Autres
AideEnLigne
CahierDeBrouillon
Présentation
Administration

MesLectures
[Articles publiés]
[Blog Affordance]
[LibreOffice en ligne]
[Journal d'Ophelia]
[Kim Khal]

Informations
[Rue 89]

DNS etc
[Robtex]
Logins
Votre ID: 111
Nom:
Login utilisateur
Mot de passe éditeur

ComputingSecurity

Difference (entre la révision 125 et la révision actuelle)) (modification mineure)
(les révisions sont identiques, ou indisponibles)

Concernant la sécurité. Aspects blacks, white, Forensics, etc...

+Advisories, news and articles
Example of fishing w/ sources https://net-security.fr/securite/rex-phishing/
Techrights.org on Microsoft and NSA http:/BT/techrights.org/wiki/index.php/Microsoft_and_the_NSA
Articles & analysis [security, privacy, https, etc] https://robertheaton.com/about/
What Google knows about you and what to deactivate https://myaccount.google.com/privacy#activity
XMCO Acus security PDF magazines issues https://www.xmco.fr/actusecu/ 2017-10-15 10:48:56
What is IME (Intel Management Engine) and how to disable it https://wiki.gentoo.org/wiki/Sakaki's_EFI_Install_Guide/Disabling_the_Intel_Management_Engine#cite_note-2
Security news, analysis, malware, activism, hacking, etc. http://securityaffairs.co/wordpress/
Rakos underwLinux vulnerability analysed http://www.welivesecurity.com/2016/12/20/new-linuxrakos-threat-devices-servers-ssh-scan/
Fast-flux article in https://www.xmco.fr/actu-secu/XMCO-ActuSecu-Janvier2008.pdf
rgod advisories and exploits http://retrogod.altervista.org/
OpenBSD? & FreeBSD? vulnerabilities http://www.vuxml.org/
Net-security advisories & vulnerabilies http://www.net-security.org/
Security/Linux?/Network? Forums [login/passwd] http://www.governmentsecurity.org.
Security Focus http://www.securityfocus.com/
Advisories & tools (Retina, Iris, ...) http://www.eeye.com/html/
Microsoft security site http://www.microsoft.com/technet/security/default.mspx
CVE at MITRE http://www.cve.mitre.org/cve/
news, tools, exploits http://www.securiteam.com/
ISS site http://www.iss.net/
+Black

Backdoors !

