I can't say i am fan of the coined term "reDoS" but the PDF from http://www.checkmarx.com is damn good.
By "ReDoS" they are referring to "regular expression denial of service". these common bugs have been around for quite a while, but this presentation explores some new ways to exploit it and is worth a read.
Presentation PDF Direct Link.
skip to main |
skip to sidebar
@efnet
search PRIV & ALL sites linked here
Newz
Cheat Sheetz
- CheaT SheeT DIRECTORY
- Unix Rosetta Stone
- REGEX Reference
- Scripting Languages(Perl,PHP,Ruby,Python)
- C Cheat Sheet
- Exploitation Wiki
- Radare Book
- GDB Cheat Sheet (PDF)
- x86 Instructionz
- iproute2 Reference
- Cisco IOS
- TCPdump Syntax
- VIM Commandz
- IP Tables Cheat Sheet
- NMAP Cheat Sheet
- MySQL Commandz
- SQL Injection
- Awk Cheat Sheet
- Sed Cheat Sheet
Twitter InfoSec Listz
Archivez
SecurityNewsPortal.com latest breaking computer security, virus and hacking news
Daily Dave (dailydave) Mailing List
SecDocs Feed
SANS Information Security Reading Room
Packet Storm ≈ Full Disclosure Information Security
Coresec.org - Information Security Blog
Cyber Risk Reports
Full Disclosure (fulldisclosure) Mailing List
Dissecting The Hack
Hack a Day
Bugtraq
LinKz++
- !!! Info Sys Sec.com
- !!!Exploitation Primer(0x90 to 0x4c454554)
- !0daysecurity.com
- !1337day inj3ct0rz exploit site
- !Back 2 Hack Library
- !Before It's News.com
- !Blogz list @ infond.fr
- !Bright-Shadows.net Tutorialz
- !Daniel Miessler.com
- !Dark Reading.com
- !dc414.org (Anarchy Angel's site)
- !Emergency Stream.com
- !Firefox Auditing Extensions List
- !Freaknet.org Paperz
- !HackBB (via tor2web)
- !Hackers.WithGuns.com (chill's site)
- !ISC.SANS.ORG
- !Jon Oberheide blog
- !Latest Security Documentation@lonerunners.net
- !NopCode.org
- !Online Scannerz/Pen-Test Toolz
- !Ouah.org Textz
- !RaFay Hacking Articles.net
- !Shadow Server
- !Team Cymru net research
- !Xorl
- 0vercl0k's World
- 0x4553-Intercepter windows sniff tool
- 0xdeadbeef dot info | raptor's labs
- 1 cup 1 coffee
- 10 Super Cool Linux Hacks
- 100 Underground Sitez
- 1000 Hacker Tutorials
- 11th Alliance
- 1337 arts
- 2600 magazine
- 800notes.com(avoid collection calls)
- A Luigi
- AbyssSec.com Blog
- Academia
- Ack Ack (cheet sheets)
- acunetix website vuln audit
- Adeptus-Mechanicus.com
- Admin Stories
- Advanced Antiforensics and SELF [phrack]
- Advanced Linux Networking
- aircrack-ng
- Albanian Wizard.org
- Aldeid.com All about Hacking
- Alien's Bash Tutorial
- AMD64 Arch Proc Supplement
- AMD64 arch resource
- American Registry for Internet Numbers(ARIN)
- Anarchist News.org
- Anatomy of a Program in Memory
- AndDev.org
- andhrahackers.com Forumz
- AndroidAndMe
- AndroidCentral
- angry network scanner(win)
- AntiOnline.com (fagz)
- Apache Range Exploit.com
- Arbor Networks Security Blog
- Arbor Networks security blog
- Archive.org
- Arduino microcontroller resource
- Arduino on Gentoo
- argolith.ms
- ARM dev kit
- ARM forumz
- Armitage(fast and easy hacking.com)
- Ars Technica
- Ars Technica.com (security page)
- Art of Assembly Language Programming
- art0.org
- Ascii For Breakfast
- ASM 64 bit Linux (w/ example code)
- ASM in Linux (still 80h)
- Assembly in Linux tutorial
- Assembly Language in Linux (int80h)
- Assembly Primer for Hackers
- AstaLaVista.com
- asterisk telefony engine
