一些信息安全网站

转载 2012年03月25日 22:42:20
Programming/Coding 
  [Bash] Advanced Bash-Scripting Guide – http://tldp.org/LDP/abs/html/ 
  [Bash] Bash shell scripting tutorial – http://steve-parker.org/sh/sh.shtml 
  [Bash] Bourne Shell Reference – http://linuxreviews.org/beginner/bash_GNU_Bourne-Again_SHell_Reference/ 
  [CheatSheet] Scripting Languages: PHP, Perl, Python, Ruby – http://hyperpolyglot.org/scripting 
  
Offensive Security’s Pentesting With BackTrack (PWB) Course 
  [Pre-course] Corelan Team – http://www.corelan.be 
  [Pre-course] The Penetration Testing Execution Standard – http://www.pentest-standard.org/index.php/Main_Page 
  [Hash] NTLM Decrypter – http://www.md5decrypter.co.uk/ntlm-decrypt.aspx 
  [Hash] reverse hash search and calculator – http://goog.li 
  
http://security.crudtastic.com/?p=213 
  
Tunnelling / Pivoting 
  [Linux] SSH gymnastics with proxychains – http://pauldotcom.com/2010/03/ssh-gymnastics-with-proxychain.html 
  [Windows] Nessus Through SOCKS Through Meterpreter – http://www.digininja.org/blog/nessus_over_sock4a_over_msf.php 
  
WarGames / Online Challenges 
  [WarGames] Title – http://securityoverride.com 
  [WarGames] Title – http://intruded.net 
  [Challenge] The Ksplice Pointer Challenge – http://blogs.oracle.com/ksplice/ 
  [WarGames] Title – http://spotthevuln.com 
  [WarGames] Title – http://cvo-lab.blogspot.com/2011/05/iawacs-2011-forensics-challenge.html 
  [WarGames] Title – http://ftp.hackerdom.ru/ctf-images/ 
  
Exploit Development (Programs) 
  [Download] Title – http://www.oldapps.com/ 
  [Download] Title – http://www.oldversion.com/ 
  [Download] Title – http://www.exploit-db.com/webapps/ 
  
Misc 
  [RSS] Open Penetration Testing Bookmarks Collection – https://code.google.com/p/pentest-bookmarks/downloads/list 
  [ExploitDev] Data mining Backtrack 4 for buffer overflow return addresses – http://insidetrust.blogspot.com/2010/12/data-mining-backtrack-4-for-buffer.html 
  [DIY] Repair a Broken Ethernet Plug – http://www.instructables.com/id/Repair-a-Broken-Ethernet-Plug/step5/Make-its-Head-Thin/ 
  [Desktop] Ubuntu Security – http://ubuntuforums.org/showthread.php?t=510812 
  [TechHumor] Title – https://www.xkcd.com 
  [TechHumor] Title – http://www.blackhat.com/presentations/bh-europe-05/BH_EU_05-Long.pdf  
  
Exploit Development 
  [Guides] Corelan Team – http://www.corelan.be 
  [Guide] From 0×90 to 0x4c454554, a journey into exploitation. – http://myne-us.blogspot.com/2010/08/from-0×90-to-0x4c454554-journey-into.html 
  [Guide] An Introduction to Fuzzing: Using fuzzers (SPIKE) to find vulnerabilities –http://resources.infosecinstitute.com/intro-to-fuzzing/ 
  [Video] TiGa’s Video Tutorial Series on IDA Pro – http://www.woodmann.com/TiGa/idaseries.html 
  [Guide] Advanced Windows Buffer Overflows – http://labs.snort.org/awbo/ 
  [Guide] Stack Based Windows Buffer Overflow Tutorial – http://grey-corner.blogspot.com/2010/01/beginning-stack-based-buffer-overflow.htmlt 
  [Guide] SEH Stack Based Windows Buffer Overflow Tutorial – http://grey-corner.blogspot.com/2010/01/seh-stack-based-windows-buffer-overflow.html 
  [Guide] Windows Buffer Overflow Tutorial: Dealing with Character Translation – http://grey-corner.blogspot.com/2010/01/windows-buffer-overflow-tutorial.html 
  [Guide] Heap Spray Exploit Tutorial: Internet Explorer Use After Free Aurora Vulnerability< – http://grey-corner.blogspot.com/2010/01/heap-spray-exploit-tutorial-internet.html 
  [Guide] Windows Buffer Overflow Tutorial: An Egghunter and a Conditional Jump – http://grey-corner.blogspot.com/2010/02/windows-buffer-overflow-tutorial.html 
  [Linux] Linux exploit development part 1 – Stack overflow. – http://sickness.tor.hu/?p=363 
  [Linux] Linux Exploit Writing Tutorial Pt 2 – Stack Overflow ASLR bypass Using ret2reg – http://sickness.tor.hu/?p=365 
  [Linux] Linux exploit development part 3 – ret2libc – http://sickness.tor.hu/?p=368 
  [Linux] Linux exploit development part 4 – ASCII armor bypass + return-to-plt – http://sickness.tor.hu/?p=378 
  [TechHumor] Title – https://www.youtube.com/watch?v=klXFqtYR5Mg 
  [TechHumor] Title – http://amolnaik4.blogspot.com/2011/06/exploit-development-with-monapy.html 
  
