rss
twitter
  •  

Using the SHA1 collision attack to solve the BostonKeyParty CTF challenge

| Posted in Security Articles |

1

This is a writeup to the Boston Key Party CTF 2017 Prudential challenge – which I took part in over the weekend. .

I viewed the source of the webpage and found out an index.txt file was being referenced.

Snippets below:

<?php
require 'flag.php';
if (isset($_GET['name']) and isset($_GET['password'])) {
    $name = (string)$_GET['name'];
    $password = (string)$_GET['password'];
    if ($name == $password) {
        print 'Your password can not be your name.';
    } else if (sha1($name) === sha1($password)) {
      die('Flag: '.$flag);
    } else {
        print '<p class="alert">Invalid password.</p>';
           }
} ?>

 

Two conditions need to be met here – to display the flag.

  1. The $name entered must not be the same as the $password
  2. The sha1($name) must be the same as sha1($password)

 

My thought-process at this point was to have different values for $name and $password but with the same sha1 signature. What immediately comes to mind is the SHA1 Collision attack recently revealed by the google team.

According to the google team, “It is now practically possible to craft two colliding PDF files and obtain a SHA-1 digital signature on the first PDF file which can also be abused as a valid signature on the second PDF file.”

Two different PDF files with the same checksum are available here:

http://shattered.io/static/shattered-1.pdf

http://shattered.io/static/shattered-2.pdf

I then came up with a quick and dirty python script to do the job. This script takes the value of the first pdf as parameter “name” and the second pdf as parameter “password”

import requests
import urllib2
rotimi = urllib2.urlopen("http://shattered.io/static/shattered-1.pdf").read()[:500];
letmein = urllib2.urlopen("http://shattered.io/static/shattered-2.pdf").read()[:500];
 
r = requests.get('http://54.202.82.13/', params={'name': rotimi, 'password': letmein});
print r.text

After running this, I got the flag : FLAG{AfterThursdayWeHadToReduceThePointValue}

CSAW CTF Quals 2016 Writeups

| Posted in Security Articles |

0

This weekend was a very busy one for me – as I had to participate in 2 CTF events – MITRE and CSAW Quals with my team, NaijaSecForce. We placed 191th out of 1274 teams in the CSAW Quals. Below is the writeup for some of the challenges I solved.

Forensics – Kill

Is kill can fix? Sign the autopsy file?

kill.pcapng

Solution

We were given a .pcapng file. This was quite easy as our old friend, Grep – did the job.

ICECTF 2016 Writeups

| Posted in Security Articles |

1

I recently just started participating in CTF events with my team, NaijaSecForce. However, due to time constraints, it has always been a struggle coming up with writeups on how we solved some of the challenges. Luckily, ICECTF 2016 was on for 2weeks – so I was able to come up with writeups for some of the challenges I solved.

ICECTF is a Jeopardy-style CTF where you are given a question or task where you are suppose to extract a flag from it. I participated with my team NaijaSecForce and we placed 188th out of 1696 teams (yaaay. .we made top 11% :-).  So without further ado, let’s get to cracking.

Tips to staying safe online this festive season

| Posted in Security Articles |

1

http://3.bp.blogspot.com/-l9xMQ-bpWH8/UFLIYvbJ_uI/AAAAAAAAN68/sM7WDnE95e0/s1600/online+safety.png

The holiday season is upon us and as always, we all are scrambling to get the best deals online and in stores. However, a few wrong clicks this season could land cybercriminals topping your list of people who will be receiving presents this year.

This year has witnessed lots of significant breaches ranging from a $40m cyber-heist by a Nigerian bank IT worker to the huge data leakage at Sony, just about a week ago.

Information Security expert, Rotimi Akinyele of PhynxLabs said online users can easily put themselves and their devices at risk, unless they take precautions and avoid the common mistakes highlighted below that could compromise their security.

 

Beware of the Bank Verification Number (BVN) Scam

The ongoing Bank Verification Number (BVN) introduced by the CBN as a means of uniquely identifying bank customers across the Nigerian Banking industry has provided a fertile ground for cyber criminals to defraud unsuspecting bank customers.

Scam emails purportedly sent from Banks/CBN are in circulation urging bank customers to visit a website to activate their BVN online as failure to do so would result in their account(s) and debit cards being deactivated.

