Autres
AideEnLigne
CahierDeBrouillon
Présentation
Administration

MesLectures
[Journal d'Ophelia]
[Blog Larnac]
[Traitement texte en ligne]
[Kim Khal]

Informations
[Rue 89]
[Tele libre]

DNS etc
[Robtex]
Logins
Votre ID: 111
Nom:
Login utilisateur
Mot de passe éditeur

ComputingSecurity

Concernant la sécurité. Aspects blacks, white, Forensics, etc...

+Advisories, news and articles
Security news, analysis, malware, activism, hacking, etc. http://securityaffairs.co/wordpress/
Rakos underLinux vulnerability analysed http://www.welivesecurity.com/2016/12/20/new-linuxrakos-threat-devices-servers-ssh-scan/
Fast-flux article in https://www.xmco.fr/actu-secu/XMCO-ActuSecu-Janvier2008.pdf
rgod advisories and exploits http://retrogod.altervista.org/
OpenBSD? & FreeBSD? vulnerabilities http://www.vuxml.org/
Net-security advisories & vulnerabilies http://www.net-security.org/
Security/Linux?/Network? Forums [login/passwd] http://www.governmentsecurity.org.
Security Focus http://www.securityfocus.com/
Advisories & tools (Retina, Iris, ...) http://www.eeye.com/html/
Microsoft security site http://www.microsoft.com/technet/security/default.mspx
CVE at MITRE http://www.cve.mitre.org/cve/
news, tools, exploits http://www.securiteam.com/
ISS site http://www.iss.net/

+Black

Backdoors !

  http://x.x.x.x/anony/mjpg.cgi

others

Bettercap modular, portable, extensible MITM https://bettercap.org/
Morpheus to test MITM (Man In The Middle) attacks https://github.com/r00t-3xp10it/morpheus
Exploits database w source, shellcode, papers, etc. https://www.exploit-db.com/
Venom shell code generator for metasploit https://github.com/r00t-3xp10it/venom
WannaCry? and metasploit https://reload.eez.fr/blog:2017:05:22:wannacry_mise_en_pratique_d_un_exploit_a_partir_de_debian
Smashing the stack with Metasploit tutorial https://woumn.wordpress.com/2016/09/24/smashing-the-stack-into-a-reverse-shell/
maj 2016-08-09 18:42:25
Syscall Hijacking: Kernel Linux 2.6.* systems http://memset.wordpress.com/2010/12/03/syscall-hijacking-kernel-2-6-systems/
Exploit database [remote & local, papers, google hacking db, ..] http://www.exploit-db.com/
Samy Kamar hacks, hijacks etc. http://samy.pl/
Creating A Truley Invisible PHP Shell http://thehackerblog.com/a-look-into-creating-a-truley-invisible-php-shell/
Shellcode to reverse binding using netcat http://morgawr.github.io/hacking/2014/03/29/shellcode-to-reverse-bind-with-netcat/
mempodipper exploit thru SUID bit http://blog.zx2c4.com/
Phrack magazine http://www.phrack.org
Shodan scans the Web for connected devices [wecam, routers, switches, ..] http://www.shodanhq.com/ (or www.shodan.io)
To search for C&C sites with Shodan: type category:malware in the search bar.
Google hacking database to find names, passwords secret files http://www.exploit-db.com/google-dorks/
Hash length extension attack http://www.skullsecurity.org/blog/2012/everything-you-need-to-know-about-hash-length-extension-attacks
Windows debugging a trojan, see here http://www.skullsecurity.org
MySQL? injection, pillager, video cam access http://console-cowboys.blogspot.com/
Bypassing techniques http://gray-world.net
LSD PlaNet? http://www.lsd-pl.net/
Malware [malicious software] http://www.malware.com/
SQL Injection http://www.digitaloffense.net/
Astalavista http://astalavista.box.sk/
Cult of The Dead Cow http://www.cultdeadcow.com/tools/bo.html
Attrition [lots of DOS] http://attrition.org/security/
Linux Grill [kernels, IPRoute] http://www.linuxgrill.com/
NMRC http://www.nmrc.org/
TeamKh? http://membres.lycos.fr/teamhkh/log/
Index of Trojans http://www.megasecurity.org/Main.html
Runme.org Software art & funny tricks http://www.runme.org/
13 chars forkbomb http://www.runme.org/project/+forkbombsh/
w00w00Trojans and DOS [oldies] http://www.w00w00.org/
Current and archived exploits http://www.securiteam.com/exploits/
Cipher site, hacking, articles http://www.cipher.org.uk/

