| |
#
# This site includes great abo examples and other badly coded
# examples. Great place for getting up to speed on code exploitation
# or how not to write bad code.
#
http://community.core-sdi.com/~gera/
#
# This contains lots of good papers/articles on buffer overflows and code
# exploitation. Also contains good links to how to code securely.
#
http://community.corest.com/~juliano/
#
# Academic papers on buffer overflows and security in general. Especially
# check out the paper "Accurate Buffer Overflow Detection via Abstract
# Payload Execution".
http://www.infosys.tuwien.ac.at/Staff/chris/pub.html
#
# This is a great thread from the vuln-dev list that includes a great way
# to get the dynamically get the instruction pointer without doing the
# jmp/call trap. Check out the post from noir.
#
http://marc.theaimsgroup.com/?t=105664280900004&r=1&w=2
http://marc.theaimsgroup.com/?t=107530577000004&r=1&w=2
http://marc.theaimsgroup.com/?w=2&r=1&s=getpc&q=t
#
# This site includes a good shellcode repository, plus an interesting
# project (MetaSploit Exploit Framework) that helps in the automation of
# testing exploits against vulnerable hosts.
#
www.metasploit.com
#
# This tool is an ssldump network protocol analyzer. Looks good for
# checking out SSL traffic using tcpdump.
#
http://www.rtfm.com/ssldump/
#
# Good post on TCP Daytona and several links included.
#
http://marc.theaimsgroup.com/?t=103593032300003&r=1&w=2
#
# This is a great link for info on the TCP/IP stack with an even greater
# TCP/IP stack implementation.
#
http://www.sics.se/~adam/lwip/
TOOLS
-----
#
# Good tool for generating packets
#
www.hping.org
cerberus.sourcefire.com/~jeff/nemesis
#
# Good tool for generating packets
#
http://www.packetfactory.net/projects/nemesis/
#
# Absolutely neccessary security tool (netcat for windows,linux)
#
http://www.atstake.com/research/tools/network_utilities/
http://netcat.sourceforge.net/
#
# Netcat that does encrypted communications.
#
http://sourceforge.net/projects/cryptcat/
#
# Systrace - great for stopping unwanted access to the kernel from
# applications that have no business.
#
http://www.citi.umich.edu/u/provos/systrace/
#
# Honeyd - a good tool for simulating machines
#
http://www.citi.umich.edu/u/provos/honeyd/
#
# This site has an interesting program for testing basic overflows
# in command line tools.
#
www.oc192.us/security.html
#
# Very active security group. Good to check out periodically for papers
# exploits, etc.
#
www.lsd-pl.net
#
# French website that gets 0day exploits before others.
#
www.k-otik.com
#
# Seems to have good links to various security projects
#
www.cotse.com
#
# Packet Filtering
#
#
# NFR: LISA '97
#
http://www.usenix.org/publications/library/proceedings/lisa97/01.ranum.html
#
# WinPcap guys docs
# This is probably the team that is most up-to-date on packet filtering
#
http://winpcap.polito.it/docs/default.htm
#
# Original BPF paper
#
www.tcpdump.org/papers/bpf-usenix93.pdf
#
# Packet Vault
# (interesting idea on capturing packets securely)
#
http://www.citi.umich.edu/projects/apv
www.usenix.org/publications/library/proceedings/ detection99/full_papers/antonelli/antonelli.pdf
#
# xPF
#
http://citeseer.ist.psu.edu/ioannidis02xpf.html
#
# PATHFINDER
# packet filter based on patterns
#
http://citeseer.ist.psu.edu/bailey94pathfinder.html
#
# Icon Programming Language
# Pcap-style
#
#
# Network Penetration, looks interesting
#
www.networkpenetration.com
#
# Heap Protection
#
http://www.cs.ucsb.edu/~wkr/projects/heap_protection/
#
# Good paper on Buffer Overflows
#
http://vg.rstack.org/download/l01/bof.pdf
#
# Good Book on security
#
http://nob.cs.ucdavis.edu/book/
#
# Good technical book on decompiling programs
#
http://www.alistpublishing.com/hack/info.htm
http://www.amazon.com/exec/obidos/tg/detail/-/1931769222/ref=pd_sim_books_2/002-0799717-6043257?v=glance&s=books
#
# Good book on assembly/computer architecture
#
http://www.amazon.com/exec/obidos/tg/detail/-/0763717738/ref=pd_sim_books_3/002-0799717-6043257?v=glance&s=books
