Still no time for original content, but here a few more resources I sent to my sec560 students, figured I would share them on here as well...
Sec560 week 4 resources:
Here is the free online version of Fyodor's NMAP book, Not all chapters are available, but still a great read - http://nmap.org/book/toc.html
Great tutorial on Scapy:
http://www.secdev.org/projects/scapy/doc/usage.html#interactive-tutorial
Also, a Python tutorial to go with it - http://docs.python.org/tutorial/
Here are two of the papers I mentioned in class:
Exploiting Tomorrow's Internet Today Penetration Testing with IPv6 - http://www.uninformed.org/?v=10&a=3
Insertion, Evasion & Denial of Service, Eluding Network Intrusion Detection - http://insecure.org/stf/secnet_ids/secnet_ids.html
These are some of the blogs I read (or more accurately, try to find time to read)
http://www.darkoperator.com/ - Carlos Perez
http://blog.metasploit.com/ - HD Moore, Egypt & others..
http://taosecurity.blogspot.com/ - Richard Bejtlich
http://www.packetstan.com/ - Judy Novak, Mike Poor, Josh Wright
http://pauldotcom.com/ - Paul Assadorian, Larry Pesce, Carlos Perez, John Strand, Mick Douglas
http://blog.commandlinekungfu.com/ - Ed Skoudis, Hal Pomeranz, Tim Medin
http://carnal0wnage.attackresearch.com/ - Chris Gates, Valsmith & others..
http://vrt-sourcefire.blogspot.com/ - Sourcefire Vulnerability Research Team
http://theharmonyguy.com/ - Joey Tyson
http://blog.harmonysecurity.com/ - Stephen Fewer
http://isc.sans.edu/index.html - SANS Internet Storm Center
Thursday, July 15, 2010
Tuesday, July 13, 2010
The end of procrastination (maybe)
I've been trying to get around to start posting on here for a while now, but can never quite come up with what I want to post.
So, I figure I'll just start off with some resources I've been sharing with the students of my sec560 mentor class.
Enjoy & I promise some original content soon (maybe) lol
Resources for sec560 week2:
First off a few Penetration Testing methodologies:
OSSTMM (Open Source Security Testing Methodology Manual) - http://www.isecom.org/osstmm/
Penetration Testing Framework - http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html (Super detailed)
OWASP Testing Guide (focused on web application testing) - http://www.owasp.org/index.php/Category:OWASP_Testing_Project
NIST Guide to Security Testing - http://csrc.nist.gov/publications/nistpubs/800-115/SP800-115.pdf
Also, here is a great reference for computer crime related laws: http://www.cybercrime.gov/cclaws.html
One final item, here are a bunch of infosec related 'cheat sheets', the SANS one's pertaining to this course are at the bottom - http://zeltser.com/cheat-sheets/
Resources for sec560 week 3:
Reconnaissance tools & scripts:
Metagoofil: http://www.edge-security.com/metagoofil.php
Metagoofil is an information gathering tool designed for extracting metadata of
public documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites.
The Harvester: http://www.edge-security.com/theHarvester.php
theHarvester is a tool for gathering e-mail accounts, user names and hostnames/subdomains
from different public sources. It's a really simple tool, but very effective.
Subdomainer: http://www.edge-security.com/subdomainer.php
Subdomainer is an information gathering tool designed for obtaining subdomain names from public sources,
like Google, Msn search, Yahoo, PgP servers, etc.
gpscan: http://www.digininja.org/projects/gpscan.php
Scans google profiles for profiles of personnel from a target organization
CeWL: http://www.digininja.org/projects/cewl.php
Custom wordlist generator, scrapes a site & generates a list of words useful for pasword guessing.
