|
|
法克上看到的,觉得还可以。
Schneier on Security
Bruce Schneier’s blog about Information Security. I like the Cryptography section of his blog which includes Algorithm Analyses, Algorithm Descriptions, his security papers and many more.
http://www.schneier.com/
Metasploit Unleashed by Offensive Security 国外一开放信息安全教程网站 推介
This free information security training is brought to you in a community effort to promote awareness and raise funds for underprivileged children in East Africa. Through a heart-warming effort by several security professionals, we are proud to present the most complete and in-depth open course about the Metasploit Framework.
http://www.offensive-security.com/me...shed/Main_Page
ClubHACK Magazine 印度猴子的知名黑客杂志站点
ClubHack Mag is the 1st Indian Hacking Magazine and that their official website is where their free magazines can be downloaded and where recent articles for the current issue are published. What makes them cool is that they provide free information.
http://chmag.in/
Attrition.org
Beware plagiarists, fake security experts, self-proclaimed hackers, and liars. Attrition / Security errata will pawn you till the 4th dawn for they demystify some conspiracies and the truth about some security companies and authors who only say half truth about their works. Security Errata’s articles, works, and categories include; Legal Threats, Certified Pre-owned, Autofail, Charlatans, Plagiarism, Security Companies, Security Companies that Spam, Other Company Incidents, Statistics, The Media (FIN), Security Software Vulnerabilities, and Data Loss / Data Theft.
http://attrition.org/
Social Engineering – Security Through Education 国外一黑客社会工程学黑网
The official website of the Social Engineering Framework(Art Of Human Hacking). An online resource material for understanding Social Engineering and some of the tools employed by hackers to achieve an attack vector.
http://www.social-engineer.org/
LeetUpload 国外一黑客站点各数据
An online hacker’s database that allows users to submit or upload files, exploits, botnets, trojans, worms, malwares,etc.
http://leetupload.com/dbindex2/
SkullSecurity
SkullSecurity is a security blog maintained by Ron Bowes who is a gold GIAC-certified penetration tester (GPEN).
http://www.skullsecurity.org/blog/
thomascannon.net 一国外入侵银行金库黑客大牛 托马斯·坎农 Blog
One of the cool websites you should visit is he official website of Thomas Cannon who is an Android Security Researcher, CISSP, CISM, OSCP, CFIP and CSIS industry qualifications. He was responsible for the android data stealing and the No-privilege Android remote shell vulnerabilities.
http://thomascannon.net/
zx2c4 推介
zx2c4 a.k.a Jason A. Donenfeld is a security researcher who wrote a POC of the Linux Local Privilege Escalation via SUID /proc/pid/mem Write (root exploit for 2.6.39 – 3.0.14 kernels). Jason has some good stuffs in his blog like the Answers to Stripe’s Capture the Flag, wifi-monitong scripts, stunnel interceptor, WEPAutoCrack.py and many more.
http://zx2c4.com/
W3Schools 推介
W3Schools is an online tutorial and cheat sheet for HTML, CSS, JavaScript, XML, XSL, ASP, SQL, ADO, VBScript, PHP, etc.
http://www.w3schools.com/
michaelboman.org 国外大牛 迈克尔·博曼 Blog 推介
Information security blog maintained by Michale Boman who is a security expert in the fields of vulnerabilities and malicious code.
http://www.michaelboman.org/
howtohackwebsite.com
The domain may not sound too ethical but no need to worry because it is a safe blog initiated by iSARG Security Group. The blog contains how to conduct penetration tests, ethical hacking, security practices, Linux tutorials and many more.
http://www.howtohackwebsite.com/
Synfyre 听说站长是一朝鲜大牛
Synfyre is a website coded by n1tr0b who is a Security Adventist and PHP geek. He happens to be one of our bloggers and supports our aim as well.
http://synfyre.net/
Eric Romang Blog 国外大牛 埃里克Blog 推介
Eric Romang Blog aka aka wow on ZATAZ.com is a simple yet cool blog about penetration testing wherein they try the new CVE’s using the Metasploit Framework. As of this moment writing this article, their new post is entitled “CVE-2008-5036 VLC Media Player RealText Subtitle Overflow Metasploit Demo”.
http://eromang.zataz.com/
/dev/ttyS0
/dev/ttyS0 is a blog about embedded systems or devices hacking. Their admin of this blog is from Tactical Network Solutions who wrote reaver which is wps bruteforce tool. The goal of the blog is “to provide the necessary tools, skills, and knowledge to enable professionals, hobbyists, hackers and makers to enter into the world of embedded devices!”
