Pastebin launched a little side project called HostCabi.net, check it out ;-)Don't like ads? PRO users don't see any ads ;-)
Guest

HUGE Security Resource - version 5000 - 03/06/12, lipstick 2

By: a guest on Mar 10th, 2012  |  syntax: None  |  size: 44.90 KB  |  hits: 1,618  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1.        HUGE Security Resource - version 5000 - 03/06/12
  2.  
  3. - previously known as: HUGE List of Security Blogs: Unix, Linux, Windows,
  4.   part 1, 2, 3, and 4. (see the bottom of this version for links to previous
  5.   versions under the former title)
  6.  
  7. ##### Changes since last post (version 5000, previously known as "part 4"):
  8. # 1. New revisions/posts will be by date and version number, not by "date"/"part"
  9. # 2. New security blog links
  10. # 3. Inclusion of more sites than "blogs", useful security related links
  11. # 4. Established a numbering process per new section, starting with #5000
  12. #    no particular reason for beginning at this number, random choice.
  13. # 5. Changed the name of this publication from:
  14. #    "HUGE List of Security Blogs: Unix, Linux, Windows - part #"
  15. #    to: HUGE Security Resource version # - release date
  16. ################################################################
  17. # Sections, version 6, 03/06/2012
  18. #
  19. # 5000: Wikipedia (all links here found within Wikipedia)
  20. # 5001: Suggested Books
  21. # 5002: Articles, Guides, How To's
  22. # 5003: Antivirus LiveCDs - boot and scan your system for malware
  23. # 5004: Random Links
  24. # 5005: Security Blogs
  25. # 5006: Security Forums (Web based Discussion Forums)
  26. # 5007: Security Magazines & Zines
  27. # n/a : Copy/paste inclusion of previous release
  28. ################################################################
  29.  
  30. ** 5000: Wikipedia:
  31.  
  32. Acoustic cryptanalysis
  33. - https://en.wikipedia.org/wiki/Acoustic_cryptanalysis
  34.  
  35. Advanced persistent threat
  36. - https://en.wikipedia.org/wiki/Advanced_Persistent_Threat
  37.  
  38. ARP spoofing
  39. - https://en.wikipedia.org/wiki/ARP_poisoning
  40.  
  41. ARP Watch
  42. - https://en.wikipedia.org/wiki/Arpwatch
  43.  
  44. Category:Confidence_tricks
  45. - http://en.wikipedia.org/wiki/Category:Confidence_tricks
  46.  
  47. Category: Cryptographic_attacks
  48. - https://en.wikipedia.org/wiki/Category:Cryptographic_attacks
  49.  
  50. Category: Signals_intelligence
  51. - https://en.wikipedia.org/wiki/Category:Signals_intelligence
  52.  
  53. Category: Surveillance
  54. - https://en.wikipedia.org/wiki/Category:Surveillance
  55.  
  56. Chaffing and winnowing (cryptographic technique)
  57. - https://en.wikipedia.org/wiki/Chaffing_and_winnowing
  58.  
  59. Cold boot attack
  60. - https://en.wikipedia.org/wiki/Cold_boot_attack
  61.  
  62. CyanogenMod
  63. - https://en.wikipedia.org/wiki/CyanogenMod
  64.  
  65. Deep packet inspection
  66. - https://en.wikipedia.org/wiki/Deep_packet_inspection
  67.  
  68. DNS cache poisoning
  69. - https://en.wikipedia.org/wiki/DNS_poisoning
  70.  
  71. Echelon (signals intelligence)
  72. - https://en.wikipedia.org/wiki/ECHELON
  73.  
  74. Electromagnetic interference
  75. - https://en.wikipedia.org/wiki/Electromagnetic_interference
  76.  
  77. Electromagnetic radiation and health
  78. - https://en.wikipedia.org/wiki/Electromagnetic_radiation_and_health
  79.  
  80. Electromagnetic shielding
  81. - https://en.wikipedia.org/wiki/Electromagnetic_shielding
  82.  
  83. EMF meter
  84. - https://secure.wikimedia.org/wikipedia/en/wiki/EMF_Meter
  85.  
  86. Frequency counter
  87. - https://en.wikipedia.org/wiki/Frequency_counter
  88.  
  89. High-frequency direction finding (electronics)
  90. - https://en.wikipedia.org/wiki/HF/DF
  91.  
  92. I2P
  93. - https://en.wikipedia.org/wiki/I2P
  94.  
  95. Laser microphone
  96. - https://en.wikipedia.org/wiki/Laser_microphone
  97.  
  98. Linux malware
  99. - https://en.wikipedia.org/wiki/Linux_malware
  100.  
  101. Nonverbal communication
  102. - https://en.wikipedia.org/wiki/Nonverbal_communication
  103.  
  104. Operation RAFTER
  105. "RAFTER was a code name for the MI5 radio receiver detection technique, mostly used against clandestine Soviet agents and monitoring of domestic radio transmissions by foreign embassy personnel from the 1950s on."
  106. - https://en.wikipedia.org/wiki/Operation_RAFTER
  107.  
  108. Spycatcher: The Candid Autobiography of a Senior Intelligence Officer (also Spycatcher), is a book written by Peter Wright, former MI5 officer and Assistant Director, and co-author Paul Greengrass. It was published first in Australia. Its allegations proved scandalous on publication, but more so because the British Government attempted to ban it, ensuring its profit and notoriety.
  109. - https://en.wikipedia.org/wiki/Spycatcher
  110.  
  111. Palantir Technologies, Inc., headquartered in Palo Alto, California, with offices in Tysons Corner, Virginia, New York City and Covent Garden, London, is a software company that produces the Palantir Government and Palantir Finance platforms. Palantir offers a Java-based platform for analyzing, integrating, and visualizing data of all kinds, including structured, unstructured, relational, temporal, and geospatial.
  112. - https://en.wikipedia.org/wiki/Palantir_Technologies
  113.  
  114. Paralanguage refers to the non-verbal elements of communication used to modify meaning and convey emotion. Paralanguage may be expressed consciously or unconsciously, and it includes the pitch, volume, and, in some cases, intonation of speech. Sometimes the definition is restricted to vocally-produced sounds. The study is known as paralinguistics.
  115. - https://en.wikipedia.org/wiki/Paralanguage
  116.  
  117. Power analysis
  118. - https://en.wikipedia.org/wiki/Power_analysis
  119.  
  120. Project MINARET was a sister project to Project SHAMROCK operated by the NSA, which, after intercepting electronic communications that contained the names of predesignated US citizens, passed them to other government law enforcement and intelligence organizations.Intercepted messages were disseminated to the FBI, CIA, Secret Service, Bureau of Narcotics and Dangerous Drugs (BNDD), and the Department of Defense.