Please note that BVN registration can only be done physically at a bank’s branch. There is no technology now to replace the physical capture of your biometric data which the BVN seeks to achieve.

Do NOT access your accounts from Public WIFi

Just because a WiFi is free doesn’t mean you should connect to it any time it’s available. When you’re banking or making other online payments, it’s better to connect with EDGE or 3G, even if it’s slower. It might only be 45seconds of doing an online bank transaction, but if the wireless network has been compromised, that is more than enough time needed for a cyber-criminal to collect your data.

Use a secure password

It’s crucial to always use strong passwords as passwords are the first line of defense against cyber crooks. Try not to use names of your family, pets, first car, mother’s maiden name, etc. as all these can be easily guessed, brute forced or even available on social media sites like facebook, twitter or instagram. Make sure to use a mixture of characters, numbers, and letters of at least 8 characters when choosing your password; as only this will add a high level of difficulty for any attempted password theft.  Also, do not reuse your passwords as a compromise on one would translate to a compromise on all.

Stay safe on social networking sites

Social media sites are increasingly becoming targets for spams, scams and other online attacks. Asides mining data from tons of “status updates” for targeted attacks, cyber criminals have mastered the act of baiting unsuspecting users with well-crafted short but compelling posts offering free entry to a Christmas competition with a fantastic prize. The general rule is “there is no free lunch or freebies on the internet – if you’re not buying a product then you are the product”. Users who click the links then inadvertently act as accomplices to the cyber-criminals because the malicious scripts would automatically re-post the links, images or videos on their contacts’ walls or timelines. If an offer looks too good to be true, it probably is. Do NOT click.

Protect yourself from fraudulent emails

If you receive an email urging you to download an unknown tax payment attachment or an email informing you of an urgent pending transaction and you need to login with your details to verify, DELETE that email. Such emails usually trick users into visiting the site, and once you do, viruses and spywares get downloaded on your device which automatically joins you to a network of enslaved computers that have been programmed to carry out malicious deeds. No reputable organization would send emails to collect user names, passwords, token keys or Debit/Credit card details.

 

The threats to your online accounts increase daily, however, the tips above can help you stay protected online while still providing the convenience online access offers you this holiday.

Stay safe online and happy holiday!

Rotimi Akinyele is the Chief Security Evangelist at PhynxLabs where he leads the application and Network security competency.

How Airtel Security Flaw Led To Website Hacking

| Posted in Security Articles |

0

In the space of one hour, the entire Nairaland.com webmaster board was overloaded with several threads titled “Naijaloaded.com got hacked”. On checking one of the threads, I hurriedly fired up my browser, checked the Naijaloaded site and poof, I had a defaced webpage before me.

Next thing I did was to send Naijaloaded’s owner a mail informing him of the hack which he then replied to this morning saying “They Swapped my SIM, Used the Forgot Password Features and Yahoo Sent the Guy my Code, he then Changed my Yahoo Password and Requested for a Password Changing Note from my Domain Registrar, Then he finally Changed my DNS”.

At first, I didn’t understand the swapping part. So I fired up my browser again and started crawling through webpages with the dork “Airtel Nigeria instant swap”.

After much crawling, I learnt that to swap your airtel sim (i.e. to hijack another person’s airtel sim), all you need is

1. An airtel swap sim which goes for just N300 and offered for sale here
2. Four (4) most dial’d no
3. The serial number on the new airtel swap sim

. .and in 20mins max, d new Sim will be ready.

That easy yeah?!

After the “hacker” swapped Naijaloaded’s owner SIM, he went on to use Yahoo’s Forgot Password Features which yahoo then sent the hacker a code (to the swapped sim), he then Changed his Yahoo Password after which the hacker requested for a Password Changing Note from Naijaloaded.com Domain Registrar and ended up changing Naijaloaded.com ‘s DNS.

A brilliant social engineering attack it was!

This clearly exposes vital security flaws in several customer service systems.

All a malicious person need know to hijack your SIM is your 4 most dial’d nos (your dad, mom, girlfriend, line manager, direct subordinate, etc).

You know what this means? You can directly intercept that scheduled business call by hijacking that Big Oga’s sim.

The guy that perpetrated this act not only digitally hacked the owner but they socially hacked him too as he could receive calls on his behalf.

