Cybersecurity Resources
Blogs and News
Krebs on Security
Malwarebytes Unpacked
SANS Internet Storm Center
Palo Alto Networks Threat Research
Schneier on Security
Security Newsletter
Threatpost
Trendlabs Security Intelligence
Zero Day Blog
Cybercrime
Anti-Phishing Working Group
(see also the annual
eCrime Conference
.)
DataBreaches.net
(see also
LeakedIn
)
Internet Crime Complaint Center (IC3) List of Common Scams
(see also
Prevention Tips)
Mitre ATT&CK Model
Cryptography
Practical Cryptography
Handbook of Applied Cryptography
(online book)
Wikipedia: Topics in Cryptography
Exploitation
Exploit DB
Google Hacking Database
Inj3ctor Exploit Database
Going Further
NKU Center for Information Security
Cybersecurity Careers and Studies
Journals and Indexes
ACM Digital Library
(use proxy below when off campus)
Steely Library Proxy
for off-campus journal access.
NKU Library Research Guides and Tutorials
Google Scholar
Microsoft Academic Search
Top Journals in Security and Privacy
Security Conference Rankings
Linux and UNIX Resources
CyberAces Tutorials
(windows, linux, network topics)
The Linux Command Line
(free ebook and tutorials)
Bash Guide
by Lhunath
The Art of the Command Line
(tips and hints)
Vim Tutorial
Vim Tutorial Videos
Local Security Groups and Meetings
Cincinnati Digital Forensics Working Group
Cincinnati OWASP
Cincinnati 2600
Ohio Information Security Forum
Greater Cincinnati Area IT User Groups Directory
Malware
Sandboxes:
CWSandbox
SpywareGuide
database of spyware and adware
VirusTotal
online scan with multiple AV tools
Zeltser: malware sample sources
Network Security Monitoring
BPF syntax
Scapy documentation
tcpdump tutorial with examples
Other
Shodan Online Device Search
UniqueID: Numbers that Control Your Life
Douglas Jones' Voting Security Resources
Passwords
QuickHash
compute any hash
CrackStation
online password cracking
HashKiller: MD5 Decrypter
MD5 This
password cracking
leakdb
search hashes in DB of leaked passwords and hashes
BreachAlarm
check if account compromised by email address
Penetration Testing and Red Teaming
Awesome List of Pentest Resources
Open Source Security Testing Methodology Manual (OSSTMM)
Penetration Testing Execution Standard
Pentester Lab
Policies
NKU Security Policies
SANS Policies Project
Reverse Engineering
Awesome List of Malware Analysis Resources
Reverse Engineering for Beginners
OpenRCE.org
Free Reverse Engineering Tools
Reverse Engineering Tools
Software Security
Build Security In
C Tutorials and Resources
Getting the best security out of your C compiler
CERT Secure Coding
Secure Programming for Linux and UNIX Howto
Microsoft Security Development Center
Silver Bullet Podcast
Top 25 Most Dangerous Programming Errors
Tools
Top 125 Security Tools
Fuzzing.org: index of fuzzing tools
Tools Watch
CERT Vulnerability Discovery Tools
Capture the Flag (CTF) competition directory
Threats and Vulnerabilities
Bugtraq List
(and
Bugtraq Vulnerability DB
)
CVE Details
vulnerability database
IBM X-Force Threat Reports
NVD
(National Vulnerability Database)
Videos and Podcasts
Black Hat Conference Archives
The Cyberwire Daily Podcast
Defcon Conference Archives
IronGeek Security Videos
Paul's Security Weekly Podcasts
Security Now Podcasts
SecurityTube.net
Web Security
Open Web Application Security Project
(including
cheat sheets
)
Bobby Tables: A Guide to Preventing SQL Injection
(see also
SQL Injection Attacks by Example
and
SQL Injection Wiki
)
BeEF: Browser Exploitation Framework
Browser Security Handbook
Burp Suite
, including
free edition
Firebug debugger
and
FireStorage Plus
plugin
Top Web Application Scanner Tools
Vulnerable Web Applications Directory
WASC Web Threat Wiki
© 2005-2020
James Walden, Ph.D.