  121. - https://en.wikipedia.org/wiki/Project_MINARET
  122.  
  123. Project SHAMROCK, considered to be the sister project for Project MINARET, was an espionage exercise, started in August 1945 that involved the accumulation of all telegraphic data entering into or exiting from the United States. The Armed Forces Security Agency (AFSA)and its successor NSA were given direct access to daily microfilm copies of all incoming, outgoing, and transiting telegraphs via the Western Union and its associates RCA and ITT.
  124. - https://en.wikipedia.org/wiki/Project_Shamrock
  125.  
  126. Radio direction finder
  127. - https://en.wikipedia.org/wiki/Radio_direction_finder
  128.  
  129. Scrambler - In telecommunications, a scrambler is a device that transposes or inverts signals or otherwise encodes a message at the transmitter to make the message unintelligible at a receiver not equipped with an appropriately set descrambling device.
  130. - https://en.wikipedia.org/wiki/Scrambler
  131.  
  132. Secure communication
  133. - https://en.wikipedia.org/wiki/Secure_Communication
  134.  
  135. Situation awareness
  136. - https://en.wikipedia.org/wiki/Situation_awareness
  137.  
  138. Sysctl
  139. - https://en.wikipedia.org/wiki/Sysctl
  140.  
  141. ThinThread is the name of a project that the United States National Security Agency engaged in during the 1990s, according to a May 17, 2006 article in the Baltimore Sun. The program involved wiretapping and sophisticated analysis of the resulting data, but according to the article, the program was discontinued after the September 11, 2001 attacks due to the changes in priorities and the consolidation of U.S. intelligence authority.
  142. - https://en.wikipedia.org/wiki/ThinThread
  143.  
  144. Timing attack
  145. - https://en.wikipedia.org/wiki/Timing_attack
  146.  
  147. Tradecraft is skill acquired through experience in a (typically clandestine) trade. Within the intelligence community this means the techniques used in modern espionage and generally, the activity of intelligence. This includes general topics or techniques (dead drops, for example), or the specific techniques of a nation or organization (the particular form of encryption used by the NSA, for example).
  148. - https://en.wikipedia.org/wiki/Tradecraft
  149.  
  150. Trailblazer Project
  151. Trailblazer was a United States National Security Agency (NSA) program intended to analyze data carried on communications networks like the internet. It was able to track communication methods such as cell phones and e-mail. It ran over budget, failed to accomplish several goals, and was cancelled.
  152. - https://en.wikipedia.org/wiki/Trailblazer_Project
  153.  
  154. OpenBSD Journal
  155. - https://en.wikipedia.org/wiki/OpenBSD_Journal
  156.  
  157. ‘Openbsd’ Articles at Kevin Hatfield’s Blog
  158. Articles tagged with 'Openbsd' at Kevin Hatfield's Blog
  159. - http://www.kevinhatfield.org/?tag=openbsd
  160.  
  161. Jon Hart's Blog: OpenBSD on Soekris -- A Cheater's Guide
  162. - http://blog.spoofed.org/2007/12/openbsd-on-soekris-cheaters-guide.html
  163.  
  164. Syscall Hijacking: OpenBSD - memset's blog
  165. - https://memset.wordpress.com/2011/11/26/syscall-hijacking-openbsd/
  166.  
  167. Bill’s Security Blog - OpenBSD
  168. - http://www.wrgross.com/blogs/security/category/openbsd/
  169.  
  170. OpenBSD | Wow! eBook - Blog
  171. - http://www.wowebook.me/tag/openbsd/
  172. ----------------------------------------
  173.  
  174. ** 5001: Suggested Books:
  175.  
  176. - LOAK & CORKSCREW: Where CIA Meets Hollywood
  177. - Radio Frequency Interference: How to Find It and Fix It
  178. - SAS Survival Handbook, Revised Edition: For Any Climate, in Any Situation
  179. - Spycatcher - by Peter Wright
  180.  
  181. ----------------------------------------
  182.  
  183. ** 5002: Articles, Guides, How To's
  184.  
  185. Owned Over Amateur Radio (Remote kernel exploitation) (PDF)
  186. - http://vulnfactory.org/research/defcon-remote.pdf
  187.  
  188. Even Nastier: Traditional RootKits | So, What Do Traditional RootKits Do? | InformIT
  189. When attackers get root access on a machine, a RootKit allows them to maintain that access by implementing a back door and hiding evidence of system compromise. Ed Skoudis shows how to avoid being RootKitted in this article.
  190. - http://www.informit.com/articles/article.aspx?p=23463&rll=1
  191.  
  192. Anonymous Blogging with Wordpress & Tor - Global Voices Advocacy
  193. - http://advocacy.globalvoicesonline.org/projects/guide/
  194.  
  195. Attacks on Package Managers
  196. - http://www.cs.arizona.edu/stork/packagemanagersecurity/faq.html
  197.  
  198. 0wning Vista from the boot; BIOS rootkit(s)
  199. Federico Biancuzzi interviews Nitin and Vipin Kumar, authors of VBootkit, a rootkit that is able to load from Windows Vista boot-sectors.
  200. - http://www.securityfocus.com/columnists/442/2
  201.  
  202. 20 Linux Server Hardening Security Tips
  203. Top 20 Linux hardening tutorial and tips to secure the default installation of RHEL / CentOS / Fedora / Debian Linux servers.
  204. - http://www.cyberciti.biz/tips/linux-security.html
  205.  
  206. Linux System Monitoring Tools Every SysAdmin Should Know
  207. Top 20 Linux Server Performance Monitoring Tools To Solve Server Bottlenecks Issues related to CPU, Memory, Disk, and networking subsystems.
  208. - http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html
  209.  
  210. NSA Releases 17 Cryptologic Articles
  211. - http://cryptome.org/0006/nsa-17-docs.htm
  212.  
  213. Black ops: how HBGary wrote backdoors for the government
  214. The attacks last week by Anonymous on security firm HBGary have yanked back the curtain on the dark world of government-sponsored malware. Where does the US military get its custom rootkits? It buys them and the 0-day exploits that deliver them;from private security firms.
  215. - http://arstechnica.com/tech-policy/news/2011/02/black-ops-how-hbgary-wrote-backdoors-and-rootkits-for-the-government.ars/
  216.  
  217. CIA 175 Spying Technology Partners
  218. - http://cryptome.org/0005/cia-iqt-spies.htm
  219.  
  220. Detecting and Removing Malicious Code | Symantec Connect Community
  221. by Matthew Tanase Detecting and Removing Malicious Code by Matthew Tanase last updated July 22, 2002 Introduction Has it happened yet? The phone call, the e-mail, the page, or maybe you discovered it yourself.
  222. - http://www.symantec.com/connect/articles/detecting-and-removing-malicious-code
  223.  