+Firewall
Free firewalls [software] for WIndows http://www.techsupportalert.com/best-free-firewall.htm#Basic-Firewalls
Another iproute and iptables tutorial http://ornellas.apanela.com/dokuwiki/pub:firewall_and_adv_routing#firewall_and_advanced_routing_under_linux
Advanced features of IpTables? http://linuxgazette.net/108/odonovan.html
Firewalling with OpenBSD? and PF http://home.nuug.no/~peter/pf/en/index.html
Voir aussi dans Misc Network concernant PF et CARP et pfsync²
Iptables Didacticiel http://www.inetdoc.net/guides/iptables-tutorial/abouttheauthor.html
Contournement de firewall [wsh, Active Port Forwarder] http://www.gray-world.net/
Iptables Tutorial [NAT] http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html
Config de IPtables avec Webmin http://www.adella.org/spip/spip.php?article23
FreeSCO? firewall http://www.freesco.org/
Astaro AG linux based http://www.astaro.com/
Netfilter/Iptables? docs http://www.netfilter.org/documentation/index.html#HOWTO
IpFilter? FreeBSD? firewall http://coombs.anu.edu.au/~avalon/ip-filter.html
IPFWADM page http://garbo.uwasa.fi/ldp/HOWTO/Firewall-HOWTO-7.html
Lighting firewall http://lighting.tenet.pl/
What is the difference between reject and deny ? http://www.ouah.org/reject_or_deny.html
SmoothWall? http://www.smoothwall.org/
Clavister firewall & VPN Gateway http://www.clavister.com/
CERIA security archive at purdue univ. ftp://coast.cs.purdue.edu/pub/tools/unix

+Forensics tools and IDS
MediCAT? boot dvd/USB (replaces Hiren) tools to repair windows https://gbatemp.net/threads/medicat-dvd-a-multiboot-linux-dvd.361577/
XSS beginner's guide http://www.xssed.com/article/31/The_Beginners_Guide_to_XSS/
2016-03-20 22:19:31
opengates to reuse a windows harddisk on another computer https://www.pinguin.lu/opengates
blockdev to unlock read-only discs by adressing the device ioctls
xmount command to mount an image on virtual machine
forensics linux tools (with Sleuth & Dart) http://www.deftlinux.net/
penetration testing forensics and security auditing https://www.kali.org/
Hiren boot cdrom for windows (obsolete): tools to repair windows http://www.hiren.info/pages/bootcd
Zenk files: tutorials and docs about hacking & security & forensics https://repo.zenk-security.com
Zenk Wiki: forensics and other hacks https://wiki.zenk-security.com/doku.php
Autopsy forensics tool: an Interface for Sleuth kit http://www.sleuthkit.org/autopsy/
Maltego forensics tools [DNS, social networks, whois, ..] https://www.paterva.com/web6/products/maltego.php
Le blog d'un expert judiciaire http://zythom.blogspot.fr/
Tools & tutorials XSS http://www.securitydistro.com/security-tutorials/
Attack, forensics, scan, etc. http://avondale.good.net/dl/bd/www.indianz.ch/tools/
A real forensics example http://blog.nibbles.fr/1660
Linux Forensics tools on a cdrom http://www.deftlinux.net/
Intrusion detection 101 http://www.monkey.org/~dugsong/talks/ids/
Common intrusion detection framework http://www.isi.edu/gost/cidf/
The Coroner Toolkit and other tools http://www.porcupine.org/forensics
ACID PHP engine http://acidlab.sourceforge.net/
[lame] Lance Spitzner page http://www.spitzner.net/
FIRE [forensics tools on a CD] http://fire.dmzs.com/?section=tools&subsection=B
Nikto Web scanner, default password list http://www.cirt.net/code/nikto.shtml
The snort page http://www.snort.org

