172 private links
A bit of my life. You can try to reach me: zen @ either fish2.com or trouble.org. I sometimes jot things down at trouble.
Threat hunting is a popular topic these days, and there are a lot of people who want to get started but don’t know how. What should they hunt for? How should they perform the hunts? What data will they need to collect?
On the other hand, there are a lot of individuals out there who have written blog posts, conference presentations or whatever that detail some of their favorite hunting procedures. The problem is that these procedures are scattered all over the Internet, and are sometimes hard to find.
That’s why the ThreatHunting Project exists. Here you will find links to a number of different published hunting procedures. It my hope that this will give you some concrete starting points, or if you are an experienced hunter, help you find additional techniques to add to your repertoire.
Our hands-on method teaches you all the skills you need to become a data scientist or data analyst.
Learn by writing code, working with data, and building projects in your browser.
Various Security Technical Implementation Guides
In this chapter, you learn about the following topics:
Fundamental concepts in network security, including identification of common vulnerabilities and threats, and mitigation strategies
Implementation of a security architecture using a lifecycle approach, including the phases of the process, their dependencies, and the importance of a sound security policy
Threat modeling is an approach for analyzing the security of an application. It is a structured approach that enables you to identify, quantify, and address the security risks associated with an application. Threat modeling is not an approach to reviewing code, but it does complement the security code review process. The inclusion of threat modeling in the SDLC can help to ensure that applications are being developed with security built-in from the very beginning.
This website is dedicated to internetworking documentation with FOSS.
It contains articles, guides, labs and presentations which can be used as
teaching or self learning material
As the documents have to be maintained over years, static web pages are the
most suitable way to publish them
Nuclear or TinyNuke is a full fledged banking trojan its main features are:
- Formgrabber and Webinjects for Firefox, Internet Explorer and Chrome. Can inject x86 as well as x64 browsers.
- Reverse SOCKS 4
- HVNC like Hidden Desktop
- Trusteer Bypass
- ~32kb binary with obfuscated strings ~20kb without
The Companion to Media Studies and Digital Humanities is about researching media through new media: for example, playing games to better understand their politics and mechanics, exhibiting new media art to witness how people engage it, building stories to become more familiar with their structures and narratives, making wearable technologies to explore the overlaps between norms and fashion, or developing software to examine its relation to writing and literacy.
This blog post looks at the final part of creating secure software: shipping it to users in a safe way. It explains how to use transport security and package signatures to achieve this goal.
Agent nodes can’t retrieve their configurations
Is the Puppet master reachable from the agents?
Do your agents have signed certificates?
Do agents trust the master’s certificate?
Can agents reach the filebucket server?Some common issues that can prevent the different parts of Puppet Enterprise from communicating with each other.
Presentation video: Reverse-engineering CPUs for fun and profit
IBM® QRadar® Security Intelligence Platform provides a unified architecture for integrating security information and event management (SIEM), log management, anomaly detection, incident forensics, incident response, and configuration and vulnerability management.
This is a list of public packet capture repositories, which are freely available on the Internet.
Most of the sites listed below share Full Packet Capture (FPC) files, but some do unfortunately only have truncated frames.
I’ve managed to collect and create a lot of packet capture files over the past few years as a part of my teaching and learning, so I’ve decided to post some of those here. You are free to download and use these captures as you like with no restrictions. If you do find them useful however, I do ask you mention where they came from.
So you're at home tonight, having just installed Wireshark. You want to take the program for a test drive. But your home LAN doesn't have any interesting or exotic packets on it? Here's some goodies to try. Please note that if for some reason your version of Wireshark doesn't have zlib support, you'll have to gunzip any file with a .gz extension.
Nervous system manipulation by electromagnetic fields from monitors - Google Patents
Adhering to a set of 10 verifiable coding rules can make the analysis of critical software components more reliable.
Gerard J. Holzmann
NASA/JPL Laboratory for Reliable Software
Click on a link below to visit the page for each product version.
Below is a list of known issues in RSA Security Analytics 10.6, including those listed in the Release Notes. Please click on the links to go directly to the articles.