1.0
Nmap – Nmap 5 new cheat sheet
MSF, Fgdump, Hping – MSF, Fgdump, Hping
Metasploit meterpreter – Cheat sheet reference
Netcat – Cheat sheet

Security and Penetration Testing Distributions

BackTrack– Linux security distribution-retired
Kali Linux – Kali Linux is an open source project that is maintained and funded by Offensive Security
Matriux – Debian based security distro
Pentoo -Pentoo is a security-focused livecd based on Gentoo with lots of customized tools, customized kernel, and much more.
Samurai – Web Testing Framework
OWASP Live CD project – Web application security distro
Pentoo – Security-focused livecd based on Gentoo
Katana – Portable multi-boot security suite
KON-BOOT – Change contents of a linux/windows kernel while booting
Linux from scratch! – Building your own custom Linux system
SUMO Linux –
Pentesting packages for ubuntu – A script to configure Ubuntu box for pentesting
BackBox Linux – Flexible penetration testing distribution
Deft Linux – DEFT 7 is based on the new Kernel 3 (Linux side) and the DART (Digital Advanced Response Toolkit)
REMnux – A Linux Distribution for Reverse-Engineering Malware
Security Onion– Security Onion is a Linux distro for IDS (Intrusion Detection) and NSM (Network Security Monitoring).
Tails -Tails is a live DVD or live USB that aims at preserving your privacy and anonymity.
IprediaOS – IprediaOS is a fast, powerful and stable operating system based on Linux that provides an anonymous environment. All network traffic is automatically and transparently encrypted and anonymized.
CAINE -CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics

LABS

OldApps.com – Old version applications
OldVersion.com – Old versions of programs
Web application exploits – php exploits, asp exploits
Wavsep – Web application vulnerability scanner evaluation project
OWASP SiteGenerator – Creating dynamic websites based on XML
Hacme Books – McAfee free tools
Hacme Casino v1.0 – McAfee free tools
Hacme Shipping – McAfee free tools
Hacme Travel – McAfee free tools
Web security dojo – Training environment for WebApp security
OWASP broken web applications project – A collection of vulnerable WebApps
Pentest live CDs – Open source de-ICE pentest liveCD
NETinVM – A series of User-mode Linux(UML) VMs
Moth – VM image of vulnerable WebApps
Metasploit – Introducing metasploitable
Holynix – Pen-test distribution
WackoPico – Vulnerable liveCD/VM image
LAMPSecurity – Vulnerable virtual machine images
LiveCD – Hacking-Lab.com -learning by doing
Virtual hacking lab – Insecure/old apps for demonstrating vulnerabilities
Badstore.net – How hackers prey on WebApp vulnerabilities
Mutillidae – A deliberately vulnerable set of PHP scripts
DVWA – Damn vulnerable web app
PwnOS – For high-performance computing (HPC)
The ButterFly – Demonstrating WebApp-PHP vulnerabilities
Test Site – Test automated WebApp scanners
CrackMeBank investments – Vulnerable test site
zero.webappsecurity.com – Vulnerable sample site
Acublog news – Test and demonstration site
Acuforum forums – Test and demonstration site
Home of Acunetix art – Test and demonstration site
Altoro mutual – Demonstrating WebApp vulnerabilities
NT OBJECTives -hackme.ntobjectives.com
Exploitation – IT sec catalog – References to vulnerability exploitation stuff
Myne-us: From 0x90 to 0x4c454554 – A journey into exploitation
Abysssec Security Research – Past, present, future of windows exploitation
Smash the Stack 2010 – Buffer overflow
The Ethical Hacker Network – Smashing the modern stack for fun and profit
x9090’s Blog – Exploit writting tutorial from basic to intermediate
Opcode – X86 Opcode and instruction reference

Reverse Engineering and Malware

TiGa’s IDA video tutorial site – Video tutorial series on IDA pro
Binary auditing – Fundamentals of binary auditing
visi.kenshoto.com – Debugger and scripts
Radare – Reverse engineering framework
Offensive Computing – Community malicious code research and analysis