  http://x.x.x.x/anony/mjpg.cgi

others

GIT sources of virus, backdoors, fishing, trojans, etc. https://github.com/vxunderground/MalwareSourceCode/blame/main/Phishing/Gmail.7z
Poison Tap to access network of a locked PC https://samy.pl/poisontap/
Trap to track users on Internet (lure them) https://github.com/boxug/trape ;
..puis utilisation de ngrok https://ngrok.com/ pour partager le lien généré par trape sur Internet. Ngrok utile pour partager sur internet unre url en cours de developement. voir aussi un article https://homputersecurity.com/2018/06/29/le-tracage-sur-internet-avec-trape-et-ngrok/
Google dorking and hacking tools http://www.google-dorking.com/
getting login password under windows shares w/ mimikatz http://blog.gentilkiwi.com/mimikatz
Bettercap modular, portable, extensible MITM https://bettercap.org/
Morpheus to test MITM (Man In The Middle) attacks https://github.com/r00t-3xp10it/morpheus
Exploits database w source, shellcode, papers, etc. https://www.exploit-db.com/
Venom shell code generator for metasploit https://github.com/r00t-3xp10it/venom
WannaCry? and metasploit https://reload.eez.fr/blog:2017:05:22:wannacry_mise_en_pratique_d_un_exploit_a_partir_de_debian
Smashing the stack with Metasploit tutorial https://woumn.wordpress.com/2016/09/24/smashing-the-stack-into-a-reverse-shell/
maj 2016-08-09 18:42:25
Syscall Hijacking: Kernel Linux 2.6.* systems http://memset.wordpress.com/2010/12/03/syscall-hijacking-kernel-2-6-systems/
Exploit database [remote & local, papers, google hacking db, ..] http://www.exploit-db.com/
Samy Kamar hacks, hijacks etc. http://samy.pl/
Creating A Truley Invisible PHP Shell http://thehackerblog.com/a-look-into-creating-a-truley-invisible-php-shell/
Shellcode to reverse binding using netcat http://morgawr.github.io/hacking/2014/03/29/shellcode-to-reverse-bind-with-netcat/
mempodipper exploit thru SUID bit http://blog.zx2c4.com/
Phrack magazine http://www.phrack.org
Censys.io complete view of internet https://censys.io/
Shodan scans the Web for connected devices [wecam, routers, switches, ..] http://www.shodanhq.com/ (or www.shodan.io)
To search for C&C sites with Shodan: type category:malware in the search bar.
To install shodan client (command line tool), install shodan client, a module for Python
Google hacking database to find names, passwords secret files http://www.exploit-db.com/google-dorks/
Hash length extension attack http://www.skullsecurity.org/blog/2012/everything-you-need-to-know-about-hash-length-extension-attacks
Windows debugging a trojan, see here http://www.skullsecurity.org
MySQL? injection, pillager, video cam access http://console-cowboys.blogspot.com/
Bypassing techniques http://gray-world.net
LSD PlaNet? http://www.lsd-pl.net/
Malware [malicious software] http://www.malware.com/
SQL Injection http://www.digitaloffense.net/
Astalavista http://astalavista.box.sk/
Cult of The Dead Cow http://www.cultdeadcow.com/tools/bo.html
Attrition [lots of DOS] http://attrition.org/security/
Linux Grill [kernels, IPRoute] http://www.linuxgrill.com/
NMRC http://www.nmrc.org/
TeamKh? http://membres.lycos.fr/teamhkh/log/
Index of Trojans http://www.megasecurity.org/Main.html
Runme.org Software art & funny tricks http://www.runme.org/
13 chars forkbomb http://www.runme.org/project/+forkbombsh/
w00w00Trojans and DOS [oldies] http://www.w00w00.org/
Current and archived exploits http://www.securiteam.com/exploits/
Cipher site, hacking, articles http://www.cipher.org.uk/
+Firewall
Ban IP by country https://www.ip2location.com/free/visitor-blocker
Crowdsec (fail2ban like, for Linux, FreeBSD?) https://crowdsec.net/
NFTables commented examples https://stosb.com/blog/explaining-my-configs-nftables/
Free firewalls [software] for WIndows http://www.techsupportalert.com/best-free-firewall.htm#Basic-Firewalls
Another iproute and iptables tutorial http://ornellas.apanela.com/dokuwiki/pub:firewall_and_adv_routing#firewall_and_advanced_routing_under_linux
Advanced features of IpTables? http://linuxgazette.net/108/odonovan.html
Firewalling with OpenBSD? and PF http://home.nuug.no/~peter/pf/en/index.html
Voir aussi dans Misc Network concernant PF et CARP et pfsync²
Iptables Didacticiel http://www.inetdoc.net/guides/iptables-tutorial/abouttheauthor.html
Contournement de firewall [wsh, Active Port Forwarder] http://www.gray-world.net/
Iptables Tutorial [NAT] http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html
Config de IPtables avec Webmin http://www.adella.org/spip/spip.php?article23
FreeSCO? firewall http://www.freesco.org/
Astaro AG linux based http://www.astaro.com/
Netfilter/Iptables? docs http://www.netfilter.org/documentation/index.html#HOWTO
IpFilter? FreeBSD? firewall http://coombs.anu.edu.au/~avalon/ip-filter.html
IPFWADM page http://garbo.uwasa.fi/ldp/HOWTO/Firewall-HOWTO-7.html
Lighting firewall http://lighting.tenet.pl/
What is the difference between reject and deny ? http://www.ouah.org/reject_or_deny.html
SmoothWall? http://www.smoothwall.org/
Clavister firewall & VPN Gateway http://www.clavister.com/
CERIA security archive at purdue univ. ftp://coast.cs.purdue.edu/pub/tools/unix
+Forensics tools and IDS
Nouveau blog d'un expert judiciaire http://zythom.fr/
Ancien blog d'un expert judiciaire http://zythom.blogspot.fr/
Verification d'e l'origine d'images [sur Internet par ex.] https://www.invid-project.eu/
Reverse Image Search w/ Tineye https://tineye.com/
Use of Russian browser Yandex to search iamges
MediCAT? boot dvd/USB (replaces Hiren) tools to repair windows https://gbatemp.net/threads/medicat-dvd-a-multiboot-linux-dvd.361577/
XSS beginner's guide http://www.xssed.com/article/31/The_Beginners_Guide_to_XSS/
2016-03-20 22:19:31
opengates to reuse a windows harddisk on another computer https://www.pinguin.lu/opengates
blockdev to unlock read-only discs by adressing the device ioctls
xmount command to mount an image on virtual machine
forensics linux tools (with Sleuth & Dart) http://www.deftlinux.net/
Kali penetration testing forensics and security auditing https://www.kali.org/
setoolkit to clone a website in kali
Hiren boot cdrom for windows (obsolete): tools to repair windows http://www.hiren.info/pages/bootcd
Zenk files: tutorials and docs about hacking & security & forensics https://repo.zenk-security.com
Zenk Wiki: forensics and other hacks https://wiki.zenk-security.com/doku.php
Autopsy forensics tool: an Interface for Sleuth kit http://www.sleuthkit.org/autopsy/
Maltego forensics tools [DNS, social networks, whois, ..] https://www.paterva.com/web6/products/maltego.php
Tools & tutorials XSS http://www.securitydistro.com/security-tutorials/
Attack, forensics, scan, etc. http://avondale.good.net/dl/bd/www.indianz.ch/tools/
A real forensics example http://blog.nibbles.fr/1660
Linux Forensics tools on a cdrom http://www.deftlinux.net/
Intrusion detection 101 http://www.monkey.org/~dugsong/talks/ids/
Common intrusion detection framework http://www.isi.edu/gost/cidf/
The Coroner Toolkit and other tools http://www.porcupine.org/forensics
ACID PHP engine http://acidlab.sourceforge.net/
[lame] Lance Spitzner page http://www.spitzner.net/
FIRE [forensics tools on a CD] http://fire.dmzs.com/?section=tools&subsection=B
Nikto Web scanner, default password list http://www.cirt.net/code/nikto.shtml
The snort page http://www.snort.org
+ShellShock? etc.
Quelques infos pertinentes (ou pas)