It’s quite upsetting that the ecosystem that we’ve placed so much of our trust in(In this case Airtel) has let some of us down so thoroughly.

Social Engineering, albeit a new one in the Nigerian space, is here to stay. .Folks Are You Ready?

NB: I originally posted this blogpost here. You can follow-up the discussion there

Working with People: An Introduction to Social Engineering

| Posted in Security Articles |

0

A reader sent me this great article on Social engineering, so I decided to share with you all. Enjoy 🙂

Humans are inherently social creatures who have developed a world strongly based on interacting with others. Just like the world of information technology, the human social protocols are a complex series of rules and guidelines for how people behave when interacting with each other, and just like any other system, there are methods to use and abuse it once you understand the rules that govern it. Social engineering is a broad subject, but in this article we will focus mostly on social engineering as it is used to gain access to social groups and sensitive information.

What Is Social Engineering?

 

Social engineering is using the common tendencies of how people interact with others in order to gain information or a benefit of some kind. Effectively, social engineering can be referred to as the hacking of people. Before the Internet age, social engineering would more likely be referred to as conning, but the scope of social engineering’s applications goes beyond tricking people out of money. It is about causing people to act according to your wishes. Getting someone to say yes to a date is social engineering. So is getting your company a contract from a tough client. In regards to information security, social engineering is getting people to give up protected information.

A social engineering definition can be found here.

How Effective Is Social Engineering?

 

Even companies that place a high focus on securing their information networks can prove extremely vulnerable to social engineering attacks. DefCon, one of the largest hacking conferences in the world, routinely features a social engineering competition that has demonstrated over and over again that simple tactics can be used to get enough information to potentially do harm to a company. Position in the company also seems to have almost no effect on how susceptible a person is to social engineering; a big wig is just as likely to give up information as a cashier, but the big wig also usually has access to more pertinent info.

Social engineering is gaining attention for its insidious effectiveness, and is starting to get recognized in the media and the corporate world. Check out these news articles for an idea of how it is being perceived:

Smooth-Talking Hackers Test Hi-Tech Titan’s Skills – A look at DefCon hacking competitions, utilizing social engineering within legal boundaries to ferret out intelligence designed to weaken a company’s security.

Social engineering to blame in Syrian Electronic Army hijack of the Onion – The targets of these sorts of attacks aren’t always the ones you might expect, the Onion was a recent victim of a phishing scheme.

Facebook Social Engineering Attack Strikes NATO – Often, the targets are important, such as this attack against NATO. Every organization contains a human element, the target of savvy social engineers.

How a lying ‘social engineer’ hacked Wal-Mart – Many people are naturally biased to trust based on a set of subtle criteria; a tone of voice, a style of dress, even word choices can lead people to give credence to otherwise nonsensical ideas or situations, like this Wal-Mart store manager being duped into giving away company data in exchange for a non-existent contract possibility.

 

General Tips for Social Engineering

 

These are common guidelines and methods used by social engineers before and during any assignment on which they are working. These focus more on the preparation and mindset of the social engineer than the actual attack methods that are used.

Do Your Research

 

Take a look at this seminar on social engineering strategies.

Information is everywhere. If there is a topic you want to know about, you usually only need to glance at the Internet. Reading the news and press releases from a company can give you a firm background history from which to work. A social media site may give you insights into the temperament of a person or give you an idea of the social scene in which they operate. If you are trying to infiltrate a group or become closer to a person with any notable focus, then the Internet can be used to familiarize yourself with the topic.

Hackers may go above and beyond in this regard. If they manage to gain access to someone’s email account or messaging service, there may be records of conversations that can be used to mimic the person in electronic communications or learn about key topics that anyone on the inside should know about.

 

Read full article here: http://backgroundchecks.org/working-with-people-an-introduction-to-social-engineering.html

 

Have you ever chatted with a Hacker within a virus?

| Posted in Security Articles |

503

By Franklin Zhao & Jason Zhou

This is an impressive and first-time experience in my anti-virus career. I chatted with a hacker while debugging a virus. Yes, it’s true. It happened when the Threat team were researching key loggers for Diablo III while many game players playing this game found their accounts stolen.  A sample is found in battle .net in Taiwan, China. The hacker posted a topic titled “How to farm Izual in Inferno” (Izual is a boss in Diablo III ACT 4), and provided a link in the content which, as he said, pointed to a video demonstrating the means.