http://www.devttys0.com/blog/
Security Mailing List Archive
Internet Security Resource Website that gives full disclosure about tools, information security, cyber news, issues, problems, tools, link sharing, and many more.
http://seclists.org/
Cyber Security Video Podcast
The home page for the Cyber Security video podcast series by Cyber Mike who is a cyber security and information assurance architect by profession, with over 27 years working in engineering, and the last 15 years focused on IA and cyber security. The podcast is about IT cyber security education and not about how to perform cyber attacks and exploits.
http://sites.google.com/site/cybersecurityvcast/home
Finux Tech Weekly
Finux Tech Weekly is another podcast website initiated by Arron Finnon’s aka who ventures into his own independent podcast about Tech, Security and general geekyness.
http://www.finux.co.uk/
Exploit This 推介翻墙必看
Finux Tech Weekly is another podcast website initiated by Arron Finnon’s aka who ventures into his own independent podcast about Tech, Security and general geekyness.
http://www.exploitthis.com/
ROOTCON
ROOTCON is the premier hacking conference in the Philippines and where I started blogging about information security and geeky stuffs. If you want to check the articles I posted there just click this link.
http://www.rootcon.org/
Errata Security 国外老黑提到国内关于 MS12-020补丁 的利用 Chinese hackers got hold of the secret proof-of-concept (PoC)
The official blog of Errata Security which claims to be a high-end cyber security consulting company. Their articles are cool so you should try visiting this guys.
http://erratasec.blogspot.com/
Infosec Island
Infosec Island serves our daily dose of infosec news and cyber related stuffs. Categories include; Cloud Computing, Compliance, Database Security, Encryption, Network Security, OS & Software, Infosec Island News, Security Management, Social Engineering, Social Engineering, Vulns & Alerts, Web App Security, and Wireless Security.
http://www.infosecisland.com/
Coresec.org 推介翻墙必看
Coresec is an Information Security Blog that deals about penetration testing, vulnerability assessment, security research, web application, tools guide, etc. This is where I check out some new penetration testing guides.
http://www.coresec.org/
Phrack
Nothing beats the old school! Nobody messes with the Phrack Magazine which is an online ezine for hackers and by the hackers. Phrack was first released on November 17, 1985 which until now became the largest computer underground ezine. In fact, The Hacker’s Manifesto was also published in this online ezine on the 7th issue. Truly an old yet awesome archive which takes you to the old days of the hacker culture in the 80′s.
http://phrack.org/
r00tsecurity
r00tsecurity is an online forum site put together by hackers, computer geeks, and tech enthusiasts. Aside from being a forum, r00tsecurityhas has a good online archive for exploits, POC, advisories, scripts, sample programs, ezines, tools, cheat sheets and many more.
http://r00tsecurity.org/
Linuxaria
Linuxaria is a blog review about anything that falls under GNU/Linux and Open Source. A good resource for some Linux tips, games, tools, advisories, etc.
http://linuxaria.com/
Root Prompt
Are you a Unix user? Then this site is definitely for you! It contains nothing but Unix news and lots of good info.
http://www.rootprompt.org/
Hack A Day
The place where electronic hacks are raped. A good site for punching in your hardware hacking ideas.
http://hackaday.com/
Vaxman.de
The personal website of Dr. Bernd Ulmann from Germay is a collection of his hobbies and projects focused on old computing machinery – especially machines from the former DIGITAL-Equipment-Corporation. This guy is an OpenVMS geek.
http://vaxman.de/inhalt.html
Hack in the Box
The HITB Network is a good security news website.
http://www.hitb.org/
DEFCON
The official website of the most famous hacker conference in the world.
http://www.defcon.org/
RETROCMP
The site claims to be a for restauration of classic computers, and what can I say.. it truly is a site about my favorite old computer machines especially from DEC or |d|i|g|i|t|a|l|. They have cool articles like Connecting a DECserver to modern Linux, Interfacing with a PDP-11/05, Dealing with Backplanes, DECNet and many more.
http://retrocmp.com/
Linux Journal
My other resource for Linux news and tips.
http://www.linuxjournal.com/
CIRT.net
The home of Nikto Web Scanner and the place where I check the default usernames and passwords for electronic devices, routers, security appliance and many more. Plus, they have some good tools you might wanna check.
http://cirt.net/ |
|
发表于 2013-11-21 00:04:34