Reconnoiter: http://www.jwnetworkconsulting.com/security/web-application-security/new-open-source-project-created-reconnoiter
Generates possible user names by scraping LinkedIn for the names of employees of the target organization
Recommended talks & presentations:
New School Information Gathering - Chris Gates
Audio: http://www.chicagocon.com/images/stories/library/media_lab/2008s/ChicagoCon2008s_CGates_NewSchoolInfoGathering.mp3
Slides: http://www.chicagocon.com/images/stories/library/media_lab/2008s/ChicagoCon2008s_CGates_NewSchoolInfoGathering.pdf
Tactical Exploitation - HD Moore & Valsmith:
Video (part 1): http://avondale.good.net/dl/bd/blackhat-2007-usa-video/2007_BlackHat_Vegas-V35-Moore-Valsmith-Tactical_Exploitation-PT1.mp4
Video (part 2): http://avondale.good.net/dl/bd/blackhat-2007-usa-video/2007_BlackHat_Vegas-V36-Moore-Valsmith-Tactical_Exploitation-PT2.mp4
Whitepaper v1: http://blog.attackresearch.com/publications/hdmoore_valsmith_tactical_paper.pdf
Whitepaper v2: http://blog.attackresearch.com/publications/hdmoore_valsmith_tactical_paper.pdf
So, I figure I'll just start off with some resources I've been sharing with the students of my sec560 mentor class.
Enjoy & I promise some original content soon (maybe) lol
Resources for sec560 week2:
First off a few Penetration Testing methodologies:
OSSTMM (Open Source Security Testing Methodology Manual) - http://www.isecom.org/osstmm/
Penetration Testing Framework - http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html (Super detailed)
OWASP Testing Guide (focused on web application testing) - http://www.owasp.org/index.php/Category:OWASP_Testing_Project
NIST Guide to Security Testing - http://csrc.nist.gov/publications/nistpubs/800-115/SP800-115.pdf
Also, here is a great reference for computer crime related laws: http://www.cybercrime.gov/cclaws.html
One final item, here are a bunch of infosec related 'cheat sheets', the SANS one's pertaining to this course are at the bottom - http://zeltser.com/cheat-sheets/
Resources for sec560 week 3:
Reconnaissance tools & scripts:
Metagoofil: http://www.edge-security.com/metagoofil.php
Metagoofil is an information gathering tool designed for extracting metadata of
public documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites.
The Harvester: http://www.edge-security.com/theHarvester.php
theHarvester is a tool for gathering e-mail accounts, user names and hostnames/subdomains
from different public sources. It's a really simple tool, but very effective.
Subdomainer: http://www.edge-security.com/subdomainer.php
Subdomainer is an information gathering tool designed for obtaining subdomain names from public sources,
like Google, Msn search, Yahoo, PgP servers, etc.
gpscan: http://www.digininja.org/projects/gpscan.php
Scans google profiles for profiles of personnel from a target organization
CeWL: http://www.digininja.org/projects/cewl.php
Custom wordlist generator, scrapes a site & generates a list of words useful for pasword guessing.
Reconnoiter: http://www.jwnetworkconsulting.com/security/web-application-security/new-open-source-project-created-reconnoiter
Generates possible user names by scraping LinkedIn for the names of employees of the target organization
Recommended talks & presentations:
New School Information Gathering - Chris Gates
Audio: http://www.chicagocon.com/images/stories/library/media_lab/2008s/ChicagoCon2008s_CGates_NewSchoolInfoGathering.mp3
Slides: http://www.chicagocon.com/images/stories/library/media_lab/2008s/ChicagoCon2008s_CGates_NewSchoolInfoGathering.pdf
Tactical Exploitation - HD Moore & Valsmith:
Video (part 1): http://avondale.good.net/dl/bd/blackhat-2007-usa-video/2007_BlackHat_Vegas-V35-Moore-Valsmith-Tactical_Exploitation-PT1.mp4
Video (part 2): http://avondale.good.net/dl/bd/blackhat-2007-usa-video/2007_BlackHat_Vegas-V36-Moore-Valsmith-Tactical_Exploitation-PT2.mp4
Whitepaper v1: http://blog.attackresearch.com/publications/hdmoore_valsmith_tactical_paper.pdf
Whitepaper v2: http://blog.attackresearch.com/publications/hdmoore_valsmith_tactical_paper.pdf
Subscribe to:
Posts (Atom)