Inside Shellshock: How hackers are using it to exploit systems https://blog.cloudflare.com/inside-shellshock/
+Webcams, VNC and security
Open VNC sites [w/o passwd ?] http://vncroulette.com/
http://www.webcamvue.com/default.asp
public with weak passwd admin:admin or admin:12345 https://www.insecam.org/en/
+White
nmap and privilege escalation https://kaizoku.dev/htb-devoops
Ethical hacking, malware analysis, etc. https://galogetlatorre.blogspot.com/
Infection Monkey: Breach and attack simulation on a LAN https://www.guardicore.com/infectionmonkey/docs/
List of pentesting tools https://prune2000.github.io/tools/pentest/
ssh honeypots [many other articles] https://nullprogram.com/blog/2012/05/19/
ssh tarpit https://nullprogram.com/blog/2019/03/22/
A landscape of ssh Linux backdoors https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf
portspoof to lure pirates on (fake) open ports https://homputersecurity.com/2018/04/19/comment-tromper-les-pirates-avec-portspoof/
C99 webshell in php [WARNING : has a backdoor !!]
List of backdoor free webshells [but with http calls to Internet..] https://webshell.co/
Arachni :Web Application Security scanner/crawler http://www.arachni-scanner.com/
Exposés, forensics, outils d'analyse, de SEO, etc. https://www.hackersrepublic.org/
Creating a zipbomb to defend against black hat hackers https://blog.haschek.at/post/f2fda

+redirecting ssh attacks to the sender

  Si l'attaquant a un serveur ssh :
  socat -d -d TCP-L:22,reuseaddr,fork SYSTEM:"nc \$SOCAT_PEERADDR 22"
  FIXME : insérer dans iptables pour automatiser.