- atlast wandering
- Attack Vector.org
- Attacking the Core
- Attrition.org
- Attrition.org Defacement Commentary
- auditd config examples
- auditd configuration
- AWK: The Duct Tape of Computer Science Research [pdf]
- Base Pointer & Stack pointer explanation
- Bash Cures Cancer
- BASH scripting Advanced [pdf]
- BASH tips & trickz
- Beej's Network programming [pdf]
- Beej.us
- beholder wireless IDS
- benkillin's site
- Bill's Security Blog
- Binary Revolution
- binary-obfuscation
- Bind Shell.net
- bindshell.net
- Biometrics Hacking (fingerprints)
- bitcoin mining pool (Eligius.st)
- BlackHat.com
- Blacklist countries with IPTables
- BlackSecurity.org
- blotter LSD art
- Blue-Labs.org
- BOF Exploit Tutorial by Mixter
- braindeadprojects
- BreakTheSecurity.com
- Brute Force block list 1
- Brute Force block list 2
- Brute Force honeypot infoz
- Brute Force w/ THC Hydra
- Buffer Overflow Attax & Defenses
- Buffer Overflow intro
- Bug Labs.net (modular open src 4 building dev)
- Bug Me Not
- BurpSuite Intruder Tool Tutorial
- BurpSuite Project Page
- but not yet
- Butchered from Inside (zine)
- Bypassing Stackguard & Stackshield [phrack]
- C BOOK (1991)
- C Cheat Sheet
- C Programming videos
- c-skills blog
- c99 dorkz
- Canett City (french)
- carnal0wnage.attackresearch.com
- Cassandra Security
- Cat on Mat.net
- CCTV Destruction
- CCTV Hacking
- census Labs
- CERIAS
- Cert Collection.org
- CGI-BIN specific vulns
- Chaos Computer Club
- Cheat-Sheets.org
- Check DNS and Mail Server health
- checkmarx src code analysis
- chkrootkit rootkit scanner
- chris123nt.com
- Church of the SubGenius
- Church of the Swimming Elephant(reference)
- CipherDyne.com
- cisco IOS tutorial
- cisco packet tracer tutorials
- Club Hack Magazine
- CoDC
- Code Coffee
- Code::Blocks IDE
- CoderHolic
- Command Line Fu
- Command Line Fu One Liners Explained
- Common Vulnerabilities and Exposures CVE
- Conway Game of Life
- Core Sec
- CoreLan.BE
- Corz.org
- CPAN
- CProgramming.com
- cr0.org (Julien Tinnes)
- Crackz (RE)
- Crazy Coders.com
- Cryptography World
- Cuckoo Box (malware sandbox)
- cURL scripting
- Curl tutorial online
- CyberArmy.net
- CyberCrime.gov
- d0cs4vage.blogspot.com
- Daily Dave mailing-list archives
- Daily Signs of the Apocalypse
- damagelab.org (russian)
- Damn Vulnerable Web App
- Damned Spyware.com
- Dan Walsh LiveJournal
- Dandies.org
- Dark Dust.net
- Dark Operator.com
- darkc0de kiddie forumz
- darknet.org.uk
- dataloss database.org
- dd-wrt
- Debugging in Hardened Gentoo
- Deep Web Search Engine
- Deface The World
- Default Password list
- Default Passwords.in (router pw db)
- dEFcON
- delicious social bookmarking
- Delivering Signals for Fun & Profit
- depant(default password scanner)
- Designing BSD rootkits [pdf]
- Detecting and Understanding RootKits
- developer.android.com
- Development of the C language
- Device Driver Dev for Beginners
- devilTeam.pl Forumz
- devilzc0de.org Forumz
- DHS Daily Infrastructure Report
- DHS Daily Open Src Infrastructure report
- Diablo Horn.wordpress.com
- dickscab.com
- Didier Stevens InfoSec Blog
- Digi Ninja Blog
- Digital Bond.com
- Digital Dwarf(various fuzzers)
- Dirac.org
- Dirk-Loss.de
- Disekt.tk CTF Team
- Dissecting The Hack.com
- dividead
- DNS rebinding (VIDEO tutorial)
- DNS Stuff.com
- Domain Tools.com