  224. Detecting Rootkits And Kernel-level Compromises In Linux | Symantec Connect Community
  225. by Mariusz Burdach, This article is intended to outline useful ways of detecting hidden modifications to a Linux kernel.
  226. - http://www.symantec.com/connect/articles/detecting-rootkits-and-kernel-level-compromises-linux
  227.  
  228. Encryption with KGpg
  229. - http://doc.opensuse.org/documentation/html/openSUSE_113/opensuse-apps/cha.crypto.html
  230.  
  231. Encryption with Passwords and Encryption Keys
  232. - http://doc.opensuse.org/documentation/html/openSUSE_113/opensuse-apps/cha.gnome.crypto.html
  233.  
  234. FileIntegrityAIDE - Community Ubuntu Documentation
  235. - https://help.ubuntu.com/community/FileIntegrityAIDE
  236.  
  237. Find Hidden Processes and Ports [ Linux / Unix / Windows ]
  238. Explains how to find out hidden TCP / UDP ports and processes under Linux, Unix, and Windows operating systems.
  239. - http://www.cyberciti.biz/tips/linux-unix-windows-find-hidden-processes-tcp-udp-ports.html
  240.  
  241. Hacker Tools and their Signatures, Part Three: Rootkits | Symantec Connect Community
  242. by Toby Miller Hacker Tools and their Signatures, Part Three: Rootkits by Toby Miller
  243. This is the third installment of a series devoted to examining hacker tools and their signatures. In this installment we will be looking at some of the signatures related to the KOH rootkit.
  244. - http://www.symantec.com/connect/articles/hacker-tools-and-their-signatures-part-three-rootkits
  245.  
  246. Host Integrity Monitoring: Best Practices for Deployment | Symantec Connect Community
  247. by Brian Wotring Introduction There are now a number of commercial and open source solutions that can be used to effectively monitor the integrity of host environments.
  248. - http://www.symantec.com/connect/articles/host-integrity-monitoring-best-practices-deployment
  249.  
  250. HowTo: AIDE: Advanced Intrusion Detection Environment
  251. - http://www.debuntu.org/intrusion-detection-with-aide
  252.  
  253. How to: Detect ARP Spoofing under UNIX or Linux
  254. Find out if there's a man in the middle posing as your server.
  255. - http://www.cyberciti.biz/faq/how-to-detect-arp-spoofing-under-unix-or-linux/
  256.  
  257. How to disable loading of unnecessary kernel modules | Linux Poison
  258. - http://linuxpoison.blogspot.com/2009/06/how-to-disable-loading-of-unnecessary.html
  259.  
  260. How to keep a detailed audit trail of what’s being done on your Linux systems
  261. Howto log user activity using process accounting Process under Linux. Accounting allows you to keep detailed logs of every command a user runs, including CPU time and memory used.
  262. - http://www.cyberciti.biz/tips/howto-log-user-activity-using-process-accounting.html
  263.  
  264. Howto: Linux add remove a Linux kernel modules / drivers
  265. - http://www.cyberciti.biz/faq/add-remove-list-linux-kernel-modules/
  266.  
  267. Installing Tripwire on Ubuntu
  268. - http://netwizards.co.uk/installing-tripwire-on-ubuntu/
  269.  
  270. Installing Ubuntu 10.10 with full disk encryption
  271. - http://joernfranz.net/2011/01/20/installing-ubuntu-10-10-with-full-disk-encryption/
  272.  
  273. IP Spoofing: An Introduction | Symantec Connect Community
  274. by Matthew Tanase IP Spoofing: An Introduction by Matthew Tanase
  275. Criminals have long employed the tactic of masking their true identity, from disguises to aliases to caller-id blocking.
  276. - http://www.symantec.com/connect/articles/ip-spoofing-introduction
  277.  
  278. Lest We Remember: Cold Boot Attacks on Encryption Keys » Center for Information Technology Policy at Princeton
  279. - http://citp.princeton.edu/research/memory/
  280.  
  281. Linux Kernel Rootkits
  282. - http://www.la-samhna.de/library/rootkits/index.html
  283.  
  284. Linux on-the-fly kernel patching without LKM
  285. Phrack staff website.
  286. - http://www.phrack.com/issues.html?issue=58&id=7#article
  287.  
  288. Manage Passwords, Encryption Keys, and More with Seahorse
  289. Jack Wallen takes a look at Seahorse, a GUI tool for the Linux desktop to manage encryption keys, SSH keys, and passwords.
  290. - https://www.linux.com/learn/tutorials/456149-manage-passwords-encryption-keys-and-more-with-seahorse
  291.  
  292. Mebromi: the first BIOS rootkit in the wild « Webroot Threat Blog
  293. - http://blog.webroot.com/2011/09/13/mebromi-the-first-bios-rootkit-in-the-wild/
  294.  
  295. Modest Spec or Barebones Installation of Ubuntu
  296. - http://www.psychocats.net/ubuntu/minimal
  297.  
  298. Article+PDF: Rootkits - Rootkits on a PCI Card?
  299. - http://securitywatch.eweek.com/rootkits/rootkits_on_a_pci_card.html
  300.  
  301. Researchers: Rootkits headed for BIOS
  302. UPDATE: Insider attacks and industrial espionage could become more stealthy by hiding code in the core system functions stored on the motherboard, researchers say.
  303. - http://www.securityfocus.com/news/11372?ref=rss
  304.  
  305. Security - The Wireshark Wiki
  306. - http://wiki.wireshark.org/Security
  307.  
  308. Setting Tripwire
  309. How to Set up Tripwire, RedHat Linux
  310. - http://www.alwanza.com/howTo/linux/tripwire.html
  311.  
  312. Industrial-strength Linux lockdown, Part 1
  313. For technical and non-technical users alike, maintaining a large installed base of Linux machines can be a harrowing experience for an administrator. Technical users take advantage of Linux's extreme configurability to change everything to their liking, while non-technical users running amok within their own file systems. This tutorial is the first in a two-part series that shows you how and why to lock those machines down to streamline the associated support and administration processes. In this tutorial, you learn how to remove the interpreters from the installation base system.
  314. - https://www.ibm.com/developerworks/linux/tutorials/l-lockdown1/
  315.  
  316. Industrial-strength Linux lockdown, Part 2
  317. This tutorial, the second in a two-part series on locking your Linux machines down to streamline the associated support and administration processes, shows how to configure the Linux kernel to execute only signed binaries.
  318. - https://www.ibm.com/developerworks/linux/tutorials/l-lockdown2/index.html
  319.  
  320. Snooping on Text by Listening to the Keyboard
  321. - https://www.schneier.com/blog/archives/2005/09/snooping_on_tex.html
  322.  