Webcams, VNC and security
Open VNC sites [w/o passwd ?] http://vncroulette.com/
2014-11-07 12:34:27 http://www.webcamvue.com/default.asp
public with weak passwd admin:admin or admin:12345 http://insecam.com/cam/view/62436/

ShellShock? etc.

Quelques infos pertinentes (ou pas)

Inside Shellshock: How hackers are using it to exploit systems https://blog.cloudflare.com/inside-shellshock/

+White

Exposés, forensics, outils d'analyse, de SEO, etc. https://www.hackersrepublic.org/
Creating a zipbomb to defand against blak hat hackers https://blog.haschek.at/post/f2fda

+redirecting ssh attacks to the sender

  Si l'attaquant a un serveur ssh :
  socat -d -d TCP-L:22,reuseaddr,fork SYSTEM:"nc \$SOCAT_PEERADDR 22"
  FIXME : insérer dans iptables pour automatiser.

Qubes OS : a relly secure OS based on Xen https://www.qubes-os.org/
Configuring Server Side TLS. Explains what to use, for what service, how it works https://wiki.mozilla.org/Security/Server_Side_TLS#Forward_Secrecy
BT3 tool etude des techniques de defense et de detection https://www.information-security.fr/bt3-blue-team-3-outil-detude-techniques-de-defense-detection/
OpenPGP? best practices. VPN, security https://help.riseup.net/en/security/message-security/openpgp/best-practices
ZMap and ZGrab to scan the entire Internet https://zmap.io/
DNS : not just names [CSS, Pentesting with DNS] https://docs.google.com/presentation/d/1HfXVJyXElzBshZ9SYNjBwJf_4MBaho6UcATTFwApfXw/preview?pli=1&sle=true#slide=id.p
TCP Packet Injection with Python http://www.pythonforpentesting.com/2014/08/tcp-packet-injection-with-python.html
About secured salted password hashing https://crackstation.net/hashing-security.htm
Chaos Computer Club video about X11 security http://media.ccc.de/browse/congress/2013/30C3_-_5499_-_en_-_saal_1_-_201312291830_-_x_security_-_ilja_van_sprundel.html
binary analysis of Windows PE, Android APK http://anubis.iseclab.org/
network tools for Unix windows security [nessus] https://dougvitale.wordpress.com/2012/03/02/tenable-nessus/#more-1430
Tails: a live OS to preserve anonimity [uses tor] https://tails.boum.org/
docs security black & white [hacks, network, tutorials, .. ] http://repo.zenk-security.com/
Lots of security utilities for Windows [anti rootkit, spyware, malware, ..] http://www.bleepingcomputer.com/download/windows/
About disk wiping erasing http://www.anti-forensics.com/disk-wiping-one-pass-is-enough
Linux Apache backdoor linux/Coorked? http://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/
Zalewski site security, tools http://lcamtuf.coredump.cx/
Postcard from XSS world http://lcamtuf.coredump.cx/postxss/
From SQL injection to shell Pentesterlab https://www.pentesterlab.com/from_sqli_to_shell_pg_edition.html
lots of exercises of security http://exploit-exercises.com/
Security, PHP and more http://www.suspekt.org/
Blog de Da Silva [sécurity] http://www.paulds.fr/
Database of loss databases http://datalossdb.org/
PHP local session poisoning http://ha.xxor.se/2011/09/local-session-poisoning-in-php-part-1.html
Samhain site [securing against rootkits] http://www.la-samhna.de/
AbsynteSQL? injection tool [sql injection] http://0x90.org/releases.php
Attack, crack, forensics, scan tools http://avondale.good.net/dl/bd/www.indianz.ch/tools/
