NetXray
fat finger
honeypot
mirc
sockscap32
HTTPort
http tunnel
Socks2https
vbs
ISS Security Scanner

http://www.angelfire.com/wy/waynes/0proxies.html
http://www.insecure.org/tools.html
http://www.projectgamma.com/
http://www.webfringe.com/
http://www.gammaforce.org/
             
"Silly hacker, root is for administrators."

   Warning: Do not drink the battery acid. 
      It doesn't taste good and will hurt you. 
      Also do not bite the tyres, especially 
      while the bike is moving. 
      Our lawyers made us put these warnings in. 
               - An Australian motorcycle manual

Argomenti generali e di carattere introduttivo
X9 org
X9 develops Standards for check processing, electronic check exchange, PIN management and security, financial industry use of data encryption, and wholesale funds transfer, among others.
Snark.it
Snark.it - Il portone obliquo su Internet - tips, tricks, hacking, links, temi del desktop.
Top50
Welcome to the Web's Top50 Net Security Sites.
Megasecurity.org
Security Information, Security news, Firewalls, Antivirus, Trojans.
CyberArmy
CyberArmy is a group of netizens who believe in a deregulated Internet, free from external control. We believe in providing tools to assist others who believe in a free Internet.
DSInet
Dutch Security Information network. Networking and security.
Index of /textfiles
From the Dutch Security Information network.
alldas.de defacement archives
Alldas.de IT Security Information Network. Defacements Mirror.
Council of Europe - Draft Convention on Cyber-crime (Draft N° 19)
AVG Active Modular Core and AVG Virus Stalker represent significant enhancement of detection of computer viruses.
Lance's Security Papers
Whitepapers, Publications and Other Goodies.
Astalavista.box.sk
daily updated search engine for computer security related material.
Willkommen bei innominate
innominate ist eines der führenden deutschen IT-Sicherheitsunternehmen, das sich auf die Einbindung und Absicherung von mobilen Systemen in Unternehmensnetzwerken unter Nutzung von embedded Technologien und Open Source Software spezialisiert hat.
www.insecure.org/
Try the http://amy.lnxnet.net/ alternative site.
Black Sun
Black Sun Research Facility was founded in 1998 by Raven, Njan and Fang following the success of their C.A.I.R.A. project, to educate people in the field of the Internet, and more generally computer security.
black.box.sk
An electronic magazine, Black.box.sk was first made to focus on technology, and especially computers and Internet security. But with a growing variety of writers, so came the variety of topics. There have been articles dealing with things far from technology, such as those by wintermute.
Aside just having articles, black.box.sk will soon have archives of source code to scripts and programs for UNIX / Linux and other UNIX cloned systems.
neworder (http://neworder.box.sk/)
New Order - the computer & networking security portal.
Dumped Communications Bypass
peacefire.org (http://peacefire.org)
(works through number)
How to disable your blocking software (It's not a crime to be smarter than your parents).
Totalrc.net (http://blacksun.box.sk/tutorials.html)
dugsong ¼Û´öÁØ
(censored by the digital millennium copyright act).
interhack publications
cryptography and security, internet and systems, programming, humor.
Firewall related topics
Internet Firewalls: Frequently Asked Questions
Networks Security: Firewall
cgiworld (http://board.cgiworld.net/)
the.wiretapped.net
Wiretapped.net is an archive of open source software, informational textfiles and radio/conference broadcasts covering the areas of network and information security, network operations, host integrity, cryptography and privacy, among others.
Hope 2000 (H2K)
Conference on hacking in New York, July 2000.
NDIFF Security Tools
NDiff compares two nmap scans and outputs the differences. NDiff is known to work on Linux/x86.
Gallery of CSS Descramblers
Gallery curator: Dr. David S. Touretzky, Computer Science Department, Carnegie Mellon University.
On January 2000, United States District Judge Lewis A. Kaplan issued a preliminary injunction prohibiting from distributing computer code for reading encrypted DVDs. This web site was created to explore this issue.
Encryption software
from munitions.xs4all.nl (mostly tar-ed or PS).
Fyodor's Good Reading List
Placing Backdoors Through Firewalls
This article describes possible backdoors through different firewall architectures. However, the material can also be applied to other environments to describe how hackers cover their access to a system.
Hack World
This page is for educational purposes only. We're not taking any responsible for your own actions...
Insecure.org
INTERNET HOLES - ELIMINATING IP ADDRESS FORGERY
CGI Security Holes
by Gregory Gilliss - from Phrack Magazine.
nPULSE
A Web-based network monitoring package for Linux and Unix.
nmapNT
All of the functionality found in the Unix version of nmap can now be taken advantage of on Windows NT platforms.
How to Obscure Any URL
How Spammers And Scammers Hide and Confuse.
IP-spoofing Demystified
from Phrack Magazine.
Port Scanning without the SYN flag.
by Uriel Maimon - from Phrack Magazine.
Smashing The Stack For Fun And Profit
from Phrack Magazine.
Project Hades
Explorations of weaknesses in the most widely used transport protocol on the Internet - from Phrack Magazine.
Project Neptune
A comprehensive analysis of TCP SYN flooding - from Phrack Magazine.
Nessus
The "Nessus" Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner.
NetSpy V1.3.5
NetSpy is a program that will allow you to view or store captured screenshots of desktops, locally or over a network.
Security Problems in the TCP/IP Protocol Suite
by S.M. Bellovin.
Stony Crackers Team
Sys-Security.com
(Ofir Arkin's site).
the fringe of the web
Bronc Buster and Silicon Toad first created the Fringe of the Web in 1994 as the second Webring to ever exist...
The Ping o' Death Page
(How to crash your operating system).
Denial of Service with Windows XP
Windows XP's new support of the full raw socket application programming Interface (API) allows for the creation of fraudulent and damaging Internet traffic.