Exploit Development (Case Studies/Walkthroughs) 
  [Web] Finding 0days in Web Applications – http://www.exploit-db.com/finding-0days-in-web-applications/ 
  [Windows] Offensive Security Exploit Weekend – http://www.corelan.be/index.php/2010/11/13/offensive-security-exploit-weekend/ 
  [Windows] From vulnerability to exploit under 5 min – http://0entropy.blogspot.com/2011/02/from-vulnerability-to-exploit-under-5.html 
  
Exploit Development (Patch Analysis) 
  [Windows] A deeper look at ms11-058 – http://www.skullsecurity.org/blog/2011/a-deeper-look-at-ms11-058 
  [Windows] Patch Analysis for MS11-058 – https://community.qualys.com/blogs/securitylabs/2011/08/23/patch-analysis-for-ms11-058 
  [Windows] CVE-2011-1281: A story of a Windows CSRSS Privilege Escalation vulnerability – http://j00ru.vexillium.org/?p=893 
  [Mobile] Analyzing and dissecting Android applications for security defects and vulnerabilities – https://www.net-security.org/article.php?id=1613 
  
Exploit Development (Metasploit Wishlist) 
  [ExplotDev] Metasploit Exploits Wishlist ! – http://esploit.blogspot.com/2011/03/metasploit-exploits-wishlist.html 
  [Guide] Porting Exploits To Metasploit Part 1 – http://www.securitytube.net/video/2118 
  
Passwords & Rainbow Tables (WPA) 
  [RSS] Title – http://ob-security.info/?p=475 
  [RSS] Title – http://nakedsecurity.sophos.com/2011/06/14/the-top-10-passcodes-you-should-never-use-on-your-iphone/ 
  [RSS] Title – http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html 
  [WPA] Offensive Security: WPA Rainbow Tables – http://www.offensive-security.com/wpa-tables/ 
  [Tool] Ultra High Security Password Generator – https://www.grc.com/passwords.htm 
  [Guide] Creating effective dictionaries for password attacks – http://insidetrust.blogspot.com/2010/07/creating-effective-dictionaries-for.html 
  [Leaked] Diccionarios con Passwords de Sitios Expuestos – http://www.dragonjar.org/diccionarios-con-passwords-de-sitios-expuestos.xhtml 
  [Download] Index of / – http://svn.isdpodcast.com/wordlists/ 
  [Guide] Using Wikipedia as brute forcing dictionary – http://lab.lonerunners.net/blog/using-wikipedia-as-brute-forcing-dictionary 
  [Tool] CeWL – Custom Word List generator – http://www.digininja.org/projects/cewl.php 
  [Download] Title – http://www.aircrack-ng.org/doku.php?id=faq#where_can_i_find_good_wordlists 
  [Leaked] Passwords – http://www.skullsecurity.org/wiki/index.php/Passwords 
  
Cheat-Sheets 
  [OS] A Sysadmin’s Unixersal Translator – http://bhami.com/rosetta.html 
  [WiFi] WirelessDefence.org’s Wireless Penetration Testing Framework –http://www.wirelessdefence.org/Contents/Wireless%20Pen%20Test%20Framework.html 
  