  323. Articles and PDFs: Perception Warfare or War, Perceptual Conflict, Perception Space, Perception Operations, Perception Battlespace, P-Space
  324. - http://www.au.af.mil/info-ops/perception.htm
  325.  
  326. The Mind Has No Firewall
  327. - http://pastebin.com/JdkqxBAa
  328.  
  329. Tor + Polipo 5 Minute Install Guide Ubuntu 11.04/11.10
  330. - https://dangertux.wordpress.com/tutorials/tor-polipo-5-minute-install-guide-ubuntu-11-0411-10/
  331.  
  332. Ubuntu how to faillog
  333. - http://blog.bodhizazen.net/linux/ubuntu-how-to-faillog/
  334.  
  335. EncryptedPrivateDirectory - Ubuntu
  336. - https://help.ubuntu.com/community/EncryptedPrivateDirectory
  337.  
  338. FTP Attack Case Study Part I: The Analysis
  339. - http://www.linuxsecurity.com/content/view/117644/49/
  340.  
  341. GnuPrivacyGuardHowto / Ubuntu
  342. - https://help.ubuntu.com/community/GnuPrivacyGuardHowto
  343.  
  344. Grsecurity/Appendix/Grsecurity and PaX Configuration Options
  345. - https://secure.wikimedia.org/wikibooks/en/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options
  346.  
  347. Hacking Linux Exposed / The Hacking Linux Exposed Companion Website.
  348. - http://www.hackinglinuxexposed.com/articles/
  349.  
  350. How to install Ubuntu 11.04 on an encrypted LVM file system
  351. Ubuntu is one of many Linux distributions with support for LVM, the Linux Logical Volume Manager. LVM is a disk partitioning scheme that brings a level of flexibility to disk management that is not possible with the traditional method. With LVM, you can, if necessary, increase the size of a partition online, that is, while...
  352. - http://www.linuxbsdos.com/2011/05/10/how-to-install-ubuntu-11-04-on-an-encrypted-lvm-file-system/
  353.  
  354. Linux Home Networking - Tutorials and Forums
  355. Linux tutorials and forums covering many topics needed for certification exams and university courses. PDF text books also available.
  356. - http://www.linuxhomenetworking.com/
  357.  
  358. Linux Assembly - information on assembly programming under UNIX-like operating systems (Linux/BSD/BeOS/etc) Linux Assembly: Linux/UNIX assembly language programming portal
  359. - http://asm.sourceforge.net/
  360.  
  361. LinuxLogFiles / Ubuntu
  362. - https://help.ubuntu.com/community/LinuxLogFiles
  363.  
  364. Logwatch / Ubuntu
  365. - https://help.ubuntu.com/community/Logwatch
  366.  
  367. LPI 101 and 102 training manuals - Linux (PDF)
  368. - http://www.ledge.co.za/software/lpinotes/
  369.  
  370. Monitoring your filesystem for unauthorised change / debian-administration.org
  371. Tips for a Debian GNU/Linux System Administrator.
  372. - http://www.debian-administration.org/articles/49
  373.  
  374. PLT redirection through shared object injection into a running process - CodeProject®
  375. The first part of a two-part article which will illustrate how to redirect the PLT of a process through the injection of a shared object into its address space.; Author: Quake2th
  376. - http://www.codeproject.com/KB/cpp/shared_object_injection_1.aspx#brief_elf_str_code1
  377.  
  378. StricterDefaults / Ubuntu
  379. - https://help.ubuntu.com/community/StricterDefaults
  380.  
  381. The ELF Virus Writing HOWTO (Linux)
  382. - http://virus.bartolich.at/virus-writing-HOWTO/_html/index.html
  383.  
  384. Wireless Ethernet Devices For Amateur Radio (AX.25 over Ethernet) (ftp/PDF)
  385. - ftp://ftp.tapr.org/software_lib/ether/Ham_Ethernet_GBPPR.pdf
  386.  
  387. Why I hate Microsoft - A personal, lengthy, but highly articulate outburst
  388. - http://www.vanwensveen.nl/rants/microsoft/IhateMS.html
  389.  
  390. 2011 CWE/SANS Top 25 Most Dangerous Software Errors
  391. - http://cwe.mitre.org/top25/
  392. ----------------------------------------
  393.  
  394. ** 5003: Antivirus LiveCDs - boot and scan your system for malware
  395.  
  396. AVG Rescue LiveCD
  397. Recover your data after your PC has been infected. Download AVG Rescue CD and start data recovery process. Free recovery software.
  398. - http://www.avg.com/us-en/avg-rescue-cd-download
  399.  
  400. F-Secure Rescue CD / LiveCD
  401. - http://www.f-secure.com/en/web/labs_global/removal/rescue-cd
  402.  
  403. Kaspersky Rescue Disk / LiveCD
  404. - http://support.kaspersky.com/viruses/rescuedisk?level=2
  405.  
  406. Microsoft Standalone System Sweeper Beta | LiveCD
  407. - https://connect.microsoft.com/systemsweeper
  408.  
  409. Windows Defender LiveCD
  410. - http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
  411. ----------------------------------------
  412.  
  413. ** 5004: Random Links
  414.  
  415. rose-exploit - Remote kernel exploit for ROSE amateur radio (code)
  416. "This is an exploit for CVE-2011-1493, a remote stack overflow in the Linux implementation of the ROSE amateur radio protocol. THIS IS PROOF OF CONCEPT.It should work very reliably on the kernel I tested (Ubuntu Server 10.04), but I make no promises about other kernels. Obviously, any hard-coded addresses and offsets (in payload.h) must be adjusted for the targeted kernel."
  417. - https://github.com/djrbliss/rose-exploit
  418.  
  419. Switzerland Network Testing Tool
  420. # Is your ISP interfering with your BitTorrent connections? Cutting off your VOIP calls? Undermining the principles of network neutrality? In order to answer those questions, concerned Internet users need tools to test their Internet connections and gather evidence about ISP interference practices. After all, if it weren't for the testing efforts of Rob Topolski, the Associated Press, and EFF, Comcast would still be stone-walling about their now-infamous BitTorrent blocking efforts.
  421. # Developed by the Electronic Frontier Foundation, Switzerland is an open source software tool for testing the integrity of data communications over networks, ISPs and firewalls. It will spot IP packets which are forged or modified between clients, inform you, and give you copies of the modified packets.
  422. - https://www.eff.org/pages/switzerland-network-testing-tool
  423.  
  424. Ask Ubuntu - Ubuntu Q&A
  425. - http://askubuntu.com/
  426.  
  427. OMG! Ubuntu! | Everything Ubuntu. Daily.
  428. - http://www.omgubuntu.co.uk/
  429.  
  430. Trapkit.de
  431. - http://trapkit.de/
  432.  
  433. InfoWorld.com
  434. - https://www.infoworld.com/
  435.  