Wordlists

 

DEFCON 2011 – Crack Me if you can
Packet Storm – Word lists
SkullSecurity – Password dictionaries
Index of passwords – Eric Heitzman’s password list

Pass the hash

Pass the hash – Attacks tools mitigation 33283 (application/pdf Object)
Crack pass – Hash 33219 (application/pdf Object)
Irongeek.com – Password exploitation class
Default Passwords Database – Suspicion breeds confidence
Sinbad Security Blog – MS SQL server password recovery
Medusa::SMBNT – Foofus Networking Services
Foofus.Net Security Stuff – LM/NTLM challenge/ response authentication –
MD5 Crackers – Password recovery, wordlist downloads
Nirsoft.net – Password storage locations for popular windows applications
Online Hash Crack MD5/LM/NTLM/SHA1/MySQL – Passwords recovery – Reverse hash lookup online – hash calculator
MD5 hash – Requested MD5 hash queue
Virus.Org – Default password database
Phenoelit-us.org – Default password list
Electric Alchemy – Cracking passwords in the cloud: Breaking PGP on EC2 with EDPR

Man/Monkey in the Middle

Introduction to dsniff – GIAC certified student practical
Arpspoof – Dsniff-n-mirror.pdf (application/pdf Object)
Notes on running Dsniff in the lab – Dsniff.pdf (application/pdf Object)
A hacker’s story – Let me tell you just how easily I can steal your personal data
Ethical hacking and countermeasures 5.0 – ECCE101.pdf (application/pdf Object)
ToorCon- information security conference – 3.pdf (application/pdf Object)
Eavesdropping and modification – Seven deadliest UC attacks Ch3.pdf (application/pdf Object)
Knowledge is security- Packetstormsecurity – Cracking-air.pdf (application/pdf Object)
Man in the middle attacks – ARP poisoning,DNS spoofing- port stealing- STP mangling etc
Ethernet: Man in the middle attacks – Switched ethernet, sniffing, hijacking, injecting: (fun & profit)
Defcon-17 – Sam bowne-hijacking web 2.0.pdf (application/pdf Object)
Mcafeeseminar.com – Live hacking.pdf
A brief guide to ARP-based MITM attacks – PasstheParcel-MITMGuide.pdf (application/pdf Object)
Internet- cloud computing and sniffing – 2010 JohnStrand Keynote.pdf (application/pdf Object)
Ettercap Spoof – 18 Ettercap Spoof.pdf (application/pdf Object)
ARP spoofing – EtterCap ARP spoofing & beyond.pdf (application/pdf Object)
Swiss army knife of ARP poisoning – Fun with EtterCap filters.pdf (application/pdf Object)
Ettercap – The magic of Ettercap.pdf (application/pdf Object)
Arp spoofing – Sniffing in a switched network
Ettercap – Man in the middle attack-tool.pdf (application/pdf Object)
LAN sniffing con Ettercap – ICTSecurity 2004 26.pdf (application/pdf Object)
ARP poisoning – Ettercap Nov 6 2005-1.pdf (application/pdf Object)
MadIrish.net – Mallory is more than a proxy
Thicknet – It does more than Oracle, Steve Ocepek securityjustice on USTREAM computers

OSINT TOOLS

TheHarvester – Information gathering
DNSTRACER man-page – Trace a chain of DNS servers to the source
Maltego 3 – Maltego tools/videos

Google HAckign TOOLS

SEAT – Midnight research labs
Google hacking – Diggity project Stach &; Liu
DorkScan.py – DorkScan – python script