- doomsicle
- Dope Roms.com (retro emulation)
- Dorky.us
- dorkz 1
- dorkz 2
- Drawing Board(smack jeeves) comic
- Drinking at work(lame old hack papers) LULZ
- DroidDog blog
- DroidDraw
- DUMBOZ PONY(quick ref)
- DVLabs.TippingPoint.com (blog)
- E Learning Bitz
- E-Hippies
- E-merl Comics
- EarthsGone (collab sci-fi story)
- ebook on BOF's
- eBOOK Wireless Hacking
- Eclipse IDE
- Electronics-Lab blog
- Electrons Rock
- ELF binary infections on linux
- embedded arm.com
- Embedded Developer.com
- enlightennext.org
- Eris Research
- Errata Sec
- eSecurity Planet
- eSploit (blogspot)
- Ethical Hacker.net RE intro
- Evil Zone.org
- Explain This Image
- Exploit links on linux-sec
- Exploit-ID.com
- exploit-me firefox suite
- Exploit.co.il KB
- Ezine Directory
- F-Secure Blog
- Fail2Ban (mitigate ssh brute force)
- Famous Perl One Liners Explained
- Faqs.org
- fastsh.it VPS and dedicated hosts
- Fayland.org Perl Stuff
- Finding SQL vulnerabilities
- FireBug Firefox addon
- Fly By Wire Team (Tutorialz)
- foofus.net/jmk (author of medusa)
- ForkBomb.dadacafe.org
- Format String Exploitz [pdf]
- Format String Vulnerabilities (Part 1)
- Format String Vulnerabilities (Part 2)
- frasunek(wrote recent proto_ops)
- Free C programming Training & Tutorials
- Free shellz 1
- Free vendor OID and ethernet mac address lookup
- FreeBSD Diary
- FreeBSD documentation and resources
- freedns.afraid.org
- FreeNode ##Security
- FreshMeat.net
- FreshPorts.org
- Full Disclosure mailing-list archives
- Functions and Stack frames (x86 assembly)
- FuzzDB Project Page
- Fuzzerz
- g-laurent blog
- g-sec.lu
- g1/dream root howto
- GadgetGrid.com
- Game Of Life Linkz
- Gay Nigger Association of America
- GCC inline assembly tutorial
- GDB to Develop Exploits
- GDB tutorial
- GDB walkthru w/ examples
- Geany IDE
- Gentoo Security
- Get Human(tells # to press to get human for businesses)
- Gideon Rasmussen
- Give Me Fish.com
- Gmane comp security
- Gmane.org
- GNU Citizen.org
- Gnu Debugger CheatSheet
- Go Null Yourself.org (zine)
- Google hacking 101
- Got Root?
- Government IPs you should NOT scan
- Grand Idea Studio
- Gray-World net team
- Grey Logic
- grsecurity patch
- Guerilla Mail
- Guidelines for C src code auditing
- Gumbo Labs.org (art)
- h-i-r.net
- H-Online
- H.ackAck.net
- h3r0turk
- h4x0resec.blogspot.com
- Hack Bloc.org
- hack Canada
- Hack Crack BlogSpot
- Hack from a cave (katana)
- hack in the box (news)
- Hack Millions of Routers [pdf]
- Hack N Mod.com
- Hack This Site
- Hack This Site.org
- Hack VOiP (fundamental)
- Hack-A-Day.com
- hack3r con.org
- hackbbs
- Hacker Movies List
- Hackers HideAway
- hackers-community forums
- Hackers.With Guns.com
- Hacking Evolution
- Hacking Linux Exposed
- Hacking The Mind.org
- Hacking the Universe
- Hacking-Gurus.net
- Hacktalk.net Hacklair Forumz
- hak5.org
- hakin9
- HalfDog.net
- Hardened Gentoo FAQ
- Hax.Xxor.se
- HaxMe.org
- HBGary.com Malware
- heap overflow slides
- Heap Overflows for Humans
- HeapOverflow.com
- Hell Bound Hackers.org
- Help Net Security
- Help Net Security
- Hex 2 Bytes converter
- HEX calculator
- Hex to Binary (easy)
- Hick.org
- Hidden Wiki Access
- Hide My Ass proxy
- History of hacking in the USA
- History of Packing Tech [pdf]
- History of Phreaking
- HitchHiker's World zine
- Honeynet Project Blog | Honey Pot stuff