  436. RootzWiki is a community of Android enthusiasts, developers, themers, and experts. RootzWiki is formed by the community for the community. We pride ourselves on giving back to the people who make Android great: you. We regularly give phones to developers using a portion of the funds created by the advertisements you see here at RootzWiki. We do this to help ensure the Android world keeps on spinning. We love seeing all the amazing things that come from the community. You make this platform great. You make our phones great. We want to be your number one source for Android information, community, and, of course, free devices for developers.
  437. - http://rootzwiki.com/
  438.  
  439. Beta Beat - tech blog
  440. - http://www.betabeat.com/
  441.  
  442. BIOS Implementation Test Suite
  443. - http://biosbits.org/
  444.  
  445. Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points.
  446. - http://blackalchemy.to/project/fakeap/
  447.  
  448. bodhizazen's Ubuntu Blog
  449. - http://blog.bodhizazen.net/
  450.  
  451. BorderFire Report - Reporting The Invasion of America
  452. - http://borderfirereport.net/
  453.  
  454. BrickHouse Security | Home Security Camera Systems | GPS Surveillance
  455. BrickHouse Security is the Global Leader in Home Security, Cameras for Covert Video Surveillance & GPS Tracking. Government-Grade Home Security, Wireless Cameras, & Spy GPS Products are Now Available To The Public
  456. - http://www.brickhousesecurity.com/
  457.  
  458. Linux Man Pages
  459. - http://linuxmanpages.com/
  460.  
  461. coreboot / BIOS related
  462. - http://www.coreboot.org/
  463.  
  464. SeaBIOS @ coreboot
  465. - http://www.coreboot.org/SeaBIOS
  466.  
  467. SeaBIOS
  468. - http://www.seabios.org/SeaBIOS
  469.  
  470. Detecting Kernel Rootkits
  471. - http://la-samhna.de/library/rootkits/detect.html
  472.  
  473. DNSCrypt
  474. - https://www.opendns.com/technology/dnscrypt/
  475.  
  476. Dedoimedo offers detailed, step-by-step tutorials on a wide range of computer-related topics, including operating system installation guides and reviews, security tips and tricks, virtualization, general computing, and more, all accompanied by screenshots and tons of examples. There's something for everyone, from newbies to experts.
  477. - http://dedoimedo.com/
  478.  
  479. I2P Anonymous Network
  480. - http://www.i2p2.de/
  481.  
  482. Lynis - Security and system auditing tool for Linux
  483. - http://www.rootkit.nl/projects/lynis.html
  484.  
  485. MI5 - The Security Service
  486. The Security Service (MI5) is a British intelligence agency working to protect the UK's national security against threats such as terrorism and espionage.
  487. - https://www.mi5.gov.uk/
  488.  
  489. Microsoft Safety Scanner
  490. Do you think your PC has a virus? The Microsoft Safety Scanner is a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software. Note: The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.
  491. Remove spyware, malware, viruses and other malicious software with this free Microsoft Safety Scanner for your PC.
  492. - https://www.microsoft.com/security/scanner/en-us/default.aspx
  493.  
  494. msramdmp:
  495. McGrew Security RAM Dumper Creating bootable USB drives for capturing the contents of memory
  496. - http://www.mcgrewsecurity.com/tools/msramdmp/
  497.  
  498. nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format
  499. Linux blog by Vivek - Includes news, help, tutorials, programming, tips and how-to guides for Linux, UNIX, and BSD.
  500. - http://www.cyberciti.biz/
  501.  
  502. onPoint Tactical LLC - Legendary Skills for Today's Professional
  503. onPoint Tactical offers superior training for military, law enforcement, and select professionals & civilians who require advanced outdoor skill sets to survive and thrive in today's demanding world.
  504. - http://onpointtactical.com/
  505.  
  506. Prey Project: Open source anti-theft solution for your laptop, phone and tablet
  507. Prey is a lightweight tracking software that helps you find, lock and recover your stuff if it's stolen or goes missing. For Mac, Windows, Linux, iPhone, iPad & Android.
  508. - http://preyproject.com/
  509.  
  510. Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps. by Joanna Rutkowska
  511. - http://qubes-os.org/
  512.  
  513. Source Code Security Analyzers - SAMATE
  514. - http://samate.nist.gov/index.php/Source_Code_Security_Analyzers.html
  515.  
  516. sslsniff
  517. - http://www.thoughtcrime.org/software/sslsniff/
  518.  
  519. Taiwan spy agency denies magnetic attack
  520. - http://pastebin.com/KNtCVkpN
  521.  
  522. TLD is an award-winning, real-time algorithm for tracking of unknown objects in video streams. The object of interest is defined by a bounding box in a single frame. TLD simultaneously Tracks the object, Learns its appearance and Detects it whenever it appears in the video. The result is a real-time tracking that typically improves over time. Due to its learning abilities, TLD has been advertised under name Predator
  523. - http://info.ee.surrey.ac.uk/Personal/Z.Kalal/tld.html
  524.  
  525. Top Secret America | washingtonpost.com
  526. Washington Post reporters Dana Priest and William M. Arkin's investigation of the government's response to 9/11. Top Secret America explores what they found.
  527. - http://projects.washingtonpost.com/top-secret-america/
  528.  
  529. Tor Mail - free e-mail (not related to the Official Tor Project, requires Tor to access)
  530. - Intro: http://tormail.net/
  531. - Hidden Service: http://jhiwjjlqpyawmpjx.onion/
  532.  
  533. TRESOR Runs Encryption Securely Outside RAM | IT-Sicherheitsinfrastrukturen (Informatik 1)
  534. - http://www1.informatik.uni-erlangen.de/tresor
  535.  
  536. Vigilant Citizen
  537. - http://vigilantcitizen.com/
  538.  
  539. Vigilant Citizen Forums
  540. - http://vigilantcitizen.com/vcboards/
  541.  
  542. VX32 Virtual Extension Environment
  543. - http://pdos.csail.mit.edu/~baford/vm/
  544.  
  545. Mind Justice. A nonprofit 501(c)3 human rights group working for the rights and protections of mental integrity and freedom from new technologies and weapons which target the mind and nervous system. Formed to stop nonconsensual experimentation by the U.S. and other governments. Includes victims advocacy, research, legislative, legal and international remedies and public education.
  546. - http://mindjustice.org/
  547.  
  548. bashoneliners.com, a place for practical or just pure awesome bash one-liners or shell script tips and tricks for GNU Linux, UNIX or BSD systems.
  549. - http://www.bashoneliners.com/
  550.  
  551. Search Engine Land is a news and information site covering search engine marketing, searching issues and the search engine industry.
  552. - http://searchengineland.com/
  553.  
  554. winsupersite.com / Microsoft Windows News
  555. - http://www.winsupersite.com/
  556. -- http://www.winsupersite.com/blogcontent/supersite-blog-39
  557.  