 

Below is the ‘Video’. It’s a RAR archive actually containing two executable files. These two files are almost the same except the icon.

 

The malware will connect to a remote server via TCP port 80 and download a new file packed by Themida.

 

That’s very simple Downloader/Backdoor behavior and we are only interested in looking for key logging code for Diablo III so we didn’t pay much attention to it.

But an astonishing scene staged at this time. A chatting dialog popped up with a text message:

(Translated from the image below)

Hacker: What are you doing? Why are you researching my Trojan?

Hacker: What do you want from it?

 

The dialog is not from any software installed in our virtual machine. On the contrary, it’s an integrated function of the backdoor and the message is sent from the hacker who wrote the Trojan. Amazing, isn’t it? It seems that the hacker was online and he realized that we were debugging his baby.

 

We felt interested and continued to chat with him. He was really arrogant.

(Translated from the image below)

Chicken: I didn’t know you can see my screen.

Hacker: I would like to see your face, but what a pity you don’t have a camera.

 

He is telling the truth. This backdoor has powerful functions like monitoring victim’s screen, mouse controlling, viewing process and modules, and even camera controlling.

 

We then chatted with hacker for some time, pretending that we were green hands and would like to buy some Trojan from him. But this hacker was not so foolish to tell us all the truth. He then shut down our system remotely.

Regarding this malware, no Diablo III key logging code was captured. What it really wants to steal is dial up connection’s username and password.

 

It sounds like a movie story, but it’s real. We are familiar with malware and we are fighting with them every day. But chatting with malware writers in real time doesn’t happen so often. Next time, I will be on the alert.

The malware and its components are detected by the AVG as Trojan horse BackDoor.Generic variants.

 

Franklin Zhao & Jason Zhou

 

SOURCE

 

Tarot Reading! Who is calling?

| Posted in Security Articles |

0

Guest Post By Nurudeen Odeshina

Recently, I received a call from an unknown number. The caller went off the phone immediately I said “Hello”. This was of course against my usual habit of allowing unknown callers to speak first so that I may know who is at the other end of the phone. Anyways, I went online with the number and B.I.N.G.O! I got not only the name of my unknown caller but the location too!

There are a whole lot of (personal) information we post online most especially on social media sites. Though the intent may be to share personal information with friends and family, most of this information are also accessible by online crooks and criminals. People post names, addresses, geo-tag photos and all sorts. What more information do a criminal need to rob you? Social media makes it more fun. You can tell people’s date of birth, family members, employers, favourite hang-out spots, events they are attending and lots more. What more information does a tarot reader needs that cannot be sourced from your online presence? Your relationship status e.g. Divorced, Engaged, Married to? A Tarot reader needs no crystal balls anymore. All they need is a computer connected to the internet.

 

Think twice before you post personal information. Remember, criminal and crooks have online presence too and may see what you post on the internet.

 

Nurudeen Odeshina is an Information Value Chain Consultant (Information Security & Information Assurance), COBIT Trainer/Consultant. Passionate about #Information Security #ISO27001 #ISO22301 #PCIDSS

Follow him on twitter @Ibn_AbdulRahman

Online Penetration Testing Tools

| Posted in Security Articles |

5

I saw this post on eLearnSecurity and decided to share. I will be updating as time goes on.

Information gathering:
(multi) http://www.subnetonline.com/
(multi) http://ping.eu/
(multi) http://serversniff.net/
(multi)http://www.yougetsignal.com/
(dig/nslookup,whois,traceroute) http://networking.ringofsaturn.com/Tools/
(whois,dns_tools,service_scan,traceroute) http://centralops.ne…http://centralops.ne…http://centralops.net/co/DomainDossier.aspx
(whois,dns_tools,domain_search) http://www.whois.ws/
(whois,dns_tools) http://www.robtex.com/
(whois) http://www.ripn.net:8080/nic/whois
(domain_search) http://searchdns.netcraft.com/
(iplookup,BGP AS lookup)http://bgp.he.net/
(ASN search) http://fixedorbit.com/search.htm
(dns,whois, network lookup, …) www.network-tools.com