HTML Code injection and Cros Side Scripting http://www.technicalinfo.net/papers/CSS.html
Switch sniff [ARP flooding] http://www.linuxjournal.com/article/5869
Gorilla Design Studio [block by localhost] http://accs-net.com/hosts/
Iframe exploit internals http://www.lurhq.com/
[lame] PHoss Protocol sniffer, default passwd DB, http://www.phenoelit.de/
A HUGE security archive Uptodate advisories) http://neworder.box.sk/
security forums http://forums.windowsecurity.com/
Net::Packet::Shell perl module is like Scapy
http://www.linuxsecurity.com/feature_stories/fingerprinting-http.html
Many RPC scan & test tools http://www.securityfriday.com/tools/RpcScan.html
The secure shell FAQ http://www.employees.org/%7Esatch/ssh/faq/
SSH frequently asked questions http://www.snailbook.com/faq/
Open Antivirus project http://www.openantivirus.org/
The Cyphepunks Home page (CSUA Berkeley) http://www.csua.berkeley.edu/cypherpunks/Home.html
The Stanford SRP authentication project http://srp.stanford.edu/
LSH : Gnu SSH http://www.lysator.liu.se/~nisse/lsh/
Dave Dittrich home page (DDOS) http://staff.washington.edu/dittrich/
NSA SElinux http://www.nsa.gov/research/selinux/index.shtml
EdelWeb? : demarche de securite http://www.edelweb.fr/EdelStuff/Prospectus/demarche.html
Defacement list, advisories http://www.zone-h.org/
Gibson security page http://www.grc.com/
ATT paper on cryptography http://www.dtc.umn.edu/~odlyzko/
Engage security http://www.engagesecurity.com/
Kerberos papers and documentations http://www.isi.edu/gost/info/kerberos/documentation.html
IBM paper on SELinux http://www-106.ibm.com/developerworks/library/s-selinux/
Ian Jackson usrv : userv client and server http://www.chiark.greenend.org.uk/~ian/userv/
Proxy tunnel (muppet200204) http://www.brandonhutchinson.com/ssh_tunnelling.html
Threats to your security on Internet (how to remove trojans) http://www.commodon.com/threat/
Tempest (1999 legal issues) http://cryptome.org/tempest-law.htm
Learning SSL the hard way http://www.dtcc.edu/cs/admin/notes/ssl/
Cisco routers security page http://www.cisco.com/warp/public/707/21.html
ITPRC Network security http://www.itprc.com/security.htm
InfoSec? and InfoWar? http://www.infowar.com/
MegaSecurity? http://www.megasecurity.org/
Antivir personal edition http://www.free-av.com/
Corkscrew http://www.agroman.net/corkscrew/
Security friday (research, RPC) http://www.securityfriday.com/Topics/index.html
The metaesploit project http://www.metasploit.org/
Freeware SSH and SCP for Windows 9x, NT, ME, 2000 and XP http://www.jfitz.com/tips/ssh_for_windows.html
Surf attack information http://www.pentics.net/denial-of-service/white-papers/smurf.cgi
Greymagic (script injection; CSS docs & examples) http://www.greymagic.com/
LinSec? http://www.linsec.org/
NTSecurity nu http://ntsecurity.nu/
Secure IOS template http://www.cymru.com/%7Erobt/Docs/Articles/secure-ios-template.html
Foundstone (free security trools & papers) http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/freetools.htm
Wireless france http://www.wireless-fr.org/spip/
security development (ex truncode) http://www.l0t3k.org/security/docs/scanning/
Trojan lab (trojan lists) http://www.dark-e.com/archive/trojans/index.shtml
Trojan lists (many lists) http://www.simovits.com/trojans/trojans.html
AVG free antivirus http://free.grisoft.com/freeweb.php/doc/2/