  558. ----------------------------------------
  559.  
  560. ** 5005: Security Blogs
  561.  
  562. SANS Computer Security News/Newsletters
  563. - https://www.sans.org/newsletters/
  564. -- https://www.sans.org/newsletters/#newsbites
  565. -- https://www.sans.org/newsletters/#risk
  566. -- https://www.sans.org/newsletters/#ouch
  567.  
  568. ReversingLabs has been founded with the goal to provide the best file analysis tools and the best software protection tools.  Our expertise in building superior software reversing tools, gives ReversingLabs a unique background for creating superior software protection tools. Reverse Engineering is an Art where the most complex protection schemas are the least publicly available. Our tools enable the security industry, governments and research institutions to rapidly and effectively reduce the spread of malware.
  569. - http://blog.reversinglabs.com/
  570.  
  571. blog.zx2c4.com - The technical writings and blog of Jason A. Donenfeld, aka ZX2C4: Nerdling Sapple. Articles about coding, technology, programming, open source, kde, linux, kernel hacking, C, javascript, bash, and a modicum of other topics.
  572. - http://blog.zx2c4.com/
  573.  
  574. Infosanity's Blog - Offensive and Defensive IT Security
  575. - http://blog.infosanity.co.uk/
  576.  
  577. AppRiver Blog
  578. - http://blogs.appriver.com/blog/appriver
  579. -- http://blogs.appriver.com/
  580.  
  581. BrickHouse Security Blog (See Section 5004, company selling security products)
  582. - http://blog.brickhousesecurity.com/
  583.  
  584. Dan Kaminsky's Blog (Or: The Blog Formerly Known As DoxPara Research)
  585. - http://dankaminsky.com/
  586.  
  587. eweek.com - Security News
  588. Network IT security hardware purchases can be costly...be sure to do your research with eWeek and get the Security you need. The latest IT security news, insight, analysis and product reviews covering network security, Anti Spam and Anti Virus. Coverage includes topics such as Network Access Control (NAC), botnets, phishing, wireless network security hardware, computer network security, data security, malware and the latest security trends.
  589. - http://www.eweek.com/c/s/Security/
  590.  
  591. Mozilla Foundation Security Advisories
  592. - https://www.mozilla.org/security/announce/
  593.  
  594. Security News @ Softpedia
  595. - http://news.softpedia.com/cat/Security/
  596.  
  597. SurvivalBlog.com
  598. - http://www.survivalblog.com/
  599.  
  600. The Security Ray - TSR | Hacking News| Security News| Hacker News| Tech News
  601. The Ultimate Source Of Underground Hacking And Security News.All kinds of hacking news,tech news,security news,hackers news,hackers interview,hackers activities,security bug,vulnerability news,security patched news,exploit news,linux news is here.The full Cyber Space tech news security and hacking news is here
  602. - http://www.security-ray.com/
  603.  
  604. The SSD Project | EFF Surveillance Self-Defense Project
  605. - https://ssd.eff.org/
  606.  
  607. Webroot Threat Blog
  608. - http://blog.webroot.com/
  609.  
  610. Network Tutorials, Server Tutorials, School For IT | SKULLBOX.NET
  611. - http://www.skullbox.net/index.php
  612.  
  613. TheHiddenEvil.com - This website is devoted to explaining a global program of torture, murder & persecution which the webmaster calls the Hidden Evil. It includes a vast network of plain-clothed citizen informants, which is used for public stalking, & the use of Directed Energy Weapons on targeted individuals. All core factions of the community are involved, & everyone, from seniors to children, participates in Gang Stalking. Governments have used these groups in some form since the Roman Empire. The Hidden Evil is an example of this pattern repeating itself. (Book and Blog)
  614. - http://thehiddenevil.com/
  615.  
  616. trapkit.de blog
  617. - http://tk-blog.blogspot.com/
  618.  
  619. Denny's Blog
  620. - http://polarwave.blogspot.com/
  621.  
  622. Captain Freedom's Blog - Blog about OpenBSD, network security, and cryptography
  623. - http://www.capnfreedom.com/
  624.  
  625. shellguardians.com - When a shell is not enough
  626. - http://www.shellguardians.com/
  627.  
  628. OpenDNS Blog - News & Notes from the OpenDNS team
  629. - https://blog.opendns.com/
  630.  
  631. Trusteer Blog
  632. - http://www.trusteer.com/blog
  633. ----------------------------------------
  634.  
  635. ** 5006: Security Forums (Web based Discussion Forums)
  636.  
  637. Comodo.com forums
  638. - http://forums.comodo.com/
  639.  
  640. Defense Forum - Military Defence Technology Air Force Army Navy
  641. Global defence forum on topics for military aviation, air force, army, navy, missiles, defense technology, space and nuclear forces as well as post military pictures and videos. Discuss world security issues in areas such as war on terror, piracy and nuclear weapons threats.
  642. - http://www.defencetalk.com/forums/
  643.  
  644. survivalistboards.com - Survival forum gear reviews self sufficiency disaster emergency preparedness primitive skills wilderness survival
  645. - http://www.survivalistboards.com/
  646. ----------------------------------------
  647.  
  648. ** 5007 : Security Magazines & Zines
  649.  
  650. SECUREVIEW is an electronic publication from Kaspersky Lab that provides information about all aspects of the IT security industry.
  651. - http://secureviewmag.com/
  652.  
  653. HITB Quarterly Magazine / hackinthebox.org
  654. - http://magazine.hackinthebox.org/
  655.  
  656. O'Reilly Commons - Free Linux Books
  657. - http://commons.oreilly.com/wiki/index.php/O%27Reilly_Commons
  658.  
  659. ClubHACK - ClubHack decided to come up with its own 1st  Indian "Hacking" Magazine called CHmag
  660. - http://chmag.in/
  661. -- http://chmag.in/issue/all
  662.  
  663. Ubuntu Pocket Guide and Reference (PDF)
  664. - http://ubuntupocketguide.com/index_main.html
  665.  
  666. ----------------------------------------
  667.  
  668. This is the end of HUGE Security Resource - version 5000 - 03/06/12
  669.  
  670. We post this publication first at pastebin.com. Please stay tuned
  671. for the next version of HUGE Security Resource. It's not the best
  672. of names for a publication, but we're lazy, and this is free for
  673. you.
  674. ----------------------------------------
  675. As the top of this version's post explains, the name of this updated
  676. guide is now the above, but for reference we're displaying the previous
  677. versions with the previous name:
  678.  
  679. (old) HUGE List of Security Blogs: Unix, Linux, Windows:
  680.  
