Bookmarks
Bookmarks Menu
Recently Bookmarked
Recent Tags
Mozilla Firefox
Recently Bookmarked
Recent Tags
Mozilla Firefox
Hackery
XFS 101: Cross-Frame Scripting Explained | SecureState Information Security Blog
DeepSec 2007 - Aaron Portnoy Cody Pierce - RPC Auditing Tools and Techniques
HD Moore on Metasploit, Exploitation and the Art of Pen Testing | threatpost
Network Time Protocol (NTP) Fun | carnal0wnage.attackresearch.com
Database_Pen_Testing_ISSA_March_25_V2.pdf (application/pdf Object)
pyrit - WPA/WPA2-PSK and a world of affordable many-core platforms - Google Project Hosting
SQLi
uploadtricks
LFI/RFI
XSS
Coldfusion
SharePoint
Lotus
jboss
vmware web
Oracle appserver
SAP
MS Access SQL Injection Cheat Sheet » krazl - ™ ķЯαž£ ™ - bloggerholic
Security Override - Articles: The Complete Guide to SQL Injections
Exploiting hard filtered SQL Injections « Reiners’ Weblog
YouTube - Joe McCray - Advanced SQL Injection - LayerOne 2009
Joe McCray - Advanced SQL Injection - L1 2009.pdf (application/pdf Object)
sla.ckers.org web application security forum :: Obfuscation :: SQL filter evasion
Overlooked SQL Injection 20071021.pdf (application/pdf Object)
Secure File Upload in PHP Web Applications | INSIC DESIGNS
Tricks and Tips: Bypassing Image Uploaders. - By: t3hmadhatt3r
Security FCKeditor ADS File Upload Vulnerability - Windows Only
TangoCMS - Security #237: File Upload Filter Bypass in TangoCMS <=2.5.0 - TangoCMS Project
Full Disclosure: Zeroboard File Upload & extension bypass Vulnerability
TikiWiki jhot.php Script File Upload Security Bypass Vulnerability
Exploiting PHP File Inclusion – Overview « Reiners’ Weblog
Local File Inclusion – Tricks of the Trade « Neohapsis Labs
Cross-Site Scripting (XSS) – no script required - Tales from the Crypto
Guide Cross Site Scripting - Attack and Defense guide - InterN0T - Underground Security Training
BlackHat-EU-2010-Lindsay-Nava-IE8-XSS-Filters-slides.pdf (application/pdf Object)
sirdarckcat: Our Favorite XSS Filters and how to Attack them
ColdFusion directory traversal FAQ (CVE-2010-2861) | GNUCITIZEN
HP Blogs - Adobe ColdFusion's Directory Traversal Disaster - The HP Blog Hub
254_ShlomyGantz_August2009_HackProofingColdFusion.pdf (application/pdf Object)
Adobe XML Injection Metasploit Module | carnal0wnage.attackresearch.com
Lotus Notes/Domino Security - David Robert's -castlebbs- Blog
Whitepaper-Hacking-jBoss-using-a-Browser.pdf (application/pdf Object)
'[john-users] patch for SAP-passwords (BCODE & PASSCODE)' - MARC
Sec / Hacking
Metasploit
Programming
Other/Misc
Metasploit Class Videos (Hacking Illustrated Series InfoSec Tutorial Videos)
TheNewBoston – Free Educational Video Tutorials on Computer Programming and More! » Python
Learning Python Programming Language Through Video Lectures - good coders code, great reuse
Python
Ruby
OSINT
Google Hacking
Web
Social Engineering
Password
Metasploit
NSE
Net Scanners & Scripts
Post Exploitation
Netcat
Source Inspection
Firefox Addons
Tool Listings
document-metadata-silent-killer_32974 (application/pdf Object)
Edge-Security - Metagoofil - Metadata analyzer - Information Gathering
Security and Networking - Blog - Metadata Enumeration with FOCA
Metadata
Burp
Mallory: Transparent TCP and UDP Proxy – Intrepidus Group - Insight
Watcher: Web security testing tool and passive vulnerability scanner
fuzzing-approach-credentials-discovery-burp-intruder_33214 (application/pdf Object)
Constricting the Web: The GDS Burp API - Gotham Digital Science
Browse Belch - Burp External Channel v1.0 Files on SourceForge.net
Burp Suite Tutorial – Repeater and Comparer Tools « Security Ninja
http://www.packetstormsecurity.org/UNIX/scanners/XSSscan.py.txt
WindowsAttack - fimap - Windows Attacking Example - Project Hosting on Google Code