- hping packet builder
- HPing Wiki
- HPing3 Examplez
- HT Editor(view executables)
- htaccess tips & tricks part 1
- htacess tips & tricks part 2
- HTTP Benchmarking HowTo
- Hydra by THC Brute Force Utility
- i-Hacked.com
- I/O redirection
- iBiblio Library
- ICMP Usage in Scanning [pdf]
- ihteam.net
- illmatics.com
- ImmunityInc.com
- in7h3wi1d.blogspot.com
- indianz.ch
- IndonesianBacktrack.or.id
- Info Sec Island.com
- informationleak.net
- InfoSec Writers
- InfoSecNews mailing-list archive
- infysec.com
- InGuardians.com Toolz
- Inline ASM in GCC howto
- insecure.org
- InsideTrust.blogspot.com
- insomniasec.com
- Instructables(tutorials on everything)
- Integer Overflow Basics [phrack]
- Intel® 64 and IA-32 Architectures Software Developer's Manuals
- intern0t.net
- Internet Firewalls & Network Security
- InternetNews.com
- IntevyDis blog
- Intevydis Blog(DBJIT toolkit)
- into DNS (troubleshoot)
- intruded.net
- IP Range to CIDR tool
- IP Spoofing with BSD sockets
- IP Sysctl Tutorial
- IPTables Simple Script Generator
- Iptables Tutorial
- IPTables tutorial [pdf]
- ipv4 to ipv6 converter
- ipv6 attack codez (THC)
- ipv6 attack VIDEO from THC.org
- ipv6 information from SNMP.com
- IPv6 Linux HOWTO
- IPv6 Tunnel Broker
- irc.dickscab.com
- Isolation X's site
- iWar (information warfare)
- J Brown Sec (@blogspot)
- j00ru.vexillium.org
- Jaded Security.net
- Jeremiah Grossman blog
- JetLib Security
- John the Ripper
- John the Ripper MPI patch
- johnny.ihackstuff.com(google hacking database)
- JoMo-Kun (1337 script kiddie formally known as m0j0.j0j0)
- Jootamam.net
- kerneltrap.org
- Knoppix LiveCD
- Kotowicz.net Blog
- Krakow Labs.com
- Krebs on Security
- Ksplice Blog
- KSTAT & other s0ftpr0ject toolz
- l0t3k.org
- La Fonera router hacking
- LA-Samhhna.de (SAMHAIN HIDS) !
- lcamtuf Blog
- lcamtuf.coredump.cx
- Leaf DNS (troubleshoot)
- leetupload.com
- Legion of Doom (zine)
- Lenny Zeltser Blog
- LibreNix.com Info for Linux Admins
- Life Wiki
- Life Without School Community
- Linux 101 Hax
- Linux Basix.com
- linux DNS
- linux find command examples
- linux howtos.org
- Linux in JAVA applet
- Linux Network Admin Guide
- Linux Planet
- Linux Screw.com
- Linux-BSD-Central
- Linux-Sec.net
- Linux/UNIX FAQs
- linuxsexurity.com
- Liquid Matrix.org
- LiveCD Distros (Pen-Test, Forensics & Recovery)
- LocalRoot.net
- LOL cat host.org
- Low Fragmentation Heap
- M-unition (fight crime!)
- Mad Irish.net
- magikh0e
- Mailinator!
- Make Magazine
- Malloc Exploits, Advanced Doug Lea's [phrack]
- Malloc Exploits, Once upon a free() [phrack]
- Malware Analysis (very simple)
- Malware Analysis tool
- Malware/Rootkits 4 Windowz
- Man-Wiki.net
- Mantra Toolkit
- mark mail.org
- Matasano src code Security
- McAfee threat_center
- McKeay Net Sec Blog
- MD5 Crack Sites
- Medusa Brute Force Tool
- Medusa Parallel Network Login Auditor
- Mental Floss
- MetaSploit
- Metasploit Exploit Module Dev Tutorial
- Microsoft Security Advisories
- Microsoft Security Research & Defense
- MidnightResearch
- Mike Cloppert blog @ SANS
- mikeybeck.com/hacking [web]
- milw0rm
- Minimalist GNU for Windows + MSYS
- Mitigate SYN Flooding DDoS Attacks
- Mitigating DNS DoS Attacks [PDF]
- Mixter's Paperz/Tutorialz
- Mod Security (open source web app firewall)
- Molotov Bitch!