Exploit Search:
(google engine)http://exploitsearch.com/
(nvd,osvdb,metasploit,…)http://www.exploitsearch.net/
(engine) http://shodan.surtri.com/
http://www.hack0wn.com/advisories.php
http://www.1337day.com/
http://www.exploit-db.com/
http://securityvulns.com/
http://www.zerodayin…http://www.zerodayinitiative.com/advisories/published/
http://seclists.org/fulldisclosure/
https://web.nvd.nist…https://web.nvd.nist.gov/view/vuln/search?cid=3
https://www.us-cert….https://www.us-cert.gov/cas/techalerts/
http://www.cvedetails.com/
http://routerpwn.com/

Scanning networks,web structures,..
(nmap,openvas,sqlix,sqlmap,nikto,sub_domain) http://hackertarget….http://hackertarget.com/free-security-vulnerability-scans/
(nmap,traceroute,whois) http://hackerfantastic.com/
(structure) http://madnet.name/tools/madss/
(SQLi,XSS,..)http://hackvertor.co.uk/public
(structure) http://sucuri.net/index.php?page=scan
(Drupal Vulnerability Scanner) http://raz0r.name/drupalscan/
(Joomla scanner) https://www.joomlascan.com/
(Cross Site Scripting Scanner) http://xss-scanner.com/
(SQLi) http://www.be007.gig…http://www.be007.gigfa.com/scanner/scanner.php
(SQLi) http://scanner.drie88.tk/
(SQLi) http://www.localvn.b…http://www.localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan/
(SQLi) http://wolfscps.com/gscanner.php

Hack tools store: http://hackarmoury.com/tools

  XSS Guide:
http://www.owasp.org…http://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29
http://www.businessi…http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php
http://www.googlebig…http://www.googlebig.com/forum/xss-cheats-t-18771.html
http://ha.ckers.org/xss.html
http://utf-8.jp/public/jjencode.html
http://0x416d73.name/jstb/

SQL Injection Guide
http://ha.ckers.org/sqlinjection/
http://pentestmonkey.net/cheat-sheets/
http://ferruh.mavitu…http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/

netcat cheat sheet: http://www.sans.org/…http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
hping3 cheatsheet: http://sbdtools.goog…http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdf
Nmap5: http://sbdtools.goog…http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf
Metasplot meterpreter: http://rmccurdy.com/…http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html

Browser test:
http://www.browserscope.org/

Encode/Decode:
http://www.crypo.com/
http://coderstoolbox.net/string/
http://ostermiller.o…http://ostermiller.org/calc/encode.html
http://www.showmycode.com/
http://home2.paulsch…http://home2.paulschou.net/tools/xlate/
http://passwordforen…http://passwordforensics.com/online-tools.php

Shellcode to exe:
http://tools88.com/s…http://tools88.com/safe/shellcode_2_exe.php
http://freechina.org…http://freechina.org.ru/shellcode_2_exe.php
http://sandsprite.co…http://sandsprite.com/shellcode_2_exe.php

Wordlists:
http://contest-2010….http://contest-2010.korelogic.com/wordlists.html
http://packetstormse…http://packetstormsecurity.org/Crackers/wordlists/
http://www.skullsecu…http://www.skullsecurity.org/wiki/index.php/Passwords
http://www.ericheitz…http://www.ericheitzman.com/passwd/passwords/

Hashcrack:
(lm,ntlm,md5,mysql/3/4) http://hashcrack.com/
(md5,sha1) http://md5.rednoize.com/
(md5,sha1) http://isc.sans.org/…http://isc.sans.org/…http://isc.sans.org/tools/reversehash.html
(md5) http://www.tmto.org/…http://www.tmto.org/pages/passwordtools/hashcracker/
(md5,lm) http://www.c0llision.net/webcrack.php
(md5) http://md5cracker.tk/
(md5) http://www.hashchecker.de/
(md5) http://askcheck.com/
(md5) http://www.kinginfet.net/md5_cracker/
(lm) http://lmcrack.com/
(lm) http://cracker.offensive-security.com/
(md5) http://gdataonline.com/seekhash.php
(md5) http://opencrack.hashkiller.com/
(md5) http://cracker.fox21.at/
(md5) http://md5crack.com/
(md5) http://md5decryption.com/
(md5) http://authsecu.com/…http://authsecu.com/decrypter-dechiffrer-cracker-hash-md5/decrypter-dechiffrer-cracker-hash-md5.php
(md5) http://hash.insidepro.com/
(md5) http://md5decrypter.com/
(md5) http://md5pass.info/
(md5) http://crackfor.me/
(md5) http://www.xmd5.org/
(md5) http://socialware.ru/md5_crack.php
(md5) http://md5.my-addr.c…http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php
(md5) http://www.md5cracker.com/
(md5) http://www.md5decrypter.co.uk/
(md5) http://md5.noisette.ch/
(md5) http://md5.igrkio.in…http://md5.igrkio.info/md5-hash-database.html
(md5) http://www.hashhack.com
(WebSphere) http://www.sysman.nl/wasdecoder/
(SHA1/MD5 hash cracker on ATI and NVIDIA GPUs) http://www.golubev.com/hashgpu.htm
(Default Password List) http://www.phenoelit…http://www.phenoelit-us.org/dpl/dpl.html