WEB TOOLS

BeEF – The browser exploitation framework (BeEF)
BlindElephant – Web application fingerprinter
XSSer – Automatic tool for pentesting XSS attacks against different applications
RIPS – Static source code analyser for vulnerabilities in PHP WebApps
Authforce – http://www.divineinvasion.net/authforce/
Reconnaissance-penetration tools – Attack and defense labs – tools
Browser exploitation – Browser exploitation for fun &; profit
SQL injection – Using sqid (SQL Injection Digger) to look for SQL injection
pinata-CSRF-tool – Python script to generate PoC CSRF HTML from HTTP request.
XSSer-Usage – Automatic tool for pentesting XSS attacks against different applications
Clickjacker – Clickjacking tool
Unicode-fun – Ruby script to generate URL encoded Unicode UTF-8 URL
WS-Attacker – Modular framework for web services penetration testing
Koto/squid-imposter – Create Squid-based proxy

Password tools

Ncrack – High-speed network authentication cracking tool
Medusa – Parallel network login auditor
JTR – John the ripper password cracker
Ophcrack – Free windows password cracker based on rainbow tables
Keimpx – Check for the usefulness of credentials across a network over SMB
Hashkill – A multithreaded opensource password cracker

Social Engineering Tools

SET – Social engineering toolkit

NSE TOOLS

NSE tutorial – Nmap scripting engine primer tutorial
Nmap scripting engine (NSE) – NSEDoc reference portal

Metasploit

Reverse pivots with Metasploit – How NOT to make the lightbulb
Msf-hack – Hacks on MSF
In depth defense – Metasploit visual basic payloads in action
Metasploit mailing list – List archives
Metasploit Meterpreter – Nessus scanning through a Metasploit Meterpreter session
OpenSSH-Script – OpenSSH-Script for meterpreter
Metasploit – Automating the Metasploit console
561 – Maximizing the effectiveness of reports, exploits, and command shells
Deploying Metasploit as a payload on a rooted box – Msf payload tutorial- video
Metasploit/MeterpreterClient – Wikibooks, collection of open-content textbooks
SecTor 2010 – HD Moore – Beyond Exploits- video
XLSinjector – Script to inject meterpreter shell to excel file
Armitage – Cyber attack management for Metasploit
Nsploit – Scanning to identify versions and exploits
MSF-meterpreter – Neurosurgery with meterpreter
MSF – Automating msf- UAV-slides.pdf
MS04-011: MS windows SSL library -Malformed message remote DoS(835732)(uncredentialed check)
MS03-007: Unchecked buffer in ntdll.dll – Arbitrary code can be executed on the remote host
MS05-017: Vulnerability in MSMQ Could Allow Code Execution (892944) – Arbitrary code can be executed on the remote host
MS windows SMB blank administrator password – It is possible to log into the remote host
MS08-067: Vulnerability in server service could allow remote code execution (958644) (uncredentialed check / IPS) – Arbitrary code can be executed on the remote host due to a flaw inthe ‘Server’ service
MS06-040: Vulnerability in server service could allow remote code execution (921883) (uncredentialed check) – Arbitrary code can be executed on the remote host due to a flaw in the’Server’ service.
MS08-067: Windows server service crafted RPC request handling unspecified remote code execution (958644) – Arbitrary code can be executed on the remote host due to a flaw in the’server’ service.
MS07-029: Vulnerability in windows DNS RPC interface could allow remote code execution (935966) – Arbitrary code can be executed on the remote host due to the DNSservice
MS05-039: Vulnerability in plug and play service could allow remote code execution (899588) (uncredentialed check) – Arbitrary code can be executed on the remote host due to a flaw in thePlug-And-Play service
VNC security type enforcement failure remote authentication bypass – The remote VNC server is prone to an authentication bypass issue
MS SQL server default credentials – Credentials for the remote database server can be discovered
VNC server unauthenticated access – The remote VNC server does not require authentication
MS07-065: Vulnerability in message queuing could allow remote code execution (937894) (uncredentialed check) – Arbitrary code can be executed on the remote host
MS06-066: Vulnerability in the client service for NetWare could allow remote code execution (923980) -Execute arbitrary code on the remote host
MS04-007: ASN.1 parsing vulnerability (828028) – Arbitrary code can be executed on the remote host
MS08-067: MS Windows server service crafted RPC request handling remote code execution (958644) (uncredentialed check) – Arbitrary code can be executed on the remote host due to a flaw in the’Server’ service
MS04-045: WINS code execution (870763) – Arbitrary code can be executed on the remote host via the WINS service
MS09-050: Vulnerabilities in SMBv2 could allow remote code execution (975517) – Remote SMB server can be abused to execute code remotely
MS04-031: Vulnerability in NetDDE could allow code execution (841533) – Arbitrary code can be executed on the remote host through NetDDE service
MS06-025: Vulnerability in routing and remote access could allow remote code execution (911280) – Possible to execute code on the remote host.
MS04-011: MS hotfix (credentialed check) (835732) – Arbitrary code can be executed on the remote host
MS06-040: Vulnerability in server service could allow remote code execution (921883) – Arbitrary code can be executed on the remote host due to a flaw in the ‘server’ service
MS windows SMB guest account local user access – Possible to log into the remote host
Windows service pack out of date – Remote system is not up to date
MS06-025: Vulnerability in routing and remote access could allow remote code execution (911280) (uncredentialed check) – Possible to execute code on the remote host
MS09-050: MS Windows SMB2 _Smb2ValidateProviderCallback() Vulnerability (975497) (uncredentialed check) – Arbitrary code may be executed on the remote host through the SMB port
MS windows SMB guessable user credentials – Credentials for the remote windows host can be discovered.
MS05-017: Vulnerability in MSMQ could allow code execution (892944) (uncredentialed check) – Arbitrary code can be executed on the remote host
MS05-039: Vulnerability in plug and play could allow remote code execution and elevation of privilege (899588) – Arbitrary code can be executed on the remote host due to a flaw in the plug-and-play service
MS03-026/MS03-039: buffer overrun in RPCSS service could allow code execution (823980 / 824146) – Arbitrary code can be executed on the remote host
MS04-011: Security update for MS Windows (835732)-(uncredentialed check) – Arbitrary code can be executed on the remote host due to a flaw in the LSASS service
MS SQL server sa account default blank password – The remote database service has an account with a blank password

