Sea of Information

-----------------------------------------------------------------------------------------------------------------------Sea of Information
-----------------------------------------------------------------------------------------------------------------------http://www.aircrack-ng.org/doku.php?id=Main
https://danielmiessler.com/study/tcpdump/
http://www.tcpdump.org/
https://forum.aircrack-ng.org/index.php/topic,890.0.html
https://forum.aircrack-ng.org/index.php/topic,796.0.html
https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.
htm
http://wiki.cacert.org/FAQ/ImportRootCert
http://blog.dornea.nu/2014/12/02/howto-proxy-non-proxy-aware-android-application
s-through-burp/
https://support.portswigger.net/customer/portal/articles/1841101-configuring-anandroid-device-to-work-with-burp
http://techblog.vsza.hu/tags/x509/
https://tools.ietf.org/html/rfc1918
http://www.cvedetails.com/product-list.php
https://code.google.com/p/android-sdk-tool/wiki/GettingStarted
http://www.rapid7.com/
http://www.coffer.com/mac_find/?string=00%3A90%3AE8%3A1B%3ADB%3AC6
https://www.jayschulman.com/securing-amazon-web-services/?utm_source=ActiveCampa
ign&utm_medium=email&utm_content=Security+Longreads+for+December+18%2C+2015&utm_
campaign=Security+Longreads+for+December+18%2C+2015#utm_source=rss&utm_medium=rs
s&utm_campaign=securing-amazon-web-services
https://isc.sans.edu/
https://guidovranken.files.wordpress.com/2015/12/https-bicycle-attack.pdf
http://www.mitls.org/pages/attacks/SLOTH
https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf
https://blog.torproject.org/blog/tor-and-beast-ssl-attack
http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
http://www.drdobbs.com/understanding-oracle-attacks-on-informat/184405917
Nakedsecurity.sophos.com
null-byte.wonderhowto.com
googleonlinesecurity.blogspot.com.au
https://securityheaders.io/
http://mxtoolbox.com/DNSLookup.aspx
https://haveibeenpwned.com/
http://www.uvrx.com/social.html
http://socialmention.com/
http://boardreader.com/
http://www.whostalkin.com/
http://onion.link/
http://deepweblinks.org/
https://ahmia.fi/
http://www.acunetix.com/blog/articles/elaborate-ways-exploit-xss-flash-parameter
-injection/
http://fossbytes.com/10-best-operating-systems-for-ethical-hacking-and-penetrati
on-testing-2016/
https://www.honeynet.org/
http://www.edgis-security.org/honeypot/dionaea/
http://www.oldapps.com/
http://svn.mozilla.org/projects/infrasec/are_we_secure/
http://www.monkey.org/~dugsong/dsniff/
https://www.vsp.com/register-profile.html
http://www.onlinehashcrack.com/
https://download.g0tmi1k.com/wordlists/large/
https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2012/september/d
etails-on-the-crime-attack/
http://www.webappsec.org/
https://drownattack.com/
infosec584.wordpress.com
https://protonmail.com/
https://unseen.is/
https://app.wire.com/auth/
https://github.com/funkandwagnalls/ranger
http://mxtoolbox.com/
https://www.exploit-db.com/docs/39527.pdf1
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
http://bernardodamele.blogspot.com/2011/09/reverse-shells-one-liners.html
https://www.veil-framework.com/framework/veil-evasion/
https://github.com/letsencrypt/letsencrypt
https://www.skillset.com/
http://phrack.org/issues/7/3.html
http://www.securityweek.com/
https://packetstormsecurity.com/
https://www.vulnhub.com/
https://www.linkedin.com/pulse/practical-xpath-injection-attack-defense-benjamin
-caudill?trk=hb_ntf_MEGAPHONE_ARTICLE_POST
http://www.cyberciti.biz/networking/nmap-command-examples-tutorials/
http://www.w4rri0r.com/
http://www.ipaddressguide.com/cidr#range
https://github.com/robertdavidgraham/masscan
https://tails.boum.org/
https://www.whonix.org/
http://rachelbythebay.com/w/2016/04/17/unprotected//
https://www.qubes-os.org/doc/torvm/
http://distrowatch.com/table.php?distribution=wifislax
Pastebin.com
https://securityinabox.org/en
https://community.rapid7.com/community/metasploit/blog/2013/07/02/a-penetrationtesters-guide-to-ipmi
http://www.radare.org/r/
https://www.sharpmail.co.uk/
https://github.com/Synchro/PHPMailer
https://copperhead.co/android/
https://www.cs.cf.ac.uk/Dave/PERL/node175.html
http://www.9tut.com/
https://myowasp.force.com/apex/MN4__mnp_dashboard?sfdc.tabName=01rU00000009a7G
https://www.issa.org/
http://www.pentesteracademy.com/
Blogs worth it
Carnal0wnage
McGrew Security
Blog | GNUCITIZEN
Darknet
spylogic.net
TaoSecurity
Room362.com
SIPVicious
PortSwigger.net
Blog - pentestmonkey.net
Jeremiah Grossman
omg.wtf.bbq.
C (in)s u it
SkullSecurity
Metasploit
Security and Networking
Skeptikal.org
Digital Soapbox
tssci security
Blog - Gotham Digital Science
Reiners Weblog
Bernardo Damele A. G.
Laramies Corner
Attack and Defense Labs
Billy (BK) Rios
Common Exploits
extern blog SensePost;
Weapons of Mass Analysis
Exploit KB
Security Reliks
MadIrish.net
sirdarckcat
Reusable Security
Myne-us
www.notsosecure.com
SpiderLabs Anterior
Corelan Team | Peter Van Eeckhoutte (corelanc0d3r)
DigiNinja
Home Of PaulDotCom Security Podcast
Attack Vector
deviating.net
Alpha One Labs
SmashingPasswords.com
wirewatcher
gynvael.coldwind//vx.log
Nullthreat Security
Archangel Amael's BT Tutorials
memset's blog
ihasomgsecurityskills
punter-infosec
Security Ninja
Security and risk
GRM n00bs
Kioptrix
::eSploit::
PenTestIT Your source for Information Security Related information!
Your source for Information Security related information!
BackTrack Forums
EliteHackers.info
InterN0T forum
Government Security
Hack This Site Forum
iExploit Hacking Forum
Security Override
bright-shadows.net
ethicalhacker.net
sla.ckers.org
Magazines
(IN)SECURE Magazine
http://hakin9.org/
Video
The Hacker News Network

Security Tube
Irongeek -Hacking Illustrated
SecCon Archive
27c3-stream/releases/mkv
YouTube - ChRiStIaAn008's Channel
YouTube - HackingCons's Channel
Methodologies
Penetration Testing Framework
The Penetration Testing Execution Standard
Web Application Security Consortium (WASC)
OWASP top 10
social-engineer.org
OSINT
Presentations
Enterprise Open Source Intelligence Gathering Part 1 Social Networks spylogic.net
Enterprise Open Source Intelligence Gathering Part 2 Blogs, Message Boards and Met
adata spylogic.net
Enterprise Open Source Intelligence Gathering Part 3 Monitoring and Social Media P
olicies spylogic.net
Tactical Information Gathering
document_metadata_the_silent_killer__32974 (application/pdf Object)
footprinting - passive information gathering before a pentest
People and Orginizational
spokeo.com - People Search
123people.com
Spoke.com - Business Directory
Business Network - Social Network for Business Professionals
ZoomInfo
Pipl - People Search
Free People Search by ZabaSearch!
Free People Finder and Company Search | SearchBug
Free People Search
Addictomatic: Inhale the Web
Real Time Search - Social Mention
EntityCube
yasni.com | No. 1 free people search - Find anyone on the web
Tweepz.com - search, find and discover interesting people on twitter
TweepSearch :: Twitter Profile and Bio Search
Glassdoor.com - Company Salaries and Reviews
Jigsaw Business Contact Directory
Full Text Search
TinEye Reverse Image Search
PeekYou
PicFog - Quick Image Search
Twapper Keeper - "We save tweets" - Archive Tweets
White Pages | Email Lookup | People Find Tools at The Ultimates
Infastructure
Netcraft Uptime Survey
SHODAN - Computer Search Engine
Domain Tools: Whois Lookup and Domain Suggestions
Free online network utilities - traceroute, nslookup, automatic whois lookup, pi
ng, finger
http://hackerfantastic.com/
WHOIS and Reverse IP Service
MSN IP Search
SSL Labs - Projects / Public SSL Server Database - SSL Server Test
MyIPNeighbors Reverse IP Lookup
Google Hacking Database, GHDB, Google Dorks
Domain - reports and all about ips, networks and dns
net toolkit::index
IHS | GHDB
Exploits and Advisories
The Exploit Database
.:[ packet storm ]:.
SecurityFocus
SecurityForest
NIST
OSVDB: The Open Source Vulnerability Database
SecDocs IT Security and Hacking knowledge base
Nullbyte.Org.IL
CVE security vulnerability database
Secunia.com
CVE - Common Vulnerabilities and Exposures (CVE)
Cheat Sheets and Syntax
Big Port DB | Cirt
Cheat Sheet : All Cheat Sheets in one page
Security Advancements at the Monastery Blog Archive Whats in Your Folder: Securit
y Cheat Sheets
Information about developments at the Monastery
Agile Hacking
Agile Hacking: A Homegrown Telnet-based Portscanner | GNUCITIZEN
Command Line Kung Fu
Simple yet effective: Directory Bruteforcing
The Grammar of WMIC
Windows Command-Line Kung Fu with WMIC
Windows CMD Commands
running a command on every mac
Syn: Command-Line Ninjitsu
WMIC, the other OTHER white meat.
Hacking Without Tools: Windows - RST
Pentesting Ninjitsu 1
Pentesting Ninjitsu 2 Infrastructure and Netcat without Netcat
[PenTester Scripting]
windows-scripting-COM-tricks
Advanced-Command-Exploitation
OS & Scripts
IPv4 subnetting reference - Wikipedia, the free encyclopedia
All the Best Linux Cheat Sheets
SHELLdorado - Shell Tips & Tricks (Beginner)
Linux Survival :: Where learning Linux is easy
BashPitfalls - Greg s Wiki
Rubular: a Ruby regular expression editor and tester
http://www.iana.org/assignments/port-numbers
Useful commands for Windows administrators
All the Best Linux Cheat Sheets
Rubular: a Ruby regular expression editor
Tools
netcat cheat sheet (ed skoudis)
nessus/nmap (older)
hping3 cheatsheet
Nmap 5 (new)
MSF, Fgdump, Hping
Metasploit meterpreter cheat sheet reference
Netcat cheat sheet
Distros
BackTrack Linux
Matriux
nUbuntu
Samurai Web Testing Framework
OWASP Live CD Project

Pentoo
Katana
KON-BOOT
Welcome to Linux From Scratch!
SUMO Linux
pentesting packages for ubuntu
BackBox Linux | Flexible Penetration Testing Distribution
Labs
ISO s / VMs
Web Security Dojo
OWASP Broken Web applications Project
Pentest Live CDs
NETinVM
:: moth - Bonsai Information Security ::
Metasploit: Introducing Metasploitable
Holynix pen-test distribution
WackoPico
LAMPSecurity
Hacking-Lab.com LiveCD
Virtual Hacking Lab
Badstore.net
Mutillidae: A Deliberately Vulnerable Set Of PHP Scripts
Damn Vulnerable Web App - DVWA
pWnOS
The ButterFly - Security Project
Vulnerable Software
Old Version Downloads - OldApps.com
OldVersion.com
Web Application exploits, php exploits, asp exploits
wavsep - Web Application Vulnerability Scanner Evaluation Project
OWASP SiteGenerator - OWASP
Hacme Books | McAfee Free Tools
Hacme Casino v1.0 | McAfee Free Tools
Hacme Shipping | McAfee Free Tools
Hacme Travel | McAfee Free Tools
Test Sites
Test Site
CrackMeBank Investments
http://zero.webappsecurity.com
acublog news
acuforum forums
Home of Acunetix Art
Altoro Mutual
NT OBJECTives
Exploitation Intro
Exploitation - it-sec-catalog - References to vulnerability exploitation stuff.
- Project Hosting on Google Code
Myne-us: From 0x90 to 0x4c454554, a journey into exploitation.
Past, Present, Future of Windows Exploitation | Abysssec Security Research
Smash the Stack 2010
The Ethical Hacker Network - Smashing The Modern Stack For Fun And Profit
x9090 s Blog: [TUTORIAL] Exploit Writting Tutorial From Basic To Intermediate
X86 Opcode and Instruction Reference
This reference is intended to be precise opcode and instruction set reference (i
ncluding x86-64). Its principal aim is exact definition of instruction parameter
s and attributes.
Reverse Engineering & Malware
TiGa s IDA Video Tutorial Site
Binary Auditing
http://visi.kenshoto.com/
radare
Offensive Computing | Community Malicious code research and analysis
Passwords and Hashes
Password Exploitation Class
Default Passwords Database
Sinbad Security Blog: MS SQL Server Password Recovery
Foofus Networking Services - Medusa::SMBNT
LM/NTLM Challenge / Response Authentication - Foofus.Net Security Stuff
MD5 Crackers | Password Recovery | Wordlist Downloads
Password Storage Locations For Popular Windows Applications
Online Hash Crack MD5 / LM / NTLM / SHA1 / MySQL - Passwords recovery - Reverse
hash lookup Online - Hash Calculator
Requested MD5 Hash queue
Virus.Org
Default Password List
Electric Alchemy: Cracking Passwords in the Cloud: Breaking PGP on EC2 with EDPR
Wordlists
"Crack Me If You Can" - DEFCON 2011
Packet Storm Word Lists
Passwords - SkullSecurity
Index of /passwd/passwords
Pass the Hash
pass-the-hash-attacks-tools-mitigation_33283 (application/pdf Object)
crack-pass-hash_33219 (application/pdf Object)
MitM
Introduction to dsniff - GIAC Certified Student Practical
dsniff-n-mirror.pdf (application/pdf Object)
dsniff.pdf (application/pdf Object)
A Hacker s Story: Let me tell you just how easily I can steal your personal data
- Techvibes.com
ECCE101.pdf (application/pdf Object)
3.pdf (application/pdf Object)
Seven_Deadliest_UC_Attacks_Ch3.pdf (application/pdf Object)
cracking-air.pdf (application/pdf Object)
bh-europe-03-valleri.pdf (application/pdf Object)
Costa.pdf (application/pdf Object)
defcon-17-sam_bowne-hijacking_web_2.0.pdf (application/pdf Object)
Live_Hacking.pdf (application/pdf Object)
PasstheParcel-MITMGuide.pdf (application/pdf Object)
2010JohnStrandKeynote.pdf (application/pdf Object)
18.Ettercap_Spoof.pdf (application/pdf Object)
EtterCap ARP Spoofing & Beyond.pdf (application/pdf Object)
Fun With EtterCap Filters.pdf (application/pdf Object)
The_Magic_of_Ettercap.pdf (application/pdf Object)
arp_spoofing.pdf (application/pdf Object)
Ettercap(ManInTheMiddleAttack-tool).pdf (application/pdf Object)
ICTSecurity-2004-26.pdf (application/pdf Object)
ettercap_Nov_6_2005-1.pdf (application/pdf Object)
MadIrish.net Mallory is More than a Proxy
Thicknet: It does more than Oracle, Steve Ocepek securityjustice on USTREAM. Com
puters
Tools
OSINT
Edge-Security - theHarvester- Information Gathering
DNSTRACER man-page
Maltego 3
Metadata
document-metadata-silent-killer_32974 (application/pdf Object)
[strike out]
ExifTool by Phil Harvey

Edge-Security - Metagoofil - Metadata analyzer - Information Gathering
Security and Networking - Blog - Metadata Enumeration with FOCA
Google Hacking
Midnight Research Labs - SEAT
Google Hacking Diggity Project Stach & Liu
dorkScan.py
Web
BeEF
BlindElephant Web Application Fingerprinter
XSSer: automatic tool for pentesting XSS attacks against different applications
RIPS | Download RIPS software for free at SourceForge.net
http://www.divineinvasion.net/authforce/
Attack and Defense Labs - Tools
Browser_Exploitation_for_Fun&Profit
Using sqid (SQL Injection Digger) to look for SQL Injection
pinata-CSRF-tool
XSSer: automatic tool for pentesting XSS attacks against different applications
Clickjacker
unicode-fun.txt Packet Storm
WebService-Attacker
Attack Strings
fuzzdb - Project Hosting on Google Code
OWASP Fuzzing Code Database - OWASP
Shells
SourceForge.net: Yokoso!
AJAX/PHP Command Shell
Scanners
w3af - Web Application Attack and Audit Framework
skipfish - Project Hosting on Google Code
sqlmap: automatic SQL injection tool
SQID - SQL Injection digger
http://www.packetstormsecurity.org/UNIX/scanners/XSSscan.py.txt
WindowsAttack - fimap - Windows Attacking Example - Project Hosting on Google Co
de
fm-fsf - Project Hosting on Google Code
Websecurify
News :: Arachni - Web Application Security Scanner Framework
rfiscan Packet Storm
lfi-rfi2 scanner Packet Storm
inspathx Tool For Finding Path Disclosure Vulnerabilities
DotDotPwn - The Directory Traversal Fuzzer 2.1 Packet Storm
Proxies
Burp
fuzzing-approach-credentials-discovery-burp-intruder_33214 (application/pdf Obje
ct)
Constricting the Web: The GDS Burp API - Gotham Digital Science
Browse Belch - Burp External Channel v1.0 Files on SourceForge.net
Burp Suite Tutorial Repeater and Comparer Tools Security Ninja
w3af in burp
Attack and Defense Labs - Tools
burp suite tutorial - English
SensePost - reDuh - HTTP Tunneling Proxy
OWASP WebScarab NG Project - OWASP
Mallory: Transparent TCP and UDP Proxy Intrepidus Group - Insight
Fiddler Web Debugger - A free web debugging tool
Watcher: Web security testing tool and passive vulnerability scanner
X5S
koto/squid-imposter - GitHub
squid-imposter - Phishing attack w/HTML5 offline cache framework based on Squid
proxy
Social Engineering
Social Engineering Toolkit
Password
Ncrack
Medusa
JTR
Ophcrack
keimpx in action | 0x3f
keimpx - Project Hosting on Google Code
hashkill
Metasploit
markremark: Reverse Pivots with Metasploit - How NOT to make the lightbulb
WmapNikto - msf-hack - One-sentence summary of this page. - Project Hosting on G
oogle Code
markremark: Metasploit Visual Basic Payloads in action
Metasploit Mailing List
PaulDotCom: Archives
OpenSSH-Script for meterpreter available !
Metasploit: Automating the Metasploit Console
561
Deploying Metasploit as a Payload on a Rooted Box Tutorial
Metasploit/MeterpreterClient - Wikibooks, collection of open-content textbooks
SecTor 2010 - HD Moore - Beyond Exploits on Vimeo
XLSinjector Milo2012's Security Blog
Armitage - Cyber Attack Management for Metasploit
Nsploit
neurosurgery-with-meterpreter
(automating msf) UAV-slides.pdf
MSF Exploits or Easy
Tenable Network Security

NSE
Nmap Scripting Engine Primer Tutorial
NSEDoc Reference Portal
Net Scanners & Scripts
Nmap
sambascan2 - SMB scanner
SoftPerfect Network Scanner
OpenVAS
Nessus Community | Tenable Network Security
Nexpose Community | Rapid7
Retina Community
Post Exploitation
http://www.awarenetwork.org/home/rattle/source/python/exe2bat.py
Metacab | PHX2600
Netcat
Re: Your favorite Ncat/nc/Netcat trick? - ReadList.com
ads.pdf (application/pdf Object)
Netcat_for_the_Masses_DDebeer.pdf (application/pdf Object)
netcat_cheat_sheet_v1.pdf (application/pdf Object)
socat
NetCat tutorial: Day1 [Archive] - Antionline Forums - Maximum Security for a Con
nected World
Netcat tricks Jonathans Techno-tales
Nmap Development: Re: Your favorite Ncat/nc/Netcat trick?
Few Useful Netcat Tricks Terminally Incoherent
Skoudis_pentestsecrets.pdf (application/pdf Object)
Cracked, inSecure and Generally Broken: Netcat
Ncat for Netcat Users
Source Inspection
Graudit - Just Another Hacker
javasnoop - Project Hosting on Google Code
Firefox Addons
David's Pen Testing (Security) Collection :: Collections :: Pengaya untuk Firefo
x
OSVDB :: Add-ons for Firefox
Packet Storm search plugin. :: Add-ons for Firefox
Default Passwords - CIRT.net :: Add-ons for Firefox
Offsec Exploit-db Search :: Add-ons for Firefox
OVAL repository search plugin :: Add-ons for Firefox
CVE dictionary search plugin :: Add-ons for Firefox
HackBar :: Add-ons for Firefox
Tool Listings
.:[ packet storm ]:. - tools
Security and Hacking Tools
Training/Classes
Sec / Hacking
Penetration Testing and Vulnerability Analysis - Home
Network Sniffers Class for the Kentuckiana ISSA 2011 (Hacking Illustrated Series
InfoSec Tutorial Videos)
CNIT 124: Advanced Ethical Hacking -- Sam Bowne
CS 279 - Advanced Topics in Security
CS142 Web Programming and Security - Stanford
CS155 Computer and Network Security - Stanford
CSE 227: Computer Security - UCSD
CS 161: Computer Security - UC Berkley
Security Talks - UCLA
CSCI 4971 Secure Software Principles - RPI
MCS 494 UNIX Security Holes
Software Security - CMU

T-110.6220 Special Topics in Ifocsec -TKK
Sec and Infosec Related - MIT
Metasploit
Metasploit Unleashed
Metasploit Class Videos (Hacking Illustrated Series InfoSec Tutorial Videos)
Metasploit Megaprimer 300+ mins of video
Metasploit Tips and Tricks - Ryan Linn
OffSecOhioChapter, Metasploit Class2 - Part1
Programming
Python
Google's Python Class - Google's Python Class - Google Code
Python en:Table of Contents - Notes
TheNewBoston Free Educational Video Tutorials on Computer Programming and More! P
ython
Python Videos, Tutorials and Screencasts
Learning Python Programming Language Through Video Lectures - good coders code,
great reuse
Ruby
Video Tutorials - Technology Demonstrations - tekniqal.com
Other/Misc
CS490 Windows Internals
T-110.6220 Lectures - Noppa - TKK
Index of /edu/training/ss/lecture/new-documents/Lectures
InfoSec Resources
Robert Hansen on Vimeo
Web Vectors
SQLi
MSSQL Injection Cheat Sheet - pentestmonkey.net
SQL Injection Cheat Sheet
EvilSQL Cheatsheet
RSnake SQL Injection Cheatsheet
Mediaservice.net SQLi Cheatsheet
MySQL Injection Cheat Sheet
Full MSSQL Injection PWNage
MS Access SQL Injection Cheat Sheet krazl - - bloggerholic
MS Access SQL Injection Cheat Sheet
Penetration Testing: Access SQL Injection
Testing for MS Access - OWASP
Security Override - Articles: The Complete Guide to SQL Injections
Obfuscated SQL Injection attacks
Exploiting hard filtered SQL Injections Reiners Weblog
SQL Injection Attack
YouTube - Joe McCray - Advanced SQL Injection - LayerOne 2009
Joe McCray - Advanced SQL Injection - L1 2009.pdf (application/pdf Object)
Joseph McCray SQL Injection
sla.ckers.org web application security forum :: Obfuscation :: SQL filter evasio
n
sqli2.pdf (application/pdf Object)
SQL Server Version - SQLTeam.com
Overlooked SQL Injection 20071021.pdf (application/pdf Object)
SQLInjectionCommentary20071021.pdf (application/pdf Object)
uploadtricks
bypassing upload file type - Google Search
Skeptikal.org: Adobe Responds... Sort Of
Secure File Upload in PHP Web Applications | INSIC DESIGNS
Stupid htaccess Tricks Perishable Press
Tricks and Tips: Bypassing Image Uploaders. - By: t3hmadhatt3r
Security FCKeditor ADS File Upload Vulnerability - Windows Only

Cross Site Scripting scanner Free XSS Security Scanner
VUPEN - Microsoft IIS File Extension Processing Security Bypass Vulnerability /
Exploit (Security Advisories - VUPEN/ADV-2009-3634)
Uploading Files Using the File Field Control
TangoCMS - Security #237: File Upload Filter Bypass in TangoCMS <=2.5.0 - TangoC
MS Project
Full Disclosure: Zeroboard File Upload & extension bypass Vulnerability
Cross-site File Upload Attacks | GNUCITIZEN
TikiWiki jhot.php Script File Upload Security Bypass Vulnerability
FileUploadSecurity - SH/SC Wiki
LFI/RFI
http://pastie.org/840199
Exploiting PHP File Inclusion Overview Reiners Weblog
LFI..Code Exec..Remote Root!
Local File Inclusion Tricks of the Trade Neohapsis Labs
Blog, When All You Can Do Is Read - DigiNinja
XSS
The Anatomy of Cross Site Scripting
Whitepapers - www.technicalinfo.net
Cross-Site Scripting (XSS) no script required - Tales from the Crypto
Guide Cross Site Scripting - Attack and Defense guide - InterN0T - Underground S
ecurity Training
BlackHat-EU-2010-Lindsay-Nava-IE8-XSS-Filters-slides.pdf (application/pdf Object
)
sirdarckcat: Our Favorite XSS Filters and how to Attack them
Filter Evasion Houdini on the Wire Security Aegis
HTML5 Security Cheatsheet
XSS - Cross Site Scripting
sla.ckers.org web application security forum :: XSS Info
[DOM Based Cross Site Scripting or XSS of the Third Kind] Web Security Articles
- Web Application Security Consortium
What's Possible with XSS?
Coldfusion
ColdFusion directory traversal FAQ (CVE-2010-2861) | GNUCITIZEN
Attacking ColdFusion. | Sigurnost i zastita informacija
Attacking ColdFusion
HP Blogs - Adobe ColdFusion's Directory Traversal Disaster - The HP Blog Hub
254_ShlomyGantz_August2009_HackProofingColdFusion.pdf (application/pdf Object)
Adobe XML Injection Metasploit Module | carnal0wnage.attackresearch.com
Computer Security Blog: PR10-08 Various XSS and information disclosure flaws wit
hin Adobe ColdFusion administration console
SharePoint
The Ethical Hacker Network - Pen Testing Sharepoint
Lotus
Lotus Notes/Domino Security - David Robert's -castlebbs- Blog
Penetration Testing: Re: Lotus Notes
Hacking Lotus Domino | SecTechno
jboss
Whitepaper-Hacking-jBoss-using-a-Browser.pdf (application/pdf Object)
Minded Security Blog: Good Bye Critical Jboss 0day
vmware web
Metasploit Penetration Testing Framework - Module Browser
Oracle appserver
hideaway [dot] net: Hacking Oracle Application Servers
Testing for Oracle - OWASP
OraScan
NGSSQuirreL for Oracle
hpoas.pdf (application/pdf Object)
SAP
Onapsis | Research Labs

