Threat modeling is an approach for analyzing the security of an application. It is a structured approach that enables you to identify, quantify, and address the security risks associated with an application. Threat modeling is not an approach to reviewing code, but it does complement the security code review process. The inclusion of threat modeling in the SDLC can help to ensure that applications are being developed with security built-in from the very beginning.

This website is dedicated to internetworking documentation with FOSS.

It contains articles, guides, labs and presentations which can be used as
teaching or self learning material

As the documents have to be maintained over years, static web pages are the
most suitable way to publish them

Nuclear or TinyNuke is a full fledged banking trojan its main features are:

• Formgrabber and Webinjects for Firefox, Internet Explorer and Chrome. Can inject x86 as well as x64 browsers.
• Reverse SOCKS 4
• HVNC like Hidden Desktop
• Trusteer Bypass
• ~32kb binary with obfuscated strings ~20kb without

Free PCRE-based regular expression debugger with real time explanation, error detection and highlighting.

The Companion to Media Studies and Digital Humanities is about researching media through new media: for example, playing games to better understand their politics and mechanics, exhibiting new media art to witness how people engage it, building stories to become more familiar with their structures and narratives, making wearable technologies to explore the overlaps between norms and fashion, or developing software to examine its relation to writing and literacy.

This blog post looks at the final part of creating secure software: shipping it to users in a safe way. It explains how to use transport security and package signatures to achieve this goal.

Agent nodes can’t retrieve their configurations
    Is the Puppet master reachable from the agents?
    Do your agents have signed certificates?
    Do agents trust the master’s certificate?
    Can agents reach the filebucket server?

Some common issues that can prevent the different parts of Puppet Enterprise from communicating with each other.

Presentation video: Reverse-engineering CPUs for fun and profit

IBM® QRadar® Security Intelligence Platform provides a unified architecture for integrating security information and event management (SIEM), log management, anomaly detection, incident forensics, incident response, and configuration and vulnerability management.

This is a list of public packet capture repositories, which are freely available on the Internet.
Most of the sites listed below share Full Packet Capture (FPC) files, but some do unfortunately only have truncated frames.

I’ve managed to collect and create a lot of packet capture files over the past few years as a part of my teaching and learning, so I’ve decided to post some of those here. You are free to download and use these captures as you like with no restrictions. If you do find them useful however, I do ask you mention where they came from.

So you're at home tonight, having just installed Wireshark. You want to take the program for a test drive. But your home LAN doesn't have any interesting or exotic packets on it? Here's some goodies to try. Please note that if for some reason your version of Wireshark doesn't have zlib support, you'll have to gunzip any file with a .gz extension.

Nervous system manipulation by electromagnetic fields from monitors - Google Patents

YOURLS is a set of PHP scripts that will allow you to run Your Own URL Shortener. You'll have full control over your data, detailed stats, analytics, plugins, and more. It's free.
Quick Start

To get started, check yourls.org!
Learn more tweaks in the Wiki documentation.

Une odalisque était une esclave vierge, qui pouvait monter jusqu'au statut de concubine ou de femme dans les sérails ottomans, mais dont la plupart étaient au service du harem du sultan. Le mot vient du turc odalık, qui signifie « femme de chambre », d'oda, « chambre ». En littérature, le terme désigne une femme de harem.

An odalisque was a chambermaid or a female attendant in a Turkish seraglio, particularly the court ladies in the household of the Ottoman sultan.

Adhering to a set of 10 verifiable coding rules can make the analysis of critical software components more reliable.

Gerard J. Holzmann
NASA/JPL Laboratory for Reliable Software

http://ieeexplore.ieee.org/abstract/document/1642624/

Search through 1,530,557 icons or browse 35,996 icon sets.

A danbooru-style image board, des­igned to be easier to install, run, and extend.

Requires a standard LAMP stack as provided by any normal web host. It can also use PostgreSQL as a data­base, which is recommended for high-load sites.

This is probably my most popular project, with a team of 10 coders, hundreds of installations, and thou­sands of users online at once.

Official website: http://code.shishnet.org/shimmie2/

Click on a link below to visit the page for each product version.

Below is a list of known issues in RSA Security Analytics 10.6, including those listed in the Release Notes. Please click on the links to go directly to the articles.