- monochrome BBS
- MoPo.Ca (geek blog)
- Morning Star Security.com
- Mr. Cracker.com
- MWR INFOSEC Labs
- MX ToolBox (troubleshoot)
- Nerbardo Damele blog (SQLMap)
- NES Reproduction Cartz
- NES Reproductions
- NES rom haxing
- Nessus scanner
- Net-Security.org
- NetCat useful examples
- NetSec.colostate.edu
- NetStat Tips & Tricks
- Network Security Whitepapers
- Network Uptime
- NewBallot.org (new democratic revolution)
- Newsoft tech blog
- newz
- NGinx (HTTP and MAIL proxy server)
- Nikto web vuln scanner
- Nintendo Development++
- NIST.gov Computer Security Resource Center
- nmap usage
- NMap.org
- NNDB Tracking the World
- No Starch Geek Entertainment
- NoiseBridge.net
- Nonamemt.us
- Nothing Impossible blog
- NTcore.com
- ntop
- NullThreat.net
- ObsoLyTe!
- Off-by-One Exploits / Frame Pointer Overwrite [phrack]
- OLD OLD OLD winblowz proggies LULZ
- Open Maniak Tutorialz
- Open Source Vulnerability DataBase
- Open Src education society(skeptical?)
- Open Wall.com
- OpenGroup.org online books
- OpenRCE Articles
- OpenSecurityTraining.info Training
- OpenSSH logger patch
- openVPN easy tutorial
- OpenVPN shit
- OPENVPN w/ OpenWRT howto
- OpenVZ Tutorial
- Optimizing executables with 'strip'
- OSForensics.com
- OSI_model
- OverTheWire wargame
- p0f (passive OS fingerprinting)
- Packet Protector OpenWRT distro
- packet Storm security
- Packet-O-Matic
- Pantz.org
- paranoia.dubfire.net
- Pastebin Private(pastie.org)
- Paul Dot Com Security Weekly Podcast
- PDF Tutorials & Interpreters/Compilers
- Pen Testing tool reviews
- Pen Testing tool reviews
- Penguin Petes blog
- Pentest Monkey.net (blog)
- pentestit.com
- Perl cheat sheet
- Perl Monks.com
- Perl One-Liners
- Persistently exploitable program explained
- pfSense Open Source FIREWALL
- phiral.net
- Phone losers of America
- Phoronix Linux Hardware Reviews & Gaming
- PHP Freaks.com
- PHP Online Security Scanner
- PHP Security Consortium
- PHP Security Guide [PDF]
- PHP Shellz
- PHP Vuln Hunter
- Phrack Magazine
- phrack.nl(old)
- Pipl Deep Web Search
- Piranha ACiD ansi BBS (SiCK)
- PLoP Linux (Live Boot Mgr)
- PMCMA Automatic Exploit Dev
- point blank security
- pool @eax
- Portcullis Labs
- PostgreSQL on BackTrack 5
- PowerPak NES dev cart
- pp4l wepump.in
- Process Accounting on Linux
- Process Library
- programmersheaven.com
- programming reference(stack overflow)
- Project Jarvis (arduini rfid)
- Project MF(blue box revival)
- Protecting Linux Against DoS/DDoS Attacks
- PsTools(virus/malware removal in win)
- Psyche PonteTec.com
- ptrace article 1
- punditkitchen.com
- PureData LoadBang Electronic Music Tutorial
- PureData Music Tutorials
- PureData Tutorialz
- PureData-extended and random data streams
- PureData.info programming environment for audio/video
- Pushdo/Cutwail BotNet case study
- Python.org Tutorial
- r0ut3r.escape
- Radare2 debugger/diassembler
- Radare2 Reverse Engineering Toolkit
- Rapid7.com
- RatHole backdoor(direct download)
- RAW Sockets in C Tutorial(w/code)
- Rawlab.mindcreations.com
- RD Hacker blog
- Read Write Web
- recovering files from /proc
- recurity-labs.com
- REGEX Cheat Card
- REGEX quick reference
- regular-expressions.info
- Remote-Exploit | BackTrack
- Resources.InfoSecInstitute.com
- Retina Net Sec Scanner
- Retro Gaming Controller -> USB
- RetrO HackerS . COM
- Reverse Engineering for Newbz
- Reverse Engineering Intro
- Reverse Engineering the World
- RFC database w/ search
- RFI, LFI, XSS, SQLI Tutorials
- RFID Resources
- RFID Zapper
- ring0.me Blog
- Rise Security.org
- rmacd.com music/code
- rnicrosoft.net
- Robert E. Lee blog
- Robert Lemos blog (ownd?)
