If you like this, you can use flattr. ;)
- Quickpost: Inspiring Windows software profilers and checkers
- 0x41 - back to bugs
- low footprint/hardware assisted virtualization with Linux and GrSec
- Postfix troubleshooting - a security nightmare
- New content soon
- 0x41 - (weekly) exploitation matters - Vista Heap, scripting debuggers with debug libs and how to learn to use that knowledge
- 0x41 - weekly exploitation matters - Shellcode and frameworks
- Explicit and implicit security in software development - measures and change
- 0x41 - weekly exploitation matters - Heap overflow fundamentals
- 0x41 - weekly exploitation matters - About
- wishinet: http://www.godblock.com/#what "block sexual, and psychologically harmful material" like "holy texts". Protect "from being indoctrinated"
- wishinet: Load average: 23.69 20.11 14.95 - jepp, this is obviously bad.
- wishinet: http://img2.moonbuggy.org/imgstore/ethernet-killer.jpg
- wishinet: According to my 400d stats the most viewed page at my blog is phpids's xss warning. You can do better! :)
- wishinet: I'm super-hungry after some meditation... guess this isn't normal. :-) 0xf000000d
UnprotectedHex - about formal software verification
Sean's blog
Xecurity - a security feed collecter
Reddit RCE group
Freedom To Tinker
Emergent Chaos
Woodmann RCE forums
OpenRCE community forums
SecViz - security data visualization
DAVIX Live - for security metrics
Hex Live
Security Metrics
Immunity's Free Software
Core Security's OpenSouce research
Zynamics Blog
Best of securitytube for RE and security
Sun, 09/13/2009 - 14:22 | wishi
txtA collection of tutorials, videos and fun
I think it's an amazing site. There're many video tutorial sites these days. However the quality differs a lot. In the following I listed stuff I like so far. Feel invited to watch everything:
Programming
Python programming course from MIT - the advanced stuff may be of some interest, however it starts of with fairly trivial and introductorily mentioned stuff.
Automating Windows GUI programs. I never tried that. Could be worth a look for post-exploitation to gain some more interactivity.
Some ASM - and no... you don't need to write asm programs in order to understand all the nifty hacks. But it might come in handy to debug shellcode with relative jmps e. g..
Reversing
IDA vs. passwords - if you never used IDA you'll like this. If you used it before you won't.
Reversing Malware - this stuff is almost too basic, but in any case you can find interesting related videos currently:
1. monitoring API calls
2. constructing Linux Malware with some C in Debian.
There's definitely a need for more of these videos.
Inline function hooking - some stuff with rootkits. Hooking is modern again.
Finding security vulnerabilities through RE by Alex. It's from 2007 - anyhow. That was a good one.
Applied RE on MacOS - features some Ruby stuff. RE:trace, Dtrace and stuff. It's fun. But older, too. The real-time code-coverage stuff with IDA is worth it.
Exploitation
Stack-smashing and more. It's a five part series that may help you decide whether you want to dive into it. Or not.
Programming Windows-Exploits - by Dino. However he featured Win2k if I remember correctly. Well... that's not too kewl. He taught some students to exploit vulnerabilities. ;) Who wouldn't like that.
Return to libc heap-overflow attack. That's kind of interesting.
How to overcome ASLR on a Linux stack. Hmmh... worth a look.
w32 fuzzing and exploit development stuff. It's on my playlist.
I pretty much guess that's enough fun for this day. However the material seem to be promising. Back in the days people really had to search for information and just got some txts. It turns out information sharing matured, doesn't it? - For educational purposes only: believe it!
And if that stuff doesn't teach you all you seek to learn: here's my personal collection of conference videos. And if that isn't enough you need to search.
Have fun,
wishi
Tags: 
Post new comment