a inizio pagina

Privacy, how to avoid censorship
C E N S O R W A R E
Who would you trust to censor what you read?
Internet censorship
Internet censorship and other dangers to communication and thought inside Australia.
HTTPort 3
Proxy censorship avoidance site
http://proxys-4-all
A list of accessible tested proxys for HTTP, FTP, TELNET, SOCKS, GOPHER, SECURITY & WAIS.
SafeWeb
(at triangleboy; the original https://www.safeweb.com/ site is blocked).
Try this server to access firewall-blocked sites. It's the best I've found till now.
Secure Anti-Censorship Proxy
(Censorship-defeating proxy by Brian Ristuccia, MIT).
Use 512-bit certificate if using an 'international' browser. Source code available.
Note: problems with redirected and nested URLs.
bank2020
(A CGI-based noproxy).
Note: not encrypted, thus does not defeat content analyzing filters.
@nonymouse.com
(Yet another CGI-based noproxy).
Silent Surf
(Yet another CGI-based noproxy).
giveroverabone
(Yet another CGI-based noproxy).
A collection of hacking links
(http://www.totalrc.net/)
Proxymate (www.proxymate.com)
I-Gear 2.8
Unified Research Laboratories' (URLabs') I-Gear 2.8 is a Microsoft Proxy Server add-on that helps you control users' access to the Internet at a granular level.
I-Gear banned-list decryption
list of wrongly blocked sites by I-Gear

a inizio pagina

Steganography - Information Hiding

Generic Resources on Steganography

Steganography & Digital Watermarking
Steganography links (in-ca.augusta.de)
Steganography links (Michael Graffam - mhv.net)
cryptography and steganography software
StegoArchive
Data Concealment/Steganography Software
Steganography Wing of the Gallery of CSS Descramblers
Stego Online by Romana Machado
the.wiretapped.net
STELLA The STeganography ExpLoration LAb (Institute of Computer Graphics / University of Rostock)
OutGuess 0.2
OutGuess is a universal steganographic tool that allows the insertion of hidden information into the redundant bits of data sources.
Encryption software from http://munitions.xs4all.nl (mostly tared or PS)

a inizio pagina

Introductory Papers on Steganography

Information hiding - a survey
Proceedings of the IEEE, special issue on protection of multimedia content, July 1999. (pdf, 17 pages).
Introduction to Steganography by Jeremy Krinn - June 26, 2000
A survey of some popular software; good Bibliography.
Steganography by Neil F. Johhnson - George Mason University
An online paper dealing with basic concepts and implementation.