'[john-users] patch for SAP-passwords (BCODE & PASSCODE)' - MARC
Phenoelit SAP exploits
Wireless
pyrit - WPA/WPA2-PSK and a world of affordable many-core platforms - Google Proj
ect Hosting
Capture the Flag/Wargames
http://intruded.net/
SmashTheStack Wargaming Network
flack & hkpco.kr
HC's Capture the Flag site
The UCSB iCTF
CTF Calendar
Conferences
Information Security Conferences Calnedar
misc/unsorted
http://www.ikkisoft.com/stuff/SMH_XSS.txt
XFS 101: Cross-Frame Scripting Explained | SecureState Information Security Blog
What The Fuck Is My Information Security Strategy?
OWASP_DanielCutbert_Evolution_WebAppPenTest.mp4
DeepSec 2007 - Aaron Portnoy Cody Pierce - RPC Auditing Tools and Techniques
extern blog SensePost;
Zen One: PCI Compliance - Disable SSLv2 and Weak Ciphers
HD Moore on Metasploit, Exploitation and the Art of Pen Testing | threatpost
Network Time Protocol (NTP) Fun | carnal0wnage.attackresearch.com
black-box-scanners-dimva2010.pdf (application/pdf Object)
Database_Pen_Testing_ISSA_March_25_V2.pdf (application/pdf Object)
Stupid htaccess Tricks Perishable Press
(Other)
http://corelan.be4
http://phrack.org2
http://insecure.org2
http://www.winprog.org2
http://althing.cs.dartmouth.edu/local/shellcode.html3
https://securitycafe.ro/category/pentest-techniques/2
SSL / TLS / HTTPS
Is TLS fast yet A great site debunking the myths of SSL/TLS speed cost
Firesheep A watershed moment for SSL by demonstrating the ease with which unprot
ected traffic can be intercepted and sessions hijacked
Qualys SSL Labs Tests a variety of attributes of the SSL implementation by point
ing it at any URL
CloudFlare Get SSL for free on any website
Lets Encrypt Its coming, and it promises to fix the current mess that is CAs and c
onfiguring certs
Betsys free wifi Shows a young girl standing up a rogue wifi hot spot
Chromium HSTS preload list All the sites submitted for HTTP strict transport sec
urity preload (a depressingly small number of them)
HTTP Shaming Sensitive data sent insecurely? Name and shame!
DDoS
Kristas professional DDoS service Video of an innocent teenager promoting a DDoS
service
Norse Totally awesome real time map of DDoS attacks thats absolutely mesmerising
to watch
Booter promotional video Very professional advert for a booter service (complete w
ith Epic DDoS interface)
networkstresser.com Example of a DDoS service protected by CloudFlare the worlds la

rgest provider of DDoS defences
SQL injection
sqlmap The tool for mounting SQL injection attacks tests against a running site
Drupal 7 SQL injection flaw of 2014 great example of how impactful it still is (
patch it within 7 hours or youre owned)
Ethical Hacking: SQL Injection If you really want to go deep, heres five and a ha
lf hours worth of Pluralsight content
XSS
XSSposed List of sites found to be vulnerable to XSS (including attack vector)
Dutch banks doing the Harlem Shake Video collage of a number of Dutch banks with
XSS risks being made to do the Harlem Shake via a script reflected from the URL
XSS Filter Evasion Cheat Sheet Because XSS payload filtering is almost always in
sufficient
</xssed> Heaps of XSS news and lists of vulnerabilities
Security scanners
NetSparker My favourite dynamic analysis tool due to ease of use and practicalit
y (especially good for developers who may not live in security land)
OWASP Zed Attack Proxy (ZAP) Great tool for dynamic analysis security testing an
d has a whole raft of other users too (oh and its free!)
Burp Suite Seriously powerful with a heap of different tools and a freebie versi
on to get you started
Fiddler Not a security tool per se, but I use it extensively to inspect website
behaviour, tamper with requests and modify responses on the wire
Acunetix Popular dynamic analysis tool similar to NetSparker but is let down a b
it in the usability stakes IMHO
Nikto2 Freebie open source app scanner sponsored by NetSparker
Exploit databases and breach coverage
seclists.org Heaps of exploits consolidated from various bug tracking lists
Exploit Database Very comprehensive list of vulnerabilities
PunkSPIDER Lots of vulnerabilities of all kinds all over the web (about 90M site
s scanned with over 3M vulns at present)
Data Loss DB Good list of breaches including stats on number of records compromi
sed
Information is Beautiful: Worlds Biggest Data Breaches Fantastic visualisation of
incidents that give a great indication of scale
Cracking software
Hashcat The tools for cracking hashed passwords; totally free with a great suppo
rtive community
John the Ripper Also top notch password cracking software with some different ap
proaches to Hashcat
RainbowCrack Rainbow tables are becoming less relevant in the era of fast GPUs a
nd tools like Hashcat, but its worth a mention anyway
Aircrack-ng For all your 802.11 WEP and WPA-PSK key cracking needs
Hacking and penetration testing tools
Metasploit The canonical pen testing tool; seriously advanced and enormously pow
erful
BeEF The Browser Exploitation Framework offering remote control over a targets br
owsing session
Kali Linux All your pen testing bits in one image!
Backtrack-linux Fallen out of favour a bit as Kali has emerged, but still deserv
es a mention
Nmap For all your mapping of network things needs
Wireshark When you need to down to monitoring at the packet level
Vulnerability definitions
The OWASP Top 10 Web Application Security Risks The canonical categorisation of
the top risks on the web today
SANS 20 Critical Security Controls Great consolidation of security controls pres
ented in an easily consumable fashion
Security headers
Fiddler extension for CSP Massively streamlines your creation of a CSP by buildi
ng the policy as you browse
SecurityHeaders.io Everything security header related and a great place to asses
s your current state
Report URI Analyse your CSP and HPKP headers plus log your exception reports the
re
Make any website do the Harlem Shake if you can run this in the console against
a website, they almost certainly dont have a CSP prohibiting arbitrary content fr
om being loaded into the site
Passwords
OWASP Password Storage Cheat Sheet There are plenty of bad ways of doing it, thi
s is a great resource documenting the good ways
Jimmy Kimmel What is your password video of interviewing people and engineering th
em into disclosing their password
Diceware A popular method of creating strong pass phrases suitable for use as a
password
Password managers
1Password Still my favourite password manager; client based, runs on all devices
and the keychain is syncable via multiple mechanisms
LastPass A web based password manager (albeit with rich clients as well), one of
the big players in password managers
KeePass A popular free alternative to commercial password managers
Account management
Adult Friend Finder password reset Enumeration done wrong; initiate a password r
eset for any email address and be told if theyre a member of a highly personal si
te
Entropay password reset A great example of not disclosing the existence of an ac
count (try resetting an account that isnt registered on their system)
Botnet brute force attack against GitHub I regularly use this as an example of h
ow hard it can be to defend against brute force
Personal security
F-Secures Freedome My VPN of choice with lots of exit nodes around the world and
a promise of no logging
mycreditfile.com.au This is an Aussie version so do find one local to you if your
e not down under, but identity protection and credit alerts is a must have today I
MHO
Googledorks
Google Hacking Database Great collection of Googledorks categorised by various c
lasses of exposed data
Google Hacking for Penetration Testers In case you prefer books over web pages
Other tools and links
Have I been pwned? How could I not include this?! My own tool, now being put to
particularly good use by large enterprises monitoring tens of millions of people
Mailinator create temporary email addresses for testing
Shodan Find devices connected to the web (cameras, SCADA systems, etc.)
Retire.js What you require you must also retire: Helps identify JavaScript librari
es with known vulnerabilities
urlQuery.net Analyses web-delivered malware by inspecting an individual URL and
identifying malicious behaviour
Phish5 Im yet to use them but I hear good things; phishing attacks are enormously
effective and these guys help you test your organisation for how well equipped
people are to recognise the attacks
Plain Text Offenders Been emailed your password? Name and shame!
Kaspersky Real Time Threat Map Very cool visualisation of the real time threat K
aspersky is seeing
Tor Browser Bundle Access the underwebs and browse anonymously
Security statistics reports
Verizon Data Breach Investigations Report The annual DBIR is based on real world
security incidents and is a great resource for evidence-based security metrics
WhiteHat Security Statistics Report Based on findings in the websites they monit
or with their security products so another good evidence-based report

Trustwave Global Security Report Another annual report driven from real world in
vestigations (plus they use the terms threat intelligence, seedy criminal undergrou
nd and data defender so you know itll be good!)
Websence Threat Report Created by Websense Security Labs, a fairly high level ov
erview of the threat landscape
HP Cyber Risk Report More cyber, more statistics, more reports
Noteworthy books
We are Anonymous Still one of my favourite security books, a look inside Lulzsec
and how it all unravelled
Ghost in the Wires The story of Kevin Mitnicks early days and an absolutely fasci
nating read
Data and Goliath Just because youre paranoid doesn t mean theyre not after you! Ex
cellent read on data collection by Bruce Schneier
Other things you should be reading
What Every Programmer Absolutely, Positively Needs To Know About Encodings And C
haracter Sets To Work With Text Because encoding is one of those things you just
need to know
Blogs & News
Naked Security by SOPHOS - simple and informative blog about whats happening in t
he infosec world (about which celebrities got hacked too)
Troy Hunt - one of my favourite bloggers, Pluralsight author
Schneier on Security - Bruce Schneier, cryptography guru, also writes about Snow
den & NSA
r/netsec - Reddit infosec corner
Hacker News - Ycombinator
Krebs on Security - news, investigations, fraud, card data breaches, ATM skimmer
s
Infosec Island - interesting articles
Information Security Stack Exchange - interesting questions and answers
Labs
Vulnhub - tons of virtual hosts to hack
Hackerrank - learn coding and get ranked at the same time
Learning Resources
Corelan Team - immense resource for exploit development
Cybrary - free training videos about hacking, forensics & cyber security
Metasploit Unleashed - the ultimate guide to the Metasploit Framework by Offensi
ve Security
Irongeek - various security tutorials
SecurityTube - when reading is not enough
Coursera - has a number of courses about programming and security
PentesterAcademy - reasonably priced, quality videos on a variety of topics
Offensive Computer Security - free course by Florida State University
Damn Vulnerable Web App - great way to learn webapp testing
Capture the Flag
CTF Time - calendar, ratings & other CTF info
pwntools - CTF framework
SecurityCTF - yes, CTF has its own subreddit
CTFs on GitHub
For the lulz
Infosec Reactions - GIF visualizations of pentesting-related stuff
Threatbutt - defense in derpth
Justin Bieber Linux - the funniest Linux distro
Cyber Freud
0ther 733t Websites
Inj3ct0r Exploit Database - 0day exploits
Evilzone - hacking forum
Packet Storm Full Disclosure Information Security - Information Security News,

Files, Tools, Exploits, Advisories and Whitepapers
SecuriTeam - Security News - Beyond Security will help you expose your security h
oles and will show you what the bad guys already know about your hosts and netwo
rk. Use our Automated Scanning service to perform a full security audit of your
site, and find the latest security news and tools on Beyond Security s SecuriTea
m web site.
http://www.networkworld.com/topics/security.html - networkworld security news
http://securityaffairs.co/wordpress/ sec news
http://www.computerworld.com/s/topic/85/Malware+and+Vulnerabilities - malware in
depth and security news
http://thehackernews.com/ - The Hacker News
http://www.thawte.com/about/news/ - Thawte sgc ca news room
http://www.darkreading.com/ - IT and IT Security news
http://www.techspot.com/category/security/ - IT Security news from TechSpot
http://threatpost.com/ - Kaspersky Lab Security News Service
http://www.oldapps.com/ - a repo of old apps for security testing purposes
http://www.oldversion.com/ - a list of older versions of software, for testing.
Free Tools | McAfee Downloads - Free tools from McAfee
http://www.cert.org/forensics/tools/ - a comprehensive forensics list of tools f
rom CERT
http://forensiccontrol.com/resources/free-software/ - A list of free forensic to
ols.
Security Tool Files Packet Storm - Information Security News, Files, Tools, Expl
oits, Advisories and Whitepapers
http://www.aldeid.com/wiki/Main_Page - List of free and/or open Source Security
Tools: Pentesting , Network , Web Hacking , Network Forensics , Research.
http://www.hbgary.com/free_tools - really good and useful forensics tools
http://www.sans.org/whatworks/ - Security tools recommended by SANS
Tools from www.SecurityXploded.com - Infosec Research portal for Reverse Enginee
ring, Cryptography, Anti-Spyware and Password Recovery Tools.
http://tools.thehackernews.com/ - Tools Yard from THN
http://www.toolswatch.org/ - tools watch
Treachery Unlimited - Security Tools (Network Manipulation, Mapping and Monitori
ng)
Network Pentest Lab Security Aegis - Life, Liberty, and the pursuit of root
http://www.cftt.nist.gov/ - Computer Forensics Tool Testing Project Handbook
Live Hacking Videos - Hacking Video tutorials.
http://ictf.cs.ucsb.edu/index.php - Public Cyber Excersizes.
Honeypots, Intrusion Detection, Incident Response - Independent overview of whit
epapers, articles and howto s related to Honeypots, Intrusion Detection Systems
and Incident Handling.
http://myexploit.wordpress.com/ - a bunch of IT security/audit tutorials, comman
d tools explanation.
Exploits Database by Offensive Security - The Exploit Database - Exploits, Shell
code, Vulnerability reports, 0days, remote exploits, local exploits, security ar
ticles, tutorials and more.
Exploit Files Packet Storm - Information Security News, Files, Tools, Exploits,
Advisories and Whitepapers
1337day Inj3ct0r Exploit Database : vulnerability : 0day : - Inj3ct0r is the ul
timate database of exploits and vulnerabilities and a great resource for vulnera
bility researchers and security professionals.
Metasploit :: Browse Exploit & Auxiliary Modules - Metasploit exploits DB
Exploit Database - Site 1 - Site 1 of WLB Exploit Database is a huge collection
of information on data communications safety.
Exploits, PoCs and exploits RSS channel - security vulnerabilities database - C

omputer security and information safety.
0day Exploit DataBase - The Exploit Base an ultimate archive of exploits and vulne
able software. A great resource for penetration testers, vulnerability researche
rs, and security addicts alike. Our aim is to collect exploits from submittals a
nd mailing lists and concentrate them in one, easy to navigate base.
Ars Technica Risk Assessment
Reporters for the security section of Ars Technica tackle a wide variety of stor
ies, including articles on the latest data breaches, the cost of cyber crime and
cyber spying.
CIO Security
CIOs security section is a repository of up-to-date articles on data breaches, ha
cks, attacks, new research and international developments.
CSO Online
Slideshows, blogs, news articles, white papers theres a rich olio of security and
risk management resources on CSOs site.
Dark Reading
Brought to you by InformationWeek, Dark Reading covers top stories in informatio
n security. Topics include attacks/breaches, app sec, mobile and threats.
Guardian Information Security Hub
One of the largest newspapers in Britain, The Guardian offers the latest on info
rmation and cyber security. Articles are usually targeted towards the layperson.
Homeland Security News Wire Cybersecurity
Cyber security merits its own extensive section in this online publication. A wi
de variety of topics that affect homeland security are covered.
Infosecurity Magazine
A one-stop-source for the information security industry. The magazine contains n
ews articles, white papers, a list of upcoming events & conferences and a lot of
webinars.
Naked Security
Naked Security is the newsroom of Sophos, the well-known developer of computer s
ecurity products. Lots of useful security news, opinions, advice and research.
SC Magazine
SC supplies information security professionals with a wide range of business and
technical information resources. Youll discover news articles, product reviews,
white papers, videos and more.
SecureList
Funded by Kaspersky Lab the Russian developer of secure content and threat manag
ement systems SecureList is a heaving mass of info on viruses, hackers and spam.
SecurityWatch
PCMags security section deals with a whole host of trending topics, including mal
ware, mobile, threats, vulnerabilities and hacks.
Threat Level
Wireds section on privacy, crime and security online is packed with articles and
resources. Many of the stories have a national/international flavor.
ThreatPost
Like SecureList, ThreatPost is a news site working under the aegis of Kaspersky
Lab. Here youll find news, videos and feature reports on every aspect of cyber se
curity.
Blogs
Google Online Security Blog
The folks on Googles Security Team regularly cover pressing security and risk man
agement topics.
InfoSec Resources
InfoSec Institute offers information security training, and their blog is jam-pa
cked with mini-courses, ebooks, and hands-on tutorials for students interested i
n cyber security.
Krebs on Security
Brian Krebs earned his spurs as an investigative reporter for the Washington Pos
t. Now he writes extensively on cyber crime, Internet security and the latest ne
ws. Youll hear his name a lot.

Microsoft Malware Protection Center Blog
Microsoft has other TechNet blogs, but for security alerts and news, this is the
one youll probably want to follow.
Schneier on Security
Bruce Schneier, aka the security guru, has been blogging about security issues sin
ce 2004. Hes the CTO at Co3 Systems, Inc., author of 12 books and a fellow at Har
vards Berkman Center.
Security Bloggers Network
Security Bloggers Network collects almost 300 blogs and podcasts from informatio
n security experts around the world and collates them into a single feed.
Terebrate
This enjoyable book review blog is penned by Rick Howard, CSO at Palo Alto Netwo
rks. In the course of his readings, Howard decided there should be a Cyber Canon
, a list of must-read cyber security books (fiction and non-fiction).
Threat Track Security Labs Blog
Threat Track Security Labs partners with businesses to combat Advanced Persisten
t Threats (APTs), targeted attacks and sophisticated malware. Though the blog is
company-focused, it covers a lot of security ground.
Veracode Blog
Run by the team at Veracode a company focused on cloud-based application securit
y this blog is a hot spot for application security research and news.
Zero Day Blog
ZDNets blog covers the latest in software/hardware security research, vulnerabili
ties, threats and computer attacks.
Books
Breaking In to Information Security
By Josh More and Anthony Stieber. This practical guide to starting a cyber secur
ity career includes a level-up gaming framework for career progression, with a Lear
n, Do, Teach approach through three tiers of InfoSec jobs. Youll also find example
s of specific roles and career paths in each job tier so you can identify and ma
x out skills for the role you want.
CISSP All-In-One Exam Guide
By Shon Harris. The go-to resource for CISSP exam prep. Constantly updated, the
guide includes everything you will need to prepare exam tips, practice questions
, training module, in-depth explanations and covers all 10 CISSP domains. Availa
ble in digital and print formats.
Confront and Conceal: Obamas Secret Wars and Surprising Use of American Power
By David E. Sanger. An insiders account of the Obama administrations foreign polic
y process, Confront and Conceal reveals important details about Operation Olympi
c Games, the U.S.s covert cyber attack on Irans nuclear facilities, and the govern
ments thinking on cyber weapons. Named one of the Top 20 in Rick Howards Cyber Can
on.
Cryptography Engineering: Design Principles and Practical Applications
By Niels Ferguson, Bruce Schneier and Tadayoshi Kohno. A good foundational guide
for those interested in practical cryptography. The authors cover many of the f
undamentals e.g. ciphers, message digests, key exchange, mathematics basics and
take a close look at the hardware, software and human issues involved in cryptog
raphy engineering. Advanced cryptographers will want to dig deeper.
Cyber War: The Next Threat to National Security and What to Do About It
By Richard Clarke and Robert K. Knake. First published in 2010, Clarke and Knakes
book is a broadside against complacency in cyber defense. Clarke is the former
National Coordinator for Security, Infrastructure Protection, and Counter-terror
ism for the United States, and has much to say about cyber warfare, cyber terror
ism and government policy. Named one of the Top 20 in Rick Howards Cyber Canon.
Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground
By Kevin Poulsen. Kingpin is the made for Hollywood story of Max Butler, a misfit
and hacker who ended up gaining access to more than 1.8 million credit card acco
unts. A former hacker himself (he served 5 years in prison), Poulsen knows of wh
at he speaks. Named one of the Top 20 in Rick Howards Cyber Canon.
No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State
By Glenn Greenwald. As Howard notes in his review, No Place to Hide is part expos,
part autobiography, and part screed against the man. Greenwald is a columnist fo
r The Guardian and was one of Snowdens key contacts in the leaking of classified
U.S. government secrets. Named one of the Top 20 in Rick Howards Cyber Canon.
The Practice of Network Security Monitoring: Understanding Incident Detection an
d Response
By Richard Bejtlich. A great technical primer with step-by-step instructions on
how to deploy, build and run an NSM operation using open source software and ven
dor-neutral tools. Many reviewers comment on how readable it is compared to othe
r books. Named one of the Top 20 in Rick Howards Cyber Canon.
Secrets and Lies
By Bruce Schneier. Although it was first published in 2004, Schneiers warnings ar
e still relevant today. Security is a process, not a product, he reminds us, and p
eople are invariably the weakest link. Do we have to sacrifice privacy for bette
r security? Read Schneiers book to find out. Named one of the Top 20 in Rick Howa
rds Cyber Canon.
Security Engineering: A Guide to Building Dependable Distributed Systems
By Ross J. Anderson. A massive guide (900+ pages) thats worth every word. As one
of the top security experts in the world, Ross Anderson has seen it all. His boo
k covers everything from high-level policy to specialized protection mechanisms
to technical engineering basics. New security engineers will especially apprecia
te the real world case studies of success and failure. First published in 2001 a
nd updated in 2008.
Security Metrics: Replacing Fear, Uncertainty, and Doubt
By Andrew Jaquith. It is what it says a book about how to quantify, classify and
measure information security operations in modern enterprise environments. But,
as Rick Howard points out in his review, it will also help you unshackle yoursel
f from the chains of probabilistic risk assessments. It will turn you away from
the dark side and toward a more meaningful process to assess your enterprises sec
urity. Named one of the Top 20 in Rick Howards Cyber Canon.
Spam Nation: The Inside Story of Organized Cybercrime from Global Epidemic to Yo
ur Front Door
By Brian Krebs. An entertaining and detailed look at the seamy world of organize
d cybercrime. Krebs focuses on the period between 2007-2013 the rise of the Russ
ians, the development of the spam ecosystem and the proliferation of botnet engine
s, fast-flux obfuscation and underground forums. Read Rick Howards review.
Where Wizards Stay Up Late
By Katie Hafner and Matthew Lyon. One for the history buffs. Hafner and Lyons chr
onicle of the origins of the Internet includes interviews with some of the brill
iant and eccentric minds responsible. If you dont know the story about ARPANET an
d other post-WWII projects, you should. Named one of the Top 20 in Rick Howards C
yber Canon. Read Bob Clarks review.
Useful Websites
UTPA Center of Excellence in STEM Education
The U.S. Department of Defense awarded the University of Texas Pan American $3.7
million to establish the Center of Excellence in STEM Education. The Center foc
uses on challenge-based instruction, and has excellent resources for students of
all ages. For example, they hold a STEM summer camp, award scholarships, hold p
re-college programs for young adults, and much more.
CERIAS: Tools and Resources
Youll find a variety of helpful resources on Purdues Center for Education and Rese
arch in Information Assurance and Security website. These include an online coll
ection of reports and papers, training products, an FTP archive and the Cassandr
a Vulnerability Tracking System.
CVE: Common Vulnerabilities and Exposures
CVE is a widely used dictionary of common identifiers for publicly known informa
tion security vulnerabilities and exposures. MITRE Corporation handles the syste
m, with funding from the office of Cybersecurity and Communications at the U.S.
Department of Homeland Security.
Information Security Stack Exchange

Information Security Stack Exchange (a.k.a. Security Stack Exchange) is a free q
uestion & answer/message board site for information security professionals. Here
you can find answers to questions like: What does working in cyber security look
like? and What are the career paths in the computer security field?
Infotec Pro
Founded in 1988, Infotec Pro supplies IT training in subjects such as Microsoft,
Cisco, Citrix, PMP, wireless and VMware. It provides both instructor-led and elearning courses in CompTIA Network+ and CompTIA Security+, as well as a wide va
riety of security certification classes (e.g. CISSP, CEH, CCNA Security, etc.).
ISC: Internet Storm Center
Created in response to the Li0n worm event in 2001, ISC is an all-volunteer effo
rt dedicated to providing a free analysis and warning system to Internet users.
To identify threats, every day ISC assembles millions of intrusion detection log
entries from sensors covering over 500,000 IP addresses in over 50 countries. I
ts work is bankrolled by The SANS Institute.
National Centers of Academic Excellence (CAE) in Information Assurance (IA)/Cybe
r Defense (CD)
Once you get past the acronyms, the NSAs CAE IA/CD designation is a critical one
to know. On this webpage, youll find a list of academic institutions that have di
stinguished themselves in cyber security education. Look for this designation wh
en youre comparing schools.
OVAL: Open Vulnerability and Assessment Language
OVAL is a community-developed language for determining vulnerability and configu
ration issues. Its goal is to standardize how to assess and report upon the mach
ine state of computer systems throughout the world. Like CVE, OVAL is administer
ed by the MITRE Corporation and funded by the office of Cybersecurity and Commun
ications at the U.S. Department of Homeland Security.
Scholarship Opportunities
NICCS hosts an up-to-date database of cyber security scholarships offered by the
government, colleges, and many corporations and non-profit organizations. You c
an search by level, deadline, amount and keyword.
US-CERT
Short for U.S. Computer Emergency Readiness Team, US-CERT is the 24/7 operationa
l arm of the Department of Homeland Securitys NCCIC. It broadcasts vulnerability
and threat information through the National Cyber Awareness System (NCAS), and o
perates a Vulnerability Notes Database.
U.S. Department of Homeland Security Cybersecurity
The DHSs section on cyber security includes the latest security testimonies from
the House and Senate and a resource directory that includes statements and analy
tic reports.
Organizations
ACM SIGSAC: Special Interest Group on Security, Audit and Control
SIGSACs mission is to foster the information security profession by sponsoring hi
gh-quality research conferences and workshops.
ASIS International
Established in 1955, the venerable ASIS offers a wide variety of educational pro
grams, certifications and materials on security topics. ASIS also advocates the
value of security management to business, the media, government entities and the
public.
CSA: Cloud Security Alliance
CSA is a non-profit organization focused on best practices for security assuranc
e within Cloud computing and education on using the Cloud to help secure all oth
er forms of computing.
DC3: Defense Cyber Crime Center
DC3 is a U.S. Department of Defense agency that supplies digital forensics, cybe
r investigative services and cyber analysis capabilities to the DoD and law enfo
rcement agencies.
HTCIA: High Technology Crime Investigation Association
Founded in 1989, HTCIA is a global non-profit organization dedicated to promotin
g education and collaboration for the prevention and investigation of high tech
crimes.
ISF: Information Security Forum
Headquartered in London, ISF is a global non-profit organization focused on inve
stigating, clarifying and resolving key issues in information security and risk
management.
ISSA: Information Systems Security Association
ISSA is an international non-profit organization of IT security professionals an
d practitioners. It provides educational forums, publications and a wide variety
of networking opportunities.
NICCS: National Initiative for Cybersecurity Careers and Studies
Run under the auspices of the DHSs Office of Cybersecurity and Communications, NI
CCS is a useful one-stop-shop for info on cyber security careers and study. It h
as extensive listings of scholarship and internship opportunities, training opti
ons, competitions and much, much more.
NSI: National Security Institute
Founded in 1985, the NSI was created to protect some of the nations most sensitiv
e technology and business secrets. It is now the leading organization dedicated
to assisting cleared defense contractors in understanding threats to national se
curity.
NW3C: National White Collar Crime Center
NW3C is a non-profit U.S. organization committed to supporting the efforts of st
ate and local law enforcement to prevent, investigate and prosecute economic and
high-tech crime.
OWASP: Open Web Application Security Project
OWASP is a global not-for-profit charitable organization focused on improving th
e security of software. Its mission is to make software security visible and inf
orm individuals and organizations about software security risks.
SANS
The SANS Institute was established in 1989 as a cooperative research and educati
on organization for IT security professionals. It provides information security
training and security certification, maintains a free library of research docume
nts and operates the Internet Storm Center.
Training
Damn Vulnerable Web Application (DVWA)
DVWA is a PHP/MySQL web application that is, you guessed it, vulnerable. Its desi
gned as a teaching aid for security professionals, web developers and educators.
HackThisSite (HTS)
HTS is an online hacking and security website with a user base of over 1.8 milli
on. Here you can tackle basic and advanced hacking challenges in a legal environ
ment.
Metasploitable
This virtual machine is an intentionally vulnerable version of Ubuntu Linux desi
gned to be hacked by metasploit and other hacking tools.
Mutillidae
Mutillidae is a free, open source web application that you can use to pen-test a
nd hack a vulnerable web app.
NATAS
Created by OverTheWire, NATAS is a wargame intended to teach the basics of serve
rside web-security.
National Institute of Building Sciences
The National Institute of Building Sciences offers monthly cybersecurity worksho
ps for building owners and managers. Current workshops include Introduction to C
ybersecuring Building Control Systems and Advanced Cybersecuring Building Contro
l Systems.
SlaveHack
SlaveHack is a virtual hack simulation game. Defend your virtual PC against intr
uders while trying to hack as many other players and webservers as possible.
Local Security Groups
AFCEA Chapters
AFCEA is concerned with cyber security as it relates to defense, homeland securi

ty and intelligence communities. Chapters are spread throughout the world, but,
as you might expect, there are a lot of groups in the Virginia and Maryland regi
ons.
CSA Chapters
As CSA puts it, members are usually composed of a credible group of cloud securi
ty experts for the region. Chapters are located around the globe and must have a
minimum of 20 CSA members.
IEEE Technical Chapters
Focused on the advancement of technology, IEEE Technical Chapters contain member
s from one or more IEEE Societies/Technical Councils who share technical interes
ts and geographical proximity. Chapter events include guest speakers, workshops,
seminars and social functions.
InfraGard Local Chapters
InfraGard is a non-profit, public-private partnership between U.S. businesses an
d the FBI. The idea is to share intelligence to prevent hostile acts against the
country. Members of local chapters meet to exchange info on the latest threats
and listen to talks from security experts.
ISACA Local Chapters
ISACA is one of the biggest networking organizations, with 200+ chapters worldwi
de. Chapters sponsor local educational seminars and workshops, conduct IT resear
ch projects and provide members with a number of leadership training opportuniti
es.
(ISC) Chapter Program
(ISC) puts a lot of effort into its program. Chapter members can receive special
discounts on (ISC) products and programs, earn CPEs by participating in professio
nal activities and participate in local community outreach projects (e.g. cyber
security education).
ISSA Chapter Directory
Like ISACA and (ISC), ISSA has a strong chapter network. In addition to regular c
hapter activities, ISSA has created a Chapter Leaders Summit and a number of Spe
cial Interest Groups (Women in Security, Security Awareness and Healthcare).
OWASP Chapters Program
Unlike other programs which require membership, OWASP chapters are free, open to
all and managed by a set of universal guidelines. Many OWASP presentations are
available for everyone to use at meetings. OWASP Community Members can request f
unding for a variety of chapter initiatives on the Funding page.
Contests
CSAW Capture the Flag (CTF)
Sponsored by the Information Systems and Internet Security (ISIS) lab of NYU, CS
AW CTF is a competition for undergraduates hoping to break into the cyber securi
ty field. Contestants are hit with a series of real-world situations modeling al
l types of computer security problems.
DEF CON Contests
The annual DEF CON conference has a truckload of contests for all levels of expe
rtise. These include hacking, lockpicking, scavenger hunts and its banner Captur
e the Flag (CTF) competition. Be prepared for anything.
ESC: Embedded Security Challenge
Billed as the only hardware security competition in the world, ESC is a team-bas
ed contest in which experts from the NYU Polytechnic School of Engineering compe
te with participating universities to attack the weaknesses of the target system
and defend their own side.
NCCDC: National Collegiate Cyber Defense Competition
The Collegiate Cyber Defense Competition system is the largest college-level cyb
er defense competition in the U.S. NCCDC focuses on the operational aspects of p
rotecting corporate network infrastructures and business information systems. A
variety of regional groups organize qualifying events.
NCL: National Cyber League
Founded in 2011, the NCL provides a virtual training ground for collegiate stude
nts to develop and practice their cyber security skills using next-generation si
mulated environments. Its a year-round endeavor with regular seasonal events.