Netscanning and scripting tools

Nmap – Free security scanner for network exploration &; security audits
Sambascan2 – SMB scanner
SoftPerfect Network Scanner – Free multi-threaded IP, NetBIOS and SNMP scanner
OpenVAS – Open Source vulnerability scanner
Nessus Community – Vulnerability scanner
Nexpose Community – Free, single-user vulnerability management solution
Retina Community – Free vulnerability scanner for up to 128 IPs

Netcat

Netcat – Your favorite Ncat/nc/Netcat trick?
Hiding Netcat with ADS tutorial – Ads.pdf (application/pdf Object)
Netcat -usages – Netcat for the masses DDebeer.pdf (application/pdf Object)
Netcat cheat sheet – Netcat cheat sheet v1.pdf (application/pdf Object)
Socat – Multipurpose relay
NetCat tutorial – Day1 [The basics]
Netcat tricks – Jonathans techno-tales
Nmap Development mailing list archives – Your favorite Ncat/nc/Netcat trick?
Terminally incoherent – Few useful Netcat tricks
Secrets of America�s top pen testers – Skoudis pentestsecrets.pdf (application/pdf Object)
Netcat – Cracked, inSecure and generally broken
Ncat cmds – Ncat for Netcat users

Post Exploitation

Exe2bat.py – EXE to BAT converter Version 1.0
Metacab – Netcat, Nmap, VNC and other remote administration utilities

Source inspection tools

Graudit – Script and signature sets for source code audit using Grep
Javasnoop – Intercept methods, alter data/hack Java applications
PacketStorm – Security tool files
SecurityTube tools – Over 280+ popular tools

