Bookmarks List |
| Display Mode : One Cat | by Alpha Grouped | | by Alpha Not Grouped |
<< Start < Prev 1 [2] 3 4 Next > End >>
Results: 51 - 100 of 166
|
|
|
| Microsoft technet security |
Microsoft has a security-area in the Technet-section of it's site. Here you can find howto-guides & checklist for various stuff, latest hotfixes & servicepacks. You also find a good tool called hfnetcheck that can be used for determining if some patc |
613 |
|
| Networking guide  |
This site holds an excellent guide to networking. It basically covers the network topologies, protocols, hardware, routing, addressing and lots more. A very good network resource, that gets you in the loop in no time ;) There is more out on the web, |
1'266 |
|
| NSA hardening guides |
NSA has released security guides for NT, W2K, XP & Cisco. The configurations they suggest are pretty anal, so if you need some heavy security, these guides are something to look at. A word of warning, thought. Implementing some features might break y
|
621 |
|
| openBSD packet filtering guide |
A very nice resource for OpenBSD's packet filter. There is lots of example-rules and explanations of the inner workings of PF. A recommended site if you use OpenBSD as your firewall. |
483 |
|
| OWASP |
The Open Web Application Security Project (OWASP) is developing software tools and knowledge based documentation that helps people secure web applications and web services. They have a TOP-10 list of most common web-application programming mistakes a |
501 |
|
| Securing mysql step-by-step |
This is a quite good guide to securing an installation of MySQL, dealing with chrooting the daemon, dealing with default accounts, and other "hardening" that should be done. |
450 |
|
| SQL tutorial |
This is a nice online SQL tutorial, that can be useful for web-app testers, as the syntax for SQL is a bit hard to remember if you don't use it daily. The site also hosts lots of other www-related tutorials, and is worth checking out. |
545 |
|
| Wireless security paper |
IIS.net has released a whitepaper about Wireless Security. This paper has good viewpoints that should be taken into consideration when you plan implementing wireless technologies into your network/office environment. If you are into wireless stuff, r |
509 |
|
| www.cisecurity.org |
CIS provides methods and tools to improve, measure, monitor, and compare the security status of your Internet-connected systems and appliances, plus those of your business partners. It has nice guidelines & benchmarks that you can utilize to check th |
497 |
|
| www.linuxsecurity.com |
On this site you will find lots of information about securing Linux for many different roles, web-server, firewall and so on. Overally this site should be one-stop place for your needs when securing Linux. It also keeps up with the newest tools and o |
478 |
|
| www.markusjansson.com |
This site is specialized on privacy & Windows-security for home users. If you feel like you don't want to be that friendly neighbourhood hacker again, point your friend to this site. A word of warning thought. These pages have quite some paranoia inc |
502 |
|
| www.sqlsecurity.com |
SQL-security focuses on MS SQL database security. It has a very good checklist for securing your database. The site also hosts some useful scripts that you can use to assess your SQL-servers. The MS SQL server is very flexible database and there is l |
568 |
|
| |
|
|
|
| adm.freelsd.net |
This is the page of FreeLSD, a member of ADM hacking group. I listed this page mainly because it had some resources about programming that could be of interest to some people. It contains other stuff too, but it appears FreeLSD promotes safe programm |
838 |
|
| Binary Revolution  |
These are the creators of the radio show Binrev, HackTV, and <BR> magazine. |
537 |
|
| qb0x.net |
This site publishes information about exploits & proof of concept material. They also post some papers on the site that are more related to hacking than securing stuff. The site has a forum available where exploits are discussed. Might be an interest |
563 |
|
| thehackerschoice.com |
This is a german hacking group that research security vulnerabilities and create exploits. They have a nice collection of tools available that you can use to assess some stuff. They also publish papers, thought some of them are written in german.
|
630 |
|
| www.ccc.de |
This is the site for the famous german hacking group called the Chaos Computer Club. It has lots of members but unfortunately the pages are mostly in german. There is a notice on the site that promises there will be more english content at some point |
539 |
|
| www.collusion.org |
This is a hacking group that mainly share information and write articles, their mission being to learn more information about everything. The area of subject is wide, ranging from playing around with TV to phreaking.
|
559 |
|
| www.i-hacked.com |
This site is dedicated to Hardware Hacking. It does not support "Cracking" or "Hacking" into someones email/website/computer. This might be interesting read for those hardware-enthusiasts, and this is also a form of hacking.
|
509 |
|
| www.legions.org |
Keen Veracity is an online zine that works about the same way as Phrack but apparently has a much smaller contributor base. The information on these zines tend to be a bit humorous and not written that seriously.
|
505 |
|
| www.lsd-pl.net |
LSD-Planet is a group of polish hackers that are well known in the security/hacking community. These guys are very good in what they do and spend a lot of time researching server & network security. They provide exploit code and some tools and have w
|
494 |
|
| www.phenoelit.de |
Phenoelit is an experienced group of hackers that based on the site are more focused on network security (hardware, protocols). They have published some papers and tools that can be used to assess networks & protocols + they have done some advisories |
482 |
|
| www.phrack.com |
Phrack is an online zine that allows downloading issues to your own machine for offline reading. Security-enthusiasts and hackers put effort to the articles and release stuff for the community every now and then. Lots of interesting read, I think I h
|
532 |
|
| www.w00w00.org |
w00w00 is a global non-profit security team with over 30 participants. They do security-research, make proof-of-concept exploits and release advisories with a tint of humour included.