Anti-Virus 
  [Metasploit] Facts and myths about antivirus evasion with Metasploit – http://schierlm.users.sourceforge.net/avevasion.html 
  [Terms] Methods of bypassing Anti-Virus (AV) Detection – NetCat – http://compsec.org/security/index.php/anti-virus/283-anti-virus-central-methods-of-bypassing-anti-virus-av-detection.html 
  
Privilege Escalation 
  [Linux] Hacking Linux Part I: Privilege Escalation – http://www.dankalia.com/tutor/01005/0100501004.htm 
  [Windows] Windows 7 UAC whitelist – http://www.pretentiousname.com/misc/win7_uac_whitelist2.html 
  [Windows] Windows Privilege Escalation Part 1: Local Administrator Privileges –http://www.netspi.com/blog/2009/10/05/windows-privilege-escalation-part-1-local-administrator-privileges/  
  
Metasploit 
  [Guide] fxsst.dll persistence: the evil fax machine – http://www.room362.com/blog/2011/6/27/fxsstdll-persistence-the-evil-fax-machine.html 
  [Guide] Bypassing DEP/ASLR in browser exploits with McAfee and Symantec – http://www.scriptjunkie.us/2011/08/custom-payloads-in-metasploit-4/ 
  [Guides] Metasploit Unleashed – http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training 
  [Guides] Metasploit Megaprimer (Exploitation Basics And Need For Metasploit) Part 1 – http://www.securitytube.net/video/1175
  
Default Generators 
  [WEP] mac2wepkey – Huawei default WEP generator – http://websec.ca/blog/view/mac2wepkey_huawei 
  [WEP] Generator: Attacking SKY default router password –http://sec.jetlib.com/BackTrack_Linux_Forums/2011/01/12/Generator:_Attacking_SKY_default_router_password 
  
Statistics 
  [Defacements] Zone-H – http://www.zone-h.org 
  [ExploitKits] CVE Exploit Kit list – http://exploitkit.ex.ohost.de/CVE%20Exploit%20Kit%20List.htm 
  
Cross Site Scripting (XSS) 
  [Guide] vbSEO – From XSS to Reverse PHP Shell – http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/ 
  [RSS] Title – http://www.thespanner.co.uk/2009/03/25/xss-rays/  
  
Podcasts 
  [Weekly] PaulDotCom – http://pauldotcom.com/podcast/psw.xml 
  [Monthly] Social-Engineer – http://socialengineer.podbean.com/feed/ 
  
Blogs & RSS 
  [RSS] SecManiac – http://www.secmaniac.com 
  [Guides] Carnal0wnage & Attack Research – http://carnal0wnage.attackresearch.com 
  [RSS] Contagio – http://contagiodump.blogspot.com 
  [News] THN : The Hacker News – http://thehackernews.com 
  [News] Packet Storm: Full Disclosure Information Security – http://packetstormsecurity.org 
  [Guides] pentestmonkey | Taking the monkey work out of pentesting – http://pentestmonkey.net 
  [RSS] Darknet – The Darkside | Ethical Hacking, Penetration Testing & Computer Security – http://www.darknet.org.uk 
  [RSS] Irongeek – http://www.irongeek.com 
  [Metasploit] Room 363 – http://www.room362.com 
  [Guides] Question Defense: Technology Answers For Technology Questions – http://www.question-defense.com/ 
  [Guides] stratmofo’s blog – http://securityjuggernaut.blogspot.com 
  [Guides] TheInterW3bs – http://theinterw3bs.com 
  
[Guides] consolecowboys – http://console-cowboys.blogspot.com 
  [Guides] A day with Tape – http://adaywithtape.blogspot.com 
  [Guides] Cybexin’s Blog – Network Security Blog – http://cybexin.blogspot.com 
  
[RSS] BackTrack Linux – Penetration Testing Distribution – http://www.backtrack-linux.org/feed/ 
  [RSS] Offensive Security – http://www.offensive-security.com/blog/feed/ 
  