BT3 tool defense https://www.bt3.no/
Qubes OS : a relly secure OS based on Xen https://www.qubes-os.org/
Configuring Server Side TLS. Explains what to use, for what service, how it works https://wiki.mozilla.org/Security/Server_Side_TLS#Forward_Secrecy
OpenPGP? best practices. VPN, security https://help.riseup.net/en/security/message-security/openpgp/best-practices
ZMap and ZGrab to scan the entire Internet https://zmap.io/
DNS : not just names [CSS, Pentesting with DNS] https://docs.google.com/presentation/d/1HfXVJyXElzBshZ9SYNjBwJf_4MBaho6UcATTFwApfXw/preview?pli=1&sle=true#slide=id.p
About secured salted password hashing https://crackstation.net/hashing-security.htm
Chaos Computer Club video about X11 security http://media.ccc.de/browse/congress/2013/30C3_-_5499_-_en_-_saal_1_-_201312291830_-_x_security_-_ilja_van_sprundel.html
binary analysis of Windows PE, Android APK http://anubis.iseclab.org/
network tools for Unix windows security [nessus] https://dougvitale.wordpress.com/2012/03/02/tenable-nessus/#more-1430
Tails: a live OS to preserve anonimity [uses tor] https://tails.boum.org/
docs security black & white [hacks, network, tutorials, .. ] http://repo.zenk-security.com/
Lots of security utilities for Windows [anti rootkit, spyware, malware, ..] http://www.bleepingcomputer.com/download/windows/
About disk wiping erasing http://www.anti-forensics.com/disk-wiping-one-pass-is-enough
Linux Apache backdoor linux/Corked? http://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/
Zalewski site security, tools http://lcamtuf.coredump.cx/
Postcard from XSS world http://lcamtuf.coredump.cx/postxss/
From SQL injection to shell Pentesterlab https://www.pentesterlab.com/from_sqli_to_shell_pg_edition.html
lots of exercises of security http://exploit-exercises.com/
Security, PHP and more http://www.suspekt.org/
Blog de Da Silva [sécurity] http://www.paulds.fr/
Database of loss databases http://datalossdb.org/
PHP local session poisoning http://ha.xxor.se/2011/09/local-session-poisoning-in-php-part-1.html
Samhain site [securing against rootkits] http://www.la-samhna.de/
AbsynteSQL? injection tool [sql injection] http://0x90.org/releases.php
Attack, crack, forensics, scan tools http://avondale.good.net/dl/bd/www.indianz.ch/tools/
HTML Code injection and Cros Side Scripting http://www.technicalinfo.net/papers/CSS.html
Switch sniff [ARP flooding] http://www.linuxjournal.com/article/5869
Gorilla Design Studio [block by localhost] http://accs-net.com/hosts/
Iframe exploit internals http://www.lurhq.com/
[lame] PHoss Protocol sniffer, default passwd DB, http://www.phenoelit.de/
A HUGE security archive Uptodate advisories) http://neworder.box.sk/
security forums http://forums.windowsecurity.com/
Net::Packet::Shell perl module is like Scapy
http://www.linuxsecurity.com/feature_stories/fingerprinting-http.html
Many RPC scan & test tools http://www.securityfriday.com/tools/RpcScan.html
The secure shell FAQ http://www.employees.org/%7Esatch/ssh/faq/
SSH frequently asked questions http://www.snailbook.com/faq/
Open Antivirus project http://www.openantivirus.org/
The Cyphepunks Home page (CSUA Berkeley) http://www.csua.berkeley.edu/cypherpunks/Home.html
The Stanford SRP authentication project http://srp.stanford.edu/
verifié ci-dessous 2018-12-11 12:21:57
Dave Dittrich home page (DDOS) http://staff.washington.edu/dittrich/
NSA SElinux https://www.nsa.gov/what-we-do/research/selinux/
Defacement list, advisories http://www.zone-h.org/
Gibson security page http://www.grc.com/
ATT paper on cryptography http://www.dtc.umn.edu/~odlyzko/
Engage security http://www.engagesecurity.com/
Kerberos papers and documentations http://www.isi.edu/gost/info/kerberos/documentation.html
Ian Jackson usrv : userv client and server http://www.chiark.greenend.org.uk/~ian/userv/
Threats to your security on Internet (how to remove trojans) http://www.commodon.com/threat/
Tempest (1999 legal issues) http://cryptome.org/tempest-law.htm
Av ira Antivirus personal edition http://www.free-av.com/
The metaesploit project http://www.metasploit.org/
Surf attack information http://www.pentics.net/denial-of-service/white-papers/smurf.cgi
NTSecurity nu http://ntsecurity.nu/
Secure IOS template http://www.cymru.com/%7Erobt/Docs/Articles/secure-ios-template.html
/freetools.htm
AVG free antivirus http://free.grisoft.com/freeweb.php/doc/2/