Firefox addons

Manual penetration testing tools – David’s pen testing-security collection
OSVDB – Open source vulnerability database search
PacketStorm search plugin – Search on PacketStorm database
Default passwords – Search CIRT.net default password database
Exploit-db – Offsec Exploit-db Search
OVAL – OVAL repository search plugin
CVE – Common vulnerabilities and exposures (CVE) dictionary
HackBar – Simple security audit/penetration test tool

Training / Classes -Metasploit

                               

Metasploit Unleashed – Mastering MSF
Metasploit class videos – Hacking illustrated series infoSec tutorial Videos
Metasploit megaprimer – 300+ mins of video
Metasploit tips and tricks – SecTor 2010 – Ryan Linn
OffSecOhioChapter – Metasploit class2 – part1
OffSecOhioChapter – Metasploit class2 – part2
OffSecOhioChapter – Metasploit class2 – part3

 Python

Google’s Python class – Free class to learn Python
Learning Python -Table of contents – notes
Python – Free educational video tutorials on computer programming
Python videos, tutorials and screencasts – 147 video-series, 540 videos and 16 learning-paths with the tag python
Learning Python – Video lectures – good coders code, great reuse

 Sec/Hacking

NY University course – Penetration testing and vulnerability analysis
Network sniffers class for the Kentuckiana ISSA 2011 – Hacking illustrated series infoSec tutorial videos
CNIT 124 Advanced ethical hacking – by Sam Bowne
UCSB – CS279 – Advanced topics in security
Stanford – CS142 Web programming and security
Stanford -CS155: computer and network security
USCD – CSE 227: computer security
Berkeley.edu – CS 161 : computer security
UCLA- information security – 0x0D: WebApp hacking/encryption
RPI-academics – CSCI 4971 secure software principles
UNIX security – MCS 494, UNIX security holes, fall 2004
CMU – Software security
T-110.6220 – Special course in information security P(2-10 cr)


Ruby

Working with Hashes in Ruby – Syntax rules for using hashes.

 Other

Operating systems concepts – CS490 windows internals
T-110.6220 Lectures-Noppa-TKK – Special course in information security P(2-10 cr)
Lectures – Index of /edu/training/ss/lecture/new-documents/Lectures
Infosec resources – In-depth articles, interviews, and analysis
DNS rebinding – DNS rebinding with Robert RSnake Hansen

Web Vectors-SQLI

Pentestmonkey.net – MSSQL injection cheat sheet
Document Version 1.4 – SQL Injection Cheat Sheet
EvilSQL cheatsheet
Esp: for filter evasion – RSnake SQL injection cheatsheet
Mediaservice.net -SQLi Cheatsheet
MySQL injection cheat sheet
Full MSSQL injection PWNage
MS Access SQL injection cheat sheet
MS Access SQL injection cheatsheet-2
Penetration testing – Access SQL injection
Testing for MS Access – a part of OWASP Testing Guide v3
The complete guide to SQL injections
Obfuscated SQL injection attacks
Exploiting hard filtered SQL injections
SQL injection attack
LayerOne 2009-video – Advanced SQL Injection
SQLi – Advanced SQL injection L1 2009.pdf (application/pdf Object)
DojoSec monthly briefings -Feb2009 – SQL injection
WebApp security forum – Obfuscation : SQL filter evasion
Sqli2.pdf (application/pdf Object)
SQLTeam.com – SQL server version
Overlooked SQL injection 20071021.pdf (application/pdf Object)
SQLInjectionCommentary20071021.pdf (application/pdf Object)

Upload tricks

Bypassing upload file type -Google search
Adobe responds… sort of
Secure file upload in PHP WebApp
Perishable press -Stupid htaccess tricks>
Tricks and tips – Bypassing image uploaders>
FCKeditor – Security FCKeditor ADS file upload vulnerability -Windows only>
Cross Site Scripting scanner -Free XSS security scanner
Security Advisories -VUPEN/ADV-2009-3634 -MS IIS file extension processing security bypass vulnerability/exploit
MS ASP.NET file field control – Uploading files using the file field control>
TangoCMS -Security #237 – File upload filter bypass in TangoCMS <=’2.5.0
Zeroboard file upload & extension bypass vulnerability
GNUcitizen – Cross-site file upload attacks
Script file upload security bypass vulnerability
FileUploadSecurity – SH/SC wiki

