Skip to content

InfoSec Resources

This is an up to date list of solid InfoSec resources, in no particular order:

OWASP Web Testing Environment

SpiderLabs Blog

Nmap

Wireshark

Tenable Network Security

Metasploit

Security Tools

Openwall (Open source security software / passwords / John the Ripper)

tcpdump and libpcap

Backtrack

Oxid (Security freeware / passwords / Cain and Abel)

Snort (Open source IDS/IPS)

Kismet (wireless network detector)

WinSCP

Burp

CIRT (Nikto)

w3af (Open source Web App Auditing)

Net Stumbler

Paros Proxy (Web App Auditing)

Perl for Windows

Python

Scapy (Network Discovery)

OpenVAS (Open source vuln scanner)

OWASP

Fiddler (Web debugging proxy)

Krebs on Security

Schneier on Security

Fortinet (blog)

Naked Security (blog)

Cognitive Dissidents (blog)

New School Security (blog)

Dark Reading (blog)

Securosis (blog)

Thought Crime (blog)

Root Labs (blog)

Threat Post (blog)

Zero Day (blog)

Rational Survivability (blog)

SecureList (blog)

Tao Security (blog)

F-Secure (blog)

Andrew Hay (blog)

Uncommonsense Security

McKeay (blog)

SANS AppSec (blog)

Offensive Security

Pentest Monkey

Pentester Lab

VeraCode

Neohapsis

Packet Storm

Security Tube

Advertisements