Analysis Malware:
(AV) http://www.virustotal.com/
(AV) http://www.virscan.org/
(AV) http://virusscan.jotti.org/
(analysis system)http://mwanalysis.or…http://mwanalysis.org/?site=1&page=submit
(behavior analysis) http://anubis.iseclab.org/
http://www.netscty.com/malware-tool
(behavior analysis) http://mwanalysis.or…http://mwanalysis.org/?site=1&page=submit
(javascript,flash) http://wepawet.cs.ucsb.edu/

Google Pentest BookmarksList : https://code.google….https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList

50 Links & Resources about Information Security, Pentesting and Cyber News

| Posted in Security Articles |

0

I came across this during one of my e-trolling sessions.

Enjoy.

I decided to share my 50 favorite links and resources for information security, penetration testing, Linux, programming, cyber warfare and other cyber security related stuffs in this article. The no.1 spot doesn’t really mean it is ranked according to my own judgement and preference but these websites are really my top 50 all time favorite links.

1. Packet Storm

An exploit database website that offers full disclosure of the exploits submitted for their archive since 1998.

2. Exploits Database by Offensive Security

The Exploit Database (EDB) is another good resource for cool archives about exploits and vulnerable software. If you are into inserting dorks in Google, then you might want to check out their Google Hacking Database.

3. Metasploit Unleashed by Offensive Security

The website is a free information security resource for learning the Metasploit Framework and it’s actuality an effort to promote awareness and raise funds for the underprivileged children in East Africa.

4. Schneier on Security

Bruce Schneier’s blog about Information Security. I like the Cryptography section of his blog which includes Algorithm Analyses, Algorithm Descriptions, his security papers and many more.

5. ClubHACK Magazine

ClubHack Mag is the 1st Indian Hacking Magazine and that their official website is where their free magazines can be downloaded and where recent articles for the current issue are published. What makes them cool is that they provide free information.

6. Open Web Application Security Project (OWASP)

The official website of the OWASP is cool place to get good resources about web application security and penetration testing.

7. BackBox Linux

BackBox Linux is my favorite pentesting distro because of its sleek performance and smoothness. Its DE is XFCE and I advise you try this too if you are a BackTrack user.

8. BackTrack Linux

BackTrack is one of the most popular pentesting distro and also my favorite distro because of the tools pre-installed on this distribution. I always check their forum site for tutorials and tips about penetration testing.

9. Attrition.org

Beware plagiarists, fake security experts, self-proclaimed hackers, and liars. Attrition / Security errata will pawn you till the 4th dawn for they demystify some conspiracies and the truth about some security companies and authors who only say half truth about their works. Security Errata’s articles, works, and categories include; Legal Threats, Certified Pre-owned, Autofail, Charlatans, Plagiarism, Security Companies, Security Companies that Spam, Other Company Incidents, Statistics, The Media (FIN), Security Software Vulnerabilities, and Data Loss / Data Theft.

10. Social Engineering – Security Through Education

The official website of the Social Engineering Framework(Art Of Human Hacking). An online resource material for understanding Social Engineering and some of the tools employed by hackers to achieve an attack vector.

11. BugTraq

BugTraq or Security Focus is another exploit archive that moderates mailing list that contains exploits, vulnerabilities, and cyber news submitted by infosec enthusiasts and hackers.