Panoply
Created by the NCCDC, Panoply is a network security contest where teams are chal
lenged to capture multiple targets and secure them from other teams in order to
win. Teams accumulate points for controlling and operating critical services suc
h as SMTP, DNS, HTTP, HTTPS, SSH, etc.
Pitcoctf
Run by Carnegie Mellon University, Pitcoctf bills itself as the worlds largest co
mputer security competition for middle and high school students. Contestants hav
e to complete a series of engineering, hacking and decryption challenges to win
money prizes.
Pwn2Own
Administered by HPs Zero Day Initiative, this hacking contest challenges security
researchers to demonstrate flaws in popular consumer and enterprise software pl
atforms. Prizes of over $100,000 are offered for the most challenging exploits.
It usually takes place at the annual CanSecWest conference.
Pwnium
Googles Pwnium competition is typically held in tandem with HPs Pwn2Own contest at
the CanSecWest conference. It invites white hat hackers to do their best at fin
ding vulnerabilities in Chrome OS. In 2014, it put up $2.7 million in potential
prize money.
SANS NetWars
SANS has a whole host of interactive training contests, including a simulated Cy
berCity, where you can test your skills in real-world scenarios. SANS also hosts
a Tournament of Champions at its annual CDI conference, in which past security
challenge and NetWars winners are invited to face off.
U.S. Cyber Challenge
The goal is to find 10,000 of Americas best and brightest cyber security professi
onals. The method is a series of competitions, including an online Cyber Quest c
ontest and a Capture the Flag battle at the annual USCC Summer Camp.
Conferences
ACM CCS: ACM Conference on Computer and Communications Security
This popular annual conference is the flagship event of the Special Interest Gro
up on Security, Audit and Control (SIGSAC) of the Association for Computing Mach
inery (ACM).
ACSAC: Annual Computer Security Applications Conference
Founded in 1984, ACSAC is the oldest information security conference in the U.S.
It brings together security professionals from academia, government and industr
y who are interested in applied security.
Asiacrypt/Crypto/Eurocrypt
Sponsored by the International Association for Cryptologic Research, these annua
l conferences cover all aspects of cryptology.
Black Hat
Launched in 1997 by Jeff Moss (the founder of DEF CON), Black Hat has morphed fr
om a single conference in Las Vegas to an extensive series of annual information
security events and training camps in the U.S., Europe and Asia.
BSides
Billed as the conference by the community for the community, BSides events are mor
e intimate affairs than DEF CON or Blackhat. Theyre also usually free. BSides are
held in many cities San Francisco is a popular venue.
CanSecWest
Held in Canada, CanSecWest is a popular three-day conference focusing on applied
digital security. Its the original host of Pwn2Own, a computer hacking contest w
ith prizes of over $100,000.
CSAW: Cyber Security Awareness Week Conference
Managed by students of the Information Systems and Internet Security (ISIS) Labo
ratory at the NYU Polytechnic School of Engineering, CSAW is currently the large
st student-run cyber security event in the U.S. There are talks, events and cont
ests.
DeepSec
DeepSec is an annual European conference on computer, network and application se

curity that takes place in Vienna, Austria.
DEF CON
Held annually in Las Vegas, DEF CON is one of the largest and most notorious hac
king conferences in the world. In addition to talks, there are a huge variety o
f social events and contests.
DerbyCon
Founded in 2011, DerbyCon is an annual hacker conference based in Louisville, Ke
ntucky. Youll find talks, workshops, games (e.g. scavenger hunts, hardware hackin
g, capture the flag) and more than a few parties.
EICAR Conference
This European conference attracts experts from industry, government, military, l
aw enforcement, academia, research and end-users to examine and discuss new rese
arch and development in all aspects of IT security.
Hack.lu
Held in Luxembourg, this annual convention/conference addresses computer securit
y, privacy, information technology and its implication on society.
Hacker Halted
Hacker Halted is a global series of IT security conferences presented by EC-Coun
cil, the International Council of Electronic Commerce Consultants.
The Hackers Conference
Held in India, this conference brings together industry leaders, government repr
esentatives, academics and underground black-hat hackers to share leading-edge i
deas about information security.
Hackito Ergo Sum
Paris in the springtime Hackito is an annual open conference for hacking and sec
urity research.
HITBSecConf: Hack In The Box Security Conference
Held in Kuala Lumpur, Malaysia and Amsterdam, HITBSecConf provides an annual pla
tform for security researchers and IT professionals to discuss next generation c
omputer security issues.
ICMC: International Cryptographic Module Conference
ICMC brings together experts from around the world to discuss cryptographic modu
les, with emphasis on their secure design, implementation, assurance, and use. H
eld annually in the U.S.
IEEE Symposium on Security and Privacy
Sponsored by the IEEE Computer Society Technical Committee on Security and Priva
cy, in cooperation with the International Association for Cryptologic Research,
this annual symposium addresses the latest issues in computer security and elect
ronic privacy.
NDSS (Network and Distributed System Security) Symposium
The annual NDSS Symposium is a three-day conference bringing together researcher
s and professionals who design, develop, exploit and deploy technologies that de
fine network and distributed system security.
NSPW: New Security Paradigms Workshop
NSPW is a small, invitation-only workshop for researchers in information securit
y and related disciplines. Proceedings are published by the ACM.
Nullcon
Founded in 2010, Nullcon provides a platform for exchanging information on the l
atest attack vectors, zero day vulnerabilities and unknown threats. Held annuall
y in Delhi and Goa.
RSA Security Conference
Founded by RSA in 1991, this conference is intended to serve as a forum for cryp
tographers to share the latest knowledge and advancements in the area of Interne
t security. Annual industry events in the U.S., Europe and Asia.
SANS CDI: Cyber Defense Initiative
Thanks to SANSs position as one of the biggest players in information security tr
aining and certification, the CDI conference draws a healthy crowd. This is wher
e the Netwars Tournament of Champions takes place.
S4: SCADA Security Scientific Symposium
Hosted by Digital Bond, S4 addresses advanced ICS security topics. Its a technica
l event geared towards thought-leaders in the ICS security community.
Secure 360
The banner child for the Midwest, Secure 360 is an educational conference for th
e information risk management and security industry. It is held annually in St.
Paul, Minnesota.
SecureWorld Expo
Held in New England, SecureWorld Expo is an annual conference providing globally
relevant education, training and networking for cyber security professionals.
ShmooCon
Based on the East Coast, ShmooCon is a popular hacker convention organized by a
non-profit security think tank. It annually attracts 1000+ attendees interested
in computer security and cryptography.
SIN: International Conference on Security of Information and Networks
Founded in 2007, SIN Conf is a well-respected international forum for the presen
tation of research and applications of security in information and networks.
SOURCE Conference
Hosted in Boston, Dublin and Seattle, this annual computer security conference a
ttracts technology security experts, analysts, hackers, educators and business p
rofessionals.
Swiss Cyber Storm
Held annually in Lucerne, Swiss Cyber Storm is an international IT security conf
erence attended by researchers from around the world.
Thotcon
Chicagos single-day hacking conference is held at a different top secret location
every year. There are talks, workshops and live mixed hacker music.
TROOPERS IT Security Conference
TROOPERS is an IT security conference held annually in Germany. Leading IT secur
ity experts and professionals present their latest research and findings.
U.S. Cyber Crime Conference
Owned and produced by eventPower, the annual U.S. Cyber Crime Conference is inte
nded to provide hands-on digital forensics training and a networking forum for c
yber professionals.
USENIX Security Symposium
The Advanced Computing Systems Association hosts this popular annual event in a
variety of U.S. and Canadian cities. Researchers, practitioners, system administ
rators, system programmers and others interested in the latest advances in the s
ecurity and privacy of computer systems and networks are invited to attend.
VB: Virus Bulletin Conference
Sponsored by the publication Virus Bulletin, the VB conference has been in opera
tion since 1990. The program caters for both technical and corporate audiences,
covering a wide range of security-related subjects.
Stanford University - Computer Security
In this class you will learn how to design secure systems and write secure code.
You will learn how to find vulnerabilities in code and how to design software s
ystems that limit the impact of security vulnerabilities. We will focus on princ
iples for building secure systems and give many real world examples.
Stanford University - Computer Security
Stanford University - Cryptography I
This course explains the inner workings of cryptographic primitives and how to c
orrectly use them. Students will learn how to reason about the security of crypt
ographic constructions and how to apply this knowledge to real-world application
s. The course begins with a detailed discussion of how two parties who have a sh
ared secret key can communicate securely when a powerful adversary eavesdrops an
d tampers with traffic. We will examine many deployed protocols and analyze mist
akes in existing systems. The second half of the course discusses public-key tec
hniques that let two or more parties generate a shared secret key. We will cover
the relevant number theory and discuss public-key encryption and basic key-exch
ange. Throughout the course students will be exposed to many exciting open probl
ems in the field.
Stanford University - Cryptography I
Stanford University - Cryptography II
This course is a continuation of Crypto I and explains the inner workings of pub
lic-key systems and cryptographic protocols. Students will learn how to reason a
bout the security of cryptographic constructions and how to apply this knowledge
to real-world applications. The course begins with constructions for digital si
gnatures and their applications. We will then discuss protocols for user authent
ication and zero-knowledge protocols. Next we will turn to privacy applications
of cryptography supporting anonymous credentials and private database lookup. We
will conclude with more advanced topics including multi-party computation and e
lliptic curve cryptography.
Stanford University - Cryptography II
University of Maryland - Usable Security
This course focuses on how to design and build secure systems with a human-centr
ic focus. We will look at basic principles of human-computer interaction, and ap
ply these insights to the design of secure systems with the goal of developing s
ecurity measures that respect human performance and their goals within a system.
University of Maryland - Usable Security
University of Maryland - Software Security
This course we will explore the foundations of software security. We will consid
er important software vulnerabilities and attacks that exploit them -- such as b
uffer overflows, SQL injection, and session hijacking -- and we will consider de
fenses that prevent or mitigate these attacks, including advanced testing and pr
ogram analysis techniques. Importantly, we take a "build security in" mentality,
considering techniques at each phase of the development cycle that can be used
to strengthen the security of software systems.
University of Maryland - Software Security
University of Maryland - Cryptography
This course will introduce you to the foundations of modern cryptography, with a
n eye toward practical applications. We will learn the importance of carefully d
efining security; of relying on a set of well-studied "hardness assumptions" (e.
g., the hardness of factoring large numbers); and of the possibility of proving
security of complicated constructions based on low-level primitives. We will not
only cover these ideas in theory, but will also explore their real-world impact
. You will learn about cryptographic primitives in wide use today, and see how t
hese can be combined to develop modern protocols for secure communication.
University of Maryland - Cryptography
University of Maryland - Hardware Security
This course will introduce you to the foundations of modern cryptography, with a
n eye toward practical applications. We will learn the importance of carefully d
efining security; of relying on a set of well-studied hardness assumptions (e.g.,
the hardness of factoring large numbers); and of the possibility of proving secu
rity of complicated constructions based on low-level primitives. We will not onl
y cover these ideas in theory, but will also explore their real-world impact. Yo
u will learn about cryptographic primitives in wide use today, and see how these
can be combined to develop modern protocols for secure communication.
University of Maryland - Hardware Security
Cybrary - Online Cyber Security Training
Cyber Security jobs are growing three times faster than information technology j
obs. However, this rapidly growing and very exciting industry lacks the number o
f skilled professionals required to handle the jobs. Some common jobs within Cyb
er Security include information assurance, security analyst, penetration tester,
malware analyst/reverse engineering and Intel. With these types of opportunitie
s available, aspiring or growing Cyber Security professionals should focus on co
ntinually increasing their skill set, because the Cyber Security industry never
rests, it is continually changing. However, traditionally, Cyber Security classe
s are the most expensive training classes. As you know, that barrier to entry ha
s been removed.
CompTIA Security+
In this class you will gain a stable foundation of Cyber Security and Informatio
n Assurance as well as prepare for the security industry s most sought after ent
ry level certification.
Cryptography
Learn how to secure data communications through the use of cryptographic messagi
ng and practices.
Ethical Hacking and Penetration Testing
Learn the fundamentals of hacking and penetration testing. Think like a hacker,
so that you can stop them from intruding into your systems. This class will help
prepare you for the industries most sought after certification, EC-Council s CE
H.
Computer and Hacking Forensics
In order to catch cyber criminals, you have to learn how to retrace their steps
and correctly acquire and document the evidence. Also prepare for the industry l
eading CHFI certification from the EC-Council.
CompTIA Advanced Security Practitioner (CASP)
This advanced certification covers deep topics that span across both Cyber Secur
ity as well as Information Assurance.
ISACA Certified Information Systems Auditor (CISA)
Become an expert in information systems auditing and controlling with this leadi
ng auditor certification from ISACA.
Certified Information Systems Security Professional (CISSP)
The leading certification for Information Assurance management personnel. This c
ourse is both very deep, and very broad. Be ready to study hard!
Post Exploitation
Learn what to do to maintain your presence and to gather intelligence after you
have exploited the target system.
Social Engineering and Manipulation
Take a look inside the form, function and flow of a highly skilled social engine
ering cyber-attack. Learn to protect the human element.
Python for Security Professionals
Learn the commands and functions that every aspiring cyber security professional
must know from Python. This isn t a full programming course, but rather a cours
e designed for non-coders who are developing their career in security.
Metasploit
An in-depth look inside the Metasploit Framework intended to show you how to use
it to its full potential.
Malware Analysis and Reverse Engineering
An introduction to reverse engineering malware. This class is for experienced Cy
ber Security professionals, generally at least two to three years in the field i
s preferred.
Advanced Penetration Testing by Georgia Weidman
This class is for advanced Cyber Security professionals. You will learn in depth
, hands-on, advanced hacking techniques to help you target and penetrate almost
any highly secured environment.
SANS Cyber Aces
SANS Cyber Aces Online makes available, free and online, selected courses from t
he professional development curriculum offered by The SANS Institute, the global
leader in cyber security training. SANS goal in making these courses available
as open courseware is to help grow the talent pool and accelerate the rate at wh
ich skilled cyber professionals can enter the information security industry fill
ing mission critical jobs currently going unfilled.
SANS Cyber Aces Online Courses
SANS Cyber Aces Online Tutorials
Open Security Training
Android Forensics & Security Testing
This course will cover the most common issues facing mobile devices, and general
tips for securing mobile applications. Upon completion of general mobile securi
ty overview, the course will delve into a proven practice in Mobile Device Foren
sics and Mobile Application Penetration Testing for Android devices. Over the tw
o-day course, students will get hands-on time with open-source and commercial fo
rensics tools, setup and explore reverse engineering development environments, a
nd experience the process with which professional mobile security engineers have
successfully applied to several projects. Areas covered include, identifying ap
plication vulnerabilities, code analysis, memory & file system analysis, and ins
ecure storage of sensitive data.
Certified Information Systems Security Professional (CISSP) Common Body of Knowle
dge (CBK) Review
The CISSP CBK Review course is uniquely designed for federal agency information
assurance (IA) professionals in meeting NSTISSI-4011, National Training Standard
for Information Systems Security Professionals, as required by DoD 8570.01-M, I
nformation Assurance Workforce Improvement Program.
Flow Analysis & Network Hunting
This course focuses on network analysis and hunting of malicious activity from a
security operations center perspective. We will dive into the netflow strengths
, operational limitations of netflow, recommended sensor placement, netflow tool
s, visualization of network data, analytic trade craft for network situational a
wareness and networking hunting scenarios.
Hacking Techniques and Intrusion Detection
This course covers the most common methods used in computer and network hacking
with the intention of learning how to better protect systems from such intrusion
s. These methods include reconnaissance techniques, system scanning, accessing s
ystems by network and application level attacks, and denial of service attacks.
During the course students will complete many hands on exercises.
Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration
Intel processors have been a major force in personal computing for more than 30
years. An understanding of low level computing mechanisms used in Intel chips as
taught in this course serves as a foundation upon which to better understand ot
her hardware, as well as many technical specialties such as reverse engineering,
compiler design, operating system design, code optimization, and vulnerability
exploitation.
Introductory Intel x86-64: Architecture, Assembly, Applications, & Alliteration
Intel processors have been a major force in personal computing for more than 30
years. An understanding of low level computing mechanisms used in Intel chips as
taught in this course serves as a foundation upon which to better understand ot
her hardware, as well as many technical specialties such as reverse engineering,
compiler design, operating system design, code optimization, and vulnerability
exploitation.
Introduction to ARM
ARM processors are becoming ubiquitous in mobile devices today with RISC process
ors making a comeback for their applications in low power computing environments
. With major operating systems choosing to run on these processors including the
latest Windows RT, iOS and Android, understanding the low level operations of t
hese processors can serve to better understand, optimize and debug software stac
ks running on them. This class builds on the Intro to x86 class and tries to pro
vide parallels and differences between the two processor architectures wherever
possible while focusing on the ARM instruction set, some of the ARM processor fe
atures, and how software works and runs on the ARM processor.
Introduction to Cellular Security
This course is intended to demonstrate the core concepts of cellular network sec
urity. Although the course discusses GSM, UMTS, and LTE - it is heavily focused
on LTE. The course first introduces important cellular concepts and then follows
the evolution of GSM to LTE.
Introduction to Network Forensics
This is a mainly lecture based class giving an introduction to common network mo
nitoring and forensic techniques. This class is meant to be accompanied by lab e
xercises to demonstrate certain tools and technologies, but the lab exercises ar
e not absolutely necessary to convey the operating concepts.
Introduction to Secure Coding
The purpose of this course is to provide developers with a short, focused primer
related to secure coding. The hope is that each developer will leave the course
with a better understanding of how they can improve, from a security perspectiv
e, the code that they write. This course provides a look at some of the most pre
valent security related coding mistakes made in industry today. Each type of iss
ue is explained in depth including how a malicious user may attack the code, and
strategies for avoiding the issues are then reviewed. Knowledge of at least one
programming language is required, although the specific programming language is
not important as the concepts that will be discussed are language independent.
The course will cover many of the weaknesses within the context of a web applica
tion, but most of the concepts will apply to all application development.
Introduction to Vulnerability Assessment
This is a lecture and lab based class giving an introduction to vulnerability as
sessment of some common common computing technologies. Instructor-led lab exerci
ses are used to demonstrate specific tools and technologies.
Introduction to Trusted Computing
This course is an introduction to the fundamental technologies behind Trusted Co
mputing. You will learn what Trusted Platform Modules (TPMs) are and what capabi
lities they can provide both at an in-depth technical level and in an enterprise
context. You will also learn about how other technologies such as the Dynamic R
oot of Trust for Measurement (DRTM) and virtualization can both take advantage o
f TPMs and be used to enhance the TPM s capabilities. We will cover major use ca
ses for trusted computing, including machine authentication, data protection, an
d attestation. This course will also introduce you to the various software resou
rces that exist today to support TPMs, give a high-level overview of related res
earch and development projects, and briefly discuss other trusted computing stan
dards such as Trusted Network Connect which may be relevant to enterprise deploy
ment of TPMs and trusted computing.
Offensive, Defensive, and Forensic Techniques for Determining Web User Identity
This course looks at web users from a few different perspectives. First, we look
at identifying techniques to determine web user identities from a server perspe
ctive. Second, we will look at obfuscating techniques from a user whom seeks to
be anonymous. Finally, we look at forensic techniques, which, when given a hard
drive or similar media, we identify users who accessed that server.
Pcap Analysis & Network Hunting
Introduction to Packet Capture (PCAP) explains the fundamentals of how, where, a
nd why to capture network traffic and what to do with it. This class covers open
-source tools like tcpdump, Wireshark, and ChopShop in several lab exercises tha
t reinforce the material. Some of the topics include capturing packets with tcpd
ump, mining DNS resolutions using only command-line tools, and busting obfuscate
d protocols. This class will prepare students to tackle common problems and help
them begin developing the skills to handle more advanced networking challenges.
Malware Dynamic Analysis
This introductory malware dynamic analysis class is dedicated to people who are
starting to work on malware analysis or who want to know what kinds of artifacts
left by malware can be detected via various tools. The class will be a hands-on
class where students can use various tools to look for how malware is: Persisti
ng, Communicating, and Hiding. We will achieve the items above by first learning
the individual techniques sandboxes utilize. We will show how to capture and re
cord registry, file, network, mutex, API, installation, hooking and other activi
ty undertaken by the malware. We will create fake network responses to deceive m
alware so that it shows more behavior. We will also talk about how using MITRE s
Malware Attribute Enumeration & Characterization (MAEC - pronounced "Mike") sta
ndard can help normalize the data obtained manually or from sandboxes, and impro
ve junior malware analysts reports. The class will additionally discuss how to
take malware attributes and turn them into useful detection signatures such as S
nort network IDS rules, or YARA signatures.
Secure Code Review
This course is designed to help developers bring a secure coding mindset into ty
pical project peer reviews. The course briefly talks about the development lifec
ycle and the importance of peer reviews in delivering a quality product. How to
perform this review is discussed and how to keep secure coding a priority during
the review is stressed. A variety of hands-on exercises will address common cod
ing mistakes, what to focus on during a review, and how to manage limited time.
Throughout the course, the class will break out into pairs and perform example p
eer reviews on sample code. Perl will be used for the hands-on exercises; howeve
r every attempt will be made to generalize the code such that anyone with an und
erstanding of a coding language will be comfortable.
Smart Cards
This course shows how smart cards are different compared to other type of cards.
It is explained how smart cards can be used to realize confidentiality and inte
grity of information. Insight is given into the structure and operation of a sma
rt card, the functionality of a smart card operating system and commonly used se
curity mechanisms. In addition, an overview is given of developments in the fiel
d of chips (8, 16 and 32 bit architectures, co-processors), operating systems, v
irtual machines (Java Card, MULTOS), compatibility (PC / SC, Open Card, EMV) sec
urity evaluation (ITSEC, Common Criteria) and physical and logical attack method
s (probing, SEM, FIB, DFA, DPA). Biometric identification and authentication usi
ng smart cards is dealt along with a summary of developments and (im) possibilit
ies.
The Life of Binaries
Along the way we discuss the relevance of security at different stages of a bina
ry s life, from the tricks that can be played by a malicious compiler, to how vi
ruses really work, to the way which malware "packers" duplicate OS process execu
tion functionality, to the benefit of a security-enhanced OS loader which implem
ents address space layout randomization (ASLR).
Understanding Cryptology: Core Concepts
This is an introduction to cryptology with a focus on applied cryptology. It was
designed to be accessible to a wide audience, and therefore does not include a
rigorous mathematical foundation (this will be covered in later classes).
Understanding Cryptology: Cryptanalysis
A class for those who want to stop learning about building cryptographic systems
and want to attack them. This course is a mixture of lecture designed to introd
uce students to a variety of code-breaking techniques and python labs to solidif
y those concepts. Unlike its sister class, Core Concepts, math is necessary for
this topic. Don t have a math degree? A basic understanding of algebra is suffic
ient - the mathematical principles that are necessary for understanding are incl
uded in the lecture. Knowledge of programming is also necessary, and knowledge o
f python is very helpful.
Introduction to Software Exploits (Exploits 1)
Software vulnerabilities are flaws in program logic that can be leveraged by an
attacker to execute arbitrary code on a target system. This class will cover bot
h the identification of software vulnerabilities and the techniques attackers us
e to exploit them. In addition, current techniques that attempt to remediate the
threat of software vulnerability exploitation will be discussed.
Exploits 2: Exploitation in the Windows Environment
This course covers the exploitation of stack corruption vulnerabilities in the W
indows environment. Stack overflows are programming flaws that often times allow
an attacker to execute arbitrary code in the context of a vulnerable program. T
here are many nuances involved with exploiting these vulnerabilities in Windows.
Window s exploit mitigations such as DEP, ASLR, SafeSEH, and SEHOP, makes lever
aging these programming bugs more difficult, but not impossible. The course high
lights the features and weaknesses of many the exploit mitigation techniques dep
loyed in Windows operating systems. Also covered are labs that describe the proc
ess of finding bugs in Windows applications with mutation based fuzzing, and the
n developing exploits that target those bugs.
Intermediate Intel x86: Architecture, Assembly, Applications, & Alliteration
Building upon the Introductory Intel x86 class, this class goes into more depth
on topics already learned, and introduces more advanced topics that dive deeper
into how Intel-based systems work. Example applications include showing how hard
ware and memory mechanisms are used for software exploits, anti-debug techniques
, rootkit hiding, and direct hardware access for keystroke logging.
Advanced x86: Virtualization with Intel VT-x
The purpose of this course is to provide a hands on introduction to Intel hardwa
re support for virtualization. The first part will motivate the challenges of vi
rtualization in the absence of dedicated hardware. This is followed by a deep di
ve on the Intel virtualization "API" and labs to begin implementing a blue pill
/ hyperjacking attack made famous by researchers like Joanna Rutkowska and Dino
Dai Zovi et al. Finally a discussion of virtualization detection techniques.
Introduction to Reverse Engineering Software
Throughout the history of invention curious minds have sought to understand the
inner workings of their gadgets. Whether investigating a broken watch, or improv
ing an engine, these people have broken down their goods into their elemental pa
rts to understand how they work. This is Reverse Engineering (RE), and it is don
e every day from recreating outdated and incompatible software, understanding ma
licious code, or exploiting weaknesses in software.
Reverse Engineering Malware
This class picks up where the Introduction to Reverse Engineering Software cours
e left off, exploring how static reverse engineering techniques can be used to u
nderstand what a piece of malware does and how it can be removed.
Rootkits: What they are, and how to find them
Rootkits are a class of malware which are dedicated to hiding the attacker s pre
sence on a compromised system. This class will focus on understanding how rootki
ts work, and what tools can be used to help find them. This will be a very hands
-on class where we talk about specific techniques which rootkits use, and then d
o labs where we show how a proof of concept rootkit is able to hide things from
a defender.
The Adventures of a Keystroke: An in-depth look into keylogging on Windows
Windows is designed to be compatible with a lot of devices which is why there ar
e a lot of layers in the keystroke handling. The more layers a system has, the m
ore probable it could be compromised by bad guys. There are more than 30 methods
for capturing keystrokes from a Windows PC. Methods vary from simple user mode
techniques to advanced ones such as IRP hooking. Class currently covers most of
the user mode and kernel mode techniques including the undocumented ones which a
re not described anywhere else but there are still techniques which are not cove
red in the class such as Raw Input Devices. As for the hardware, we only cover P
S/2 keyboards for the moment but documenting USB keyboards is one of the planned
topics for near future.
Academic Courses
Florida State University s - Offensive Computer Security
The primary incentive for an attacker to exploit a vulnerability, or series of v
ulnerabilities is to achieve a return on an investment (his/her time usually). T
his return need not be strictly monetary, an attacker may be interested in obtai
ning access to data, identities, or some other commodity that is valuable to the
m. The field of penetration testing involves authorized auditing and exploitatio
n of systems to assess actual system security in order to protect against attack
ers. This requires thorough knowledge of vulnerabilities and how to exploit them
. Thus, this course provides an introductory but comprehensive coverage of the f
undamental methodologies, skills, legal issues, and tools used in white hat pene
tration testing and secure system administration.
Offensive Computer Security - Spring 2014
Offensive Computer Security - Spring 2013
Florida State University s - Offensive Network Security
This class allows students to look deep into know protocols (i.e. IP, TCP, UDP)
to see how an attacker can utilize these protocols to their advantage and how to
spot issues in a network via captured network traffic. The first half of this c
ourse focuses on know protocols while the second half of the class focuses on re
verse engineering unknown protocols. This class will utilize captured traffic to
allow students to reverse the protocol by using known techniques such as incorp
orating bioinformatics introduced by Marshall Beddoe. This class will also cover
fuzzing protocols to see if the server or client have vulnerabilities. Overall,

