pastebin - collaborative debugging tool
secsav.kpaste.net RSS


Untitled
Posted by Anonymous on Tue 24th Jun 2014 16:07
raw | new post
modification of post by Anonymous (view diff)

  1. [[[ WiFi YT vids ]]]
  2.  
  3. https://www.youtube.com/user/NeedSec
  4. https://www.youtube.com/user/Raventattoo/videos
  5. https://www.youtube.com/user/Cyb3rw0rM1/videos
  6.  
  7. # GUI frontend to reaver
  8. http://sourceforge.net/projects/wpscrackgui/
  9.  
  10.  
  11. ---
  12. # HSM from a Raspberry Pi
  13. http://cryptosense.com/building-a-raspberry-pi-hsm-for-rsa-2014/
  14.  
  15. # Shredding files recursively into directories
  16. http://www.linuxforums.org/forum/miscellaneous/46693-how-shred-entire-directory-tree.html#post257616
  17.  
  18. # OpenBSD lol
  19. http://bbs.progrider.org/prog/read/1383465168
  20.  
  21. http://www.iusmentis.com/maatschappij/privacy/filmen-cameratoezicht/
  22.  
  23. # iptables
  24. http://blog.commandlinekungfu.com/2014/01/episode-174-lightning-lockdown.html
  25.  
  26. # /g/ has root to NSA
  27. http://archive.rebeccablacktech.com/g/thread/S39950951#p39950951
  28.  
  29. # Scan the whole Internet in under 45 minutes!
  30. https://zmap.io/
  31.  
  32. # Inception - search RAM contents for interesting stuff
  33. http://www.breaknenter.org/projects/inception/
  34.  
  35. # Subterfuge - Automated MITM Framework
  36. https://code.google.com/p/subterfuge/
  37.  
  38. # Telegram
  39. http://www.thoughtcrime.org/blog/telegram-crypto-challenge/
  40.  
  41. # Entropy as fuck
  42. http://gamesbyemail.com/news/diceomatic
  43. http://www.random.org/
  44.  
  45.  
  46.  
  47. [[[ SELinux ]]]
  48. # From #centos
  49. Useful resources for SELinux: http://wiki.centos.org/HowTos/SELinux
  50. http://wiki.centos.org/TipsAndTricks/SelinuxBooleans
  51. http://docs.fedoraproject.org/en-US/Fedora/13/html/Security-Enhanced_Linux/
  52. http://fedorasolved.org/security-solutions/selinux-module-building
  53. http://www.youtube.com/watch?v=bQqX3RWn0Yw
  54. http://opensource.com/business/13/11/selinux-policy-guide
  55.  
  56. http://wiki.centos.org/HowTos/SELinux
  57. http://beginlinux.com/server_training/web-server/976-apache-and-selinux
  58. http://docs.fedoraproject.org/en-US/Fedora/13/html/Managing_Confined_Services/
  59.  
  60. http://www.reddit.com/r/linux/comments/23a2tg/the_selinux_coloring_book/
  61.  
  62.  
  63. [ CentOS ]
  64. http://wiki.centos.org/HowTos/OS_Protection
  65.  
  66.  
  67.  
  68. [[[ Theory ]]]
  69. # ECC Primer
  70. http://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography
  71. http://arstechnica.com/security/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/2/
  72. http://blog.serverfault.com/2011/12/12/a-studied-approach-at-wifi-part-1/
  73. http://safecurves.cr.yp.to/
  74.  
  75.  
  76. [ GPG / PGP ]
  77. http://www.gnupg.org/documentation/index.html
  78. http://www.thedrinkingrecord.com/pgpgpg-guide/
  79. http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.html
  80.  
  81.  
  82.  
  83. [[[ Wikipedia ]]]
  84. https://en.wikipedia.org/wiki/Data_remanence
  85. http://en.wikipedia.org/wiki/PA-DSS
  86.  
  87.  
  88.  
  89. [[[ WebSec ]]]
  90.  
  91. # SSL easy copy pasta
  92. http://www.reddit.com/r/sysadmin/comments/271g4m/cipherlist_strong_copypaste_ssl_configuration_for/
  93.  
  94. # Want to use my wifi? (cookie spoofing, MITM etc.)
  95. http://thejh.net/written-stuff/want-to-use-my-wifi?
  96.  
  97. http://www.amanhardikar.com/mindmaps/Practice.html
  98.  
  99. # The Web Application Vulnerability Scanners Benchmark
  100. http://sectooladdict.blogspot.se/2014/02/wavsep-web-application-scanner.html?m=1
  101.  
  102. # Bypassing WAF's
  103. http://www.reddit.com/r/netsec/comments/20uhgh/bypassing_web_application_firewalls_using_http/
  104.  
  105. # Hardening WordPress
  106. http://codex.wordpress.org/Hardening_WordPress
  107. http://halfelf.org/2013/false-security/
  108. http://www.esecurityplanet.com/open-source-security/top-5-wordpress-vulnerabilities-and-how-to-fix-them.html
