Security

From Ggl's wiki

Contents 1 Hacker's Manifesto 2 In the news 2.1 2007-Q1 3 Crypto 3.1 Theory 3.2 Crypto everyday use 4 Honeypots 5 GNU/Linux 5.1 Linux Malware Analysis 5.2 Source Code Reviewing 6 MS Windows 6.1 Local and Domain password cracking 6.2 Source Code Reviewing 7 Tools 7.1 Intrusion Detection 7.2 Network 7.3 Wireless 7.4 {,Post }Exploitation 7.5 Encryption 7.6 Password crackers 7.7 Fuzzers 7.8 VoIP 8 Ideas and Musings 8.1 Security CoreWar 8.2 Security Remote Capture the Flag 9 Links 9.1 Sites and e-zines 9.2 Conferences 9.3 Crews and hackers 9.4 Blogs

Hacker's Manifesto

The conscience of a hacker by The Mentor (excerpt from Phrack 0x07-03) :

Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.

I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike.

In the news

2007-Q1

• Bugs in gnupg by Fefe
• Concurrency strikes MSIE (potentially exploitable msxml3 flaws) by Michal Zalewski

Crypto

Theory

Matasano has written very interesting articles about the RSA signature verifcation implementation:

• Public Key Signature Forgery: Collected

Some resourses to learn more about crypto:

• Handbook of Applied Cryptography
• Self-Study Course in Block Cipher Cryptanalysis, by Bruce Schneier

Crypto everyday use

• Aladdin eToken 64k

Honeypots

Only some ressources on honeypots:

• Honeynet project
• Honeyblog
• NoAH
• Papers from Eurecom
• GEN III Honeynets: the birth of roo
• Artemis: PKU Honeynet Project
• Dynamic Tainting Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software
• Argos: an emulator for capturing 0day attacks

GNU/Linux

Linux Malware Analysis

Some analysis sessions of malwares on linux systems.

Source Code Reviewing

I'm looking for tools to do source code reviewing under linux. As I use vim for code editing, I've found vim-taglist, and independently from vim, Freescope, CFlow, Source-Navigator, Insight. Insight which I knew as a front-end to gdb is more a full-integrated debug suite.

There are some well known opensource tools: FlawFinder, RATS, ITS4 and commercial Fortify SCA. For memory debugging and auditing, Valgrind.

MS Windows

Local and Domain password cracking

Retrieve cached passwords with PWDumpX (or CacheDump). Crack it with Ophcrack, Rainbowcrack or John.

Source Code Reviewing

Live Source Browsing in C++ explains how to use Visual C++ to browse source code. I'm trying to find good code coverage and testing tools. Read The Art of Software Security Assessment ;).

Tools

Intrusion Detection

• Prelude
• Snort
• Bro
• SEC (Simple Event Correlator)
• Samhain

Network

• netcat, cryptcat, socat
• nmap, amap, hping
• scapy !!

Wireless

• aircrack-ng
• airbase

{,Post }Exploitation

• Metasploit
• Shellforge
• InlineEgg and check InlineEgg Programming pearls from Gera.
• UHooker
• MOSDEF
• Hydrogen
• Mosref and check the Mosref Howto

Encryption

• dmcrypt
• gnupg
• OpenSC

Password crackers

• Ophcrack, Rainbowcrack, THC-Hydra, John

Fuzzers

• InfosecInstitute ultimate list
• HackSafe fuzz-testing

VoIP

• VoIPSA Security Tool List

Ideas and Musings

Security CoreWar

One system has some vulnerable processes (essentially memory management related vulns). Each player upload a warrior which aims to replicate and to :

• Destroy the warrior of the other player
• Destroy the services processes of the other user
• Take as more memory as it can

The memory is the actual memory of a machine or a virtual machine.

Security Remote Capture the Flag

CTF is a competition where each team own some servers with active services on them and some files or vulns e.g. flags. Some services have vulnerabilities by design or in their configuration. No source code is provided for the services. The score depends on :

• Uptime of the services
• How many times the team takes flags

There are different strategies :

• Defending the services (filtering, binary patching)
• Finding as most as vulnerable services as the team can

The scoring system is very important in this game.

Links

Sites and e-zines

• Phrack
• Uninformed
• CodeBreakers Journal
• 29A
• VX heaven
• Madchat
• PacketStorm
• Rootkit.com
• OpenRCE
• Remote Exploit
• Milw0rm
• Pull the Plug
• Crackmes.de
• Reverse Engineering .net
• OpenRCE
• RRLF

note: some e-zines are mirrored here

Conferences

• BlackHat
• DefCon
• CanSecWest - EuSecWest - PacSec
• HITB SecConf
• REcon
• RUXcon
• ToorCon
• SysCan
• IT Underground
• XCon
• SSTIC[fr]
• ShmooCon

Crews and hackers

• Feline Menace
• V0ID
• THC
• w00w00
• ElfSH
• XFocus
• 29A
• Silvio Cesare
• Michal Zalewski
• mammon_
• Dino A. Dai Zovi
• Trifinite
• Dachb0den Labs
• No Login

Blogs

• Matasano's chargen/19
• Metasploit
• Halvar's
• Ilfak's
• Honeyblog
• Windows Incident Response
• Invisible Things
• Bunnie Studios
• Hack a Day
• Tao Security
• Arbor Networks
• NCircle
• Worm Blog
• David Litchfield
• Jack Koziol
• Thierry Zoller
• Tuxedo-es
• Michael Howard
• The Art Of Software Security Testing

More => SecurityBlogs Feeds

“I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image.”, Stephen Hawking