a inizio pagina

Specific Issues on Steganography

A Steganography Implementation Improvement Proposal from Phrack Magazine
Project Loki
Arbitrary information tunneling in the data portion of ICMP_ECHO and ICMP_ECHOREPLY packets - from Phrack Magazine.
Chaffing and Winnowing: Confidentiality without Encryption
by Ronald L. Rivest, MIT Lab for Computer Science, March 18, 1998 (rev. April 24, 1998).
Steganography to circumvent network-level censorship

a inizio pagina

Secure Sockets

Secure Sockets
How Does SSL Work?
Secure Sockets Layer (Webopedia)
Secure Sockets Layer (whatis)
Introduction to SSL
Secure Sockets Layer (Netscape Tech Brief)
Welcome to the OpenSSL Project
SSLeay and SSLapps FAQ
Apache-SSL
Tutorial: Using SSL
SSL 3.0 SPECIFICATION
I broke Hal's SSL challenge
Stunnel -- Universal SSL Wrapper

a inizio pagina

Security Sites
National Infrastructure Protection Center
The National Infrastructure Protection Center (NIPC) serves as a critical infrastructure threat assessment, warning, vulnerability, and law enforcement investigation and response entity.
The NIPC provides timely warnings of international threats.
SAINT Corporation
SAINT Corporation is a global leader in vulnerability assessment. Our customers include high-level government agencies, top colleges and universities, and major financial institutions. Our mission is to make network security easy and affordable.
Common Vulnerabilities and Exposures (CVE)
The goal of CVE is to make it easier to share data across separate vulnerability databases and security tools. While CVE may make it easier to search for information in other databases, CVE should not be considered as a vulnerability database on its own merit.
Linux Security
The Community's Center For Security.
Microsoft's security
The Microsoft TechNet's security section.

a inizio pagina

Security Tutorials
BlackSun Tutorials
Networking and Network Security, Programming, Lectures, IRC, Unix/Linux, Windows, Local Security, Encryption, Hardware, Novell, History, Humor and more...
Books, Guides & Tutorials
Un ricco elenco, commentato in italiano.
THE NEOPHYTE'S GUIDE TO HACKING
THE WINDOWS NT WARDOC
A study in remote NT penetration by neonsurge and the rhino9 team.
Shows how easy it REALLY is to break into an unsecured NT system
Exploiting Common Vulnerabilities in PHP Applications
InFoCenTer 2000 (http://members.xoom.it/StoLenbYTe/hcktut.html)

a inizio pagina

Viruses, Worms and Vulnerabilities
Code Red
Known as the Code Red worm because of evidence that it may have been launched from China, the self-spreading program infects servers using unpatched versions of Microsoft's Internet Information Server (IIS) software Versions 4.0 and 5.0.
ZDNet: Worm has servers seeing "Code Red"
Digitalisland's coderedalert
BadTrans.B
BadTrans.B targets Microsoft Outlook mailboxes and can steal sensitive files and information from the users of infected machines.
Magistr
Magistr is a polymorphic virus from Sweden that is capable of mass mailing itself to addresses found within the Windows Address Book, Outlook, and Netscape address books.
Learn what Nimda worm does and how to combat it
A fast-spreading worm that attacks both Windows IIS servers and Internet Explorer began wreaking havoc on the Internet on Tuesday morning, Sept. 17, 2001.
Netscape MIME Type Buffer Overflow Vulnerability and Linux Exploit
Why the SirCam worm is only the beginning for new viruses
SirCam is a sophisticated worm that will infect files shared over an open network so most people will never see the original infected e-mail associated with the worm.
AVG Anti-Virus System
AVG Active Modular Core and AVG Virus Stalker represent significant enhancement of detection of computer viruses.

a inizio pagina