- Root Secure
- rootcheck
- RootKit infoz
- RootKit infoz
- rootprompt.org
- Routing & Traffic control (iproute2 tutorial)
- Rubber Mallet (vintage computer hardware)
- Ruby Socket Programming
- s0ftpr0ject research
- Sacred Textz
- Sar & Sadf SYSSTAT Utilities
- Sar examples 4 Performance Monitoring
- Satellite Information & Links
- Scapy ARP Tutorial
- Scapy Documentation/Tutorial
- Scapy to Test Snort Rules
- Science Hobbyist
- Script Kiddie Cheat Sheet
- Search Sec @ Tech Target.com
- SEAT(Search Engine Assessment Tool)
- sec b-sides
- Sec Dev.org(scapy)
- Sec Focus Vulnerabilities
- Sec Focus WhitePapers
- Sec Maniac.com
- SEC Techno.com
- Sec Tools.org
- SecForce.co.uk Blog
- Secunia
- Secunia Blog
- Secure Gossip
- Secure Root.com
- securebits.org
- SecureList.com
- SecuriTeam
- Security Bloggers Network
- Security Camera Google Dorkz
- Security Compass Labs
- Security Intelligence pt. 1
- Security Lab.ru
- Security Mailing Lists
- Security News Portal
- Security News portal
- Security Ninja.co.uk
- Security Nut
- Security Phresh.com
- Security Thoughts Wordpress
- Security Tracker
- Security Tube(videos)
- security web.co.uk
- Security Wizardry
- securityvulns.com
- SED Tutorial
- Sed useful lines
- Self-Fixing software(to read and write article on)
- seo.cakehosting.com
- Sepehr Team (arabic)
- ServerFaulT.com
- Shader.kaist.edu (GPU Accelerated SSL Proxy & Router)
- ShadyTel.com
- SHell Awesomeness
- Shell Scripting: Advanced Topics
- Shell Scripts Directory(monitoring)
- Shell-Storm.org
- Shellcode (Advanced)
- Shellcode Database
- Shellcode Tutorial
- shellcode tutorial
- shellcode.org
- Shodan Python Script (shpy)
- Shodan Queries
- ShoeLace.org
- Sickurity
- SilentServices.de (cell phone security)
- Silly Chicken.co.nz
- Silvio Cesare Blog
- Sixteen Colors(ANSI/ASCii)
- Skull Security.org blog
- Sla.ckers.org
- Smashing the Modern Stack for Fun & Profit
- Smashing the Stack for Fun & Profit
- Smashing the Stack in 2010 [pdf]
- Smashing the Stack in 2011
- SMILE and other SNES rom hacking utilz
- Snort.org
- sock-raw.org
- Sockets in Linux using x86 ASM
- Soekris net6501
- Software Weaknesses List
- Sourcefire Vuln Research
- Splunk
- SQL Injection cheat sheet
- SQL Injection Walkthrough
- SqlHack.com (MyHack POC)
- SSL Cert Analyze
- SSL DoS Mitigation
- SSL sniffing
- SSLdump video tutorial
- StackOverflow q & a site
- Stealth-X.com
- StochasicFlux
- strace - syscall tracer
- Strace Sys Admin's Microscope
- streetzmafia
- Sub Signal.org
- SubHashdasyam.com
- Suicide Machine
- Summary of DoS/DDoS Prevention, Monitoring, and Mitigation [PDF]
- SUPER COOL BBS
- SuperCool BBS
- Switchblade USB wiki
- Symlinks: A Neverending Story
- SYNCterm telnet BBS client
- SysAdmin.md
- Syscall List(linux i386)
- sysctl variables
- Syslog config examples
- Tao of Windows Buffer Overflow
- Tao Security blogspot
- Tarantula (kiddie codez)
- tcpdump quick reference
- tcpdump simple filters
- tcpdump tutorial
- TDSS Killer (Windows rootkit)
- techCrunch.com
- teh1337
- telnet BBS guide
- ten commands
- Text Files.com
- th0r.info
- Th3 Under9RoUnd Rev0Lut!oN
- th3-0utl4ws.com
- THC (the hackers choice)
- The art of software security assessment
- The Bot Net.com
- The Daily Attack.com
- The Daily WTF
- The Great Internet Migratory Box of Electronics Junk