[RSS] Title – http://www.pentestit.com 
  [RSS] Title – http://michael-coates.blogspot.com 
  [RSS] Title – http://blog.0x0e.org 
  [RSS] Title – http://0×80.org/blog 
  [RSS] Title – http://archangelamael.shell.tor.hu 
  [RSS] Title – http://archangelamael.blogspot.com 
  [RSS] Title – http://www.coresec.org 
  [RSS] Title – http://noobys-journey.blogspot.com 
  [RSS] Title – http://www.get-root.com 
  [RSS] Title – http://www.kislaybhardwaj.com 
  [RSS] Title – https://community.rapid7.com/community/metasploit/blog 
  [RSS] Title – http://mimetus.blogspot.com 
  [RSS] Title – http://hashcrack.blogspot.com 
  [RSS] Title – https://rephraseit.wordpress.com 
  [RSS] Title – http://www.exploit-db.com 
  [RSS] Title – http:/skidspot.blogspot.com 
  [RSS] Title – http://grey-corner.blogspot.com 
  [RSS] Title – http://vishnuvalentino.com 
  [RSS] Title – http://ob-security.info 
  
…. Not enough? Try twitter and/or IRC! 

相关文章推荐

网站前置审批--网络与信息安全保障措施

网络与信息的安全不仅关系到正常业务的开展,还将影响到国家的安全、社会的稳定。***医院将认真开展网络与信息安全工作,通过检查进一步明确安全责任,建立健全的管理制度,落实技术防范措施,保证必要的经费和条...

2012CSDN网站六大类职位火热招聘:社区编辑、产品交互设计、信息安全主管、前端工程师、Ruby工程师、搜索工程师 (已结束)

CSDN创立于1999年,是中国最大的中文IT知识服务集团,专注IT信息传播、技术交流、教育培训和专业技术人才服务。拥有超过1800万注册会员、10000名CTO、50万注册企业及合作伙伴,全球中文网...

电子商务网站安全控制分析与信息安全的研究方向

一、前言   近年来,随着因特网的普及日渐迅速,电子交易开始融入人们的日常生活中,网上订货、网上缴费等众多电子交易方式为人们创造了便利高效的生活方式,越来越多的人开始使用电子商务网站来传递各种信息,...

LogSec日志大数据审计平台,企业信息安全管理人员不再“躺枪”

作为一名企业信息安全管理人员,你有没有被各种安全设备、服务器、网络设备的安全日志搞得焦头烂额?无论是要从各种日志中进行问题分析和定位,还是从日志中提取有用的信息,是不是都像大海捞针一样忙得筋疲力尽收获...

神都会犯错,程序员也需要信息安全意识

神都会犯错,程序员也需要信息安全意识 互联网时代信息安全事件已经是见多不怪了,连跟美国军方合作的资深安全公司HBGary Federal都能被黑,就不要说我们这些普通人了。上网就意味着你将自己暴露...

信息安全(一)

安全需要解决问题 日常你都会的密码术:字母加密、藏头诗、倒写文 对称加密 非对称加密 密钥交换 消息摘要 电子签名 数字证书和PKI 1、安全需要解决问...

工业控制信息安全资源汇总(国内篇)

原文章:点击打开链接  一、概述     工控安全被拉进公众视野,源于“震网”病毒在伊朗核电站的肆虐,而发展于工信部“451”号文件的发布。借助发改委高技司的信...

VC++信息安全编程(1)分析实现程序自我复制

程序自我复制,是软件程序备份的一种功能,防止程序被修改,被调试,被破解。详细代码分析如下#ifdef _DEBUG #define new DEBUG_NEW #undef THIS_FILE sta...

中国信息安全技术标准体系框架

本文部分内容来自《中国电子技术标准化研究院》一、一些标准化组织1、国际组织 ISO(国际标准化组织) IEC(国际电工委员会) ITU(国际电信联盟) IETF(Internet 工程任务组) 2、国...
  • xundh
  • xundh
  • 2017-07-09 10:50
  • 466

【汇总】国际会议 信息安全相关 -- 2014-10更新

想要了解最新的学术研究动态,时刻track顶级的会议,顶级的workshop,顶级的researcher都是必要的。 下面就是参考别人的表格,自己汇总的一个表格,根据会议的CIF( Conferenc...
  • ls1160
  • ls1160
  • 2014-09-27 22:12
  • 2491
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:深度学习:神经网络中的前向传播和反向传播算法推导
举报原因:
原因补充:

(最多只允许输入30个字)