  681. PART   #  URL                            Release Date
  682. ------ -  ---------------------------- - -------------
  683. - part 1: http://pastebin.com/FwjBMJib - Dec 30th,2011
  684. - part 2: http://pastebin.com/R9gpVemL - Jan 3rd, 2012
  685. - part 3: http://pastebin.com/vgj3qKDW - Jan 3rd, 2012
  686. - part 4: http://pastebin.com/F1JcZHLz - Jan 5th, 2012
  687. ------ -  ---------------------------- - -------------
  688.  
  689.              Thanks for reading!
  690.  
  691. Consideration #1: Are crossword puzzles and similar puzzles
  692. published in print simply devices to alter the brain by
  693. inserting carefully prepared words, phrases, and
  694. numbers into your thought processes in order to trigger
  695. or establish some type of action, or... connection.. to
  696. something?
  697.  
  698. Consideration #2: What if all secret agencies were of one
  699. accord spiritually, like in the paintings of dogs playing
  700. poker, just using humanity to play out one big game of
  701. destruction and domination with humans as the visible and
  702. spiritual puppets?
  703. ===============================================================
  704. Previous version, part 4:
  705.  
  706. (old) HUGE List of Security Blogs: Unix, Linux, Windows - Part 4
  707.  
  708. ==> HUGE List of Security Blogs (Unix/Linux/Windows)        <==
  709. ==> all packed with superb information & updated frequently <==
  710.           --> <Updated> [01/05/2012] <==
  711.  
  712. http://blogs.adobe.com/psirt/
  713. http://anti-virus-rants.blogspot.com/
  714. http://asert.arbornetworks.com/
  715. http://blog.avast.com/
  716. http://www.blackbag.nl/
  717. http://www.bunniestudios.com/wordpress/
  718. http://cansecwest.com/
  719. http://carnal0wnage.attackresearch.com/
  720. http://www.cerias.purdue.edu/site/blog
  721. http://cerias.purdue.edu/site/blog/author/spaf
  722. http://blogs.cisco.com/security
  723. http://blog.clamav.net/
  724. http://blog.commandlinekungfu.com/
  725. http://computer.forensikblog.de/en/
  726. http://www.cryptogon.com/
  727. http://www.cryptome.org/
  728. http://www.cutawaysecurity.com/blog/
  729. http://cyb3rcrim3.blogspot.com/
  730. http://garwarner.blogspot.com/
  731. http://cyberspeak.libsyn.com/
  732. http://ddanchev.blogspot.com/
  733. http://darknet.org.uk/
  734. http://darkreading.com/
  735. http://www.thedarkvisitor.com/
  736. http://blog.didierstevens.com/
  737. http://digfor.blogspot.com/
  738. http://edsmiley.com/
  739. http://emergentchaos.com/
  740. http://blog.emsisoft.com/
  741. http://blog.eset.com/
  742. http://fasthorizon.blogspot.com/
  743. http://www.financialcryptography.com/
  744. http://blog.fireeye.com/research
  745. http://www.forensickb.com/
  746. http://fraudwar.blogspot.com/
  747. http://www.f-secure.com/weblog
  748. http://blog.oxff.net/
  749. http://gleeda.blogspot.com/
  750. http://googleonlinesecurity.blogspot.com/
  751. http://www.sophos.com/blogs/gc
  752. http://grandstreamdreams.blogspot.com/
  753. http://www.hackaday.com/
  754. http://ha.ckers.org/blog
  755. http://www.hexblog.com/
  756. http://holisticinfosec.blogspot.com/
  757. http://honeyblog.org/
  758. http://www.h-online.com/security/
  759. http://blogs.iss.net/
  760. http://invisiblethings.org/
  761. http://theinvisiblethings.blogspot.com/
  762. http://jeremiahgrossman.blogspot.com/
  763. http://krebsonsecurity.com/
  764. http://www.l0t3k.org/en/
  765. http://blog.layeredsec.com/
  766. http://www.lightbluetouchpaper.org/
  767. http://blog.trendmicro.com/
  768. http://www.malwaredomainlist.com/
  769. http://chargen.matasano.com/
  770. http://www.avertlabs.com/research/blog/
  771. http://blog.metasploit.com/
  772. http://blogs.technet.com/mmpc/default.aspx
  773. http://securityincite.com/blog/mike-rothman
  774. http://www.milw0rm.com/
  775. http://blog.mandiant.com/
  776. http://www.offensivecomputing.net/
  777. http://www.offensive-security.com/blog/
  778. http://www.openrce.org/articles/
  779. http://www.packetstormsecurity.org/
  780. http://philosecurity.org/
  781. http://praetorianprefect.com/
  782. http://www.prevx.com/blog.asp
  783. http://pseudo-flaw.net/log/
  784. http://www.rationalsurvivability.com/blog/
  785. http://rdist.root.org/
  786. http://blogs.sans.org/
  787. https://blogs.sans.org/computer-forensics/
  788. http://www.schneier.com/blog
  789. http://blog.zoller.lu/
  790. http://www.fas.org/blog/secrecy/
  791. http://www.secsocial.com/blog/
  792. http://secunia.com/advisories/
  793. http://www.securelist.com/en/weblog
  794. http://blogs.securiteam.com/
  795. http://blog.security4all.be/
  796. http://securosis.com/blog
  797. http://www.shmoocon.org/
  798. http://www.shmoo.com/news/
  799. http://blog.snort.org/
  800. http://blog.stopbadware.org/
  801. http://sunbeltblog.blogspot.com/
  802. http://www.symantec.com/business/security_response/weblog/
  803. http://taosecurity.blogspot.com/
  804. http://www.teamfurry.com/wordpress/
  805. http://blogs.technet.com/msrc/
  806. http://blog.threatexpert.com/
  807. http://threatpost.com/
  808. http://blog.tsa.gov/
  809. http://blog.uncommonsensesecurity.com/
  810. http://volatility.tumblr.com/
  811. http://securitylabs.websense.com/
  812. http://windowsir.blogspot.com/
  813. http://www.wired.com/threatlevel/
  814. http://blogs.zdnet.com/security/
  815. http://blog.zynamics.com/
  816. http://www.afcea.org/signal/signalscape/
  817. http://dhs-daily-report.blogspot.com/
  818. https://blog.torproject.org/
  819. http://www.securitywire.com/
  820. http://pauldotcom.com/
  821. http://www.exploit-db.com/
  822. http://www.networkworld.com/topics/security.html
  823. http://www.acunetix.com/blog/
  824. http://www.allspammedup.com/
  825. http://www.gfi.com/blog/
  826. http://www.infosecblog.org/
  827. http://www.techrepublic.com/blog/security
  828. http://www.theemailadmin.com/
  829. http://www.theregister.co.uk/security/
  830. http://seclists.org/
  831. http://www.afcea.org/signal/signalscape/
  832. http://www.woodmann.com/forum/blog.php
  833. http://www.nsa.gov/
  834. http://blogs.technet.com/b/sysinternals/
  835. http://www.securityweek.com/
  836. http://superantispyware.com/blog/
  837. http://www.securitytracker.com/
  838. http://spyblog.org.uk/
  839. http://www.net-security.org/
  840. http://news.cnet.com/security
  841. http://www.fas.org/blog/ssp/
  842.  