a student finishing this class will have a better understanding of the network
layers, protocols, and network communication and their interaction in computer n
etworks.
Offensive Network Security
NYU Polytechnic School of Engineering - ISIS Lab s Hack Night
Developed from the materials of NYU Poly s old Penetration Testing and Vulnerabi
lity Analysis course, Hack Night is a sobering introduction to offensive securit
y. A lot of complex technical content is covered very quickly as students are in
troduced to a wide variety of complex and immersive topics over thirteen weeks.
ISIS Lab s Hack Night
Rensselaer Polytechnic Institute - Modern Binary Exploitation
This course will start off by covering basic x86 reverse engineering, vulnerabil
ity analysis, and classical forms of Linux-based userland binary exploitation. I
t will then transition into protections found on modern systems (Canaries, DEP,
ASLR, RELRO, Fortify Source, etc) and the techniques used to defeat them. Time p
ermitting, the course will also cover other subjects in exploitation including k
ernel-land and Windows based exploitation.
CSCI 4968 - Spring 15 Modern Binary Exploitation
Rensselaer Polytechnic Institute - Hardware Reverse Engineering
Reverse engineering techniques for semiconductor devices and their applications
to competitive analysis, IP litigation, security testing, supply chain verificat
ion, and failure analysis. IC packaging technologies and sample preparation tech
niques for die recovery and live analysis. Deprocessing and staining methods for
revealing features bellow top passivation. Memory technologies and appropriate
extraction techniques for each. Study contemporary anti-tamper/anti-RE methods a
nd their effectiveness at protecting designs from attackers. Programmable logic
microarchitecture and the issues involved with reverse engineering programmable
logic.
CSCI 4974/6974 - Spring 14 Hardware Reverse Engineering
City College of San Francisco - Sam Bowne Class
CNIT 120 - Network Security
Knowledge and skills required for Network Administrators and Information Technol
ogy professionals to be aware of security vulnerabilities, to implement security
measures, to analyze an existing network environment in consideration of known
security threats or risks, to defend against attacks or viruses, and to ensure d
ata privacy and integrity. Terminology and procedures for implementation and con
figuration of security, including access control, authorization, encryption, pac
ket filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 121 - Computer Forensics
The class covers forensics tools, methods, and procedures used for investigation
of computers, techniques of data recovery and evidence collection, protection o
f evidence, expert witness skills, and computer crime investigation techniques.
Includes analysis of various file systems and specialized diagnostic software us
ed to retrieve data. Prepares for part of the industry standard certification ex
am, Security+, and also maps to the Computer Investigation Specialists exam.
CNIT 123 - Ethical Hacking and Network Defense
Students learn how hackers attack computers and networks, and how to protect sys
tems from such attacks, using both Windows and Linux systems. Students will lear
n legal restrictions and ethical guidelines, and will be required to obey them.
Students will perform many hands-on labs, both attacking and defending, using po
rt scans, footprinting, exploiting Windows and Linux vulnerabilities, buffer ove
rflow exploits, SQL injection, privilege escalation, Trojans, and backdoors.
CNIT 124 - Advanced Ethical Hacking
Advanced techniques of defeating computer security, and countermeasures to prote
ct Windows and Unix/Linux systems. Hands-on labs include Google hacking, automat
ed footprinting, sophisticated ping and port scans, privilege escalation, attack
s against telephone and Voice over Internet Protocol (VoIP) systems, routers, fi
rewalls, wireless devices, Web servers, and Denial of Service attacks.
CNIT 126 - Practical Malware Analysis
Learn how to analyze malware, including computer viruses, trojans, and rootkits,
using disassemblers, debuggers, static and dynamic analysis, using IDA Pro, Oll
yDbg and other tools.
CNIT 127 - Exploit Development
Learn how to find vulnerabilities and exploit them to gain control of target sys
tems, including Linux, Windows, Mac, and Cisco. This class covers how to write t
ools, not just how to use them; essential skills for advanced penetration tester
s and software security professionals.
CNIT 128 - Hacking Mobile Devices
Mobile devices such as smartphones and tablets are now used for making purchases
, emails, social networking, and many other risky activities. These devices run
specialized operating systems have many security problems. This class will cover
how mobile operating systems and apps work, how to find and exploit vulnerabili
ties in them, and how to defend them. Topics will include phone call, voicemail,
and SMS intrusion, jailbreaking, rooting, NFC attacks, malware, browser exploit
ation, and application vulnerabilities. Hands-on projects will include as many o
f these activities as are practical and legal.
Violent Python and Exploit Development
In the exploit development section, students will take over vulnerable systems w
ith simple Python scripts.
Laboratories
Pentester Lab
There is only one way to properly learn web penetration testing: by getting your
hands dirty. We teach how to manually find and exploit vulnerabilities. You wil
l understand the root cause of the problems and the methods that can be used to
exploit them. Our exercises are based on common vulnerabilities found in differe
nt systems. The issues are not emulated. We provide you real systems with real v
ulnerabilities.
From SQL Injection to Shell
This exercise explains how you can, from a SQL injection, gain access to the adm
inistration console. Then in the administration console, how you can run command
s on the system.
From SQL Injection to Shell: PostgreSQL edition
This exercise explains how you can from a SQL injection gain access to the admin
istration console. Then in the administration console, how you can run commands
on the system.
From SQL Injection to Shell II
This exercise explains how you can, from a blind SQL injection, gain access to t
he administration console. Then in the administration console, how you can run c
ommands on the system.
Web for Pentester
This exercise is a set of the most common web vulnerabilities.
Web for Pentester II
This exercise is a set of the most common web vulnerabilities.
PHP Include And Post Exploitation
This exercice describes the exploitation of a local file include with limited ac
cess. Once code execution is gained, you will see some post exploitation tricks.
Linux Host Review
This exercice explains how to perform a Linux host review, what and how you can
check the configuration of a Linux server to ensure it is securely configured. T
he reviewed system is a traditional Linux-Apache-Mysql-PHP (LAMP) server used to
host a blog.
Electronic Code Book
This exercise explains how you can tamper with an encrypted cookies to access an
other user s account.
Rack Cookies and Commands injection
After a short brute force introduction, this exercice explains the tampering of
rack cookie and how you can even manage to modify a signed cookie (if the secret
is trivial). Using this issue, you will be able to escalate your privileges and
gain commands execution.
XSS and MySQL FILE

This exercise explains how you can use a Cross-Site Scripting vulnerability to g
et access to an administrator s cookies. Then how you can use his/her session to
gain access to the administration to find a SQL injection and gain code executi
on using it.
Axis2 Web service and Tomcat Manager
This exercice explains the interactions between Tomcat and Apache, then it will
show you how to call and attack an Axis2 Web service. Using information retrieve
d from this attack, you will be able to gain access to the Tomcat Manager and de
ploy a WebShell to gain commands execution.
Play Session Injection
This exercise covers the exploitation of a session injection in the Play framewo
rk. This issue can be used to tamper with the content of the session while bypas
sing the signing mechanism.
Play XML Entities
This exercise covers the exploitation of a XML entities in the Play framework.
CVE-2007-1860: mod_jk double-decoding
This exercise covers the exploitation of CVE-2007-1860. This vulnerability allow
s an attacker to gain access to unaccessible pages using crafted requests. This
is a common trick that a lot of testers miss.
CVE-2008-1930: Wordpress 2.5 Cookie Integrity Protection Vulnerability
This exercise explains how you can exploit CVE-2008-1930 to gain access to the a
dministration interface of a Wordpress installation.
CVE-2012-1823: PHP CGI
This exercise explains how you can exploit CVE-2012-1823 to retrieve the source
code of an application and gain code execution.
CVE-2012-2661: ActiveRecord SQL injection
This exercise explains how you can exploit CVE-2012-2661 to retrieve information
from a database.
CVE-2012-6081: MoinMoin code execution
This exercise explains how you can exploit CVE-2012-6081 to gain code execution.
This vulnerability was exploited to compromise Debian s wiki and Python documen
tation website.
CVE-2014-6271/Shellshock
This exercise covers the exploitation of a Bash vulnerability through a CGI.
Syracuse University s SEED
Developing Instructional Laboratories for Computer SEcurity EDucation
People learn from mistakes. In security education, we study mistakes that lead t
o software vulnerabilities. Studying mistakes from the past not only help studen
ts understand why systems are vulnerable, why a "seemly-benign" mistake can turn
into a disaster, and why many security mechanisms are needed. More importantly,
it also helps students learn the common patterns of vulnerabilities, so they ca
n avoid making similar mistakes in the future. Moreover, using vulnerabilities a
s case studies, students can learn the principles of secure design, secure progr
amming, and security testing.
Software Security Labs
These labs cover some of the most common vulnerabilties in general software. The
labs show students how attacks work in exploiting these vulnerabilities.
Network Security Labs
These labs cover topics on network security, ranging from attacks on TCP/IP and
DNS to various network security technologies (Firewall, VPN, and IPSec).
Web Security Labs
These labs cover some of the most common vulnerabilities in web applications. Th
e labs show students how attacks work in exploiting these vulnerabilities.
System Security Labs
These labs cover the security mechanisms in operating system, mostly focusing on
access control mechanisms in Linux.
Cryptography Labs
These labs cover three essential concepts in cryptography, including secrete-key
encryption, one-way hash function, and public-key encryption and PKI.
All SEED Laboratories

Dr. Thorsten Schneider s Binary Auditing
Learn the fundamentals of Binary Auditing. Know how HLL mapping works, get more
inner file understanding than ever. Learn how to find and analyse software vulne
rability. Dig inside Buffer Overflows and learn how exploits can be prevented. S
tart to analyse your first viruses and malware the safe way. Learn about simple
tricks and how viruses look like using real life examples.
Binary Auditing
NOWASP (Mutillidae)
OWASP Mutillidae II is a free, open source, deliberately vulnerable web-applicat
ion providing a target for web-security enthusiest. Mutillidae can be installed
on Linux and Windows using LAMP, WAMP, and XAMMP. It is pre-installed on Samurai
WTF, Rapid7 Metasploitable-2, and OWASP BWA. The existing version can be updated
on these platforms. With dozens of vulns and hints to help the user; this is an
easy-to-use web hacking environment designed for labs, security enthusiast, cla
ssrooms, CTF, and vulnerability assessment tool targets. Mutillidae has been use
d in graduate security courses, corporate web sec training courses, and as an "a
ssess the assessor" target for vulnerability assessment software.
OWASP Mutillidae
Audi-1 s SQLi-LABS
SQLi-LABS is a comprehensive test bed to Learn and understand nitti gritty of SQ
L injections and thereby helps professionals understand how to protect.
SQLi-LABS
Capture the Flag
Vulnhub
We all learn in different ways: in a group, by yourself, reading books, watching
/listening to other people, making notes or things out for yourself. Learning th
e basics & understanding them is essential; this knowledge can be enforced by th
en putting it into practice.
Over the years people have been creating these resources and a lot of time has b
een put into them, creating hidden gems of training material. However, unless
you know of them, its hard to discover them.
So VulnHub was born to cover as many as possible, creating a catalogue of stuff
that is (legally) breakable, hackable & exploitable - allowing you to learn
in a safe environment and practise stuff out. When something is added to VulnH
ub s database it will be indexed as best as possible, to try and give you the be
st match possible for what you re wishing to learn or experiment with.
Vulnhub Repository
CTF Write Ups
CTF Resources
A general collection of information, tools, and tips regarding CTFs and similar
security competitions.
CTF write-ups 2015
Wiki-like CTF write-ups repository, maintained by the community. (2015)
CTF write-ups 2014
CTF write-ups 2013
SecurityTube Playlists
Security Tube hosts a large range of video tutorials on IT security including pe
netration testing , exploit development and reverse engineering.
SecurityTube Metasploit Framework Expert (SMFE)
This video series covers basics of Metasploit Framework. We will look at why to
use metasploit then go on to how to exploit vulnerbilities with help of metasplo
it and post exploitation techniques with meterpreter.
Wireless LAN Security and Penetration Testing Megaprimer
This video series will take you through a journey in wireless LAN (in)security a
nd penetration testing. We will start from the very basics of how WLANs work, gr
aduate to packet sniffing and injection attacks, move on to audit infrastructure
vulnerabilities, learn to break into WLAN clients and finally look at advanced
hybrid attacks involving wireless and applications.

Exploit Research Megaprimer
In this video series, we will learn how to program exploits for various vulnerab
ilities published online. We will also look at how to use various tools and tech
niques to find Zero Day vulnerabilities in both open and closed source software.
Buffer Overflow Exploitation Megaprimer for Linux
In this video series, we will understand the basic of buffer overflows and under
stand how to exploit them on linux based systems. In later videos, we will also
look at how to apply the same principles to Windows and other selected operating
systems.
Open Security Books
Crypto 101 - lvh
Comes with everything you need to understand complete systems such as SSL/TLS: b
lock ciphers, stream ciphers, hash functions, message authentication codes, publ
ic key encryption, key agreement protocols, and signature algorithms. Learn how
to exploit common cryptographic flaws, armed with nothing but a little time and
your favorite programming language. Forge administrator cookies, recover passwor
ds, and even backdoor your own random number generator.
Crypto101
LaTeX Source
A Graduate Course in Applied Cryptography - Dan Boneh & Victor Shoup
This book is about constructing practical cruptosystems for which we can argue s
ecurity under plausible assumptions. The book covers many constructions for diff
erent tasks in cryptography. For each task we define the required goal. To analy
ze the constructions, we develop a unified framework for doing cryptographic pro
ofs. A reader who masters this framework will capable of applying it to new cons
tructions that may not be covered in this book. We describe common mistakes to a
void as well as attacks on real-world systems that illustratre the importance of
rigor in cryptography. We end every chapter with a fund application that applie
s the ideas in the chapter in some unexpected way.
A Graduate Course in Applied Cryptography
Reverse Engineering for Beginners - Dennis Yurichev
This book offers a primer on reverse-engineering, delving into disassembly codelevel reverse engineering and explaining how to decipher assembly language for t
hose beginners who would like to learn to understand x86 (which accounts for alm
ost all executable software in the world) and ARM code created by C/C++ compiler
s.
Reverse Engineering for Beginners
LaTeX Source
CTF Field Guide - Trail of Bits
The focus areas that CTF competitions tend to measure are vulnerability discover
y, exploit creation, toolkit creation, and operational tradecraft.. Whether you
want to succeed at CTF, or as a computer security professional, you ll need to b
ecome an expert in at least one of these disciplines. Ideally in all of them.
CTF Field Guide
Markdown Source
Documentation
OWASP - Open Web Application Security Project
The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-f
or-profit charitable organization focused on improving the security of software.
Our mission is to make software security visible, so that individuals and organ
izations worldwide can make informed decisions about true software security risk
s.
Open Web Application Security Project
Applied Crypto Hardening - bettercrypto.org
This guide arose out of the need for system administrators to have an updated, s
olid, well re-searched and thought-through guide for configuring SSL, PGP,SSH an
d other cryptographic tools in the post-Snowdenage. Triggered by the NSA leaks i
n the summer of 2013, many system administrators and IT security officers saw th
e need to strengthen their encryption settings.This guide is specifically writte
n for these system administrators.

Applied Crypto Hardening
LaTeX Source
Online Resources
Penetration Testing Resources
Metasploit Unleashed - Free Offensive Security metasploit course
PTES - Penetration Testing Execution Standard
OWASP - Open Web Application Security Project
Exploit development
Shellcode Tutorial - Tutorial on how to write shellcode
Shellcode Examples - Shellcodes database
Exploit Writing Tutorials - Tutorials on how to develop exploits
GDB-peda - Python Exploit Development Assistance for GDB
shellsploit - New Generation Exploit Development Kit
Social Engineering Resources
Social Engineering Framework - An information resource for social engineers
Lock Picking Resources
Schuyler Towne channel - Lockpicking videos and security talks
/r/lockpicking - Resources for learning lockpicking, equipment recommendations.
Tools
Penetration Testing Distributions
Kali - A Linux distribution designed for digital forensics and penetration testi
ng
BlackArch - Arch Linux-based distribution for penetration testers and security r
esearchers
NST - Network Security Toolkit distribution
Pentoo - security-focused livecd based on Gentoo
BackBox - Ubuntu-based distribution for penetration tests and security assessmen
ts
Basic Penetration Testing Tools
Metasploit Framework - World s most used penetration testing software
Burp Suite - An integrated platform for performing security testing of web appli
cations
ExploitPack - Graphical tool for penetration testing with a bunch of exploits
BeeF - The Browser Exploitation Framework Project
faraday - Collaborative Penetration Test and Vulnerability Management Platform
evilgrade - The update explotation framework
commix - Automated All-in-One OS Command Injection and Exploitation Tool
Vulnerability Scanners
Netsparker - Web Application Security Scanner
Nexpose - Vulnerability Management & Risk Management Software
Nessus - Vulnerability, configuration, and compliance assessment
Nikto - Web application vulnerability scanner
OpenVAS - Open Source vulnerability scanner and manager
OWASP Zed Attack Proxy - Penetration testing tool for web applications
Secapps - Integrated web application security testing environment
w3af - Web application attack and audit framework
Wapiti - Web application vulnerability scanner
WebReaver - Web application vulnerability scanner for Mac OS X
DVCS Ripper - Rip web accessible (distributed) version control systems: SVN/GIT/
HG/BZR
arachni - Web Application Security Scanner Framework
Network Tools
nmap - Free Security Scanner For Network Exploration & Security Audits
pig - A Linux packet crafting tool
tcpdump/libpcap - A common packet analyzer that runs under the command line
Wireshark - A network protocol analyzer for Unix and Windows
Network Tools - Different network tools: ping, lookup, whois, etc
netsniff-ng - A Swiss army knife for for network sniffing
Intercepter-NG - a multifunctional network toolkit
SPARTA - Network Infrastructure Penetration Testing Tool
DNSDumpster - Online DNS recond and search service
Mass Scan - TCP port scanner, spews SYN packets asynchronously, scanning entire
Internet in under 5 minutes.
Zarp - Zarp is a network attack tool centered around the exploitation of local n
etworks
mitmproxy - An interactive SSL-capable intercepting HTTP proxy for penetration t
esters and software developers
mallory - HTTP/HTTPS proxy over SSH
DET - DET is a proof of concept to perform Data Exfiltration using either single
or multiple channel(s) at the same time
pwnat - punches holes in firewalls and NATs
dsniff - a collection of tools for network auditing and pentesting
tgcd - a simple Unix network utility to extend the accessibility of TCP/IP based
network services beyond firewalls
Wireless Network Tools
Aircrack-ng - a set of tools for auditing wireless network
Kismet - Wireless network detector, sniffer, and IDS
Reaver - Brute force attack against Wifi Protected Setup
Wifite - Automated wireless attack tool
wifiphisher - Automated phishing attacks against Wi-Fi networks
SSL Analysis Tools
SSLyze - SSL configuration scanner
sslstrip - a demonstration of the HTTPS stripping attacks
sslstrip2 - SSLStrip version to defeat HSTS
Web exploitation
WPScan - Black box WordPress vulnerability scanner
SQLmap - Automatic SQL injection and database takeover tool
weevely3 - Weaponized web shell
Wappalyzer - Wappalyzer uncovers the technologies used on websites
cms-explorer - CMS Explorer is designed to reveal the the specific modules, plug
ins, components and themes that various CMS driven web sites are running.
joomscan - Joomla CMS scanner
WhatWeb - Website Fingerprinter
BlindElephant - Web Application Fingerprinter
Hex Editors
HexEdit.js - Browser-based hex editing
Hexinator (commercial) - World s finest Hex Editor
Crackers
John the Ripper - Fast password cracker
Online MD5 cracker - Online MD5 hash Cracker
Hashcat - The more fast hash cracker
Windows Utils
Sysinternals Suite - The Sysinternals Troubleshooting Utilities
Windows Credentials Editor - security tool to list logon sessions and add, chang
e, list and delete associated credentials
mimikatz - Credentials extraction tool for Windows OS
PowerSpoit - A PowerShell Post-Exploitation Framework
Windows Exploit Suggester - Detects potential missing patches on the target
Responder - A LLMNR, NBT-NS and MDNS poisoner
Empire - Empire is a pure PowerShell post-exploitation agent
Linux Utils
Linux Exploit Suggester - Linux Exploit Suggester; based on operating system rel
ease number.
DDoS Tools
LOIC - An open source network stress tool for Windows

JS LOIC - JavaScript in-browser version of LOIC
T50 - The more fast network stress tool
Social Engineering Tools
SET - The Social-Engineer Toolkit from TrustedSec
OSInt Tools
Maltego - Proprietary software for open source intelligence and forensics, from
Paterva.
theHarvester - E-mail, subdomain and people names harvester
creepy - A geolocation OSINT tool
metagoofil - Metadata harvester
Google Hacking Database - a database of Google dorks; can be used for recon
Shodan - Shodan is the world s first search engine for Internet-connected device
s
recon-ng - A full-featured Web Reconnaissance framework written in Python
Anonymity Tools
Tor - The free software for enabling onion routing online anonymity
I2P - The Invisible Internet Project
Nipe - Script to redirect all traffic from the machine to the Tor network.
Reverse Engineering Tools
IDA Pro - A Windows, Linux or Mac OS X hosted multi-processor disassembler and d
ebugger
IDA Free - The freeware version of IDA v5.0
WDK/WinDbg - Windows Driver Kit and WinDbg
OllyDbg - An x86 debugger that emphasizes binary code analysis
Radare2 - Opensource, crossplatform reverse engineering framework.
x64_dbg - An open-source x64/x32 debugger for windows.
Pyew - A Python tool for static malware analysis.
Bokken - GUI for Pyew Radare2.
Immunity Debugger - A powerful new way to write exploits and analyze malware
Evan s Debugger - OllyDbg-like debugger for Linux
Medusa disassembler - An open source interactive disassembler
plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-co
de with colored syntax code.
CTF Tools
Pwntools - CTF framework for use in CTFs
Books
Penetration Testing Books
The Art of Exploitation by Jon Erickson, 2008
Metasploit: The Penetration Tester s Guide by David Kennedy et al., 2011
Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014
Rtfm: Red Team Field Manual by Ben Clark, 2014
The Hacker Playbook by Peter Kim, 2014
The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013
Professional Penetration Testing by Thomas Wilhelm, 2013
Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012
Violent Python by TJ O Connor, 2012
Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007
Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz,
2014
Penetration Testing: Procedures & Methodologies by EC-Council, 2010
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil A
llsopp, 2010
Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organizat
ion by Tyler Wrightson, 2014
Bug Hunter s Diary by Tobias Klein, 2011
Hackers Handbook Series
The Database Hacker s Handbook, David Litchfield et al., 2005
The Shellcoders Handbook by Chris Anley et al., 2007
The Mac Hacker s Handbook by Charlie Miller & Dino Dai Zovi, 2009
The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011

iOS Hackers Handbook by Charlie Miller et al., 2012
Android Hackers Handbook by Joshua J. Drake et al., 2014
The Browser Hackers Handbook by Wade Alcorn et al., 2014
The Mobile Application Hackers Handbook by Dominic Chell et al., 2015
Car Hacker s Handbook by Craig Smith, 2016
Network Analysis Books
Nmap Network Scanning by Gordon Fyodor Lyon, 2009
Practical Packet Analysis by Chris Sanders, 2011
Wireshark Network Analysis by by Laura Chappell & Gerald Combs, 2012
Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff & Jona
than Ham, 2012
Reverse Engineering Books
Reverse Engineering for Beginners by Dennis Yurichev
Hacking the Xbox by Andrew Huang, 2003
The IDA Pro Book by Chris Eagle, 2011
Practical Reverse Engineering by Bruce Dang et al., 2014
Gray Hat Hacking The Ethical Hacker s Handbook by Daniel Regalado et al., 2015
Malware Analysis Books
Practical Malware Analysis by Michael Sikorski & Andrew Honig, 2012
The Art of Memory Forensics by Michael Hale Ligh et al., 2014
Malware Analyst s Cookbook and DVD by Michael Hale Ligh et al., 2010
Windows Books
Windows Internals by Mark Russinovich et al., 2012
Social Engineering Books
The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002
The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005
Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011
No Tech Hacking by Johnny Long & Jack Wiles, 2008
Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010
Unmasking the Social Engineer: The Human Element of Security by Christopher Hadn
agy, 2014
Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conh
eady, 2014
Lock Picking Books
Practical Lock Picking by Deviant Ollam, 2012
Keys to the Kingdom by Deviant Ollam, 2012
CIA Lock Picking Field Operative Training Manual
Lock Picking: Detail Overkill by Solomon
Eddie the Wire books
Vulnerability Databases
NVD - US National Vulnerability Database
CERT - US Computer Emergency Readiness Team
OSVDB - Open Sourced Vulnerability Database
Bugtraq - Symantec SecurityFocus
Exploit-DB - Offensive Security Exploit Database
Fulldisclosure - Full Disclosure Mailing List
MS Bulletin - Microsoft Security Bulletin
MS Advisory - Microsoft Security Advisories
Inj3ct0r - Inj3ct0r Exploit Database
Packet Storm - Packet Storm Global Security Resource
SecuriTeam - Securiteam Vulnerability Information
CXSecurity - CSSecurity Bugtraq List
Vulnerability Laboratory - Vulnerability Research Laboratory
ZDI - Zero Day Initiative
Security Courses
Offensive Security Training - Training from BackTrack/Kali developers
SANS Security Training - Computer Security Training & Certification
Open Security Training - Training material for computer security classes
CTF Field Guide - everything you need to win your next CTF competition
Cybrary - online IT and Cyber Security training platform