|
572 |
|
| |
| Miscellaneous Resources |
Top |
|
|
|
| chkrootkit |
Chkrootkit is a rootkit discovery tool. It can at the moment detect 44 rootkits, worms & LKMs. If you suspect you have been hacked and someone is using your system, check this tool out. This tool works on several unix platforms.
|
699 |
|
| isc.incidents.org |
This is the Internet Storm Center. The site gets data around the world and maps the most attacked ports on the internet. They also provide analysis information about worms, virii & exploits when these get wide-spread. You can also find some news on t |
475 |
|
| IT security cookbook |
This site hosts the IT Security Cookbook. This book aims to touch various issues from policies to more technical level information like firewalls and respective topologies. The technical part doesn't go THAT deep that it would give hands-on informati |
578 |
|
| ITS 4 |
Cigital has released a C/C++ source-code analyser that scans for possible vulnerabilities. Might be useful in automating the process of auditing C/C++ code and useful for programmers themselves.
|
457 |
|
| John the ripper |
John the Ripper is a password-cracking tool that can use wordlists and brute-force. The tool is available for unix, dos & windows. It also has plugins for other schemes, like cracking NTLM hashes.
|
550 |
|
| Legal & Regulatory |
Sarbanes-Oxley (SOX)—Impact on Security In Software
By Keith Pasley, CISSP |
948 |
|
| Net calculator |
This site has a neat network calculator. It might come useful to people like me who don't understand how netmasks really affect to the amount of IP's in a subnet (or how to calculate this).
|
498 |
|
| Network security library |
This is a network security library. It has lots of FAQs, articles and papers hosted. It also covers some "books" that are available in digital format. I see this as a good resource, as the stuff on the site is quite good quality. You can find informa |
493 |
|
| NIST publications |
This page holds the special publications of NIST that are mainly guidelines. You can find lots of interesting information from here that can be useful, for example you can find tips for securing public webservers, information about IDSes and so on.
|
506 |
|
| patchfinder 2 |
PatchFinder2 is a W2K-utility for detecting W2K-based rootkits that work via DLL-injection or kernel-level attacks. Might be very useful if you suspect a break-in. |
545 |
|
| SQL security scripts |
SQLSecurity has collected some useful MS-SQL scripts & tools on their page that can be used to enumerate MS SQL servers and check security of the databases. Might come handy.
|
601 |
|
| The coroners toolkit |
The Coroner's Toolkit is a toolkit for forensics analysts. Notable TCT components are the grave-robber tool that captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that reco |
503 |
|
| tscrack |
TScrack is a wordlist-based terminal server login-cracker, developed by gridrun. This tool basically hits a terminal server by using a wordlist. If you need to enumerate passwords and terminal services is enabled, this is one way to go.
|
967 |
|
| unxutils.sourceforge.net |
These Win32 tools work like their unix-equivalents. Might come handy at some point and if you miss those simple unix-tools, you can now get them on Windows :) Check out what the tools are from the site.
|
508 |
|
| www.cotse.com |
This site has good online tools, like name lookups, traceroute, proxy checks and so on. It also has loads of information of networking protocols and hosts the Internet Encyclopedia. There is also a plethora of tools listed on the site that can come h |
488 |
|
| www.foundstone.com |
Foundstone has released a variety of free tools to the community. The tools include forensics-tools, assessment-tools, intrusion detection tools, scanning tools & stress testing tools. You might find something useful in here. |
610 |
|
| www.proxyblind.org |
Proxy Blind is dedicated to all the people who have an interest in security, privacy, and anonymity. This site has some tutorials about privacy and has proxy/security tools available. There is also a forum where you can discuss privacy issues.
|
479 |
|
| |
| Miscellaneous Resources / Vulnerability databases |
Top |
|
|
|
| cve.mitre.org |
CVE aims to standardize the names for all publicly known vulnerabilities and security exposures. It tries to make it easier to share data across separate vulnerability databases and security tools. In the sense if many products use the same CVE entri |
621 |
|
| icat.nist.gov |
ICAT is a searchable index of information on computer vulnerabilities. It provides search capability at a fine granularity and links users to vulnerability and patch information. It is based on CVE. This might come handy when doing vulnerability asse |
473 |
|
| www.osvdb.org |
This is an unbiased, vendor neutral vulnerability database that aims for full disclosure. It is similar to www.securityfocus.com or www.securitytracker.com. You might find something here that is not dealt with on the other lists. |
397 |
|
| |
| Miscellaneous Resources / whois and other digging tools |
Top |
|
|
|
|
| |
|
|
|
| 4G8 |
4G8 is a sniffer for switched networks. It utilizes ARP cache poisoning, packet capture and packet reconstruction techniques, 4G8 works with nearly all TCP, ICMP and UDP IPv4 traffic flows.
|
947 |
|
| Cryptcat |
A netcat alternative. |
757 |
|
|
|
<< Start < Prev 1 [2] 3 4 Next > End >>
Results: 51 - 100 of 166
|
by Cats Grouped