- The Hacker News.com
- The Hacktivist.com
- The Joys of Xargs & Find
- The Lazy Developer.com
- The Linux Documentation project
- The Pro Hack.com
- the register security section
- The Rogan Board
- The Xero.co.uk
- theta44.org
- ThinkFuture
- this week in security.blogspot
- thought police.co.uk
- ThreadBombing
- ThreatPost
- timetobleed.com
- TLS/SSLv3 man in the middle attack
- Tomato Router Firmware(wrt54g)
- top 20 linux monitor tools
- Tor 2 Web
- TOR Exit Node Sniffing
- TorProject Blog
- TowerOfBammer
- Transparent run-Time Defense Against Stack Smashing Attacks
- Treachery.net
- Trend Micro blog
- UCSB.edu Security Group
- Ultimate-Hacker Blog
- UnCommon Sense Security
- Underground Security Systems Research
- understanding ASM
- Understanding Code (RE)
- Universal wifi repeater
- Unix-Manuals.com
- UnixWiz.net
- UnStableMe Blogspot
- Url Grabber for irssi (perl)
- Userland Exec, Announcing
- ValGrind fuzzer
- Valgrind Tutorial
- VI Cheatsheet
- VIM cheatsheet
- vmware images
- VMWare Images
- VOiP brujula.net
- VoIP.brujula.net (Free SIP accounts++)
- VTrace
- vttynotes.blogspot.com
- Vul.kr (good vuln blog)
- Vuln-Dev mailing-list archives(dead)
- VulnCatcher: Programmatic Debugging -atlas
- Vulnerability Database.com
- Vulnerable Web Appz for Learning
- Vunl Expert Forum at EEYE.com
- VX Heaven(virus shit)
- w00w00 Heap Overflow Tutorial
- W3C Markup Validation (w/ broken link checker)
- Wanna Browser (test sites w/ diff browsers)
- WarDriving Toolz
- Webroot.com blog
- WebSec Wordpress
- Website Security
- WhiteSock.net
- Wicked Cool Shell Scripts
- wicrawl(wifi scanner)
- Wifi Biquad Antenna (satellite dish howto)
- Wiki Leaks
- wildpackets.com
- winAUTOPWN (script kid tool)
- winAUTOPWN tutorial
- Windows Security.com
- Windows Sys Internals(procmon++)
- Wise-Geek.com (answers 2 questions)
- Wolfotakar Italian hax0r site
- Writing Robust Bash Scripts
- Writing small shellcode
- written word FTP (binary packages)
- www.wntrmute.com
- x0re.wordpress.com
- Xen hypervisor Open Source virtualization
- XkCd
- Xploded Security
- Yo Linux.com
- YO Linux.com
- ZeroCold.co.uk
- Zine Library
- Zine Wiki
- Zines @ PacketStorm
- ZLabs.eu
- Zone-H
- zorl %eax, %eax (dead?)
- zZz Start Plaza (Linkz++)
Blog Archive
-
▼
2009
(36)
-
▼
September
(24)
- Reverse Debugging in GDB 7.0
- BotNet infected IP Ranges, BSOD fun, and the worst...
- Gay Test
- Linux Kernel perf_counter_open() Buffer Overflow V...
- ARM announces 2Ghz processor
- smb2 vista/7 remote code execution
- perf_counter_open() local buffer overflow vuln
- OpenSSL vuln
- Another kqueue() local root vuln w/video
- SMB2 BSOD Proof of Concept C source/JewBacca
- ReDoS?
- Apache Zombies on weak ass BotNet
- Windows Vista/7 SMB2 Negotiate Protocol Request re...
- Array index error in the SMB2 protocol implementat...
- A vuln exists in windows Xp and Vista's TCP flow c...
- the FINAL sock_sendpage() null pointer deref blog ...
- Mixter throwback.
- sysctl variables and useful OID lists
- WPA crack in 60 seconds? and Conficker owns London...
- <@`acdc> oh, too bad<@`acdc> that null pointer der...
- quad, hacking 7, and some random papers on malware...
- Vulnerabilities in the SILC protocol
- 2 recent vulnerability explanations
- numero uno
-
▼
September
(24)
No comments:
Post a Comment