Blogs, Guides & Links

[co4ie]

I was cleaning out my bookmarks, de-cluttering twitter favourites and closing a few tabs.

Coding:

http://hyperpolyglot.org/scripting 
http://linuxreviews.org/beginner/bash_GNU_Bourne-Again_SHell_Reference/http://steve-parker.org/sh/sh.shtml 
http://tldp.org/LDP/abs/html/

Pentesting With BackTrack (PWB) :

http://www.corelan.be
http://goog.li
http://www.md5decrypter.co.uk/ntlm-decrypt.aspx
http://www.pentest-standard.org/index.php/Main_Page

Tunnelling:

http://pauldotcom.com/2010/03/ssh-gymnastics-with-proxychain.html
http://www.digininja.org/blog/nessus_over_sock4a_over_msf.php

WarGames / Online Challenges:

http://xss.progphp.com
http://xss-quiz.int21h.jp
http://smashthestack.org
http://net-force.nl
http://www.hackquest.com
http://securityoverride.com/news.php
http://intruded.net
http://www.honeynet.org/challenges/2011_7_compromised_server
http://bailey.st/blog/2010/09/14/pentest-lab-vulnerable-servers-applications-list/http://www.felipemartins.info/2011/05/pentesting-vulnerable-study-frameworks-complete-list/http://dftt.sourceforge.net
http://sourceforge.net/projects/virtualhacking/files/os/http://sourceforge.net/projects/lampsecurity/files/http://sourceforge.net/projects/ctfd/http://sourceforge.net/projects/guerillatactics/http://blogs.oracle.com/ksplice/

Misc :

https://code.google.com/p/pentest-bookmarks/downloads/list
http://insidetrust.blogspot.com/2010/12/data-mining-backtrack-4-for-buffer.html
http://www.strangehorizons.com/2004/20040405/badger.shtml
http://www.instructables.com/id/Repair-a-Broken-Ethernet-Plug/step5/Make-its-Head-Thin/http://ubuntuforums.org/showthread.php?t=510812
http://vx.netlux.org/lib/vsp05.html

Exploit Development :

http://www.corelan.be
http://myne-us.blogspot.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
http://resources.infosecinstitute.com/intro-to-fuzzing/http://www.woodmann.com/TiGa/idaseries.html
http://labs.snort.org/awbo/http://grey-corner.blogspot.com/2010/01/beginning-stack-based-buffer-overflow.html
http://grey-corner.blogspot.com/2010/01/seh-stack-based-windows-buffer-overflow.html
http://grey-corner.blogspot.com/2010/01/windows-buffer-overflow-tutorial.html
http://grey-corner.blogspot.com/2010/01/heap-spray-exploit-tutorial-internet.html
http://grey-corner.blogspot.com/2010/02/windows-buffer-overflow-tutorial.html
http://sickness.tor.hu/?p=363
http://sickness.tor.hu/?p=365
http://sickness.tor.hu/?p=368
http://sickness.tor.hu/?p=378

Exploit Development (Case Studies/Walkthroughs):

http://www.exploit-db.com/finding-0days-in-web-applications/http://www.corelan.be/index.php/2010/11/13/offensive-security-exploit-weekend/http://0entropy.blogspot.com/2011/02/from-vulnerability-to-exploit-under-5.html

Exploit Development (Patch Analysis):

http://www.skullsecurity.org/blog/2011/a-deeper-look-at-ms11-058 https://www.net-security.org/article.php?id=1613
http://j00ru.vexillium.org/?p=893
http://www.cio.com/article/688548/Hackers_Could_Reverse_Engineer_Microsoft_Patches_to_Create_DoS_Attacks https://community.qualys.com/blogs/securitylabs/2011/08/23/patch-analysis-for-ms11-058

Exploit Development (Metasploit Wishlist):

http://esploit.blogspot.com/2011/03/metasploit-exploits-wishlist.html
http://www.securitytube.net/video/2118

Passwords & Rainbow Tables (WPA):

http://www.offensive-security.com/wpa-tables/https://www.grc.com/passwords.htm
http://insidetrust.blogspot.com/2010/07/creating-effective-dictionaries-for.html
http://www.dragonjar.org/diccionarios-con-passwords-de-sitios-expuestos.xhtml
http://svn.isdpodcast.com/wordlists/http://www.sven-slootweg.nl/downloads/download.php?id=3
http://lab.lonerunners.net/blog/using-wikipedia-as-brute-forcing-dictionary
http://www.digininja.org/projects/cewl.php
http://www.aircrack-ng.org/doku.php?id=faq
http://www.skullsecurity.org/wiki/index.php/Passwords

Blogs:

http://www.secmaniac.com

Cheat-Sheets:

http://bhami.com/rosetta.html
http://www.stumbleupon.com/su/1ODUyK/www.wirelessdefence.org/Contents/Wireless%20Pen%20Test%20Framework.html

Anti-Virus:

http://schierlm.users.sourceforge.net/avevasion.html
http://compsec.org/security/index.php/anti-virus/283-anti-virus-central-methods-of-bypassing-anti-virus-av-detection.html

Privilege Escalation:

http://www.dankalia.com/tutor/01005/0100501004.htm
http://www.pretentiousname.com/misc/win7_uac_whitelist2.html

Metasploit:

http://www.room362.com/blog/2011/6/27/fxsstdll-persistence-the-evil-fax-machine.html
http://www.scriptjunkie.us/2011/08/custom-payloads-in-metasploit-4/http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training
http://www.securitytube.net/video/1175

Default Generators:

http://websec.ca/blog/view/mac2wepkey_huawei
http://www.backtrack-linux.org/forums/backtrack-5-experts-section/42137-bthomehub2-default-router-algorithm.html
http://sec.jetlib.com/BackTrack_Linux_Forums/2011/01/12/Generator:_Attacking_SKY_default_router_password

Statistics:

http://www.zone-h.org
http://exploitkit.ex.ohost.de/CVE%20Exploit%20Kit%20List.htm

Cross Site Scripting (XSS):

http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/

Podcasts:

http://pauldotcom.com/podcast/psw.xml
http://socialengineer.podbean.com/feed/

Blogs:

http://carnal0wnage.attackresearch.com
http://console-cowboys.blogspot.com
http://thehackernews.com
http://packetstormsecurity.org
http://pentestmonkey.net
http://adaywithtape.blogspot.com
http://contagiodump.blogspot.com
http://cybexin.blogspot.com
http://www.darknet.org.uk
http://www.irongeek.com
http://www.room362.com
http://question-defense.com
http://securityjuggernaut.blogspot.com
http://theinterw3bs.com

Acestea sunt bookmark-urile lui g0tmi1k ... cred ca veti gasi o gramada de chestii interesante !!