Security Ressources Sites-阿里云开发者社区

开发者社区> 开发与运维> 正文

Security Ressources Sites

简介: Security Ressources SitesOperating systems architecture http://www.
Security Ressources Sites

Operating systems architecture PitBull Foundation OS-Level Security PitBull Foundation Secure Application Environment Writing ia32 alphanumeric shellcodes
Intrusion Detection Systems NIDS Placement in the Real World Polymorphic Shellcodes vs. Application IDSs Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection Evasion, Traffic Normalization, and End-to-End Protocol Semantics
Cisco routers Improving Security on Cisco Routers Defining Strategies to Protect Against UDP Diagnostic Port Denial of Service Attacks Configuring Context-Based Access Control (PDF) Configuring Context-Based Access Control (HTML) Cisco Router Guides Cisco Password Recovery Cisco 2500 series help Password Recovery Procedure for the Cisco 2600 Series Routers
Denial of Service attacks Trends os Denial of Service Attack Technology
Firewalls Guide to Firewall: Selection and Policy Recommandations: FTP and Firewalls Real Stateful TCP Packet Filtering in IP Filter A Stateful Inspection of FireWall-1 PhoneBoy's FireWall-1 FAQ NIST's SP 800-41 Guidelines on Firewalls and Firewall Policy
Information Warfare IWAR Range: A Laboratory for Undergraduate Information Assurance Education
Oracle security Specialists in Security and Oracle
Programming Programming Languages - C - C99 Cheating the ELF - Subversive Dynamic Linking to Libraries Tool Interface Standard (TIS) Executable and Linking Format (ELF) Specification Version 1.2 Intel Architecture Software Developer's Manual Volume 1: Basic Architecture Intel Architecture Software Developer's Manual Volume 2: Instruction Set Reference Manual Intel Architecture Software Developer's Manual Volume 3: System Programming Guide SPARC Assembly Language Reference Manual Syscall Proxying - Simulating Remote Execution FreeBSD Developers' Handbook: x86 Assembly Language Programming Secure Programming for Linux and Unix HOWTO (PDF) Secure Programming for Linux and Unix HOWTO (HTML) Secure UNIX Programming FAQ The Secure Pprogramming Standards Methodology Manual Setuid Demystified The Peon's Guide To Secure System Development 15 Tips for Secure Win32 Programming
Buffer overflow vulnerabilities exploitation technics Smashing The Stack For Fun And Profit The Frame Pointer Overwrite (Off-by-one exploits) Once Upon a free() En Francais, tres complet, aborde tous les types de vulnerabilitees exploitables SPARC Buffer Overflows (DEFCON 8, July 28, 2000, Las Vegas, NV.) Writing buffer overflow exploits - a tutorial for beginners Syscall Proxying - Simulating Remote Execution
Exploiting Buffer Overflows under Windows environment Exploiting Windows NT 4 Buffer Overruns Non-Stack Overflows on Windows Exploitation of UNICODE Buffer Overflows
Format string vulnerabilities exploitation technics Howto remotely and automatically exploit a format bug Format string vulnerability Exploiting format string vulnerabilities Format Bugs: What are they, Where did they come from, ... How to exploit them Analysis of Format Strings Bugs Howto exploit OpenBSD 2.7 ftpd format string
Other vulnerability types exploitation Deliver signals for fun and profit Basic Integer Overflows - by blexim
Secure programming and protection mecanisms Insecure Programming by example Many resources on exploiting UNIX Assembly Codes Development for Vulnerabilities Illustration Purposes (HTML) UNIX Assembly Codes Development for Vulnerabilities Illustration Purposes (PDF) Win32 Assembly Components Using Environment for returning into Lib C Secure Programming A Buffer Overflow Study, Attacks & Defenses Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade Bypassing StackGuard and StackShield Multiple vulnerabilities in stack smashing protection technologies A practical approach for defeating Nmap OS-Fingerprinting
Security policy related papers Internet Security Policy: A Technical Guide Introduction to Security Policies, Part One: An Overview of Policies Information Security involves a set of engineering processes OCTAVE Threat Profiles Common Criteria for IT Security Evaluation
Wireless LAN related papers Wireless Access Points and ARP Poisoning: All you want to know about WLAN Practical Exploitation of RC4 Weaknesses in WEP Environments
Fingerprinting Passive OS Fingerprinting: Details and Techniques
Microsoft security SecurityFocus Links Windows 2000 Guides Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2) (HTML) Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2) (PDF) Building a Windows NT Bastion Host in Practice
Layer 2 protocols Detection of Promiscuous Nodes Using ARP Packets
Certifications CISSP Open Study Guides
Spoofing Spoofing with different protocols
Network protocols ICMP Usage In Scanning Research The Hping2 Idle Host Scan Security Problems in the TCP/IP Protocol Suite
Operating systems Secure Deletion of Data from Magnetic and Solid-State Memory
Cross-site scripting vulnerabilites Malicious HTML Tags Embedded in Client Web Requests Full explanation, with useful links Cross-Site Scripting Web Vulnerability
Web-based attacks Exploiting Common Vulnerabilities in PHP Applications SQL Injection Are Your Web Applications Vulnerable Advanced SQL Injection In SQL Server Applications Hackproofing Oracle Application Server, David Litchfield Assessing IIS Configuration Remotely Fingerprinting Port80 Attacks SQL insertion Brute-Force Exploitation of Web Application Session IDs
Web security z/OS WebSphere and J2EE Security Handbook
Reverse Engineering Many links on the subject, bookmarks from Dave Dittrich
Encryption The end of SSL and SSH ?
Sniffing Sniffing (network wiretap, sniffer) FAQ
Misc. Password recovery tools The Unix Auditor's Practical Handbook


+ 订阅