#
# Has recent exploits (3APA3A homepage)
#
security.nnov.ru
#
# Website with info/books on secure programming
#
www.secureprogramming.com
#
# ICMP Attacks Illustrated
#
http://rr.sans.org/threats/ICMP_attacks.php
#
# Hacking Research
#
http://www.cs.clemson.edu/~mberryh/masters/
#
# Good paper on DNS attakcs
#
http://sainstitute.org/articles/dns.htm
#
# Free dissembly tool
# the grugq
#
http://reap.cjb.net/
#
# Buffer overflow and a challenge
#
www.phiral.com
#
# Good book on programming tricks.
#
http://www.hackersdelight.org/
#
# Hacker site with some interesting scan tools
#
http://phrick.net/~gml/
#
# Source code auditing web site
#
sardonix.org
#
# GetPC vulndev mailing list
#
http://archives.neohapsis.com/archives/vuln-dev/2003-q4/0096.html
#
# Cscope, source code browser
#
http://cscope.sourceforge.net/
#
# Good books on security and genetic algorithms
#
http://www.amazon.com/exec/obidos/tg/detail/-/0201149435/102-8760728-3460123?v=glance
http://www.amazon.com/exec/obidos/tg/detail/-/1593270070/102-8760728-3460123?v=glance
#
# Solar designer's website
# Good security stuff
#
http://www.phreedom.org/solar/
#
# One-way Shellcode by SK
#
http://www.blackhat.com/presentations/bh-asia-03/bh-asia-03-chong.pdf
#
# Good post on Alphanumeric shellcode and GetPC
#
http://archives.neohapsis.com/archives/vuln-dev/2004-q1/0074.html
#
# MiM proxy for testing web applications
#
http://www.proofsecure.com/download.shtml
#
# More programs for testing web applications
#
https://portswigger.net
#
# Popular iptables firewall builder
#
http://firehol.sourceforge.net/
#
# Obfuscated shell code thread.
# Nice link to admmutate clone.
#
http://marc.theaimsgroup.com/?t=107566994200001&r=1&w=2
#
# DOS index
#
http://www.attrition.org/security/denial/
#
# Good ASN.1 links.
#
http://www.john-wasser.com/ASN1/BasicEncodingRules.html
http://asn1.elibel.tm.fr/en/standards/index.htm#asn1
http://www.vijaymukhi.com/vmis/ber.htm
ftp://ftp.rsa.com/pub/pkcs/ascii/layman.asc
http://www.cs.auckland.ac.nz/~pgut001/dumpasn1.c
http://www-sop.inria.fr/rodeo/personnel/hoschka/asn1.html
http://asn1.elibel.tm.fr/fr/biblio/sei-cmu-tr10-93.pdf
#
# Post on heap overflows, in particular exploiting dlmalloc
# wilderness memory.
#
http://marc.theaimsgroup.com/?l=vuln-dev&m=107764352429453&w=2
#
# Good books on reverse engineering and exploitation development
#
http://www.amazon.com/exec/obidos/tg/detail/-/0201786958/002-0555107-1732839?v=glance
http://www.amazon.com/exec/obidos/tg/detail/-/0764544683/ref=pd_sim_books_1/002-0555107-1732839?v=glance&s=books
#
# Good site that has collated several papers/challenges on
# buffer/heap overflows.
#
http://www.covertsystems.org/
#
# Great IDA Pro plugin for reverse engineering programs that have
# a type of obfuscation.
#
http://ida-x86emu.sourceforge.net/
#
# Paper on IDS and IPv6
#
http://www.alchemistowl.org/arrigo/Papers/SPI2003-IDS-and-IPv6.pdf
#
# Types of vulnerabilities, and descriptions.
#
http://www.covertsystems.org/archives/misc-papers/csr-exploitation.pdf
#
# parasitic computing, looks interesting
#
http://www.nd.edu/~parasite/
#
# new packet filtering capability
#
ffpf.sourceforge.net
#
# I/O strategies/frameworks and device events
#
http://www.kegel.com/c10k.html
#
# Multi-stage loading shellcode
#
http://www.klake.org/~jt/mstage/
#
# Good security page. BOF, TCP spoofing, etc.
#
www.harmonysecurity.com
#
# Protocol fuzzer - SMUDGE
#
http://felinemenace.org/~nd/SMUDGE/
#
# FelineMenace
# Another security group
#
felinemenace.org
#
# dum(b)ug
# W32 debugger
#
http://www.phenoelit.de/dumbug/
#
# Full-disclosure discussion on polymorphic evasion
#
http://marc.theaimsgroup.com/?t=109669225000001&r=1&w=2
#
# Interesting project on reverse engineering
#
http://www.baselineresearch.net/PI/
#
# Project with syscall proxy and POC client.
#
www.uberwall.org
#
# New protocol to compete with TCP
#
http://www.rateless.com.nyud.net:8090/rcx1.html
#
# C++ patch for linux kernel
#
http://netlab.ru.is/exception/LinuxCXX.shtml
#
# Papers on fast packet filtering
#
http://ffpf.sourceforge.net/science/publications.php
#
# Site on rootkits
#
invisiblethings.org
|