Information Security Conferences
DEF CON - An annual hacker convention in Las Vegas
Black Hat - An annual security conference in Las Vegas
BSides - A framework for organising and holding security conferences
CCC - An annual meeting of the international hacker scene in Germany
DerbyCon - An annual hacker conference based in Louisville
PhreakNIC - A technology conference held annually in middle Tennessee
ShmooCon - An annual US east coast hacker convention
CarolinaCon - An infosec conference, held annually in North Carolina
HOPE - A conference series sponsored by the hacker magazine 2600
SummerCon - One of the oldest hacker conventions, held during Summer
Hack.lu - An annual conference held in Luxembourg
HITB - Deep-knowledge security conference held in Malaysia and The Netherlands
Troopers - Annual international IT Security event with workshops held in Heidelb
erg, Germany
Hack3rCon - An annual US hacker conference
ThotCon - An annual US hacker conference held in Chicago
LayerOne - An annual US security conference held every spring in Los Angeles
DeepSec - Security Conference in Vienna, Austria
SkyDogCon - A technology conference in Nashville
SECUINSIDE - Security Conference in Seoul
DefCamp - Largest Security Conference in Eastern Europe, held anually in Buchare
st, Romania
AppSecUSA - An annual conference organised by OWASP
BruCON - An annual security conference in Belgium
Infosecurity Europe - Europe s number one information security event, held in Lo
ndon, UK
Nullcon - An annual conference in Delhi and Goa, India
RSA Conference USA - An annual security conference in San Francisco, California,
USA
Swiss Cyber Storm - An annual security conference in Lucerne, Switzerland
Virus Bulletin Conference - An annual conference going to be held in Denver, USA
for 2016
Ekoparty - Largest Security Conference in Latin America, held annually in Buenos
Aires, Argentina
44Con - Annual Security Conference held in London
Information Security Magazines
2600: The Hacker Quarterly - An American publication about technology and comput
er "underground"
Phrack Magazine - By far the longest running hacker zine
Awesome Lists
Kali Linux Tools - List of tools present in Kali Linux
SecTools - Top 125 Network Security Tools
C/C++ Programming - One of the main language for open source security tools
.NET Programming - A software framework for Microsoft Windows platform developme
nt
Shell Scripting - Command-line frameworks, toolkits, guides and gizmos
Ruby Programming by @dreikanter - The de-facto language for writing exploits
Ruby Programming by @markets - The de-facto language for writing exploits
Ruby Programming by @Sdogruyol - The de-facto language for writing exploits
JavaScript Programming - In-browser development and scripting
Node.js Programming by @sindresorhus - JavaScript in command-line
Node.js Programming by @vndmtrx - JavaScript in command-line
Python tools for penetration testers - Lots of pentesting tools are written in P
ython
Python Programming by @svaksha - General Python programming
Python Programming by @vinta - General Python programming
Android Security - A collection of android security related resources
Awesome Awesomness - The List of the Lists
AppSec - Resources for learning about application security

CTFs - Capture The Flag frameworks, libraries, etc
Hacking - Tutorials, tools, and resources
Honeypots - Honeypots, tools, components, and more
Infosec - Information security resources for pentesting, forensics, and more
Malware Analysis - Tools and resources for analysts
PCAP Tools - Tools for processing network traffic
Security - Software, libraries, documents, and other resources
Awesome List - A curated list of awesome lists
SecLists - Collection of multiple types of lists used during security assessment
s
Security Talks - A curated list of security conferences
General
Articles
How to Safely Generate a Random Number (2014)
Released: February 25, 2014
Advice on cryptographically secure pseudo-random number generators.
Salted Password Hashing - Doing it Right (2014)
Released: August 6, 2014
A post on Crackstation, a project by Defuse Security
A good idea with bad usage: /dev/urandom (2014)
Released: May 3, 2014
Mentions many ways to make /dev/urandom fail on Linux/BSD.
Why Invest in Application Security? (2015)
Released: June 21, 2015
Running a business requires being cost-conscious and minimizing unnecessary spen
ding. The benefits of ensuring in the security of your application are invisible
to most companies, so often times they neglect to invest in secure software dev
elopment as a cost-saving measure. What these companies don t realize is the pot
ential cost (both financial and to brand reputation) a preventable data compromi
se can incur.
The average data breach costs millions of dollars in damage.
Investing more time and personnel to develop secure software is, for most compan
ies, worth it to minimize this unnecessary risk to their bottom line.
Be wary of one-time pads and other crypto unicorns (2015)
Released: March 25, 2015
A must-read for anyone looking to build their own cryptography features.
Books
Web Application Hacker s Handbook (2011)
Released: September 27, 2011
Great introduction to Web Application Security; though slightly dated.
Cryptography Engineering (2010)
Develops a sense of professional paranoia while presenting crypto design techniq
ues.
Gray Hat Python: Programming for Hackers and Reverse Engineers (2009)
The Art of Software Security Assessment: Identifying and Preventing Software Vu
lnerabilities (2006)
Released: November 30, 2006
C Interfaces and Implementations: Techniques for Creating Reusable Software (19
96)
Reversing: Secrets of Reverse Engineering (2005)
Released: April 15, 2005
JavaScript: The Good parts (2008)
Windows Internals: Including Windows Server 2008 and Windows Vista, Fifth Editi
on (2007)
The Mac Hacker s Handbook (2009)

The IDA Pro Book: The Unofficial Guide to the World s Most Popular Disassembler
(2008)
Internetworking with TCP/IP Vol. II: ANSI C Version: Design, Implementation, an
d Internals (3rd Edition) (1998)
Network Algorithmics,: An Interdisciplinary Approach to Designing Fast Networke
d Devices (2004)
Released: December 29, 2004
Computation Structures (MIT Electrical Engineering and Computer Science) (1989)
Released: December 13, 1989
Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Softw
are Protection (2009)
Secure Programming HOWTO (2015)
Security Engineering - Second Edition (2008)
Classes
Offensive Computer Security (CIS 4930) FSU
A vulnerability research and exploit development class by Owen Redwood of Florid
a State University.
Be sure to check out the lectures!
Hack Night
Developed from the materials of NYU Poly s old Penetration Testing and Vulnerabi
lity Analysis course, Hack Night is a sobering introduction to offensive securit
y. A lot of complex technical content is covered very quickly as students are in
troduced to a wide variety of complex and immersive topics over thirteen weeks.
Websites
Hack This Site!
Learn about application security by attempting to hack this website.
Enigma Group
Where hackers and security experts come to train.
Web App Sec Quiz
Self-assessment quiz for web application security
SecurePasswords.info
Secure passwords in several languages/frameworks.
Security News Feeds Cheat-Sheet
A list of security news sources.
Open Security Training
Video courses on low-level x86 programming, hacking, and forensics.
MicroCorruption
Capture The Flag - Learn Assembly and Embedded Device Security
The Matasano Crypto Challenges
A series of programming exercises for teaching oneself cryptography by Matasano
Security. The introduction by Maciej Ceglowski explains it well.
PentesterLab
PentesterLab provides free Hands-On exercises and a bootcamp to get started.
Juice Shop
An intentionally insecure Javascript Web Application.
Blogs
Crypto Fails
Showcasing bad cryptography
NCC Group - Blog
The blog of NCC Group, formerly Matasano, iSEC Partners, and NGS Secure.
Wiki pages
OWASP Top Ten Project
The top ten most common and critical security vulnerabilities found in web appli
cations.
Android
Books and ebooks
SEI CERT Android Secure Coding Standard (2015)
Released: February 24, 2015
A community-maintained Wiki detailing secure coding standards for Android develo
pment.
C
Books and ebooks
SEI CERT C Coding Standard (2006)
A community-maintained Wiki detailing secure coding standards for C programming.
Defensive Coding: A Guide to Improving Software Security by the Fedora Security
Team (2016)
Provides guidelines for improving software security through secure coding. Cover
s common programming languages and libraries, and focuses on concrete recommenda
tions.
C++
Books and ebooks
SEI CERT C++ Coding Standard (2006)
Released: July 18, 2006
A community-maintained Wiki detailing secure coding standards for C++ programmin
g.
C Sharp
Books and ebooks
Security Driven .NET (2015)
Released: July 14, 2015
An introduction to developing secure applications targeting version 4.5 of the .
NET Framework, specifically covering cryptography and security engineering topic
s.
Java
Books and ebooks
SEI CERT Java Coding Standard (2007)
Released: January 12, 2007
A community-maintained Wiki detailing secure coding standards for Java programmi
ng.
Secure Coding Guidelines for Java SE (2014)
Secure Java programming guidelines straight from Oracle.
Node.js
Articles
Node.js Security Checklist - Rising Stack Blog (2015)
Released: October 13, 2015
Covers a lot of useful information for developing secure Node.js applications.
Training
Security Training by ^Lift Security
Learn from the team that spearheaded the Node Security Project
PHP
Articles
It s All About Time (2014)
A gentle introduction to timing attacks in PHP applications
Secure Authentication in PHP with Long-Term Persistence (2015)
Discusses password policies, password storage, "remember me" cookies, and accoun
t recovery.
20 Point List For Preventing Cross-Site Scripting In PHP (2013)
Padriac Brady s advice on building software that isn t vulnerable to XSS
25 PHP Security Best Practices For Sys Admins (2011)

Though this article is a few years old, much of its advice is still relevant as
we veer around the corner towards PHP 7.
PHP data encryption primer (2014)
@timoh6 explains implementing data encryption in PHP
Preventing SQL Injection in PHP Applications - the Easy and Definitive Guide (20
14)
TL;DR - don t escape, use prepared statements instead!
You Wouldn t Base64 a Password - Cryptography Decoded (2015)
A human-readable overview of commonly misused cryptography terms and fundamental
concepts, with example code in PHP.
If you re confused about cryptography terms, start here.
A Guide to Secure Data Encryption in PHP Applications (2015)
Discusses the importance of end-to-end network-layer encryption (HTTPS) as well
as secure encryption for data at rest, then introduces the specific cryptography
tools that developers should use for specific use cases, whether they use libso
dium, Defuse Security s secure PHP encryption library, or OpenSSL.
Books and ebooks
Securing PHP: Core Concepts
Securing PHP: Core Concepts acts as a guide to some of the most common security
terms and provides some examples of them in every day PHP.
Using Libsodium in PHP Projects
You shouldn t need a Ph.D in Applied Cryptography to build a secure web applicat
ion. Enter libsodium, which allows developers to develop fast, secure, and relia
ble applications without needing to know what a stream cipher even is.
Useful libraries
defuse/php-encryption
Symmetric-key encryption library for PHP applications. (Recommended over rolling
your own!)
ircmaxell/password_compat
If you re using PHP 5.3.7+ or 5.4, use this to hash passwords
ircmaxell/RandomLib
Useful for generating random strings or numbers
thephpleague/oauth2-server
A secure OAuth2 server implementation
paragonie/random_compat
PHP 7 offers a new set of CSPRNG functions: random_bytes() and random_int(). Thi
s is a community effort to expose the same API in PHP 5 projects (forward compat
ibility layer). Permissively MIT licensed.
psecio/gatekeeper
A secure authentication and authorization library that implements Role-Based Acc
ess Controls and Paragon Initiative Enterprises recommendaitons for secure "rem
ember me" checkboxes.
Websites
websec.io
websec.io is dedicated to educating developers about security with topics relati
ng to general security fundamentals, emerging technologies and PHP-specific info
rmation
Blogs
Paragon Initiative Enterprises Blog
The blog of our technology and security consulting firm based in Orlando, FL
ircmaxell s blog
A blog about PHP, Security, Performance and general web application development.
Pdraic Brady s Blog
Pdraic Brady is a Zend Framework security expert
Mailing lists
Securing PHP Weekly
A weekly newsletter about PHP, security, and the community.
Perl
Books and ebooks
SEI CERT Perl Coding Standard (2011)
Released: January 10, 2011
A community-maintained Wiki detailing secure coding standards for Perl programmi
ng.
Python
Books and ebooks
Python chapter of Fedora Defensive Coding Guide
Lists standard library features that should be avoided, and references sections
of other chapters that are Python-specific.
Violent Python
Violent Python shows you how to move from a theoretical understanding of offensi
ve computing concepts to a practical implementation.
Websites
OWASP Python Security Wiki (2014)
A wiki maintained by the OWASP Python Security project.
Ruby
Books and ebooks
Secure Ruby Development Guide (2014)
A guide to secure Ruby development by the Fedora Security Team. Also available o
n Github.
Malware Collection
Anonymizers
Web traffic anonymizers for analysts.
Anonymouse.org - A free, web based anonymizer.
OpenVPN - VPN software and hosting solutions.
Privoxy - An open source proxy server with some privacy features.
Tor - The Onion Router, for browsing the web without leaving traces of the clien
t IP.
Honeypots
Trap and collect your own samples.
Conpot - ICS/SCADA honeypot.
Cowrie - SSH honeypot, based on Kippo.
Dionaea - Honeypot designed to trap malware.
Glastopf - Web application honeypot.
Honeyd - Create a virtual honeynet.
HoneyDrive - Honeypot bundle Linux distro.
Mnemosyne - A normalizer for honeypot data; supports Dionaea.
Thug - Low interaction honeyclient, for investigating malicious websites.
Malware Corpora
Malware samples collected for analysis.
Clean MX - Realtime database of malware and malicious domains.
Contagio - A collection of recent malware samples and analyses.
Exploit Database - Exploit and shellcode samples.
Malshare - Large repository of malware actively scrapped from malicious sites.
maltrieve - Retrieve malware samples directly from a number of online sources.
MalwareDB - Malware samples repository.
theZoo - Live malware samples for analysts.
ViruSign - Malware database that detected by many anti malware programs except C
lamAV.
VirusShare - Malware repository, registration required.
Zeltser s Sources - A list of malware sample sources put together by Lenny Zelts
er.
Zeus Source Code - Source for the Zeus trojan leaked in 2011.
Open Source Threat Intelligence
Tools
Harvest and analyze IOCs.
AbuseHelper - An open-source framework for receiving and redistributing abuse fe
eds and threat intel.
Combine - Tool to gather Threat Intelligence indicators from publicly available
sources.
IntelMQ - A tool for CERTs for processing incident data using a message queue.
IOC Editor - A free editor for XML IOC files.
ioc_writer - Python library for working with OpenIOC objects, from Mandiant.
Massive Octo Spice - Previously known as CIF (Collective Intelligence Framework)
. Aggregates IOCs from various lists. Curated by the CSIRT Gadgets Foundation.
MISP - Malware Information Sharing Platform curated by The MISP Project.
PassiveTotal - Research, connect, tag and share IPs and domains.
PyIOCe - A Python OpenIOC editor.
threataggregator - Aggregates security threats from a number of sources, includi
ng some of those listed below in other resources.
ThreatCrowd - A search engine for threats, with graphical visualization.
ThreatTracker - A Python script to monitor and generate alerts based on IOCs ind
exed by a set of Google Custom Search Engines.
TIQ-test - Data visualization and statistical analysis of Threat Intelligence fe
eds.
Other Resources
Threat intelligence and IOC resources.
Autoshun (list) - Snort plugin and blocklist.
CI Army (list) - Network security blocklists.
Critical Stack- Free Intel Market - Free intel aggregator with deduplication fea
turing 90+ feeds and over 1.2M indicators.
CRDF ThreatCenter - List of new threats detected by CRDF anti-malware.
FireEye IOCs - Indicators of Compromise shared publicly by FireEye.
FireHOL IP Lists - Analytics for 350+ IP lists with a focus on attacks, malware
and abuse. Evolution, Changes History, Country Maps, Age of IPs listed, Retentio
n Policy, Overlaps.
hpfeeds - Honeypot feed protocol.
Internet Storm Center (DShield) - Diary and searchable incident database, with a
web API (unofficial Python library).
malc0de - Searchable incident database.
Malware Domain List - Search and share malicious URLs.
OpenIOC - Framework for sharing threat intelligence.
Palevo Blocklists - Botnet C&C blocklists.
Proofpoint Threat Intelligence (formerly Emerging Threats) - Rulesets and more.
STIX - Structured Threat Information eXpression - Standardized language to repre
sent and share cyber threat information. Related efforts from MITRE:
CAPEC - Common Attack Pattern Enumeration and Classification
CybOX - Cyber Observables eXpression
MAEC - Malware Attribute Enumeration and Characterization
TAXII - Trusted Automated eXchange of Indicator Information
threatRECON - Search for indicators, up to 1000 free per month.
Yara rules - Yara rules repository.
ZeuS Tracker - ZeuS blocklists.
Detection and Classification
Antivirus and other malware identification tools
AnalyzePE - Wrapper for a variety of tools for reporting on Windows PE files.
chkrootkit - Local Linux rootkit detection.
ClamAV - Open source antivirus engine.
ExifTool - Read, write and edit file metadata.
hashdeep - Compute digest hashes with a variety of algorithms.
Loki - Host based scanner for IOCs.

Malfunction - Catalog and compare malware at a function level.
MASTIFF - Static analysis framework.
MultiScanner - Modular file scanning/analysis framework
nsrllookup - A tool for looking up hashes in NIST s National Software Reference
Library database.
packerid - A cross-platform Python alternative to PEiD.
PEiD - Packer identifier for Windows binaries.
PEV - A multiplatform toolkit to work with PE files, providing feature-rich tool
s for proper analysis of suspicious binaries.
Rootkit Hunter - Detect Linux rootkits.
ssdeep - Compute fuzzy hashes.
totalhash.py - Python script for easy searching of the TotalHash.cymru.com datab
ase.
TrID - File identifier.
YARA - Pattern matching tool for analysts.
Yara rules generator - Generate yara rules based on a set of malware samples. Al
so contains a good strings DB to avoid false positives.
Online Scanners and Sandboxes
Web-based multi-AV scanners, and malware sandboxes for automated analysis.
AndroTotal - free online analysis of APKs against multiple mobile antivirus apps
.
Anubis - Malware Analysis for Unknown Binaries and Site Check.
AVCaesar - Malware.lu online scanner and malware repository.
Cryptam - Analyze suspicious office documents.
Cuckoo Sandbox - Open source, self hosted sandbox and automated analysis system.
cuckoo-modified - Modified version of Cuckoo Sandbox released under the GPL. Not
merged upstream due to legal concerns by the author.
DeepViz - Multi-format file analyzer with machine-learning classification.
DRAKVUF - Dynamic malware analysis system.
Hybrid Analysis - Online malware analysis tool, powered by VxSandbox.
IRMA - An asynchronous and customizable analysis platform for suspicious files.
Jotti - Free online multi-AV scanner.
Malheur - Automatic sandboxed analysis of malware behavior.
Malwr - Free analysis with an online Cuckoo Sandbox instance.
MASTIFF Online - Online static analysis of malware.
Metadefender.com - Scan a file, hash or IP address for malware (free)
Noriben - Uses Sysinternals Procmon to collect information about malware in a sa
ndboxed environment.
PDF Examiner - Analyse suspicious PDF files.
Recomposer - A helper script for safely uploading binaries to sandbox sites.
SEE - Sandboxed Execution Environment (SEE) is a framework for building test aut
omation in secured Environments.
VirusTotal - Free online analysis of malware samples and URLs
Zeltser s List - Free automated sandboxes and services, compiled by Lenny Zeltse
r.
Domain Analysis
Inspect domains and IP addresses.
Desenmascara.me - One click tool to retrieve as much metadata as possible for a
website and to assess its good standing.
Dig - Free online dig and other network tools.
dnstwist - Domain name permutation engine for detecting typo squatting, phishing
and corporate espionage.
IPinfo - Gather information about an IP or domain by searching online resources.
Machinae - OSINT tool for gathering information about URLs, IPs, or hashes. Simi
lar to Automator.
mailchecker - Cross-language temporary email detection library.
MaltegoVT - Maltego transform for the VirusTotal API. Allows domain/IP research,
and searching for file hashes and scan reports.
SenderBase - Search for IP, domain or network owner.
SpamCop - IP based spam block list.

SpamHaus - Block list based on domains and IPs.
Sucuri SiteCheck - Free Website Malware and Security Scanner.
TekDefense Automator - OSINT tool for gathering information about URLs, IPs, or
hashes.
URLQuery - Free URL Scanner.
Whois - DomainTools free online whois search.
Zeltser s List - Free online tools for researching malicious websites, compiled
by Lenny Zeltser.
ZScalar Zulu - Zulu URL Risk Analyzer.
Browser Malware
Analyze malicious URLs. See also the domain analysis and documents and shellcode
sections.
Firebug - Firefox extension for web development.
Java Decompiler - Decompile and inspect Java apps.
Java IDX Parser - Parses Java IDX cache files.
JSDetox - JavaScript malware analysis tool.
jsunpack-n - A javascript unpacker that emulates browser functionality.
Krakatau - Java decompiler, assembler, and disassembler.
Malzilla - Analyze malicious web pages.
RABCDAsm - A "Robust ActionScript Bytecode Disassembler."
swftools - Tools for working with Adobe Flash files.
xxxswf - A Python script for analyzing Flash files.
Documents and Shellcode
Analyze malicious JS and shellcode from PDFs and Office documents. See also the
browser malware section.
AnalyzePDF - A tool for analyzing PDFs and attempting to determine whether they
are malicious.
diStorm - Disassembler for analyzing malicious shellcode.
JS Beautifier - JavaScript unpacking and deobfuscation.
JS Deobfuscator - Deobfuscate simple Javascript that use eval or document.write
to conceal its code.
libemu - Library and tools for x86 shellcode emulation.
malpdfobj - Deconstruct malicious PDFs into a JSON representation.
OfficeMalScanner - Scan for malicious traces in MS Office documents.
olevba - A script for parsing OLE and OpenXML documents and extracting useful in
formation.
Origami PDF - A tool for analyzing malicious PDFs, and more.
PDF Tools - pdfid, pdf-parser, and more from Didier Stevens.
PDF X-Ray Lite - A PDF analysis tool, the backend-free version of PDF X-RAY.
peepdf - Python tool for exploring possibly malicious PDFs.
Spidermonkey - Mozilla s JavaScript engine, for debugging malicious JS.
File Carving
For extracting files from inside disk and memory images.
bulk_extractor - Fast file carving tool.
EVTXtract - Carve Windows Event Log files from raw binary data.
Foremost - File carving tool designed by the US Air Force.
Hachoir - A collection of Python libraries for dealing with binary files.
Scalpel - Another data carving tool.
Deobfuscation
Reverse XOR and other code obfuscation methods.
Balbuzard - A malware analysis tool for reversing obfuscation (XOR, ROL, etc) an
d more.
de4dot - .NET deobfuscator and unpacker.
ex_pe_xor& iheartxor - Two tools from Alexander Hanel for working with single-by
te XOR encoded files.
NoMoreXOR - Guess a 256 byte XOR key using frequency analysis.
PackerAttacker - A generic hidden code extractor for Windows malware.
unxor - Guess XOR keys using known-plaintext attacks.
VirtualDeobfuscator - Reverse engineering tool for virtualization wrappers.
XORBruteForcer - A Python script for brute forcing single-byte XOR keys.

XORSearch & XORStrings - A couple programs from Didier Stevens for finding XORed
data.
xortool - Guess XOR key length, as well as the key itself.
Debugging and Reverse Engineering
Disassemblers, debuggers, and other static and dynamic analysis tools.
angr - Platform-agnostic binary analysis framework developed at UCSB s Seclab.
BARF - Multiplatform, open source Binary Analysis and Reverse engineering Framew
ork.
binnavi - Binary analysis IDE for reverse engineering based on graph visualizati
on.
Bokken - GUI for Pyew and Radare.
Capstone - Disassembly framework for binary analysis and reversing, with support
for many architectures and bindings in several languages.
codebro - Web based code browser using clang to provide basic code analysis.
dnSpy - .NET assembly editor, decompiler and debugger.
Evan s Debugger (EDB) - A modular debugger with a Qt GUI.
GDB - The GNU debugger.
GEF - GDB Enhanced Features, for exploiters and reverse engineers.
hackers-grep - A utility to search for strings in PE executables including impor
ts, exports, and debug symbols.
IDA Pro - Windows disassembler and debugger, with a free evaluation version.
Immunity Debugger - Debugger for malware analysis and more, with a Python API.
ltrace - Dynamic analysis for Linux executables.
objdump - Part of GNU binutils, for static analysis of Linux binaries.
OllyDbg - An assembly-level debugger for Windows executables.
PANDA - Platform for Architecture-Neutral Dynamic Analysis
PEDA - Python Exploit Development Assistance for GDB, an enhanced display with a
dded commands.
pestudio - Perform static analysis of Windows executables.
plasma - Interactive disassembler for x86/ARM/MIPS.
Process Monitor - Advanced monitoring tool for Windows programs.
Pyew - Python tool for malware analysis.
Radare2 - Reverse engineering framework, with debugger support.
SMRT - Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware
analyis.
strace - Dynamic analysis for Linux executables.
Triton - A dynamic binary analysis (DBA) framework.
Udis86 - Disassembler library and tool for x86 and x86_64.
Vivisect - Python tool for malware analysis.
X64dbg - An open-source x64/x32 debugger for windows.
Network
Analyze network interactions.
Bro - Protocol analyzer that operates at incredible scale; both file and network
protocols.
BroYara - Use Yara rules from Bro.
CapTipper - Malicious HTTP traffic explorer.
chopshop - Protocol analysis and decoding framework.
Fiddler - Intercepting web proxy designed for "web debugging."
Hale - Botnet C&C monitor.
Haka - Haka is an open source security oriented language which allows to describ
e protocols and apply security policies on (live) captured traffic.
INetSim - Network service emulation, useful when building a malware lab.
Laika BOSS - Laika BOSS is a file-centric malware analysis and intrusion detecti
on system.
Malcom - Malware Communications Analyzer.
Maltrail - A malicious traffic detection system, utilizing publicly available (b
lack)lists containing malicious and/or generally suspicious trails and featuring
an reporting and analysis interface.
mitmproxy - Intercept network traffic on the fly.
Moloch - IPv4 traffic capturing, indexing and database system.

