171 private links
GOOGLE BIGQUERY
Entrepôt de données rapide, économique et intégralement géré, destiné à l'analyse de données à grande échelle dans les entreprises
The Zero Day Initiative (ZDI), founded by TippingPoint, is a program for rewarding security researchers for responsibly disclosing vulnerabilities. Depending on who you are, here are a few links to get you started:
Researchers: Learn how we pay for your vulnerability discoveries, register for the ZDI or login.
Vendors: Read our disclosure policy or join our security partner program
Press, Curiosity Seeker: Learn more about ZDI or read answers to some frequently asked questions
Please contact us at zdi [at] trendmicro [dot] com with any questions or queries. For sensitive e-mail communications, please use our PGP key.
While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyberinfrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
Principal research engineer at Kudelski Security, PhD from EPFL and FHNW (2010). Presented at Black Hat, DEFCON, CCC, Troopers, SyScan, among other international conferences, I also blog and tweet.
Selected projects:
Serious Cryptography (2017): book about crypto, published by No Starch Press
SGX review (2016): research presented at Black Hat about Intel SGX
The Hash Function BLAKE (2015): book about the hash function BLAKE, published by Springer
NORX (2014): authenticated cipher candidate in the CAESAR competition
Password Hashing Competition (2013-2015): open competition that selected Argon2 as a winner
BLAKE2 (2013): hash function faster than SHA-2 and SHA-3, available in OpenSSL, Sodium, Crypto++, etc.
Cryptography Coding Standard (2013-): coding rules to prevent common weaknesses in cryptography software
SipHash (2012): keyed hash function, used in Linux, FreeBSD, OpenBSD, Python, among others
ECRYPT-CSA is a Coordination & Support Action funded by the European Union's H2020 programme. The project consists of four academic and one industrial partner.
ECRYPT-NET is a research network of six universities and two companies, as well as 7 associated companies, funded by a Marie Skłodowska-Curie ITN (Integrated Training Network) grant.
HashKiller's purpose is to serve as a meeting place for computer hobbyists, security researchers and penetration testers. It serves as a central location to promote greater security on the Internet by demonstrating the weakness of using hash based storage / authentication.
Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals.
Our aim is to collect exploits from submittals and various mailing lists and concentrate them in one, easy-to-navigate database.
This was written solely for educational purposes. Use it at your own risk. The author will be not responsible for any damage. // r0073r
ThreatMiner is designed to be an analyst's first portal to visit when doing threat research and here's why.
Threat intelligence and intrusion analysts who regularly perform research into malware and network infrastructure often find the need to rely on mutliple websites that individually holds a small piece of the larger puzzle.
Furthermore, it is often the case where pivoting directly from an open source research report is unavailable and that it is sometimes difficult to remember if an indicator has alredy been reported and/or attributed. All these small but frustrating obstacles distract an analyst from what they do best: analyse.
We are a group of people from various parts of the world, who like to experiment with computers. We hope that we can provide some information back to the public and support the ongoing process of learning. Our group is involved in various research and projects such as Hardware Hacking, BackTrack, Exploit Development, Online Information Security Training, and various other aspects of network security.
Discover 180+ French startups leveraging AI in a variety of applications
We believe Artificial Intelligence (AI) will usher the next revolution in technology and accelerate the disruptions in almost every industry.
FRANCE IS AI mission is to support and promote the French Artificial Intelligence ecosystem both locally and internationally, while building bridges with the other AI hubs.
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis we have decided to gather all of them for you in an available and safe way. theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev.
Github: https://github.com/ytisf/theZoo
HAL is an open archive where authors can deposit scholarly documents from all academic fields.
For the attention of the authors
The deposit must be made in agreement with the co-authors and in the respect for the policy of the publishers.
The deposit is subject of a control, HAL reserves the right to refuse items that do not meet the criteria of the archive.
Any deposit is definitive, no withdrawals will be made after the on-line posting of the publication.
Text files in pdf format or image files are sent to CINES for long-term archiving.
For the attention of the readers
In a context of electronic distribution, every author keep all its intellectual property rights.
At its core, the Common Weakness Enumeration (CWE™) is a list of software weaknesses types. Creating the list is a community initiative aimed at creating specific and succinct definitions for each common weakness type. By leveraging the widest possible group of interests and talents, the hope is to ensure that item in the list is adequately described and differentiated.he community using this information.
I am an independent security analyst providing cyber threat intelligence and network traffic associated with malware infections. I am located in the Albany, New York area.
All domains and URLs listed on this website should be considered as dangerous and could cause damage to your computer. We do not provide clickable active hyperlinks to these sites.
Use this website at your own risk!
The Companion to Media Studies and Digital Humanities is about researching media through new media: for example, playing games to better understand their politics and mechanics, exhibiting new media art to witness how people engage it, building stories to become more familiar with their structures and narratives, making wearable technologies to explore the overlaps between norms and fashion, or developing software to examine its relation to writing and literacy.
This page shows the components of the CVSS score for example and allows you to refine the CVSS base score. Please read the CVSS standards guide to fully understand how to score CVSS vulnerabilities and to interpret CVSS scores.
In the last 12 months (2016/2017) our top researchers have published over 800 individual discovered vulnerabilities in popular famous manufacturer products. The discovered vulnerabilities are often disclosed and reused by monitoring systems, IPS, and publishers, we have decided to develop a vulnerability laboratory for the safe processing of our own zero-day security vulnerabilities.
Avec nos bug bounties, c’est précisément ce que nous faisons : vous vendre les bugs de sécurité présents dans votre IT, selon une fourchette de prix que vous avez vous-même déterminée.
Si vous comparez ce modèle économique avec les campagnes de pentesting classiques de votre fournisseur de service habituel, notre proposition est déroutante, mais elle est simple et évidente.
Commix (short for [comm]and [i]njection e[x]ploiter) has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or string. Commix is written in Python programming language.
wiki de la communauté Zenk-Security
Repositories, Challenges, Writeups, Audit, Technique, ...