  843. Project/Wiki:
  844. Freedom Box: http://wiki.debian.org/freedombox
  845.  
  846. http://blogs.pcmag.com/securitywatch/
  847. http://labs.m86security.com/
  848. http://www.irongeek.com/
  849.  
  850. http://rijmenants.blogspot.com/
  851. Cipher Machines & Cryptology / Intelligence / Security
  852. "Cipher machines & cryptology, history of Signals Intelligence and Communications Security, espionage and intelligence services, from WW2, over the Cold World era, to date."
  853.  
  854. http://blog.webroot.com/
  855. http://crypto.stanford.edu/
  856. https://ssd.eff.org/
  857. http://publicintelligence.net/
  858. http://www.wikileaks.org/
  859. http://www.itstactical.com/
  860. http://www.forensicswiki.org/
  861. http://p4r4n0id.com/
  862. http://cryptocomb.org/
  863. http://anonymous.livelyblog.com/
  864. https://trac.torproject.org/projects/tor/wiki
  865. http://www.security-ray.com/
  866. http://ticklethewire.com/
  867. http://vulnfactory.org/blog/
  868. https://psal.cs.drexel.edu/index.php/Main_Page
  869. http://www.pgpboard.com/
  870. https://yorkporc.wordpress.com/
  871. http://www.catonmat.net/
  872. http://www.heinz.cmu.edu/~acquisti/shb/participants.htm
  873. http://www.cyberciti.biz/
  874. http://www.omgubuntu.co.uk/
  875. http://www.ledge.co.za/software/lpinotes/
  876. http://inciweb.org/
  877. https://www.ibm.com/developerworks/linux/
  878. https://www.ibm.com/developerworks/topics/
  879. https://www.ibm.com/developerworks/
  880. https://www.ibm.com/developerworks/aix/library/
  881. http://www.neowin.net/forum/topic/934274-freeware-alternative-list/
  882. http://www.hackinglinuxexposed.com/articles/
  883. http://dankaminsky.com/
  884. http://blog.bodhizazen.net/
  885. http://askubuntu.com/
  886.  
  887. -==> New Links below! 01/05/2012 <==-
  888.  
  889. http://computer-forensics.sans.org/blog
  890. https://365.rsaconference.com/blogs/rsa-conference-blog
  891. https://365.rsaconference.com/blogs/critical-infrastructure
  892. https://365.rsaconference.com/blogs/ira-winkler
  893. https://365.rsaconference.com/blogs/ediscovery
  894. https://365.rsaconference.com/blogs/securityreading
  895. https://365.rsaconference.com/blogs/fred-stock
  896. http://securityblog.verizonbusiness.com/
  897. http://www.flyingpenguin.com/
  898. https://blog.whitehatsec.com/
  899. http://robert.penz.name/
  900. https://fightinginsecurity.wordpress.com/
  901. http://www.cristoncox.com/
  902. http://www.paranoidprose.com/
  903. http://dvlabs.tippingpoint.com/blog/
  904.  
  905. "For those who are interested in mobile/wireless in general, and wireless LANs in particular, this page provides resource links about 802.11 and related security and mobility topics"
  906. -- Lisa Phifer, Core Competence, Inc.
  907. http://www.corecom.com/html/wlan.html
  908.  
  909. http://www.wmarkbrooks.com/
  910. https://www.veracode.com/blog/
  911. http://devcentral.f5.com/weblogs/macvittie/Default.aspx
  912. http://chuvakin.blogspot.com/
  913. http://gigaom.com/cloud/
  914. http://lastwatchdog.com/
  915. http://www.cryptosmith.com/
  916. http://blogs.verisign.com/innovation/
  917. https://chainmailcheck.wordpress.com/
  918. http://superconductor.voltage.com/
  919. http://www.educatedguesswork.org/
  920. https://techbuddha.wordpress.com/
  921. http://www.scmagazine.com/the-data-breach-blog/section/1263/
  922. https://www.brandenwilliams.com/blog/
  923. http://infosecplace.com/blog/
  924. http://www.thetechherald.com/security
  925. http://www.clerkendweller.com/
  926. http://blog.tenablesecurity.com/
  927. http://coffeetocode.net/
  928. http://technicalinfodotnet.blogspot.com/
  929. http://www.teamshatter.com/
  930. http://www.stratumsecurity.com/blog/
  931. http://www.cgisecurity.com/
  932. http://blog.spywareguide.com/
  933. https://amtso.wordpress.com/
  934. http://blog.spiderlabs.com/
  935. https://gregness.wordpress.com/
  936. http://daveshackleford.com/
  937. https://marienfeldt.wordpress.com/
  938. http://blog.rootshell.be/
  939. http://www.thesecuritysamurai.com/
  940. http://community.websense.com/blogs/securitylabs/default.aspx
  941. http://securitybraindump.blogspot.com/
  942. http://dsecrg.blogspot.com/
  943. http://blog.c22.cc/
  944. http://securityandrisk.blogspot.com/
  945. http://www.social-engineer.org/framework/Social_Engineering_Framework
  946. http://blog.gerhards.net/
  947. http://www.paranoidprose.com/
  948. http://www.sensepost.com/blog/
  949. https://pinvoke.wordpress.com/
  950. http://www.liquidmatrix.org/blog/
  951. http://www.standalone-sysadmin.com/blog/
  952. http://infolookup.securegossip.com/
  953. http://blog.watchfire.com/wfblog/
  954. http://www.frontlinesentinel.com/
  955. http://elie.im/blog/
  956. http://maliciousattacker.blogspot.com/
  957.  
  958. Most Powerful Voices in Security Who are the Top 25?
  959. The Rest of the Top 100 -
  960. * 100 security guru's listed with their Twitter pages
  961. and personal/blog sites: (Sep. 8, 2011) Posted here as one
  962. link rather than posting around 100 Twitter personal pages.
  963. http://www.sys-con.com/node/1974029
  964.  
  965. - Publications:
  966. http://bsdmag.org/
  967. http://hakin9.org/
  968. http://magazine.hackinthebox.org/
  969. http://www.uninformed.org/
  970. https://www.net-security.org/insecuremag.php
  971.  
  972. - Forums:
  973. http://www.wilderssecurity.com/
  974. http://www.wilderssecurity.com/showthread.php?t=242949
  975. http://hardforum.com/showthread.php?t=781545
  976. http://www.binrev.com/forums/
  977. http://hak5.org/forums/