NetworkMiner - Network forensic analysis tool, with a free version.
ngrep - Search through network traffic like grep.
PcapViz - Network topology and traffic visualizer.
Tcpdump - Collect network traffic.
tcpick - Trach and reassemble TCP streams from network traffic.
tcpxtract - Extract files from network traffic.
Wireshark - The network traffic analysis tool.
Memory Forensics
Tools for dissecting malware in memory images or running systems.
DAMM - Differential Analysis of Malware in Memory, built on Volatility
evolve - Web interface for the Volatility Memory Forensics Framework.
FindAES - Find AES encryption keys in memory.
Muninn - A script to automate portions of analysis using Volatility, and create
a readable report.
Rekall - Memory analysis framework, forked from Volatility in 2013.
TotalRecall - Script based on Volatility for automating various malware analysis
tasks.
VolDiff - Run Volatility on memory images before and after malware execution, an
d report changes.
Volatility - Advanced memory forensics framework.
VolUtility - Web Interface for Volatility Memory Analysis framework.
WinDbg - Live memory inspection and kernel debugging for Windows systems.
Windows Artifacts
AChoir - A live incident response script for gathering Windows artifacts.
python-evt - Python library for parsing Windows Event Logs.
python-registry - Python library for parsing registry files.
RegRipper (GitHub) - Plugin-based registry analysis tool.
Storage and Workflow
Aleph - OpenSource Malware Analysis Pipeline System.
CRITs - Collaborative Research Into Threats, a malware and threat repository.
Malwarehouse - Store, tag, and search malware.
Viper - A binary management and analysis framework for analysts and researchers.
Miscellaneous
DC3-MWCP - The Defense Cyber Crime Center s Malware Configuration Parser framewo
rk.
Pafish - Paranoid Fish, a demonstration tool that employs several techniques to
detect sandboxes and analysis environments in the same way as malware families d
o.
REMnux - Linux distribution and docker images for malware reverse engineering an
d analysis.
Santoku Linux - Linux distribution for mobile forensics, malware analysis, and s
ecurity.
Resources
Books
Essential malware analysis reading material.
Malware Analyst s Cookbook and DVD - Tools and Techniques for Fighting Malicious
Code.
Practical Malware Analysis - The Hands-On Guide to Dissecting Malicious Software
.
The Art of Memory Forensics - Detecting Malware and Threats in Windows, Linux, a
nd Mac Memory.
The IDA Pro Book - The Unofficial Guide to the World s Most Popular Disassembler
.
Twitter
Some relevant Twitter accounts.
Adamb @Hexacorn
Andrew Case @attrc
Claudio @botherder
Dustin Webber @mephux
Glenn @hiddenillusion
jekil @jekil
Jurriaan Bremer @skier_t
Lenny Zeltser @lennyzeltser
Liam Randall @hectaman
Mark Schloesser @repmovsb
Michael Ligh (MHL) @iMHLv2
Open Malware @OpenMalware
Richard Bejtlich @taosecurity
Volatility @volatility
Other
APT Notes - A collection of papers and notes related to Advanced Persistent Thre
ats.
File Formats posters - Nice visualization of commonly used file format (includin
g PE & ELF).
Honeynet Project - Honeypot tools, papers, and other resources.
Kernel Mode - An active community devoted to malware analysis and kernel develop
ment.
Malicious Software - Malware blog and resources by Lenny Zeltser.
Malware Analysis Search - Custom Google search engine from Corey Harrell.
Malware Analysis Tutorials - The Malware Analysis Tutorials by Dr. Xiang Fu are
a great resource for learning practical malware analysis.
Malware Samples and Traffic - This blog focuses on network traffic related to ma
lware infections.
RPISEC Malware Analysis - These are the course materials used in the Malware Ana
lysis course at at Rensselaer Polytechnic Institute during Fall 2015.
WindowsIR: Malware - Harlan Carvey s page on Malware.
Windows Registry specification - Windows registry file format specification.
/r/csirt_tools - Subreddit for CSIRT tools and resources, with a malware analysi
s flair.
/r/Malware - The malware subreddit.
/r/ReverseEngineering - Reverse engineering subreddit, not limited to just malwa
re.
Related Awesome Lists
Android Security
AppSec
CTFs
"Hacking"
Honeypots
Incident-Response
Infosec
PCAP Tools
Pentesting
Security
ONLINE ANALYZERS
AndroTotal
CopperDroid
Dexter
Sandroid
Tracedroid
Visual Threat
Mobile Malware Sandbox
MobiSec Eacus
IBM Security AppScan Mobile Analyzer - not free
NVISO ApkScan
AVC UnDroid
Fireeye- max 60MB 15/day
habo 10/day
Virustotal-max 128MB
Fraunhofer App-ray - not free
Stowaway
Anubis
Mobile app insight
Mobile-Sandbox
Ijiami
Comdroid
Android Sandbox
Foresafe
STATIC ANALYSIS TOOLS
Androwarn - detect and warn the user about potential malicious behaviours develo
pped by an Android application.
ApkAnalyser
APKInspector
Droid Intent Data Flow Analysis for Information Leakage
Several tools from PSU
Smali CFG generator
FlowDroid
Android Decompiler not free
PSCout - A tool that extracts the permission specification from the Android OS s
ource code using static analysis
Amandroid
SmaliSCA - Smali Static Code Analysis
CFGScanDroid - Scans and compares CFG against CFG of malicious applications
Madrolyzer - extracts actionable data like C&C, phone number etc.
SPARTA - verifies (proves) that an app satisfies an information-flow security po
licy; built on the Checker Framework
ConDroid - Performs a combination of symoblic + concrete execution of the app
APP VULNERABILITY SCANNERS
QARK - QARK by LinkedIn is for app developers to scan app for security issues
AndroBugs
DYNAMIC ANALYSIS TOOLS
Android DBI frameowork
Android Malware Analysis Toolkit - (linux distro) Earlier it use to be an online
analyzer
AppUse custom build for pentesting
Cobradroid custom image for malware analysis
ViaLab Community Edition
Droidbox
Mercury
Drozer
Taintdroid - requires AOSP compilation
Xposed - equivalent of doing Stub based code injection but without any modificat
ions to the binary
Android Hooker - API Hooking of java methods triggered by any Android applicatio
n (requires the Substrate Framework)
Android tamer - custom image
Droidscope - custom image for dynamic analysis
CuckooDroid - Android extension for Cuckoo sandbox
Mem - Memory analysis of Android (root required)
Crowdroid unable to find the actual tool
AuditdAndroid android port of auditd, not under active development anymore
Android Security Evaluation Framework - not under active development anymore
Android Reverse Engineering ARE (android reverse engineering) not under active d
evelopment anymore
Aurasium Practical security policy enforcement for Android apps via bytecode rew
riting and in-place reference monitor.
Android Linux Kernel modules *
Appie - Appie is a software package that has been pre-configured to function as

an Android Pentesting Environment.It is completely portable and can be carried o
n USB stick or smartphone.This is a one stop answer for all the tools needed in
Android Application Security Assessment and an awesome alternative to existing v
irtual machines.
StaDynA - a system supporting security app analysis in the presence of dynamic c
ode update features (dynamic class loading and reflection). This tool combines s
tatic and dynamic analysis of Android applications in order to reveal the hidden
/updated behavior and extend static analysis results with this information.
DroidAnalytics - incomplete
Vezir Project - Virtual Machine for Mobile Application Pentesting and Mobile Mal
ware Analysis
REVERSE ENGINEERING
Smali/Baksmali apk decompilation
emacs syntax coloring for smali files
vim syntax coloring for smali files
AndBug
Androguard powerful, integrates well with other tools
Apktool really useful for compilation/decompilation (uses smali)
Android Framework for Exploitation
Bypass signature and permission checks for IPCs
Android OpenDebug make any application on device debuggable (using cydia substra
te).
Dare .dex to .class converter
Dex2Jar - dex to jar converter
Enjarify - dex to jar converter from Google
Dedexer
Fino
Indroid thread injection kit
IntentSniffer
Introspy
Jad - Java decompiler
JD-GUI - Java decompiler
CFR - Java decompiler
Krakatau - Java decompiler
Procyon - Java decompiler
FernFlower - Java decompiler
Redexer apk manipulation
Smali viewer
ZjDroid (no longer available), fork/mirror
Simplify Android deobfuscator
Bytecode viewer
Radare2
FUZZ TESTING
IntentFuzzer
Radamsa Fuzzer
Honggfuzz
An Android port of the melkor ELF fuzzer
Media Fuzzing Framework for Android
APP REPACKAGING DETECTORS
FSquaDRA - a tool for detection of repackaged Android applications based on app
resources hash comparison.
Exploitable Vulnerabilties
Vulnerability Google doc
Root Exploits (from Drozer issue #56)
SAMPLE SOURCES
contagio mini dump
Android malware github repo
Open Source database
Drebin
Admire
MalGenome - contains 1260 malware samples categorized into 49 different malware
families, free for research purpose.
VirusTotal Malware Intelligence Service - powered by VirusTotal,not free
Reading material
Android Security (and Not) Internals
Android security related presentations
A good collection of static analysis papers
MARKET CRAWLERS
Google play crawler (Java)
Google play crawler (Python)
Google play crawler (Node) - get app details and download apps from official Goo
gle Play Store.
Aptoide downloader (Node) - download apps from Aptoide third-party Android marke
t
Appland downloader (Node) - download apps from Appland third-party Android marke
t
MISC TOOLS
smalihook
APK-Downloader
AXMLPrinter2 - to convert binary XML files to human-readable XML files
adb autocomplete
Dalvik opcodes
Opcodes table for quick reference
ExploitMe Android Labs - for practice
GoatDroid - for practice
mitmproxy
dockerfile/androguard
Android Vulnerability Test Suite - android-vts scans a device for set of vulnera
bilities
Good Tutorials
Android Reverse Engineering 101 by Daniele Altomare
Create
Tools used for creating CTF challenges
Forensics
Tools used for creating Forensics challenges
Registry Dumper - Dump your registry
Web
Tools used for creating Web challenges
JavaScript Obfustcators
Metasploit JavaScript Obfustcator
Uglify
Solve
Tools used for solving CTF challenges
Attacks
Tools used for performing various kinds of attacks
Bettercap - Framework to perform MITM (Man in the Middle) attacks.
Layer 2 attacks - Attack various protocols on layer 2
Crypto
Tools used for solving Crypto challenges
PkCrack - A tool for Breaking PkZip-encryption
RSATool - Generate private key with knowledge of p and q
XORTool - A tool to analyze multi-byte xor cipher
Bruteforcers
Tools used for various kind of bruteforcing (passwords etc.)
John The Jumbo - Community enhanced version of John the Ripper
John The Ripper - Password Cracker
Ophcrack - Windows password cracker based on rainbow tables.
Exploits
Tools used for solving Exploits challenges
binjitsu - CTF framework and exploit development library
Metasploit - Penetration testing software
pwntools - CTF Framework for writing exploits
qira - QEMU Interactive Runtime Analyser
ROP Gadget - Framework for ROP exploitation
Forensics
Tools used for solving Forensics challenges
Aircrack-Ng - Crack 802.11 WEP and WPA-PSK keys
apt-get install aircrack-ng
Audacity - Analyze sound files (mp3, m4a, whatever)
apt-get install audacity
bkhive and samdump2 - Dump SYSTEM and SAM files
apt-get install samdump2 bkhive
CFF Explorer - PE Editor
creddump - Dump windows credentials
DVCS Ripper - Rips web accessible (distributed) version control systems
Exif Tool - Read, write and edit file metadata
extundelete - Used for recovering lost data from mountable images
Foremost - Extract particular kind of files using headers
apt-get install foremost
fsck.ext4 - Used to fix corrupt filesystems
Malzilla - Malware hunting tool
NetworkMiner - Network Forensic Analysis Tool
PDF Streams Inflater - Find and extract zlib files compressed in PDF files
ResourcesExtract - Extract various filetypes from exes
Shellbags - Investigate NT_USER.dat files
UsbForensics - Contains many tools for usb forensics
Volatility - To investigate memory dumps
Wireshark - Analyze the network dumps
apt-get install wireshark
Registry Viewers
RegistryViewer - Used to view windows registries
Windows Registry Viewers - More registry viewers
Reversing
Tools used for solving Reversing challenges
Androguard - Reverse engineer Android applications
Apk2Gold - Yet another Android decompiler
ApkTool - Android Decompiler
BinUtils - Collection of binary tools
BinWalk - Analyze, reverse engineer, and extract firmware images.
Boomerang - Decompile x86 binaries to C
GDB - The GNU project debugger
IDA Pro - Most used Reversing software
Jadx - Decompile Android files
Krakatau - Java decompiler and disassembler
radare2 - A portable reversing framework
Uncompyle - Decompile Python 2.7 binaries (.pyc)
WinDbg - Windows debugger distributed by Microsoft
z3 - a theorem prover from Microsoft Research
JavaScript Deobfustcators
Detox - A Javascript malware analysis tool
Revelo - Analyze obfuscated Javascript code
SWF Analyzers
RABCDAsm - Collection of utilities including an ActionScript 3 assembler/disasse
mbler.
swftools - Collection of utilities to work with SWF files
xxxswf - A Python script for analyzing Flash files.
Services
Various kind of useful services available around the internet

CSWSH - Cross-Site WebSocket Hijacking Tester
Request Bin - Lets you inspect http requests to a particular url
Stegano
Tools used for solving Steganography challenges
pngtools - For various analysis related to PNGs
apt-get install pngtools
SmartDeblur - Used to deblur and fix defocused images
Steganabara - Tool for stegano analysis written in Java
Steghide - Hide data in various kind of images
Stegsolve - Apply various steganography techniques to images
Web
Tools used for solving Web challenges
SQLMap - Automatic SQL injection and database takeover tooli
w3af - Web Application Attack and Audit Framework.
XSSer - Automated XSS testor
Resources
Where to discover about CTF
Starter Packs
Collections of installer scripts, useful tools
CTF Tools - Collection of setup scripts to install various security research too
ls.
Tutorials
Tutorials to learn how to play CTFs
CTF Field Guide - Field Guide by Trails of Bits
CTF Resources - Start Guide maintained by community
How to Get Started in CTF - Short guideline for CTF beginners by Endgame
MIPT CTF - A small course for beginners in CTFs (in Russian)
Wargames
Always online CTFs
Backdoor - Security Platform by SDSLabs.
Ctfs.me - CTF All the time
Exploit Exercises - Variety of VMs to learn variety of computer security issues.
Hack This Site - Training ground for hackers.
Over The Wire - Wargame maintained by OvertheWire Community
Ringzer0Team - Ringzer0 Team Online CTF
SmashTheStack - A variety of wargames maintained by the SmashTheStack Community.
VulnHub - VM-based for practical in digital security, computer application & net
work administration.
WeChall - Always online challenge site.
Websites
Various general websites about and on ctf
CTF Time - General information on CTF occuring around the worlds
Reddit Security CTF - Reddit CTF category
Wikis
Various Wikis available for learning about CTFs
Bamboofox - Chinese resources to learn CTF
ISIS Lab - CTF Wiki by Isis lab
Writeups Collections
Collections of CTF write-ups
Captf - Dumped CTF challenges and materials by psifertex
CTF write-ups (community) - CTF challenges + write-ups archive maintained by the
community
pwntools writeups - A collection of CTF write-ups all using pwntools
Shell Storm - CTF challenge archive maintained by Jonathan Salwan
Smoke Leet Everyday - CTF write-ups repo maintained by SmokeLeetEveryday team.
Network
Scanning / Pentesting
OpenVAS - OpenVAS is a framework of several services and tools offering a compre
hensive and powerful vulnerability scanning and vulnerability management solutio
n.
Metasploit Framework - A tool for developing and executing exploit code against
a remote target machine. Other important sub-projects include the Opcode Databas
e, shellcode archive and related research.
Kali - Kali Linux is a Debian-derived Linux distribution designed for digital fo
rensics and penetration testing. Kali Linux is preinstalled with numerous penetr
ation-testing programs, including nmap (a port scanner), Wireshark (a packet ana
lyzer), John the Ripper (a password cracker), and Aircrack-ng (a software suite
for penetration-testing wireless LANs).
pig - A Linux packet crafting tool.
Pompem - Pompem is an open source tool, which is designed to automate the search
for exploits in major databases. Developed in Python, has a system of advanced
search, thus facilitating the work of pentesters and ethical hackers. In its cur
rent version, performs searches in databases: Exploit-db, 1337day, Packetstorm S
ecurity...
Monitoring / Logging
justniffer - Justniffer is a network protocol analyzer that captures network tra
ffic and produces logs in a customized way, can emulate Apache web server log fi
les, track response times and extract all "intercepted" files from the HTTP traf
fic.
httpry - httpry is a specialized packet sniffer designed for displaying and logg
ing HTTP traffic. It is not intended to perform analysis itself, but to capture,
parse, and log the traffic for later analysis. It can be run in real-time displ
aying the traffic as it is parsed, or as a daemon process that logs to an output
file. It is written to be as lightweight and flexible as possible, so that it c
an be easily adaptable to different applications.
ngrep - ngrep strives to provide most of GNU grep s common features, applying th
em to the network layer. ngrep is a pcap-aware tool that will allow you to speci
fy extended regular or hexadecimal expressions to match against data payloads of
packets. It currently recognizes IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw acros
s Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands BPF
filter logic in the same fashion as more common packet sniffing tools, such as
tcpdump and snoop.
passivedns - A tool to collect DNS records passively to aid Incident handling, N
etwork Security Monitoring (NSM) and general digital forensics. PassiveDNS sniff
s traffic from an interface or reads a pcap-file and outputs the DNS-server answ
ers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers in-memor
y, limiting the amount of data in the logfile without loosing the essens in the
DNS answer.
sagan - Sagan uses a Snort like engine and rules to analyze logs (syslog/event
log/snmptrap/netflow/etc).
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that perfo
rms log analysis, file integrity checking, policy monitoring, rootkit detection,
real-time alerting and active response. It runs on most operating systems, incl
uding Linux, MacOS, Solaris, HP-UX, AIX and Windows.
ntopng - Ntopng is a network traffic probe that shows the network usage, similar
to what the popular top Unix command does.
IDS / IPS / Host IDS / Host IPS
Snort - Snort is a free and open source network intrusion prevention system (NIP
S) and network intrusion detection system (NIDS)created by Martin Roesch in 1998
. Snort is now developed by Sourcefire, of which Roesch is the founder and CTO.
In 2009, Snort entered InfoWorld s Open Source Hall of Fame as one of the "great
est [pieces of] open source software of all time".
Bro - Bro is a powerful network analysis framework that is much different from t
he typical IDS you may know.
Suricata - Suricata is a high performance Network IDS, IPS and Network Security
Monitoring engine. Open Source and owned by a community run non-profit foundatio
n, the Open Information Security Foundation (OISF). Suricata is developed by the

OISF and its supporting vendors.
Security Onion - Security Onion is a Linux distro for intrusion detection, netwo
rk security monitoring, and log management. It s based on Ubuntu and contains Sn
ort, Suricata, Bro, OSSEC, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, an
d many other security tools. The easy-to-use Setup wizard allows you to build an
army of distributed sensors for your enterprise in minutes!
sshwatch - IPS for SSH similar to DenyHosts written in Python. It also can gathe
r information about attacker during the attack in a log.
Honey Pot / Honey Net
Dionaea - Dionaea is meant to be a nepenthes successor, embedding python as scri
pting language, using libemu to detect shellcodes, supporting ipv6 and tls.
Conpot - ICS/SCADA Honeypot. Conpot is a low interactive server side Industrial
Control Systems honeypot designed to be easy to deploy, modify and extend. By pr
oviding a range of common industrial control protocols we created the basics to
build your own system, capable to emulate complex infrastructures to convince an
adversary that he just found a huge industrial complex. To improve the deceptiv
e capabilities, we also provided the possibility to server a custom human machin
e interface to increase the honeypots attack surface. The response times of the
services can be artificially delayed to mimic the behaviour of a system under co
nstant load. Because we are providing complete stacks of the protocols, Conpot c
an be accessed with productive HMI s or extended with real hardware. Conpot is d
eveloped under the umbrella of the Honeynet Project and on the shoulders of a co
uple of very big giants.
Amun - Amun Python-based low-interaction Honeypot.
Glastopf - Glastopf is a Honeypot which emulates thousands of vulnerabilities to
gather data from attacks targeting web applications. The principle behind it is
very simple: Reply the correct response to the attacker exploiting the web appl
ication.
Kippo - Kippo is a medium interaction SSH honeypot designed to log brute force a
ttacks and, most importantly, the entire shell interaction performed by the atta
cker.
Kojoney - Kojoney is a low level interaction honeypot that emulates an SSH serve
r. The daemon is written in Python using the Twisted Conch libraries.
HonSSH - HonSSH is a high-interaction Honey Pot solution. HonSSH will sit betwee
n an attacker and a honey pot, creating two separate SSH connections between the
m.
Bifrozt - Bifrozt is a NAT device with a DHCP server that is usually deployed wi
th one NIC connected directly to the Internet and one NIC connected to the inter
nal network. What differentiates Bifrozt from other standard NAT devices is its
ability to work as a transparent SSHv2 proxy between an attacker and your honeyp
ot. If you deployed an SSH server on Bifrozts internal network it would log all t
he interaction to a TTY file in plain text that could be viewed later and captur
e a copy of any files that were downloaded. You would not have to install any ad
ditional software, compile any kernel modules or use a specific version or type
of operating system on the internal SSH server for this to work. It will limit o
utbound traffic to a set number of ports and will start to drop outbound packets
on these ports when certain limits are exceeded.
HoneyDrive - HoneyDrive is the premier honeypot Linux distro. It is a virtual ap
pliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains ov
er 10 pre-installed and pre-configured honeypot software packages such as Kippo
SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypo
t, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and Phoney
C honeyclients and more. Additionally it includes many useful pre-configured scr
ipts and utilities to analyze, visualize and process the data it can capture, su
ch as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more. Lastly, al
most 90 well-known malware analysis, forensics and network monitoring related to
ols are also present in the distribution.
Cuckoo Sandbox - Cuckoo Sandbox is an Open Source software for automating analys
is of suspicious files. To do so it makes use of custom components that monitor
the behavior of the malicious processes while running in an isolated environment

.
Full Packet Capture / Forensic
tcpflow - tcpflow is a program that captures data transmitted as part of TCP con
nections (flows), and stores the data in a way that is convenient for protocol a
nalysis and debugging. Each TCP flow is stored in its own file. Thus, the typica
l TCP flow will be stored in two files, one for each direction. tcpflow can also
process stored tcpdump packet flows.
Xplico - The goal of Xplico is extract from an internet traffic capture the appl
ications data contained. For example, from a pcap file Xplico extracts each emai
l (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP,
TFTP, and so on. Xplico isnt a network protocol analyzer. Xplico is an open sour
ce Network Forensic Analysis Tool (NFAT).
Moloch - Moloch is an open source, large scale IPv4 packet capturing (PCAP), ind
exing and database system. A simple web interface is provided for PCAP browsing,
searching, and exporting. APIs are exposed that allow PCAP data and JSON-format
ted session data to be downloaded directly. Simple security is implemented by us
ing HTTPS and HTTP digest password support or by using apache in front. Moloch i
s not meant to replace IDS engines but instead work along side them to store and
index all the network traffic in standard PCAP format, providing fast access. M
oloch is built to be deployed across many systems and can scale to handle multip
le gigabits/sec of traffic.
OpenFPC - OpenFPC is a set of tools that combine to provide a lightweight full-p
acket network traffic recorder & buffering system. It s design goal is to allow
non-expert users to deploy a distributed network traffic recorder on COTS hardwa
re while integrating into existing alert and log management tools.
Dshell - Dshell is a network forensic analysis framework. Enables rapid developm
ent of plugins to support the dissection of network packet captures.
stenographer - Stenographer is a packet capture solution which aims to quickly s
pool all packets to disk, then provide simple, fast access to subsets of those p
ackets.
Sniffer
wireshark - Wireshark is a free and open-source packet analyzer. It is used for
network troubleshooting, analysis, software and communications protocol developm
ent, and education. Wireshark is very similar to tcpdump, but has a graphical fr
ont-end, plus some integrated sorting and filtering options.
netsniff-ng - netsniff-ng is a free Linux networking toolkit, a Swiss army knife
for your daily Linux network plumbing if you will. Its gain of performance is r
eached by zero-copy mechanisms, so that on packet reception and transmission the
kernel does not need to copy packets from kernel space to user space and vice v
ersa.
Security Information & Event Management
Prelude - Prelude is a Universal "Security Information & Event Management" (SIEM
) system. Prelude collects, normalizes, sorts, aggregates, correlates and report
s all security-related events independently of the product brand or license givi
ng rise to such events; Prelude is "agentless".
OSSIM - OSSIM provides all of the features that a security professional needs fr
om a SIEM offering event collection, normalization, and correlation.
VPN
OpenVPN - OpenVPN is an open source software application that implements virtual
private network (VPN) techniques for creating secure point-to-point or site-tosite connections in routed or bridged configurations and remote access facilitie
s. It uses a custom security protocol that utilizes SSL/TLS for key exchange.
Fast Packet Processing
DPDK - DPDK is a set of libraries and drivers for fast packet processing.
PFQ - PFQ is a functional networking framework designed for the Linux operating
system that allows efficient packets capture/transmission (10G and beyond), in-k
ernel functional processing and packets steering across sockets/end-points.
PF_RING - PF_RING is a new type of network socket that dramatically improves the
packet capture speed.
PF_RING ZC (Zero Copy) - PF_RING ZC (Zero Copy) is a flexible packet processing

