Sent to you by l5g via Google Reader:
I recently posted a blog post to Exotic Liability's website with the same title, and I realized that it would make a great thing to post to here, and update regularly, or just put it on the wiki I keep saying that I get going here. Enough rambling, here is how you can get your fill of security:
Podcasting:
GetMon – http://www.getmon.com/ – This is a great site because you can download or listen to any of the security podcasts right from their site if you want to.
HackerMedia – http://www.hackermedia.org/ – They put together like podcasts into different categories, and they overlap. So if you want the "Linux" feed, you'll get podcast A, B, and C. But maybe podcast C does Linux security, so if you subscribe to the "Security" feed, you might get C, E, and G. You can also get the everything feed
Bloggers (RSS Feeds):
Security Bloggers Network – http://www.securitybloggers.net/ – A consolidated feed of a HUGE list of security blogs
Twitter:
Security Twits – http://www.security-twits.com/ – A long list of security related twitter accounts. From people to events, to companies.
Places to learn:
The Academy Pro – http://www.theacademypro.com/
Learn Security Online – http://www.learnsecurityonline.com/
Free IT Security Training – http://www.freeitsecuritytraining.com/
Virtual Training Environment by Carnegie Mellon – https://www.vte.cert.org/vteweb/
Challenge Sites and Sites that are OK to attack:
(Make sure you know which is which before you haul off and start attacking though)
(Most of these stolen from Chris Nickerson's reply to Show 17 Links blog post)
http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
http://testasp.acunetix.com/Default.asp
http://test.acunetix.com/
http://hackme.ntobjectives.com/
http://www.foundstone.com/us/resources/proddesc/hacmeshipping.htm
http://www.foundstone.com/us/resources/proddesc/hacmecasino.htm
http://www.foundstone.com/us/resources/proddesc/hacmebooks.htm
http://www.foundstone.com/us/resources/proddesc/hacmetravel.htm
http://lampsecurity.org/capture-the-flag-5
http://zero.webappsecurity.com/
http://www.hackertest.net/
http://www.hackthissite.org/
http://www.mavensecurity.com/WebMaven.php
http://ha.ckers.org/challenge/
http://ha.ckers.org/challenge2/
http://demo.testfire.net/
http://scanme.nmap.org/
http://www.hellboundhackers.org/
http://www.overthewire.org/wargames/
http://roothack.org/
http://heorot.net/
http://www.irongeek.com/i.php?page=security/mutillidae-deliberately…
http://wocares.com/xsstester.php
https://how2hack.net
http://hax.tor.hu/
http://www.bright-shadows.net/
http://www.dareyourmind.net/
http://hackergames.net/
http://www.hackquest.com/
http://www.darkmindz.com/
http://www.caesum.com/game/
http://www.net-force.nl/
http://www.osix.net/
http://www.mibs-challenges.de/
http://projecteuler.net/
http://uva.onlinejudge.org/
http://ace.delos.com/usacogate
So now you have absolutely ZERO reason to have one moment of time on your hands 
Know of another good resource? Post a comment.
UPDATE: ethicalhack3r from http://www.ethicalhack3r.co.uk pointed me to his project called "Damn Vulnerable Web App". You can find it on Sourceforge here: http://sourceforge.net/projects/dvwa/
Related posts:
- Offensive Security Certified Professional I recently obtained the status Offensive Security Certified Professional. It...
- Getting your fill of Reverse Engineering and Malware Analysis Matt, from the Exotic Liability forums, posed a suggestion for...
- SBN move to Lijit Alan posted this about the SBN: Well there is not...
Things you can do from here:
- Subscribe to Room362.com RSS Feed using Google Reader
- Get started using Google Reader to easily keep up with all your favorite sites
0 comments:
Post a Comment