Links
Sites worth a look at
Dear Visitor
within this section we try to provide you with interesting links out there. We believe that they are worth a read, decide for yourself what you like.
To add value to the link collection we provide a small description of every link herein, in addition we try to classify it as good as possible to either Organisational, Awareness, Technical and News.
Please be aware that all the sites referenced containing potentially harmful tools are for educational purposes only. We do neither encourage nor support criminal acts, however we fully want to support and encourage you in defending your own assets by determining if you are vulnerable.
If you feel that either a link is missing or a certain site was not commented factually correct, then please submit as an e-mail to:
Trolls: Feel free to send us flamez to
Please be aware that it might be a good idea to have javascript etc. turned off in your browser or to make use of the noscript Firefox plugin for some sites in the technical section! The more paranoid in between us might be considering a bootable read only media or a virtual machine.
Current threat map: www.securitywizardry.com/radar.htm
Jonathan Armstrong provides regular Video news about law and regulatory questions. Find the RSS feed at http://www.brighttalk.com/channel/231/channel.xml
Very interesting and controversial site, amongst other a web defacement database www.zone-h.org
A great resource for security visualization secviz.org
A site about malware, you can find malware sources, malware analysis, malware analysis tools, etc. www.offensivecomputing.net
Interested in exploits and papers/videos around it? www.milw0rm.com
A site about pentesting, forensics, etc. Providing methods and quite a collection of tools. www.indianz.ch
Web application security anyone? The place to consider! www.owasp.org
As the name suggests this is about rootkits and how to try to protect yourself from them. www.rootkit.com
Like flamewars (ehm, controversial constructive discussions I mean)? I'd say a good site with a broad range of information including tutorials and tools, mostly technical related. Not an easy browsing experience though. www.antionline.com
Reverse engineering, exploiting: uninformed.org
Subscription site with a wealth of information around security www.astalavista.net
Vulnerability research, Malware, Patches, IDS, Antimalware vrt-sourcefire.blogspot.com
You don't know Metasploit? Recommendation: get to know it! blog.metasploit.com
?ydobyna esrever ni gnireenignE hexblog.com
Hardening guidelines which deserve the name iase.disa.mil/stigs/checklist/index.html
A good laugh and the sustainable impression left behind that these guys know what they are doing! The service section had me rolling on the floor laughing, but maybe I am one of the few sharing this type of humour... www.cultdeadcow.com
Another good source for all kind of security information is the nFX Blog page www.nfxblogone.com
A very interesting online magazine, for the people interested in the deep workings... www.phrack.com
The obvious:
Various news around security: www.securitybloggers.net
Various topics ranging from high level to deep technical topics, without any disrespect not as dark as the name suggests www.darkreading.com
Targeted towards business security news, providing lots of links to commercial products www.scmagazineuk.com and www.scmagazineus.com/News/section/100
Various news around security, (Überhacker|[Gg]uru)+ in the name always makes me suspicious though ;) www.secguru.com
Links to security news around the internet, I just like to have root. www.rootsecure.net
"High Level" information around IT with a nice security section www.computerworld.com
within this section we try to provide you with interesting links out there. We believe that they are worth a read, decide for yourself what you like.
To add value to the link collection we provide a small description of every link herein, in addition we try to classify it as good as possible to either Organisational, Awareness, Technical and News.
Please be aware that all the sites referenced containing potentially harmful tools are for educational purposes only. We do neither encourage nor support criminal acts, however we fully want to support and encourage you in defending your own assets by determining if you are vulnerable.
If you feel that either a link is missing or a certain site was not commented factually correct, then please submit as an e-mail to:
Trolls: Feel free to send us flamez to
Please be aware that it might be a good idea to have javascript etc. turned off in your browser or to make use of the noscript Firefox plugin for some sites in the technical section! The more paranoid in between us might be considering a bootable read only media or a virtual machine.
Organisational
If you are in a "high level" security role or not, you should be concerned with root causes and the general problems (I of course meant challenges) organisations are facing, a good resource www.cisohandbook.comAwareness
An eye opener in a field which is amazingly still quite overlooked, web hacking incidents. www.xiom.com/whidCurrent threat map: www.securitywizardry.com/radar.htm
Jonathan Armstrong provides regular Video news about law and regulatory questions. Find the RSS feed at http://www.brighttalk.com/channel/231/channel.xml
Very interesting and controversial site, amongst other a web defacement database www.zone-h.org
A great resource for security visualization secviz.org
Technical
Actual up-to-date information from all kind of technical domains can be found at TheTAZZone, it can be reached at www.thetazzone.com In addition to the news you can find also there features security and general tutorial video material at www.tazforum.comA site about malware, you can find malware sources, malware analysis, malware analysis tools, etc. www.offensivecomputing.net
Interested in exploits and papers/videos around it? www.milw0rm.com
A site about pentesting, forensics, etc. Providing methods and quite a collection of tools. www.indianz.ch
Web application security anyone? The place to consider! www.owasp.org
As the name suggests this is about rootkits and how to try to protect yourself from them. www.rootkit.com
Like flamewars (ehm, controversial constructive discussions I mean)? I'd say a good site with a broad range of information including tutorials and tools, mostly technical related. Not an easy browsing experience though. www.antionline.com
Reverse engineering, exploiting: uninformed.org
Subscription site with a wealth of information around security www.astalavista.net
Vulnerability research, Malware, Patches, IDS, Antimalware vrt-sourcefire.blogspot.com
You don't know Metasploit? Recommendation: get to know it! blog.metasploit.com
?ydobyna esrever ni gnireenignE hexblog.com
Hardening guidelines which deserve the name iase.disa.mil/stigs/checklist/index.html
A good laugh and the sustainable impression left behind that these guys know what they are doing! The service section had me rolling on the floor laughing, but maybe I am one of the few sharing this type of humour... www.cultdeadcow.com
News
Worth a daily read to me, broad news around security. www.h-online.com/security; in fact I read the German version which seems to be more on time and complete www.heise.de/securityAnother good source for all kind of security information is the nFX Blog page www.nfxblogone.com
A very interesting online magazine, for the people interested in the deep workings... www.phrack.com
The obvious:
Various news around security: www.securitybloggers.net
Various topics ranging from high level to deep technical topics, without any disrespect not as dark as the name suggests www.darkreading.com
Targeted towards business security news, providing lots of links to commercial products www.scmagazineuk.com and www.scmagazineus.com/News/section/100
Various news around security, (Überhacker|[Gg]uru)+ in the name always makes me suspicious though ;) www.secguru.com
Links to security news around the internet, I just like to have root. www.rootsecure.net
"High Level" information around IT with a nice security section www.computerworld.com