  109. https://wordpress.org/plugins/better-wp-security/
  110. http://wordpress.org/plugins/bulletproof-security/
  111.  
  112. # A seemingly innocent PHP vuln
  113. http://danuxx.blogspot.de/2013/03/unauthorized-access-bypassing-php-strcmp.html
  114.  
  115. # JS crypto
  116. http://www.reddit.com/r/netsec/comments/21ebv7/mylar_encryptdecrypt_your_webapp_data_in_users/
  117.  
  118. ---
  119. https://wiki.ubuntu.com/BasicSecurity
  120. https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Securing_the_unencrypted_boot_partition
  121.  
  122. http://www.danielmiessler.com/study/infosec_interview_questions/
  123.  
  124.  
  125.  
  126.  
  127.  
  128. [[[ Talks & Other videos ]]]
  129. http://makehacklearn.org/2014/03/06/trustycon-videos/
  130.  
  131.  
  132.  
  133. ---
  134.  
  135. [[[ Reddit ]]]
  136.  
  137. # How to sign kernel for UEFI Secure Boot.
  138. http://www.reddit.com/r/linux/comments/1mw1xb/state_of_securely_booting_linux/
  139.  
  140. # SSL/TLS Deployment Best Practices
  141. http://www.reddit.com/r/netsec/comments/1mn2nk/ssltls_deployment_best_practices/
  142.  
  143. # Hardening SSH
  144. http://www.reddit.com/r/linux/comments/1yfvm9/hardening_ssh_servers/
  145.  
  146. # Physical machine security
  147. http://www.reddit.com/r/netsec/comments/l91d5/physical_laptop_security/
  148.  
  149. # Linux sec
  150. http://www.reddit.com/r/linux/comments/1oobkf/what_kind_of_antimalware_exists_for_linux/
  151. http://www.reddit.com/r/linux/comments/28y91v/linux_server_security_checklist/
  152.  
  153. # OS under a OS
  154. http://www.reddit.com/r/linux/comments/1qib6u/the_second_proprietary_operating_system_hiding_in/
  155.  
  156. # grsec patches explained
  157. http://www.reddit.com/r/netsec/comments/renu4/grsecurity_pax_configuration_options_explained/
  158.  
  159. # 4 HTTP security headers you should always be using (ibuildings.nl)
  160. http://www.reddit.com/r/netsec/comments/1vztlh/4_http_security_headers_you_should_always_be_using/
  161.  
  162. # Show r/netsec: reveal your true IP address behind proxy/NATs using WebRTC (Firefox/Chrome) (jsfiddle.net)
  163. http://www.reddit.com/r/netsec/comments/1vzsnn/show_rnetsec_reveal_your_true_ip_address_behind/
  164.  
  165. # Laptop security best practices. What do you do? (self.linux)
  166. http://www.reddit.com/r/linux/comments/1zi10c/laptop_security_best_practices_what_do_you_do/
  167.  
  168. # Ever wonder what makes the new ssh-certificate authentication different from ssh-pubkey? This guide explains that and how to use it effectively. (neocri.me)
  169. http://redd.it/1zmsi2
  170.  
  171. # How I got root with Sudo (securusglobal.com)
  172. http://www.reddit.com/r/netsec/comments/20mftq/how_i_got_root_with_sudo/
  173.  
  174. # Hardening a Linux server (self.linux)
  175. http://www.reddit.com/r/linux/comments/1xxpap/hardening_a_linux_server/
  176.  
  177. # Security of Debian?
  178. http://www.reddit.com/r/linux/comments/1xfuqb/debian_74_relased/cfbwunr
  179.  
  180. # Sidestep Wireless Logins by Routing All Traffic Through Measly Little Ping Packets (getpostdelete.com)
  181. http://www.reddit.com/r/linux/comments/22tsil/sidestep_wireless_logins_by_routing_all_traffic/
  182.  
  183. # Why Linux is better for infosec?
  184. http://www.reddit.com/r/linux/comments/22xece/why_is_linux_better_for_infosecsysadmins/
  185.  
  186. # Wayland is NOT immune to keyloggers (self.linux)
  187. http://www.reddit.com/r/linux/comments/23mj49/wayland_is_not_immune_to_keyloggers/
  188.  
  189. # What routines have you in place to keep your linux server secure and up to date? (self.linux)
  190. http://www.reddit.com/r/linux/comments/24j290/what_routines_have_you_in_place_to_keep_your/
  191.  
  192. # How to Get Started in CTF (endgame.com)
  193. http://www.reddit.com/r/netsec/comments/27t9qv/how_to_get_started_in_ctf/

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting:

To highlight particular lines, prefix each line with {%HIGHLIGHT}




All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at