framework that allows you to achieve 1/10 Gbit line rate packet processing (both
RX and TX) at any packet size. It implements zero copy operations including pat
terns for inter-process and inter-VM (KVM) communications.
PACKET_MMAP/TPACKET/AF_PACKET - It s fine to use PACKET_MMAP to improve the perf
ormance of the capture and transmission process in Linux.
netmap - netmap is a framework for high speed packet I/O. Together with its comp
anion VALE software switch, it is implemented as a single kernel module and avai
lable for FreeBSD, Linux and now also Windows.
Endpoint
Configuration Management
Rudder - Rudder is an easy to use, web-driven, role-based solution for IT Infras
tructure Automation & Compliance. Automate common system administration tasks (i
nstallation, configuration); Enforce configuration over time (configuring once i
s good, ensuring that configuration is valid and automatically fixing it is bett
er); Inventory of all managed nodes; Web interface to configure and manage nodes
and their configuration; Compliance reporting, by configuration and/or by node.
Authentication
google-authenticator - The Google Authenticator project includes implementations
of one-time passcode generators for several mobile platforms, as well as a plug
gable authentication module (PAM). One-time passcodes are generated using open s
tandards developed by the Initiative for Open Authentication (OATH) (which is un
related to OAuth). These implementations support the HMAC-Based One-time Passwor
d (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (T
OTP) algorithm specified in RFC 6238. Tutorials: How to set up two-factor authen
tication for SSH login on Linux
Mobile / Android /iOS
android-security-awesome - A collection of android security related resources. A
lot of work is happening in academia and industry on tools to perform dynamic a
nalysis, static analysis and reverse engineering of android apps.
SecMobi Wiki - A collection of mobile security resources which including article
s, blogs, books, groups, projects, tools and conferences. *
Forensics
grr - GRR Rapid Response is an incident response framework focused on remote liv
e forensics.
Threat Intelligence
abuse.ch - ZeuS Tracker / SpyEye Tracker / Palevo Tracker / Feodo Tracker tracks
Command&Control servers (hosts) around the world and provides you a domain- and
an IP-blocklist.
Emerging Threats - Open Source - Emerging Threats began 10 years ago as an open
source community for collecting Suricata and SNORT rules, firewall rules, and oth
er IDS rulesets. The open source community still plays an active role in Interne
t security, with more than 200,000 active users downloading the ruleset daily. T
he ETOpen Ruleset is open to any user or organization, as long as you follow som
e basic guidelines. Our ETOpen Ruleset is available for download any time.
PhishTank - PhishTank is a collaborative clearing house for data and information
about phishing on the Internet. Also, PhishTank provides an open API for develo
pers and researchers to integrate anti-phishing data into their applications at
no charge.
SBL / XBL / PBL / DBL / DROP / ROKSO - The Spamhaus Project is an international
nonprofit organization whose mission is to track the Internet s spam operations
and sources, to provide dependable realtime anti-spam protection for Internet ne
tworks, to work with Law Enforcement Agencies to identify and pursue spam and ma
lware gangs worldwide, and to lobby governments for effective anti-spam legislat
ion.
Internet Storm Center - The ISC was created in 2001 following the successful det
ection, analysis, and widespread warning of the Li0n worm. Today, the ISC provid
es a free analysis and warning service to thousands of Internet users and organi
zations, and is actively working with Internet Service Providers to fight back a
gainst the most malicious attackers.
AutoShun - AutoShun is a Snort plugin that allows you to send your Snort IDS log
s to a centralized server that will correlate attacks from your sensor logs with
other snort sensors, honeypots, and mail filters from around the world.
DNS-BH - The DNS-BH project creates and maintains a listing of domains that are
known to be used to propagate malware and spyware. This project creates the Bind
and Windows zone files required to serve fake replies to localhost for any requ
ests to these, thus preventing many spyware installs and reporting.
AlienVault Open Threat Exchange - AlienVault Open Threat Exchange (OTX), to help
you secure your networks from data loss, service disruption and system compromi
se caused by malicious IP addresses.
Tor Bulk Exit List - CollecTor, your friendly data-collecting service in the Tor
network. CollecTor fetches data from various nodes and services in the public T
or network and makes it available to the world. If you re doing research on the
Tor network, or if you re developing an application that uses Tor network data,
this is your place to start. TOR Node List / DNS Blacklists / Tor Node List
leakedin.com - The primary purpose of leakedin.com is to make visitors aware abo
ut the risks of loosing data. This blog just compiles samples of data lost or di
sclosed on sites like pastebin.com.
FireEye OpenIOCs - FireEye Publicly Shared Indicators of Compromise (IOCs)
OpenVAS NVT Feed - The public feed of Network Vulnerability Tests (NVTs). It con
tains more than 35,000 NVTs (as of April 2014), growing on a daily basis. This f
eed is configured as the default for OpenVAS.
Project Honey Pot - Project Honey Pot is the first and only distributed system f
or identifying spammers and the spambots they use to scrape addresses from your
website. Using the Project Honey Pot system you can install addresses that are c
ustom-tagged to the time and IP address of a visitor to your site. If one of the
se addresses begins receiving email we not only can tell that the messages are s
pam, but also the exact moment when the address was harvested and the IP address
that gathered it.
virustotal - VirusTotal, a subsidiary of Google, is a free online service that a
nalyzes files and URLs enabling the identification of viruses, worms, trojans an
d other kinds of malicious content detected by antivirus engines and website sca
nners. At the same time, it may be used as a means to detect false positives, i.
e. innocuous resources detected as malicious by one or more scanners.
IntelMQ - IntelMQ is a solution for CERTs for collecting and processing security
feeds, pastebins, tweets using a message queue protocol. It s a community drive
n initiative called IHAP (Incident Handling Automation Project) which was concep
tually designed by European CERTs during several InfoSec events. Its main goal i
s to give to incident responders an easy way to collect & process threat intelli
gence thus improving the incident handling processes of CERTs. ENSIA Homepage.
CIFv2 - CIF is a cyber threat intelligence management system. CIF allows you to
combine known malicious threat information from many sources and use that inform
ation for identification (incident response), detection (IDS) and mitigation (nu
ll route).
Web
Organization
OWASP - The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwi
de not-for-profit charitable organization focused on improving the security of s
oftware.
Web Application Firewall
ModSecurity - ModSecurity is a toolkit for real-time web application monitoring,
logging, and access control.
NAXSI - NAXSI is an open-source, high performance, low rules maintenance WAF for
NGINX, NAXSI means Nginx Anti Xss & Sql Injection.
ironbee - IronBee is an open source project to build a universal web application
security sensor. IronBee as a framework for developing a system for securing we
b applications - a framework for building a web application firewall (WAF).
Scanning / Pentesting
sqlmap - sqlmap is an open source penetration testing tool that automates the pr
ocess of detecting and exploiting SQL injection flaws and taking over of databas
e servers. It comes with a powerful detection engine, many niche features for th
e ultimate penetration tester and a broad range of switches lasting from databas
e fingerprinting, over data fetching from the database, to accessing the underly
ing file system and executing commands on the operating system via out-of-band c
onnections.
ZAP - The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testin
g tool for finding vulnerabilities in web applications. It is designed to be use
d by people with a wide range of security experience and as such is ideal for de
velopers and functional testers who are new to penetration testing. ZAP provides
automated scanners as well as a set of tools that allow you to find security vu
lnerabilities manually.
w3af - w3af is a Web Application Attack and Audit Framework. The projects goal is
to create a framework to help you secure your web applications by finding and e
xploiting all web application vulnerabilities.
Recon-ng - Recon-ng is a full-featured Web Reconnaissance framework written in P
ython. Recon-ng has a look and feel similar to the Metasploit Framework.
PTF - The Penetration Testers Framework (PTF) is a way for modular support for u
p-to-date tools.
Big Data
data_hacking - Examples of using IPython, Pandas, and Scikit Learn to get the mo
st out of your security data.
hadoop-pcap - Hadoop library to read packet capture (PCAP) files.
Workbench - A scalable python framework for security research and development te
ams.
OpenSOC - OpenSOC integrates a variety of open source big data technologies in o
rder to offer a centralized tool for security monitoring and analysis.
binarypig - Scalable Binary Data Extraction in Hadoop. Malware Processing and An
alytics over Pig, Exploration through Django, Twitter Bootstrap, and Elasticsear
ch.
Other Awesome Lists
Other Security Awesome Lists
Android Security Awesome - A collection of android security related resources.
Awesome CTF - A curated list of CTF frameworks, libraries, resources and softwar
e.
Awesome Hacking - A curated list of awesome Hacking tutorials, tools and resourc
es.
Awesome Honeypots - An awesome list of honeypot resources.
Awesome Malware Analysis - A curated list of awesome malware analysis tools and
resources.
Awesome PCAP Tools - A collection of tools developed by other researchers in the
Computer Science area to process network traces.
Awesome Pentest - A collection of awesome penetration testing resources, tools a
nd other shiny things.
Awesome Linux Containers - A curated list of awesome Linux Containers frameworks
, libraries and software.
Awesome Incident Response - A curated list of resources for incident response.
Awesome Web Hacking - This list is for anyone wishing to learn about web applica
tion security but do not have a starting point.
Other Common Awesome Lists
Other amazingly awesome lists:
awesome-awesomeness - awesome-* or *-awesome lists.
lists - The definitive list of (awesome) lists curated on GitHub.
Honeypots
Database Honeypots
Elastic honey - A Simple Elasticsearch Honeypot
mysql - A mysql honeypot, still very very early stage
NoSQLpot - The NoSQL Honeypot Framework.
ESPot - ElasticSearch Honeypot
Web honeypots
Glastopf - Web Application Honeypot
phpmyadmin_honeypot - - A simple and effective phpMyAdmin honeypot

servlet - Web application Honeypot
Nodepot - A nodejs web application honeypot
basic-auth-pot bap - http Basic Authentication honeyPot
Shadow Daemon - A modular Web Application Firewall / High-Interaction Honeypot f
or PHP, Perl & Python apps
Servletpot - Web application Honeypot
Google Hack Honeypot - designed to provide reconnaissance against attackers that
use search engines as a hacking tool against your resources.
smart-honeypot - PHP Script demonstrating a smart honey pot
HonnyPotter - A WordPress login honeypot for collection and analysis of failed l
ogin attempts.
wp-smart-honeypot - WordPress plugin to reduce comment spam with a smarter honey
pot
wordpot - A WordPress Honeypot
Bukkit Honeypot Honeypot - A honeypot plugin for Bukkit
Laravel Application Honeypot - Honeypot - Simple spam prevention package for Lar
avel applications
stack-honeypot - Inserts a trap for spam bots into responses
EoHoneypotBundle - Honeypot type for Symfony2 forms
shockpot - WebApp Honeypot for detecting Shell Shock exploit attempts
django-admin-honeypot - A fake Django admin login screen to notify admins of att
empted unauthorized access.
Service Honeypots
Kippo - Medium interaction SSH honeypot
LongTail Log Analysis @ Marist College - analyzed SSH honeypot logs
DRG SSH Username and Password Authentication Tag Clouds - live updated word clou
ds of SSH login honeypot data
honeyntp - NTP logger/honeypot
honeypot-camera - observation camera honeypot
troje - a honeypot built around lxc containers. It will run each connection with
the service within a seperate lxc container.
slipm-honeypot - A simple low-interaction port monitoring honeypot
HoneyPy - A low interaction honeypot
Ensnare - Easy to deploy Ruby honeypot
RDPy - A Microsoft Remote Desktop Protocol (RDP) honeypot in python
Mailoney - SMTP honeypot, Open Relay, Cred Harvester written in python.
Honeyprint - Printer honeypot
hornet - Medium interaction SSH Honeypot
Anti-honeypot stuff
kippo_detect - This is not a honeypot, but it detects kippo. (This guy has lots
of more interesting stuff)
ICS/SCADA honeypots
Conpot - ICS/SCADA honeypot
gridpot - Open source tools for realistic-behaving electric grid honeynets
scada-honeynet - mimics many of the services from a popular PLC and better helps
SCADA researchers understand potential risks of exposed control system devices
SCADA honeynet - Building Honeypots for Industrial Networks
Deployment
Dionaea and EC2 in 20 Minutes - a tutorial on setting up Dionaea on an EC2 insta
nce
honeypotpi - Script for turning a Raspberry Pi into a Honey Pot Pi
Data Analysis
Kippo-Graph - a full featured script to visualize statistics from a Kippo SSH ho
neypot
Kippo stats - Mojolicious app to display statistics for your kippo SSH honeypot
Other/random
NOVA uses honeypots as detectors, looks like a complete system.
Open Canary - A low interaction honeypot intended to be run on internal networks
.
libemu - Shellcode emulation library, useful for shellcode detection.

OFPot - OpenFlow Honeypot, redirects traffic for unused IPs to a honeypot. Built
on POX.
OpenCanary - Modular and decentralised honeypot
Open Relay Spam Honeypot
SpamHAT - Spam Honeypot Tool
Botnet C2 monitor
Hale - Botnet command & control monitor
IPv6 attack detection tool
ipv6-attack-detector - Google Summer of Code 2012 project, supported by The Hone
ynet Project organization
Research Paper
vEYE - behavioral footprinting for self-propagating worm detection and profiling
Honeynet statistics
HoneyStats - A statistical view of the recorded activity on a Honeynet
Dynamic code instrumentation toolkit
Frida - Inject JavaScript to explore native apps on Windows, Mac, Linux, iOS and
Android
Front-end for dionaea
DionaeaFR - Front Web to Dionaea low-interaction honeypot
Tool to convert website to server honeypots
HIHAT - ransform arbitrary PHP applications into web-based high-interaction Hone
ypots
Malware collector
Kippo-Malware - Python script that will download all malicious files stored as U
RLs in a Kippo SSH honeypot database
Sebek in QEMU
Qebek - QEMU based Sebek. As Sebek, it is data capture tool for high interaction
honeypot
Malware Simulator
imalse - Integrated MALware Simulator and Emulator
Distributed sensor deployment
Smarthoneypot - custom honeypot intelligence system that is simple to deploy and
easy to manage
Modern Honey Network - Multi-snort and honeypot sensor management, uses a networ
k of VMs, small footprint SNORT installations, stealthy dionaeas, and a centrali
zed server for management
ADHD - Active Defense Harbinger Distribution (ADHD) is a Linux distro based on U
buntu LTS. It comes with many tools aimed at active defense preinstalled and con
figured
Network Analysis Tool
Tracexploit - replay network packets
Log anonymizer
LogAnon - log anonymization library that helps having anonymous logs consistent
between logs and network captures
server
Honeysink - open source network sinkhole that provides a mechanism for detection
and prevention of malicious traffic on a given network
Botnet traffic detection
dnsMole - analyse dns traffic, and to potentionaly detect botnet C&C server and
infected hosts
Low interaction honeypot (router back door)
Honeypot-32764 - Honeypot for router backdoor (TCP 32764)
honeynet farm traffic redirector
Honeymole - eploy multiple sensors that redirect traffic to a centralized collec
tion of honeypots
HTTPS Proxy
mitmproxy - allows traffic flows to be intercepted, inspected, modified and repl
ayed
spamtrap
SendMeSpamIDS.py Simple SMTP fetch all IDS and analyzer

System instrumentation
Sysdig - open source, system-level exploration: capture system state and activit
y from a running Linux instance, then save, filter and analyze
Honeypot for USB-spreading malware
Ghost-usb - honeypot for malware that propagates via USB storage devices
Data Collection
Kippo2MySQL - extracts some very basic stats from Kippos text-based log files (a
mess to analyze!) and inserts them in a MySQL database
Kippo2ElasticSearch - Python script to transfer data from a Kippo SSH honeypot M
ySQL database to an ElasticSearch instance (server or cluster)
Passive network audit framework parser
pnaf - Passive Network Audit Framework
VM Introspection
VIX virtual machine introspection toolkit - VMI toolkit for Xen, called Virtual
Introspection for Xen (VIX)
vmscope - Monitoring of VM-based High-Interaction Honeypots
vmitools - C library with Python bindings that makes it easy to monitor the lowlevel details of a running virtual machine
Binary debugger
Hexgolems - Schem Debugger Frontend - A debugger frontend
Hexgolems - Pint Debugger Backend - A debugger backend and LUA wrapper for PIN
Mobile Analysis Tool
APKinspector - APKinspector is a powerful GUI tool for analysts to analyze the A
ndroid applications
Androguard - Reverse engineering, Malware and goodware analysis of Android appli
cations ... and more
Low interaction honeypot
Honeypoint - platform of distributed honeypot technologies
Honeyperl - Honeypot software based in Perl with plugins developed for many func
tions like : wingates, telnet, squid, smtp, etc
Honeynet data fusion
HFlow2 - data coalesing tool for honeynet/network analysis
Server
LaBrea - takes over unused IP addresses, and creates virtual servers that are at
tractive to worms, hackers, and other denizens of the Internet.
Kippo - SSH honeypot
KFSensor - Windows based honeypot Intrusion Detection System (IDS)
Honeyd Also see more honeyd tools
Glastopf - Honeypot which emulates thousands of vulnerabilities to gather data f
rom attacks targeting web applications
DNS Honeypot - Simple UDP honeypot scripts
Conpot - ow interactive server side Industrial Control Systems honeypot
Bifrozt - High interaction honeypot solution for Linux based systems
Beeswarm - Honeypot deployment made easy
Bait and Switch - redirects all hostile traffic to a honeypot that is partially
mirroring your production system
Artillery - open-source blue team tool designed to protect Linux and Windows ope
rating systems through multiple methods
Amun - vulnerability emulation honeypot
TelnetHoney - A simple telnet honeypot
VM cloaking script
Antivmdetect - Script to create templates to use with VirtualBox to make vm dete
ction harder
IDS signature generation
Honeycomb
lookup service for AS-numbers and prefixes
CC2ASN
Web interface (for Thug)
Rumal - Thug s Ruml: a Thug s dress & weapon

Data Collection / Data Sharing
HPfriends - data-sharing platform
HPFeeds - lightweight authenticated publish-subscribe protocol
Distributed spam tracking
Project Honeypot
Python bindings for libemu
Pylibemu - A Libemu Cython wrapper
Controlled-relay spam honeypot
Shiva - Spam Honeypot with Intelligent Virtual Analyzer
Shiva The Spam Honeypot Tips And Tricks For Getting It Up And Running
Visualization Tool
Glastopf Analytics
Afterglow Cloud
Afterglow
central management tool
PHARM
Network connection analyzer
Impost
Virtual Machine Cloaking
VMCloak
Honeypot deployment
Modern Honeynet Network
SurfIDS
Automated malware analysis system
Cuckoo
Anubis
Hybrid Analysis
Low interaction
mwcollectd
Low interaction honeypot on USB stick
Honeystick
Honeypot extensions to Wireshark
Whireshark Extensions
Data Analysis Tool
HpfeedsHoneyGraph
Acapulco
Telephony honeypot
Zapping Rachel
Client
Pwnypot
MonkeySpider
Capture-HPC-NG
Wepawet
URLQuery
Trigona
Thug
Shelia
PhoneyC
Jsunpack-n
HoneyC
HoneyBOT
CWSandbox / GFI Sandbox
Capture-HPC-Linux
Capture-HPC
Andrubis
Visual analysis for network traffic
ovizart
Binary Management and Analysis Framework
Viper
Honeypot
Single-honeypot
Honeyd For Windows
IMHoneypot
Deception Toolkit
PDF document inspector
peepdf
Distribution system
Thug Distributed Task Queuing
HoneyClient Management
HoneyWeb
Network Analysis
HoneyProxy
Hybrid low/high interaction honeypot
HoneyBrid
Sebek on Xen
xebek
SSH Honeypot
Kojoney
Kojoney2 - low interaction SSH honeypot written in Python. Based on Kojoney by J
ose Antonio Coret
Cowrie - Cowrie SSH Honeypot (based on kippo)
sshlowpot - Yet another no-frills low-interaction ssh honeypot in Go.
sshhipot - High-interaction MitM SSH honeypot
DShield docker - Docker container running cowrie with DShield output enabled.
Glastopf data analysis
Glastopf Analytics
Distributed sensor project
DShield Web Honeypot Project
Distributed Web Honeypot Project
A pcap analyzer
Honeysnap
Client Web crawler
HoneySpider Network
Network traffic redirector
Honeywall
Honeypot Distribution with mixed content
HoneyDrive
Honeypot sensor
Dragon Research Group Distro
Honeeepi - Honeeepi is a honeypot sensor on Raspberry Pi which based on customiz
ed Raspbian OS.
File carving
TestDisk & PhotoRec
File and Network Threat Intelligence
VirusTotal
Data capture
Sebek
SSH proxy
HonSSH
Anti-Cheat
Minecraft honeypot
behavioral analysis tool for win32
Capture BAT
Live CD
DAVIX
Spamtrap
Spampot.py
Spamhole
spamd
Mail::SMTP::Honeypot - perl module that appears to provide the functionality of
a standard SMTP server
honeypot - The Project Honey Pot un-official PHP SDK
Commercial honeynet
Specter
Netbait
HONEYPOINT SECURITY SERVER - distributed honeypot, includes IT and SCADA emulato
rs
Server (Bluetooth)
Bluepot
Dynamic analysis of Android apps
Droidbox
Dockerized Low Interaction packaging
Manuka
Dockerized Thug
Dockerpot A docker based honeypot.
Docker honeynet Several Honeynet tools set up for Docker containers
Network analysis
Quechua
Sebek data visualization
Sebek Dataviz
SIP Server
Artemnesia VoIP
Botnet C2 monitoring
botsnoopd
low interaction
mysqlpot
Malware collection
Honeybow
IOT Honeypot
HoneyThing - TR-069 Honeypot
Active Directory
dcept - A tool for deploying and detecting use of Active Directory honeytokens
Honeyd Tools
Honeyd plugin
Honeycomb
Honeyd viewer
Honeyview
Honeyd to MySQL connector
Honeyd2MySQL
A script to visualize statistics from honeyd
Honeyd-Viz
Honeyd UI
Honeyd configuration GUI - application used to configure the honeyd daemon and g
enerate configuration files
Honeyd stats
Honeydsum.pl
Network and Artifact Analysis
Sandbox
RFISandbox - a PHP 5.x script sandbox built on top of funcall
dorothy2 - A malware/botnet analysis framework written in Ruby
COMODO automated sandbox
Argos - An emulator for capturing zero-day attacks
Sandbox-as-a-Service
malwr.com - free malware analysis service and community
detux.org - Multiplatform Linux Sandbox
Joebox Cloud - analyzes the behavior of malicious files including PEs, PDFs, DOC
s, PPTs, XLSs, APKs, URLs and MachOs on Windows, Android and Mac OS X for suspic
ious activities
Data Tools
Front Ends
Tango - Honeypot Intelligence with Splunk
Django-kippo - Django App for kippo SSH Honeypot
Wordpot-Frontend - a full featured script to visualize statistics from a Wordpot
honeypot -Shockpot-Frontend - a full featured script to visualize statistics fr
om a Shockpot honeypot
honeypotDisplay - A flask website which displays data I ve gathered with my SSH
Honeypot
honeyalarmg2 - Simplified UI for showing honeypot alarms
Visualization
HoneyMap - Real-time websocket stream of GPS events on a fancy SVG world map
HoneyMalt - Maltego tranforms for mapping Honeypot systems
Guides
T-Pot: A Multi-Honeypot Platform
Honeypot (Dionaea and kippo) setup script
Linux commands
Bmon: (Bandwidth Monitor) is a tool similar to nload that shows the traffic load
over all the network interfaces on the system. The output also consists of a gr
aph and a section with packet level details. Screenshot
Bwm-ng: (Bandwidth Monitor Next Generation) is another very simple real time net
work load monitor that reports a summary of the speed at which data is being tra
nsferred in and out of all available network interfaces on the system. Screensho
t
CBM: (Color Bandwidth Meter) A tiny little simple bandwidth monitor that display
s the traffic volume through network interfaces. No further options, just the tr
affic stats are display and updated in realtime. Screenshot
Collectl: reports system statistics in a style that is similar to dstat, and lik
e dstat it is gathers statistics about various different system resources like c
pu, memory, network etc. Over here is a simple example of how to use it to repor
t network usage/bandwidth. Screenshot
Dstat: is a versatile tool (written in python) that can monitor different system
statistics and report them in a batch style mode or log the data to a csv or si
milar file. This example shows how to use dstat to report network bandwidth Scre
enshot
Ifstat: reports the network bandwidth in a batch style mode. The output is in a
format that is easy to log and parse using other programs or utilities. Screensh
ot
Iftop: measures the data flowing through individual socket connections, and it w
orks in a manner that is different from Nload. Iftop uses the pcap library to ca
pture the packets moving in and out of the network adapter, and then sums up the
size and count to find the total bandwidth under use. Although iftop reports th
e bandwidth used by individual connections, it cannot report the process name/id
involved in the particular socket connection. But being based on the pcap libra
ry, iftop is able to filter the traffic and report bandwidth usage over selected
host connections as specified by the filter. Screenshot
Iptraf: is an interactive and colorful IP Lan monitor. It shows individual conne
ctions and the amount of data flowing between the hosts. Screenshot
Jnettop: Jnettop is a traffic visualiser, which captures traffic going through t
he host it is running from and displays streams sorted by bandwidth they use. Sc
reenshot
Nethogs: is a small net top tool that shows the bandwidth used by individual p
rocesses and sorts the list putting the most intensive processes on top. In the
event of a sudden bandwidth spike, quickly open nethogs and find the process res
ponsible. Nethogs reports the PID, user and the path of the program. Screenshot
Netload: displays a small report on the current traffic load, and the total numb
er of bytes transferred since the program start. No more features are there. Its
part of the netdiag. Screenshot