12. LeetUpload

An online hacker’s database that allows users to submit or upload files, exploits, botnets, trojans, worms, malwares,etc.

13. Exploit-ID

Exploit Information Disclosure is an exploit archive where I also visit to check out for alternative reasons.

14. Soldierx.com

Soldierx is an online community of penetration testers, hackers, and programmers. This is where I check out some of the projects of the SoldierX crew, tools, tutorials, hacker information database and many more.

15. SkullSecurity

SkullSecurity is a security blog maintained by Ron Bowes who is a gold GIAC-certified penetration tester (GPEN).

16. thomascannon.net

One of the cool websites you should visit is he official website of Thomas Cannon who is an Android Security Researcher, CISSP, CISM, OSCP, CFIP and CSIS industry qualifications. He was responsible for the android data stealing and the No-privilege Android remote shell vulnerabilities.

17. zx2c4

zx2c4 a.k.a Jason A. Donenfeld is a security researcher who wrote a POC of the Linux Local Privilege Escalation via SUID /proc/pid/mem Write (root exploit for 2.6.39 – 3.0.14 kernels). Jason has some good stuffs in his blog like the Answers to Stripe’s Capture the Flag, wifi-monitong scripts, stunnel interceptor, WEPAutoCrack.py and many more.

18. W3Schools

W3Schools is an online tutorial and cheat sheet for HTML, CSS, JavaScript, XML, XSL, ASP, SQL, ADO, VBScript, PHP, etc.

19. michaelboman.org

michaelboman.org is an information security blog maintained by Michale Boman who is a security expert in the fields of vulnerabilities and malicious code.

20. howtohackwebsite.com

The domain may not sound too ethical but no need to worry because it is a safe blog initiated by iSARG Security Group. The blog contains how to conduct penetration tests, ethical hacking, security practices, Linux tutorials and many more.

21. Pir8geek

Pir8geek is a blog about Open Source and Linux Goodies by pr3p who happens to be one of the admins of ProjectX Blog.

22. Inj3ct0r Exploit DataBase

An exploit or vulnerability online archive site for software, web applications, and security resources.

23. Synfyre

Synfyre is a website coded by n1tr0b who is a Security Adventist and PHP geek. He happens to be one of our bloggers and supports our aim as well.

24. Eric Romang Blog

Eric Romang Blog aka aka wow on ZATAZ.com is a simple yet cool blog about penetration testing wherein they try the new CVE’s using the Metasploit Framework. As of this moment writing this article, their new post is entitled “CVE-2008-5036 VLC Media Player RealText Subtitle Overflow Metasploit Demo”.

25. /dev/ttyS0

/dev/ttyS0 is a blog about embedded systems or devices hacking. Their admin of this blog is from Tactical Network Solutions who wrote reaver which is wps bruteforce tool. The goal of the blog is “to provide the necessary tools, skills, and knowledge to enable professionals, hobbyists, hackers and makers to enter into the world of embedded devices!”

26. SecurityTube

SecurityTube.net is website that contains free training videos about penetration testing, cracking, hacking, etc. which started in 2007. It is where some infosec professionals and enthusiasts share their knowledge by uploading their videos or watching other videos. Vivek Ramachandran is the Founder and Chief Trainer at SecurityTube.net. As of now, SecurityTube is now offering certifications like SecurityTube Metasploit Framework Expert and SecurityTube Wi-Fi Security Expert.

27. Security Mailing List Archive

Internet Security Resource Website that gives full disclosure about tools, information security, cyber news, issues, problems, tools, link sharing, and many more.

28. Darknet

A website about Ethical Hacking, Penetration Testing and Computer Security which basically contains interesting infosec related news, tools and more. For those of you who don’t know, Darknet is also my inspiration on the initiative of improving ProjectX Blog as an international and global information security blog which was first conceptualized by kapitanluffy.

29. Cyber Security Video Podcast

The home page for the Cyber Security video podcast series by Cyber Mike who is a cyber security and information assurance architect by profession, with over 27 years working in engineering, and the last 15 years focused on IA and cyber security. The podcast is about IT cyber security education and not about how to perform cyber attacks and exploits.

30. Finux Tech Weekly

Finux Tech Weekly is another podcast website initiated by Arron Finnon’s aka who ventures into his own independent podcast about Tech, Security and general geekyness.

