Research Resources
If you have a particular application or service that you would like toresearch to see if there are known vulnerabilities with it, there are
numerous sources to give you a place to start from.
The main areas of research are listed below. However, a more
comprehensive list of resources is given at the end of this module in the
references section.
• Manufacturers/Developers - e.g. http://www.microsoft.com/
security/
• 'White Hats' - e.g. http://xforce.iss.net/
• 'Grey Hats' - e.g. http://www.wiretrip.net/rfp/2/index.asp
• Independent Organisations - e.g. http://www.cert.org/
• Information Repositories - e.g. http://packetstorm.securify.com/
• Undernet's website - http://www.undernet.org
• mIRC's home page -- http://www.mirc.org
• Various scripts and utilities for mIRC -- http://www.mircx.org
• Publically available UNIX based clients -- http://irc.themes.org
• Bugtraq (and pager utility) -- http://www.securityfocus.com
• FTP client for windows -- http://www.ftpx.com
• DAL net -- http://www.dal.net
• Packet storm security -- http://packetstorm.securify.com
• r00tabega -- http://www.r00tabega.com
Other non web-related sources:
• Various IRC channels. - Mainly on EFNet and UnderNet
• 'Hacker Conventions' - Defcon
• Mailing lists - X-Force, Bugtraq
• Internet Newsgroups - comp.security.*
No comments:
Post a Comment