LFI/RFI

LFI Fuzzing
Exploiting PHP file inclusion weblog
LFI..code exec..remote root!
Neohapsis labs – Local file inclusion
DigiNinja – When all you can do is read

Coldfusion

CVE-2010-2861 – ColdFusion directory traversal FAQ
Attacking ColdFusion
Attacking ColdFusion
HP blog hub -Adobe ColdFusion’s directory traversal disaster
254 ShlomyGantz August2009 – HackProofingColdFusion.pdf (application/pdf Object)
Adobe XML – Adobe XML injection Metasploit module
Computer Security Blog: PR10-08 -Various XSS and information disclosure flaws within Adobe ColdFusion administration console

XSS

Anatomy of Cross Site Scripting
Whitepapers – technicalinfo.net
Tales from the crypto – Cross-Site Scripting (XSS) no script required
InterN0T -Cross Site Scripting – attack and defense guide
BlackHat-EU-2010 -Lindsay-Nava-IE8-XSS-Filters-slides.pdf (application/pdf Object)
Sirdarckcat – Our favorite XSS filters and how to attack them
Filter evasion – Houdini on the wire
HTML5 – HTML5 security cheatsheet
XSS – Cross Site Scripting
XSS info – Web application security forum
Web application security consortium- articles – DOM based Cross Site Scripting or XSS of the third kind
12robots.com – What’s possible with XSS?

Sharepoint

The ethical hacker network – Pen testing Sharepoint

SAP

Onapsis|research labs – Holistic ERP security
MARC – Patch for SAP-passwords :BCODE & PASSCODE
SAP exploits – Phenoelit SAP exploits

Lotus

David Robert’s blog – Lotus notes/domino security
Lotus penetration testing – Re: Lotus notes
SecTechno – Hacking Lotus domino

Jboss

Hacking JBoss – Whitepaper-Hacking-jBoss-using-a-Browser.pdf (application/pdf Object)
Minded security blog – Good bye critical Jboss 0day

Oracle appserver

Hideaway.net – Hacking Oracle application servers
OWASP – Testing for Oracle
Ngssoftware.com – OraScan
Database security – NGSSQuirreL for Oracle
Ngssoftware -papers – Hpoas.pdf (application/pdf Object)

Vmware web

Module browser – Metasploit penetration testing framewor

Misc/ unsorted

SMH XSS – HP system management homepage (SMH) XSS
XFS 101 – Cross-Frame scripting explained
OWASP-Daniel Cutbert – Evolution WebApp pen test
DeepSec 2007 -Aaron Portnoy Cody Pierce – RPC auditing tools and techniques
Extern blog SensePost – “Scraping’ our time servers
Zen One:PCI compliance – Disable SSLv2 and weak ciphers
HD Moore on Metasploit – Exploitation and the art of pen testing
Who.is – Who is lookup
Why Johnny can�t pentest: An Analysis – Black-box-scanners-dimva2010.pdf (application/pdf Object)
Pen testing databases – Database Pen Testing ISSA March 25 V2.pdf (application/pdf Object)
Stupid htaccess tricks – Perishable press

Wireless

Pyrit – WPA/WPA2-PSK and a world of affordable many-core platforms
Aircrack-ng – Aircrack-ng is a set of tools for auditing wireless networks

CTF / Wargames

Intruded – http://intruded.net/
SmashTheStack – Wargaming network
CTF – flack.hkpco.kr
Hcesperer.org – HC’s capture the flag site
The UCSB iCTF – UCSB international capture the flag
CTF Calendar – Capture the flag
CTF365 -(Capture The Flag 365) is the newest and most disruptive wargame for the Information Security Industry.

Conferences

Conferences calnedar – Information security conferences calendar