31. Exploit This

Exploit This is a blog about the security news, current exploits, security advisories and vulnerabilities.

32. ROOTCON

ROOTCON is the premier hacking conference in the Philippines and where I started blogging about information security and geeky stuffs. If you want to check the articles I posted there just click this link.

33. Errata Security

The official blog of Errata Security which claims to be a high-end cyber security consulting company. Their articles are cool so you should try visiting this guys ;)

34. Infosec Island

Infosec Island serves our daily dose of infosec news and cyber related stuffs. Categories include; Cloud Computing, Compliance, Database Security, Encryption, Network Security, OS & Software, Infosec Island News, Security Management, Social Engineering, Social Engineering, Vulns & Alerts, Web App Security, and Wireless Security.

35. Coresec.org

Coresec is an Information Security Blog that deals about penetration testing, vulnerability assessment, security research, web application, tools guide, etc. This is where I check out some new penetration testing guides.

36. Phrack

Nothing beats the old school! Nobody messes with the Phrack Magazine which is an online ezine for hackers and by the hackers. Phrack was first released on November 17, 1985 which until now became the largest computer underground ezine. In fact, The Hacker’s Manifesto was also published in this online ezine on the 7th issue. Truly an old yet awesome archive which takes you to the old days of the hacker culture in the 80′s.

37. Blackbuntu Linux

Blackbuntu Linux is another penetration testing distro based on Ubuntu. The official website of Blackbuntu includes good tutorials for pentesting under the blog and forum section.

38. r00tsecurity

r00tsecurity is an online forum site put together by hackers, computer geeks, and tech enthusiasts. Aside from being a forum, r00tsecurityhas has a good online archive for exploits, POC, advisories, scripts, sample programs, ezines, tools, cheat sheets and many more.

39. Th3-0uTl4wS

Th3 0uTl4wS is not only an online forum community of hackers, crackers, computer geeks, skiddies, infosec enthusiasts, etc. It has an online archive of downloadable tools, honeypots, ezines, ebooks, wordlists, tutorials, botnets, backdoor shells, scripts etc. I advise that you should be careful on the files that you will be downloading too. The website offers free services of their online tools like Md5 Cracker, URL Decoder/Encoder, Base64 Converter, Admin Finder, ASCII Converter, Online photoshop editor, and many more.

40. Linuxaria

Linuxaria is a blog review about anything that falls under GNU/Linux and Open Source. A good resource for some Linux tips, games, tools, advisories, etc.

41. Root Prompt

Are you a Unix user? Then this site is definitely for you! It contains nothing but Unix news and lots of good info.

42. Hack A Day

The place where electronic hacks are raped. A good site for punching in your hardware hacking ideas.

43. Vaxman.de

The personal website of Dr. Bernd Ulmann from Germay is a collection of his hobbies and projects focused on old computing machinery – especially machines from the former DIGITAL-Equipment-Corporation. This guy is an OpenVMS geek.

44. Hack in the Box

The HITB Network is a good security news website.

45. SecurityXploded

SecurityXploded is an Infosec Research and Developmental portal founded on April 2007. The site focuses on Anti-Spyware, Reverse Engineering, Cryptography, Password Recovery, Network security, Forensics, etc. For me, their articles are written and good quality and has a lot of cool tools developed for pentesting, hacking and security. I totally salute the SX team for the Metasploit modules they published.

46. DEFCON

The official website of the most famous hacker conference in the world.

47. Iron Geek

Adrian Crenshaw’s Information Security site and the home of my favorite open source vulnerable web application for penetration testing.

48. RETROCMP

The site claims to be a for restauration of classic computers, and what can I say.. it truly is a site about my favorite old computer machines especially from DEC or |d|i|g|i|t|a|l|. They have cool articles like Connecting a DECserver to modern Linux, Interfacing with a PDP-11/05, Dealing with Backplanes, DECNet and many more.

49. Linux Journal

My other resource for Linux news and tips.

50. CIRT.net

The home of Nikto Web Scanner and the place where I check the default usernames and passwords for electronic devices, routers, security appliance and many more. Plus, they have some good tools you might wanna check.

– Shipcode

SOURCE: http://www.theprojectxblog.net/50-links-resources-about-information-security-pentesting-and-cyber-news-that-you-should-try-for-a-visit/