background preloader

Security

Facebook Twitter

Vulnerability analysis, Security Papers, Exploit Tutorials. Space_20807681. 2.

space_20807681

Act normal If you are a high-risk source, avoid saying anything or doing anything after submitting which might promote suspicion. In particular, you should try to stick to your normal routine and behaviour. Space_15204361. 2.

space_15204361

Act normal If you are a high-risk source, avoid saying anything or doing anything after submitting which might promote suspicion. In particular, you should try to stick to your normal routine and behaviour. 3. Remove traces of your submission If you are a high-risk source and the computer you prepared your submission on, or uploaded it from, could subsequently be audited in an investigation, we recommend that you format and dispose of the computer hard drive and any other storage media you used.

In particular, hard drives retain data after formatting which may be visible to a digital forensics team and flash media (USB sticks, memory cards and SSD drives) retain data even after a secure erasure. Space_15204355. [User #14587667]: Merlin 4.2 - pcap analyzerI placed a copy of Merlin 4.2 on the TestRange share (\\10.9.8.21\Share\Software\Merlin 4.2).

space_15204355

This version of Merlin is suppose to ingest pcap data. I haven't actually tried it yet myself... [User #14587667]: Op Status Tracking IdeasAny ideas on how to track op status? Space_3276804. Space_1736706. Web Security Fundamentals - Free Video Course. Internal Layout D-Link DIR-825. This article describes the internal layout and configuration of the D-Link DIR-825.

Internal Layout D-Link DIR-825

This particular hardware has two physical network interfaces, eth0 and eth1, whereas most emebedded devices have only one: eth0. It also has two two wireless network interfaces using the IEEE 802.11 protocol, represented by wlan0 and wlan1. IBM developerWorks : developerWorks Security Open Badges. The Schoolhouse Archives. Explain like I’m 5: Kerberos – roguelynn. Explain like I’m 5 years old: Kerberos – what is Kerberos, and why should I care?

Explain like I’m 5: Kerberos – roguelynn

While this topic probably can not be explained to a 5 year-old and be understood, this is my attempt at defragmenting documentation with some visual aids and digestible language. In a nutshell Basically, Kerberos comes down to just this: a protocol for authenticationuses tickets to authenticateavoids storing passwords locally or sending them over the internetinvolves a trusted 3rd-partybuilt on symmetric-key cryptography You have a ticket – your proof of identity encrypted with a secret key for the particular service requested – on your local machine (creation of a ticket is described below); so long as it’s valid, you can access the requested service that is within a Kerberos realm. Typically, this is used within corporate/internal environments.

Big List of Free CPE Resources for CISSPs. Podcasts fall under the “self-study” category of CPE requirements.

Big List of Free CPE Resources for CISSPs

One hour of study (listening to the podcast) is considered one CPE. We’d recommend keeping a document recording when you listened to each podcast episode, it’s length and potentially even a short (approx 25 word) summary. Like any form of media, the actual content of a podcast can vary from lightly entertaining to incredibly educational and sometimes both at the same time. The SEORG Book List. Free online cybersecurity courses. Education/Free Training. The following courses either have been offered or are being offered free of charge courtesy of the trainers and the OWASP Foundation to anyone interested in learning about application security.

Education/Free Training

Additionally, the training slides/coursework is available under an open source license and we encourage you to use it to set up your own training event! If you are interested in setting up a training event through OWASP, submit your request here, we also have funding available to community members who may need help with travel, a venue or other logistics to get the event up and running. Click here for more information. Here are some general guidelines we have set up for free training courses within the OWASP Community: Credits: A sincere thank you to Eoin Keary, Jim Manico, Dan Cornell, Josh Sokol and others who generously donated training content referenced below.

Open SecurityTraining. Category:OWASP Download. The OWASP Download category should be used to mark any page that has a significant download available.

Category:OWASP Download

The download should be clearly marked and described near the top of the page. Our old download center is located at SourceForge. Many of our documents and tools are still available there. Important Note Many OWASP projects have not included the OWASP Download tag in their pages, so they are not listed here. External Resources. Open Source & Open Access MIT 6.858 Computer System Security (videos) (materials) - Dr.

External Resources

James Mickens & Dr. Nickolai Zeldovich - Design and implementation of secure computer systems. Lectures cover threat models, attacks that compromise security, and techniques for achieving security, based on recent research papers. Topics include operating system (OS) security, capabilities, information flow control, language security, network protocols, hardware security, and security in web applications. 6.858 Fall 2014 Lectures. Upload Nickolai Zeldovich Loading...

6.858 Fall 2014 Lectures

Working... ► Play all. Welcome. Degreed. Gray Hat Hacking, 3rd Edition. PeerBlock – Peerblock Site. Hack This Site!