Netwatch: is part of the netdiag collection of tools, and it too displays the co
nnections between local host and other remote hosts, and the speed at which data
is transferring on each connection. Screenshot
Nload: is a commandline tool that allows users to monitor the incoming and outgo
ing traffic separately. It also draws outa graph to indicate the same, the scale
of which can be adjusted. Easy and simple to use, and does not support many opt
ions. Screenshot
Pktstat: displays all the active connections in real time, and the speed at whic
h data is being transferred through them. It also displays the type of the conne
ction, i.e. tcp or udp and also details about http requests if involved. Screens
hot
Slurm: is yet another network load monitor that shows device statistics along
with an ascii graph. It supports 3 different styles of graphs each of which can
be activated using the c, s and l keys. Simple in features, slurm does not displ
ay any further details about the network load. Screenshot
Speedometer: Another small and simple tool that just draws out good looking grap
hs of incoming and outgoing traffic through a given interface. Screenshot
Tcptrack: is similar to iftop, and uses the pcap library to capture packets and
calculate various statistics like the bandwidth used in each connection. It also
supports the standard pcap filters that can be used to monitor specific connect
ions. Screenshot
Trafshow: reports the current active connections, their protocol and the data tr
ansfer speed on each connection. It can filter out connections using pcap type f
ilters. Screenshot
Vnstat: is bit different from most of the other tools. It actually runs a backgr
ound service/daemon and keeps recording the size of data transfer all the time.
Next it can be used to generate a report of the history of network usage. Screen
shot
Traffic Capture
Libpcap/Tcpdump: The official site of tcpdump, a powerful command-line packet an
alyzer; and libpcap, a portable C/C++ library for network traffic capture.
Ngrep: strives to provide most of GNU grep s common features, applying them to t
he network layer. ngrep is a pcap-aware tool that will allow you to specify exte
nded regular or hexadecimal expressions to match against data payloads of packet
s. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, T
oken Ring and null interfaces, and understands bpf filter logic in the same fash
ion as more common packet sniffing tools, such as tcpdump and snoop.
clj-net-pcap: clj-net-pcap is a packet capturing library for Clojure. clj-net-pc
ap uses jNetPcap and adds convenience functionality around jNetPcap for easing t
he usability. A paper on clj-net-pcap was published in scope of COMPSACW 2014.
jNetPcap: jNetPcap is a packet capturing library for Java that is available for
Linux and Windows. jNetPcap leverages libpcap respectively WinPcap and employs t
he Java Native Interface (JNI) for using the functionality provided by libpcap/W
inPcap.
Moloch: Moloch is a open source large scale full PCAP capturing, indexing and da
tabase system.
n2disk (Commercial): A multi-Gigabit network traffic recorder with indexing capa
bilities. n2disk is a network traffic recorder application. With n2disk you can
capture full- sized network packets at multi-Gigabit rate (above 10 Gigabit/s on
adequate hardware) from a live network interface, and write them into files wit
hout any packet loss.
OpenFPC: OpenFPC is a set of scripts that combine to provide a lightweight fullpacket network traffic recorder & buffering tool. Its design goal is to allow no
n-expert users to deploy a distributed network traffic recorder on COTS hardware
while integrating into existing alert and log tools.
PF_RING: PF_RING is a new type of network socket that dramatically improves the
packet capture speed. Available for Linux kernels 2.6.32 and newer. No need to p
atch the kernel. PF_RING-aware drivers for increased packet capture acceleration
.
TTT: (Tele Traffic Tapper) is yet another descendant of tcpdump but it is capabl
e of real-time, graphical, and remote traffic-monitoring. ttt won t replace tcpd
ump, rather, it helps you find out what to look into with tcpdump. ttt monitors
the network and automatically picks up the main contributors of the traffic with
in the time window. The graphs are updated every second by default.
Yaf: It s a reliable piece of software, quite solid and able to generate flow re
cords from pcap. This is very nice for indexing huge pcap or even doing packet c
apture. The recent version can even extract payloads and put in the flow records
.
Traffic Analysis/Inspection
AIEngine: is a next generation interactive/programmable packet inspection engine
with capabilities of learning without any human intervention, NIDS functionalit
y, DNS domain classification, network collector and many others. AIEngine also h
elps network/security professionals to identify traffic and develop signatures f
or use them on NIDS, Firewalls, Traffic classifiers and so on.
Bro: is an open-source, Unix-based Network Intrusion Detection System (NIDS) tha
t passively monitors network traffic and looks for suspicious activity. Bro dete
cts intrusions by first parsing network traffic to extract its application- leve
l semantics and then executing event-oriented analyzers that compare the activit
y with patterns deemed troublesome. Its analysis includes detection of specific
attacks (including those defined by signatures, but also those defined in terms
of events) and unusual activities (e.g., certain hosts connecting to certain ser
vices, or patterns of failed connection attempts).
CapTipper: Malicious HTTP traffic explorer
Chopshop: is a MITRE developed framework to aid analysts in the creation and exe
cution of pynids based decoders and detectors of APT tradecraft.
CoralReef: is a software suite developed by CAIDA to analyze data collected by p
assive Internet traffic monitors. It provides a programming library libcoral, si
milar to libpcap with extensions for ATM and other network types, which is avail
able from both C and Perl.
DPDK: is a set of libraries and drivers for fast packet processing. It was desig
ned to run on any processors. The first supported CPU was Intel x86 and it is no
w extended to IBM Power 8, EZchip TILE-Gx and ARM. It runs mostly in Linux userl
and. A FreeBSD port is available for a subset of DPDK features.
DPKT: Python packet creation/parsing library.
ECap: (External Capture) is a distributed network sniffer with a web frontend.
Ecap was written many years ago in 2005, but a post on the tcpdump-workers mail
ing list requested a similar application... so here it is. It would be fun to up
date it and work on it again if there s any interest.
EtherApe: is a graphical network monitor for Unix modeled after etherman. Featur
ing link layer, ip and TCP modes, it displays network activity graphically. Host
s and links change in size with traffic. Color coded protocols display. It suppo
rts Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffi
c to be shown, and can read traffic from a file as well as live from the network
.
HttpSniffer: A multi-threading tool to sniff TCP flow statistics and embedded HT
TP headers from PCAP file. Each TCP flow carrying HTTP is exported to text file
in JSON format.
Ipsumdump: summarizes TCP/IP dump files into a self-describing ASCII format easi
ly readable by humans and programs. Ipsumdump can read packets from network inte
rfaces, from tcpdump files, and from existing ipsumdump files. It will transpare
ntly uncompress tcpdump or ipsumdump files when necessary. It can randomly sampl
e traffic, filter traffic based on its contents, anonymize IP addresses, and sor
t packets from multiple dumps by timestamp. Also, it can optionally create a tcp
dump file containing actual packet data. It s also convenient to work with CLICK
as a inserted module.
ITA: The Internet Traffic Archive is a moderated repository to support widesprea
d access to traces of Internet network traffic, sponsored by ACM SIGCOMM. The tr
aces can be used to study network dynamics, usage characteristics, and growth pa
tterns, as well as providing the grist for trace- driven simulations. The archiv
e is also open to programs for reducing raw trace data to more manageable forms,
for generating synthetic traces, and for analyzing traces.
Libcrafter: is a high level library for C++ designed to make easier the creation
and decoding of network packets. It is able to craft or decode packets of most
common network protocols, send them on the wire, capture them and match requests
and replies.
Libnet: is a collection of routines to help with the construction and handling o
f network packets. It provides a portable framework for low-level network packet
shaping, handling and injection. Libnet features portable packet creation inter
faces at the IP layer and link layer, as well as a host of supplementary and com
plementary functionality. Using libnet, quick and simple packet assembly applica
tions can be whipped up with little effort.
Libnids: designed by Rafal Wojtczuk, is an implementation of an E-component of N
etwork Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libn
ids offers IP defragmentation, TCP stream assembly and TCP port scan detection.
The most valuable feature of libnids is reliability. A number of tests were cond
ucted, which proved that libnids predicts behaviour of protected Linux hosts as
closely as possible.
Multitail: now has a colorscheme included for monitoring the tcpdump output. It
can also filter, convert timestamps to timestrings and much more.
Netsniff-ng: Netsniff-ng is a toolkit of free Linux networking utilities, a Swis
s army knife for your daily Linux network plumbing if you will.
NetDude: (NETwork DUmp data Displayer and Editor). From their webpage, "it is a
GUI-based tool that allows you to make detailed changes to packets in tcpdump tr
acefiles."
Network Expect: is a framework that allows to easily build tools that can intera
ct with network traffic. Following a script, traffic can be injected into the ne
twork, and decisions can be taken, and acted upon, based on received network tra
ffic. An interpreted language provides branching and high-level control structur
es to direct the interaction with the network. Network Expect uses libpcap for p
acket capture and libwireshark (from the Wireshark project) for packet dissectio
n tasks. (GPL, BSD/Linux/OSX).
Ntop: Ntop is a network traffic probe that shows the network usage, similar to w
hat the popular top Unix command does. ntop is based on libpcap and it has been
written in a portable way in order to virtually run on every Unix platform and o
n Win32 as well.
Ntopng: Ntopng is the next generation version of the original ntop, a network tr
affic probe that shows the network usage, similar to what the popular top Unix c
ommand does. ntop is based on libpcap and it has been written in a portable way
in order to virtually run on every Unix platform, MacOSX and on Win32 as well.
Pcap2har: A program to convert .pcap network capture files to HTTP Archive files
using library dpkt.
pkt2flow: A simple utility to classify packets into flows. It s so simple that o
nly one task is aimed to finish. For Deep Packet Inspection or flow classificati
on, it s so common to analyze the feature of one specific flow. I have make the
attempt to use made-ready tools like tcpflows, tcpslice, tcpsplit, but all these
tools try to either decrease the trace volume (under requirement) or resemble t
he packets into flow payloads (over requirement). I have not found a simple tool
to classify the packets into flows without further processing.
potiron: Normalizes, indexes, enriches and visualizes network captures.
pyshark: A Python wrapper for tshark, allowing python packet parsing using wires
hark dissectors. There are quite a few python packet parsing modules, this one i
s different because it doesn t actually parse any packets, it simply uses tshark
s (wireshark command-line utility) ability to export XMLs to use its parsing.
Sanitize: Sanitize is a collection of five Bourne shell scripts for reducing tcp
dump traces in order to address security and privacy concerns, by renumbering ho
sts and stripping out packet contents. Each script takes as input a tcpdump trac
e file and generates to stdout a reduced, ASCII file in fixed-column format.
Scapy: Scapy is a powerful interactive packet manipulation program. It is able t
o forge or decode packets of a wide number of protocols, send them on the wire,
capture them, match requests and replies, and much more. It can easily handle mo
st classical tasks like scanning, tracerouting, probing, unit tests, attacks or
network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping,
tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other spe
cific tasks that most other tools can t handle, like sending invalid frames, inj
ecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poison
ing, VOIP decoding on WEP encrypted channel, ...), etc.
Sniff: Makes output from the tcpdump program easier to read and parse.
Snort: Snort is an open source network intrusion prevention and detection system
(IDS/IPS) developed by Sourcefire, now owned by Cisco. Combining the benefits o
f signature, protocol and anomaly- based inspection, Snort is the most widely de
ployed IDS/IPS technology worldwide. With millions of downloads and approximatel
y 500,000 registered users, Snort has become the de facto standard for IPS.
Socket Sentry: Socket Sentry is a real-time network traffic monitor for KDE Plas
ma in the same spirit as tools like iftop and netstat.
TCP-Reduce: TCP-Reduce is a collection of Bourne shell scripts for reducing tcpd
ump traces to one-line summaries of each TCP connection present in the trace. Th
e scripts look only at TCP SYN/FIN/RST packets. Connections without SYN packets
in the trace (such as those on- going at the beginning of the trace) will not ap
pear in the summary. Garbaged packets (those missing some of their contents) are
reported to stderr as bogon s and are discarded. Occasionally the script gets f
ooled by retransmissions with altered sequence numbers, and reports erroneous hu
ge connection sizes - always check large connections (say 100 MB or more) for pl
ausibility.
Tcpdpriv: Tcpdpriv is program for eliminating confidential information (user dat
a and addresses) from packets collected on a network interface (or, from trace f
iles created using the -w argument to tcpdump). Tcpdpriv removes the payload of
TCP and UDP, and the entire IP payload for other protocols. It implements severa
l address scrambling methods; the sequential numbering method and its variants,
and a hash method with preserving address prefix.
Tcpflow: A program that captures data transmitted as part of TCP connections (fl
ows), and stores the data in a way that is convenient for protocol analysis or d
ebugging. A program like tcpdump shows a summary of packets seen on the wire,
but usually doesn t store the data that s actually being transmitted. In contras
t, tcpflow reconstructs the actual data streams and stores each flow in a separa
te file for later analysis. Original link.
Tcplook: Tracelook is an Tcl/TK program for graphically viewing the contents of
trace files created using the -w argument to tcpdump. Tracelook should look at a
ll protocols, but presently only looks at TCP connections. The program is slow a
nd uses system resources prodigiously.
Tcpreplay: Replays a pcap file on an interface using libnet.
Tcpslice: Tcpslice is a tool for extracting portions of packet trace files gener
ated using tcpdump s -w flag. It can combine multiple trace files, and/or extrac
t portions of one or more traces based on time. From the tcpdump CVS server.
Tcpsplit: A tool to break a single libpcap packet trace into some number of subtraces, breaking the trace along TCP connection boundaries so that a TCP connec
tion doesn t end up split across two sub-traces. This is useful for making large
trace files tractable for in- depth analysis and for subsetting a trace for dev
eloping analysis on only part of a trace.
Tcpstat: Tcpstat reports certain network interface statistics much like vmstat d
oes for system statistics. tcpstat gets its information by either monitoring a s
pecific interface, or by reading previously saved tcpdump data from a file.
Tcptrace: A tool written by Shawn Ostermann at Ohio University, for analysis of
TCP dump files. It can take as input the files produced by several popular packe
t- capture programs, including tcpdump, snoop, etherpeek, HP Net Metrix, and Win
Dump. tcptrace can produce several different types of output containing informat
ion on each connection seen, such as elapsed time, bytes and segments sent and r
eceived, retransmissions, round trip times, window advertisements, throughput, a
nd more. It can also produce a number of graphs for further analysis.
TraceWrangler: TraceWrangler is a network capture file toolkit running on Window
s (or on Linux, using WINE) that supports PCAP as well as the new PCAPng file fo
rmat, which is now the standard file format used by Wireshark. The most prominen
t use case for TraceWrangler is the easy sanitization and anonymization of PCAP
and PCAPng files (sometimes called "trace files", "capture files" or "packet cap
tures"), removing or replacing sensitive data while being easy to use.
Tstat: A passive sniffer able to provide several insight on the traffic patterns
at both the network and transport levels with a tremendous set of flow features
.
WAND: A wonderful collection of tools built on libtrace to process network traff
ic, which is from The University of Waikato. I love this project!
WinPcap: An extract of a message from Guy Harris on state of WinPcap and WinDump
.
Wireshark suit: The well-known tool suit to support packet analyzer and protocol
decoder. It also includes a few practical tools and scripts to support most of
the common usage.
Xplot: The program xplot was written in the late 1980s to support the analysis o
f TCP packet traces.
yaraPcap: Process HTTP Pcaps With YARA
yaraprocessor: With yaraprocessor YARA can be run against individual packet payl
oads as well as a concatenation of some or all of the payloads. It was originall
y written for use in Chopshop, but can also be used without it.
DNS Utilities
dnsgram: dnsgram is a debugging tool for intermittent resolver failures. it take
s one or more input PCAP files and generates statistics on 5 second segments all
owing the study of intermittent resolver issues.
dnsreplay: Dnsreplay takes recorded questions and answers and replays them to th
e specified nameserver and reporting afterwards which percentage of answers matc
hed, were worse or better. Then compares the answers and some other metrics with
the actual ones with those found in the dumpfile.
dnsscan: dnsscan takes one or more INFILEs in PCAP format and generates a list o
f the number of queries per query type.
dnsscope: dnsscope takes an input PCAP and generates some simple statistics outp
uts these to console.
dnswasher: dnswasher takes an input file in PCAP format and writes out a PCAP fi
le, while obfuscating end-user IP addresses. This is useful to share data with t
hird parties while attempting to protect the privacy of your users.
File Extraction
Chaosreader: A freeware tool to trace TCP/UDP/... sessions and fetch application
data from snoop or tcpdump logs. This is a type of "any-snarf" program, as it w
ill fetch telnet sessions, FTP files, HTTP transfers (HTML, GIF, JPEG, ...), SMT
P emails, ... from the captured data inside network traffic logs. A html index f
ile is created that links to all the session details, including realtime replay
programs for telnet, rlogin, IRC, X11 and VNC sessions; and reports such as imag
e reports and HTTP GET/POST content reports.
Dsniff: Dsniff is a collection of tools for network auditing and penetration tes
ting. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively mon
itor a network for interesting data (passwords, e-mail, files, etc.). arpspoof,
dnsspoof, and macof facilitate the interception of network traffic normally unav
ailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm impl
ement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessi
ons by exploiting weak bindings in ad-hoc PKI.
Foremost: is a console program to recover files based on their headers, footers,
and internal data structures. This process is commonly referred to as data carv
ing. Foremost can work on image files, such as those generated by dd, Safeback,
Encase, etc, or directly on a drive. The headers and footers can be specified by
a configuration file or you can use command line switches to specify built-in f
ile types. These built-in types look at the data structures of a given file form
at allowing for a more reliable and faster recovery.
Justniffer: Justniffer is a network protocol analyzer that captures network traf
fic and produces logs in a customized way, can emulate Apache web server log fil
es, track response times and extract all "intercepted" files from the HTTP traff
ic.
NetworkMiner: NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Window
s (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a
passive network sniffer/packet capturing tool in order to detect operating syste
ms, sessions, hostnames, open ports etc. without putting any traffic on the netw
ork. NetworkMiner can also parse PCAP files for off-line analysis and to regener
ate/ reassemble transmitted files and certificates from PCAP files.
pcapfex - Packet CAPture Forensic Evidence eXtractor (pcapfex) is a tool that fi
nds and extracts files from packet capture files. Its power lies in its ease of
use. Just provide it a pcap file, and it will try to extract all of the files. I
t is an extensible platform, so additional file types to recognize and extract c
an be added easily.
scalpel: Scalpel is an open source data carving tool.
Snort: is an open source network intrusion prevention and detection system (IDS/
IPS) developed by Sourcefire, now owned by Cisco. Combining the benefits of sign
ature, protocol and anomaly- based inspection, Snort is the most widely deployed
IDS/IPS technology worldwide.
Tcpick: is a textmode sniffer libpcap-based that can track, reassemble and reord
er tcp streams. Tcpick is able to save the captured flows in different files or
displays them in the terminal, and so it is useful to sniff files that are trans
mitted via ftp or http. It can display all the stream on the terminal, when the
connection is closed in different display modes like hexdump, hexdump + ascii, o
nly printable characters, raw mode and so on.
Tcpxtract: is a tool for extracting files from network traffic based on file sig
natures. Extracting files based on file type headers and footers (sometimes call
ed "carving") is an age old data recovery technique.
Xplico: The goal of Xplico is extract from an internet traffic capture the appli
cations data contained. For example, from a pcap file Xplico extracts each email
(POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP,
TFTP, and so on. Xplico isn t a network protocol analyzer. Xplico is an open sou
rce Network Forensic An alysis Tool (NFAT). Xplico is released under the GNU Gen
eral Public License and with some scripts under Creative Commons Attribution-Non
Commercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) License.
Related Projects
BPF for Ultrix: A distribution of BPF for Ultrix 4.2, with both source code and
binary modules.
BPF+: Exploiting Global Data-flow Optimization in a Generalized Packet Filter Ar
chitecture By Andrew Begel, Steven McCanne, and Susan Graham.
FFT-FGN-C: is a program for synthesizing a type of self-similar process known as
fractional Gaussian noise. The program is fast but approximate. Fractional Gaus
sian noise is only one type of self-similar process. When using this program for
synthesizing network traffic, you must keep in mind that it may be that the tra
ffic you seek is better modeled using one of the other processes.
Haka: An open source security oriented language which allows to describe protoco
ls and apply security policies on (live) captured traffic. The scope of Haka lan
guage is twofold. First of all, it allows to write security rules in order to fi
lter/alter/drop unwanted packets and log and report malicious activities. Second
, Haka features a grammar enabling to specify network protocols and their underl
ying state machine.
RIPE-NCC Hadoop for PCAP: A Hadoop library to read packet capture (PCAP) files.
Bundles the code used to read PCAPs. Can be used within MapReduce jobs to native
ly read PCAP files. Also features a Hive Serializer/Deserializer (SerDe) to quer
y PCAPs using SQL like commands.
Traffic Data Repository at the WIDE Project: It becomes increasingly important f
or both network researchers and operators to know the trend of network traffic a
nd to find anomaly in their network traffic. This paper describes an on-going ef
fort within the WIDE project to collect a set of free tools to build a traffic d
ata repository containing detailed information of our backbone traffic. Traffic
traces are collected by tcpdump and, after removing privacy information, the tra
ces are made open to the public. We review the issues on user privacy, and then,
the tools used to build the WIDE traffic repository. We will report the current
status and findings in the early stage of our IPv6 deployment.
Usenix93 Paper on BPF: The libpcap interface supports a filtering mechanism base
d on the architecture in the BSD packet filter. BPF is described in the 1993 Win
ter Usenix paper "The BSD Packet Filter: A New Architecture for User-level Packe
t Capture".
ONLINE ANALYZERS
AndroTotal
CopperDroid
Dexter
Sandroid
Tracedroid
Visual Threat
Mobile Malware Sandbox
MobiSec Eacus
IBM Security AppScan Mobile Analyzer - not free
NVISO ApkScan
AVC UnDroid
Fireeye- max 60MB 15/day
habo 10/day
Virustotal-max 128MB
Fraunhofer App-ray - not free
Stowaway
Anubis
Mobile app insight
Mobile-Sandbox
Ijiami
Comdroid
Android Sandbox
Foresafe
STATIC ANALYSIS TOOLS
Androwarn - detect and warn the user about potential malicious behaviours develo
pped by an Android application.
ApkAnalyser
APKInspector
Droid Intent Data Flow Analysis for Information Leakage
Several tools from PSU
Smali CFG generator
FlowDroid
Android Decompiler not free
PSCout - A tool that extracts the permission specification from the Android OS s
ource code using static analysis
Amandroid
SmaliSCA - Smali Static Code Analysis
CFGScanDroid - Scans and compares CFG against CFG of malicious applications
Madrolyzer - extracts actionable data like C&C, phone number etc.
SPARTA - verifies (proves) that an app satisfies an information-flow security po
licy; built on the Checker Framework
ConDroid - Performs a combination of symoblic + concrete execution of the app
APP VULNERABILITY SCANNERS
QARK - QARK by LinkedIn is for app developers to scan app for security issues
AndroBugs
DYNAMIC ANALYSIS TOOLS
Android DBI frameowork
Android Malware Analysis Toolkit - (linux distro) Earlier it use to be an online
analyzer
AppUse custom build for pentesting

Cobradroid custom image for malware analysis
ViaLab Community Edition
Droidbox
Mercury
Drozer
Taintdroid - requires AOSP compilation
Xposed - equivalent of doing Stub based code injection but without any modificat
ions to the binary
Android Hooker - API Hooking of java methods triggered by any Android applicatio
n (requires the Substrate Framework)
Android tamer - custom image
Droidscope - custom image for dynamic analysis
CuckooDroid - Android extension for Cuckoo sandbox
Mem - Memory analysis of Android (root required)
Crowdroid unable to find the actual tool
AuditdAndroid android port of auditd, not under active development anymore
Android Security Evaluation Framework - not under active development anymore
Android Reverse Engineering ARE (android reverse engineering) not under active d
evelopment anymore
Aurasium Practical security policy enforcement for Android apps via bytecode rew
riting and in-place reference monitor.
Android Linux Kernel modules *
Appie - Appie is a software package that has been pre-configured to function as
an Android Pentesting Environment.It is completely portable and can be carried o
n USB stick or smartphone.This is a one stop answer for all the tools needed in
Android Application Security Assessment and an awesome alternative to existing v
irtual machines.
StaDynA - a system supporting security app analysis in the presence of dynamic c
ode update features (dynamic class loading and reflection). This tool combines s
tatic and dynamic analysis of Android applications in order to reveal the hidden
/updated behavior and extend static analysis results with this information.
DroidAnalytics - incomplete
Vezir Project - Virtual Machine for Mobile Application Pentesting and Mobile Mal
ware Analysis
REVERSE ENGINEERING
Smali/Baksmali apk decompilation
emacs syntax coloring for smali files
vim syntax coloring for smali files
AndBug
Androguard powerful, integrates well with other tools
Apktool really useful for compilation/decompilation (uses smali)
Android Framework for Exploitation
Bypass signature and permission checks for IPCs
Android OpenDebug make any application on device debuggable (using cydia substra
te).
Dare .dex to .class converter
Dex2Jar - dex to jar converter
Enjarify - dex to jar converter from Google
Dedexer
Fino
Indroid thread injection kit
IntentSniffer
Introspy
Jad - Java decompiler
JD-GUI - Java decompiler
CFR - Java decompiler
Krakatau - Java decompiler
Procyon - Java decompiler
FernFlower - Java decompiler
Redexer apk manipulation

Smali viewer
ZjDroid (no longer available), fork/mirror
Simplify Android deobfuscator
Bytecode viewer
Radare2
FUZZ TESTING
IntentFuzzer
Radamsa Fuzzer
Honggfuzz
An Android port of the melkor ELF fuzzer
Media Fuzzing Framework for Android
APP REPACKAGING DETECTORS
FSquaDRA - a tool for detection of repackaged Android applications based on app
resources hash comparison.
Exploitable Vulnerabilties
Vulnerability Google doc
Root Exploits (from Drozer issue #56)
SAMPLE SOURCES
contagio mini dump
Android malware github repo
Open Source database
Drebin
Admire
MalGenome - contains 1260 malware samples categorized into 49 different malware
families, free for research purpose.
VirusTotal Malware Intelligence Service - powered by VirusTotal,not free
Reading material
Android Security (and Not) Internals
Android security related presentations
A good collection of static analysis papers
MARKET CRAWLERS
Google play crawler (Java)
Google play crawler (Python)
Google play crawler (Node) - get app details and download apps from official Goo
gle Play Store.
Aptoide downloader (Node) - download apps from Aptoide third-party Android marke
t
Appland downloader (Node) - download apps from Appland third-party Android marke
t
MISC TOOLS
smalihook
APK-Downloader
AXMLPrinter2 - to convert binary XML files to human-readable XML files
adb autocomplete
Dalvik opcodes
Opcodes table for quick reference
ExploitMe Android Labs - for practice
GoatDroid - for practice
mitmproxy
dockerfile/androguard
Android Vulnerability Test Suite - android-vts scans a device for set of vulnera
bilities
Good Tutorials
Android Reverse Engineering 101 by Daniele Altomare
Tutorials
Corelan Team s Exploit writing tutorial
Exploit Writing Tutorials for Pentesters
Tools
Metasploit A computer security project that provides information about security
vulnerabilities and aids in penetration testing and IDS signature development.
mimikatz - A little tool to play with Windows security
General
Exploit database - An ultimate archive of exploits and vulnerable software
Reverse Engineering
Tutorials
Lenas Reversing for Newbies
Malware Analysis Tutorials: a Reverse Engineering Approach
Tools
IDA - IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler an
d debugger
OllyDbg - A 32-bit assembler level analysing debugger for Windows
dex2jar - Tools to work with android .dex and java .class files
JD-GUI - A standalone graphical utility that displays Java source codes of .class
files
androguard - Reverse engineering, Malware and goodware analysis of Android appli
cations
JAD - JAD Java Decompiler
dotPeek - a free-of-charge .NET decompiler from JetBrains
UPX - the Ultimate Packer for eXecutables
radare2 - A portable reversing framework
General
Open Malware
Web
Tools
sqlmap - Automatic SQL injection and database takeover tool
tools.web-max.ca - base64 base85 md4,5 hash, sha1 hash encoding/decoding
Network
Tools
Wireshark - A free and open-source packet analyzer
NetworkMiner - A Network Forensic Analysis Tool (NFAT)
tcpdump - a powerful command-line packet analyzer; and libpcap, a portable C/C++
library for network traffic capture
Paros - A Java based HTTP/HTTPS proxy for assessing web application vulnerabilit
y
pig - A Linux packet crafting tool
ZAP - The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testin
g tool for finding vulnerabilities in web applications
mitmproxy - An interactive, SSL-capable man-in-the-middle proxy for HTTP with a
console interface
mitmsocks4j - Man in the Middle SOCKS Proxy for JAVA
nmap - Nmap (Network Mapper) is a security scanner
Aircrack-ng - An 802.11 WEP and WPA-PSK keys cracking program
Forensic
Tools
Autospy - A digital forensics platform and graphical interface to The Sleuth Kit
and other digital forensics tools
sleuthkit - A library and collection of command line digital forensics tools
EnCase - the shared technology within a suite of digital investigations products
by Guidance Software
malzilla - Malware hunting tool
PEview - a quick and easy way to view the structure and content of 32-bit Portab
le Executable (PE) and Component Object File Format (COFF) files
HxD - A hex editor which, additionally to raw disk editing and modifying of main
memory (RAM), handles files of any size
WinHex - A hexadecimal editor, helpful in the realm of computer forensics, data
recovery, low-level data processing, and IT security
BinText - A small, very fast and powerful text extractor that will be of particu
lar interest to programmers

Cryptography
Tools
xortool - A tool to analyze multi-byte xor cipher
John the Ripper - A fast password cracker
Aircrack - Aircrack is 802.11 WEP and WPA-PSK keys cracking program.
Wargame
System
OverTheWire - Semtex
OverTheWire - Vortex
OverTheWire - Drifter
pwnable.kr - Provide various pwn challenges regarding system security
Exploit Exercises - Nebula
SmashTheStack
Reverse Engineering
Reversing.kr - This site tests your ability to Cracking & Reverse Code Engineeri
ng
CodeEngn - (Korean)
simples.kr - (Korean)
Web
Hack This Site! - a free, safe and legal training ground for hackers to test and
expand their hacking skills
Webhacking.kr
0xf.at - a website without logins or ads where you can solve password-riddles (s
o called hackits).
Cryptography
OverTheWire - Krypton
CTF
Competition
DEF CON
CSAW CTF
hack.lu CTF
Pliad CTF
RuCTFe
Ghost in the Shellcode
PHD CTF
SECUINSIDE CTF
Codegate CTF
Boston Key Party CTF
General
CTFtime.org - All about CTF (Capture The Flag)
WeChall
CTF archives (shell-storm)
ETC
SecTools - Top 125 Network Security Tools
BackTrack

Sea of Information

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Sea of Information

Caricato da

Copyright:

Formati disponibili

-----------------------------------------------------------------------------------------------------------------------Sea of Information

The Hacker News Network

OWASP Live CD Project

ExifTool by Phil Harvey

Tenable Network Security

Software Security - CMU

Security FCKeditor ADS File Upload Vulnerability - Windows Only

Onapsis | Research Labs

networkstresser.com Example of a DDoS service protected by CloudFlare the worlds la

or with their security products so another good evidence-based report

Packet Storm Full Disclosure Information Security - Information Security News,

Exploits, PoCs and exploits RSS channel - security vulnerabilities database - C

ws. Youll hear his name a lot.

Information Security Stack Exchange

AFCEA is concerned with cyber security as it relates to defense, homeland securi

mulated environments. Its a year-round endeavor with regular seasonal events.

DeepSec is an annual European conference on computer, network and application se

fuzzing protocols to see if the server or client have vulnerabilities. Overall,

XSS and MySQL FILE

All SEED Laboratories

hybrid attacks involving wireless and applications.

n for these system administrators.

LOIC - An open source network stress tool for Windows

The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011

Cybrary - online IT and Cyber Security training platform

AppSec - Resources for learning about application security

The Mac Hacker s Handbook (2009)

25 PHP Security Best Practices For Sys Admins (2011)

Loki - Host based scanner for IOCs.

SpamCop - IP based spam block list.

XORBruteForcer - A Python script for brute forcing single-byte XOR keys.

Moloch - IPv4 traffic capturing, indexing and database system.

Appie - Appie is a software package that has been pre-configured to function as

Various kind of useful services available around the internet

n, the Open Information Security Foundation (OISF). Suricata is developed by the

the behavior of the malicious processes while running in an isolated environment

PF_RING ZC (Zero Copy) - PF_RING ZC (Zero Copy) is a flexible packet processing

phpmyadmin_honeypot - - A simple and effective phpMyAdmin honeypot

libemu - Shellcode emulation library, useful for shellcode detection.

SendMeSpamIDS.py Simple SMTP fetch all IDS and analyzer

Rumal - Thug s Ruml: a Thug s dress & weapon

part of the netdiag. Screenshot

AppUse custom build for pentesting

Redexer apk manipulation

lar interest to programmers

Potrebbero piacerti anche