Home > del.icio.us > Bookmarks for June 24th through August 11th

Bookmarks for June 24th through August 11th

August 11th, 2009 Leave a comment Go to comments

These are my links for June 24th through August 11th:

  • How to Build Your Own Digital Forensics Lab, Cheap
  • Pentest Labs: Web Application Edition « Security Aegis – Today, we plan to expand upon that to encompass Web App. Our setup includes 7 target sites hosted on 4 VM’s. It’s important to note, that we only showcase the tip of the iceberg. The possibility of expansion is limited only by your imagination.
  • What is PII? How About Groups Of Otherwise Non-PII? - Realtime IT Compliance – A topic that is important and interesting to think about is how non-PII items, when combined with certain other non-PII items, can actually become PII. In other words, aggregating non-PII to form PII. In case that sounds fuzzy, think about it, very simplistically, this way..
  • HowTos/OS Protection – CentOS Wiki – Locking down CentOS
  • Technitium MAC Address Changer v5 Release 3 (FREEWARE) – Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit by the manufacturer. This hard coded MAC address is used by windows drivers to access Ethernet Network (LAN). This tool can set a new MAC address to your NIC, bypassing the original hard coded MAC address. Technitium MAC Address Changer is a must tool in every security professionals tool box. Technitium MAC Address Changer is coded in Visual Basic 6.0.
  • Watcher: Web security testing tool with OWASP and PCI compliance auditing – Home – Watcher is a runtime passive-analysis tool for HTTP-based Web applications. It detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more.
  • Roothack.org
  • User Account Control: Inside Windows 7 User Account Control
  • http://www.infsec.cs.uni-sb.de/projects/printer-acoustic/#Scientific_Publication – We have successfully mounted the attack in-field in a doctor's practice and recovered the content of a medical prescription. (For privacy reasons, we asked for permission upfront and let the secretary print fresh prescriptions of an artificial client.) The attack was conducted under realistic – and arguably even pessimistic – circumstances: during rush hour, with many people chatting in the waiting room.
  • Penetration Testing and Vulnerability Analysis – Home – This is the course website for Penetration Testing and Vulnerability Analysis currently taught at the Polytechnic Institute of New York University. The course aims to introduce techniques and skills for identifying, analyzing, and exploiting software vulnerabilities.

Related posts:

  1. Bookmarks for June 30th through August 5th
  2. Bookmarks for August 28th through August 30th
  3. Bookmarks for May 15th through June 3rd
  4. Bookmarks for November 11th through November 12th
  5. Bookmarks for June 10th through June 23rd
Categories: del.icio.us Tags:
blog comments powered by Disqus