News :: Arachni - Web Application Security Scanner Framework
inspathx – Tool For Finding Path Disclosure Vulnerabilities
DotDotPwn - The Directory Traversal Fuzzer 2.1 ≈ Packet Storm
XSSer: automatic tool for pentesting XSS attacks against different applications
XSSer: automatic tool for pentesting XSS attacks against different applications
Attack Strings
Shells
Scanners
Proxies
squid-imposter - Phishing attack w/HTML5 offline cache framework based on Squid proxy
markremark: Reverse Pivots with Metasploit - How NOT to make the lightbulb
WmapNikto - msf-hack - One-sentence summary of this page. - Project Hosting on Google Code
Metasploit/MeterpreterClient - Wikibooks, collection of open-content textbooks
MSF Exploits or Easy
http://www.awarenetwork.org/home/rattle/source/python/exe2bat.py
NetCat tutorial: Day1 [Archive] - Antionline Forums - Maximum Security for a Connected World
David's Pen Testing (Security) Collection :: Collections :: Pengaya untuk Firefox
A Hacker's Story: Let me tell you just how easily I can steal your personal data - Techvibes.com
defcon-17-sam_bowne-hijacking_web_2.0.pdf (application/pdf Object)
Ettercap(ManInTheMiddleAttack-tool).pdf (application/pdf Object)
Thicknet: It does more than Oracle, Steve Ocepek securityjustice on USTREAM. Computers
LM/NTLM Challenge / Response Authentication - Foofus.Net Security Stuff
Electric Alchemy: Cracking Passwords in the Cloud: Breaking PGP on EC2 with EDPR
Wordlists
Pass the Hash
pass-the-hash-attacks-tools-mitigation_33283 (application/pdf Object)
Offensive Computing | Community Malicious code research and analysis
Myne-us: From 0x90 to 0x4c454554, a journey into exploitation.
Past, Present, Future of Windows Exploitation | Abysssec Security Research
The Ethical Hacker Network - Smashing The Modern Stack For Fun And Profit
x9090's Blog: [TUTORIAL] Exploit Writting Tutorial From Basic To Intermediate
This reference is intended to be precise opcode and instruction set reference (including x86-64). Its principal aim is exact definition of instruction parameters and attributes.
ISO's / VMs
Vulnerable Software
Test Sites
pWnOS
wavsep - Web Application Vulnerability Scanner Evaluation Project
Security Advancements at the Monastery » Blog Archive » What’s in Your Folder: Security Cheat Sheets
Information about developments at the Monastery
Agile Hacking
OS & Scripts
Tools
Agile Hacking: A Homegrown Telnet-based Portscanner | GNUCITIZEN
Pentesting Ninjitsu 2 Infrastructure and Netcat without Netcat
IPv4 subnetting reference - Wikipedia, the free encyclopedia
Presentations
People and Orginizational
Infastructure
Enterprise Open Source Intelligence Gathering – Part 1 Social Networks — spylogic.net
document_metadata_the_silent_killer__32974 (application/pdf Object)
footprinting - passive information gathering before a pentest
Business Network - Social Network for Business Professionals
yasni.com | No. 1 free people search - Find anyone on the web
Tweepz.com - search, find and discover interesting people on twitter
White Pages | Email Lookup | People Find Tools at The Ultimates
Free online network utilities - traceroute, nslookup, automatic whois lookup, ping, finger
MSN IP Search
SSL Labs - Projects / Public SSL Server Database - SSL Server Test
Blogs worth it
Forums
Magazines
Video
PenTestIT — Your source for Information Security Related information!
Your source for Information Security related information!
Hacker Media
Methodologies
OSINT
Exploits and Advisories
Cheat Sheets and Syntax
Distros
Labs
Exploitation Intro
Reverse Engineering & Malware
Passwords and Hashes
MitM
Tools
Training/Classes
Web Vectors
Wireless
Capture the Flag/Wargames
Conferences
misc/unsorted
Bookmarks Toolbar
Add bookmarks to this folder to see them displayed on the Bookmarks Toolbar
Most Visited
