Suggested Links (Reading/Research/Newbies)

[thorin]

I'm migrating this list from the old forums so that I can reference it more easily

Some blogs worth checking (IMHO):
Jeremiah Grossman
The Spanner - A tool for designers dealing with programmers dealing with designers…
ThreatExpert Blog
BT Blog
Metasploit

Papers or document collections worth checking:
NIST.gov - Computer Security Division - Computer Security Resource Center
Analyzing 20,000 MySpace Passwords - CyberKnowledge Blog
(The following are Canadian, I'm sure there are equivalent docs for the US and other countries that are available)
CSEC: Government of Canada Publications
RCMP - Technical Security Branch - Publications

Other Info Sites/Resources:
Irongeek.com
VulnerabilityAssessment.co.uk
Anti-Cross Site Scripting
.:[ packet storm ]:. - http://packetstormsecurity.org/
Internet Storm Center Diary
The Ethical Hacker Network - Anti-Hacker Tool Kit: Reverse Engineering Binaries
ha.ckers.org web application security lab
Upside-Down-Ternet
Google code search info

I-Hacked.com Taking Advantage Of Technology - Cracking Wifi with Back|Track
TAZ Security Forum: Pen Testing, Tutorials, Videos, Backtrack, Aircrack, Intrusion, Detection, Rainbow Tables, Wireless, TAZCast Sessions, and more...
Wireless Security 802.11 Security Wirelessdefence.org Index
PerryGeo » Wardriving with Ubuntu Linux and Google Earth

Packetlife Cheat Sheets

Books:
Amazon.com: Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks (0689145704617): Michal Zalewski: Books
Security Engineering - A Guide to Building Dependable Distributed Systems (Online Book)
Open Source Security Testing Methodology Manual (OSSTMM)

Online Tools/Lookups:
Hash Generator
XSSed - XSS (cross-site scripting) information and vulnerable websites archive
Manufacturer to Network Card Cross-Reference
http://www.iana.org/assignments/port-numbers
List of TCP and UDP port numbers - Wikipedia, the free encyclopedia
URLVoid (Check Websites for Malware)
Website Security Check - Unmask Parasites
Is my site safe? Check your SSL certificate!
DNSsy - DNS Test and Check - Free DNS Tools and Report
Down for everyone or just me
Check Username Availability at Multiple Social Networking Sites
Microsoft Security Bulletin Search

Law:
State Hacking Laws (US)
10 ways you might be breaking the law with your computer: UPDATED (US)
C-46, Section 326 (Canada/Federal)
C-46, Section 430 (Canada/Federal)

Testing Environments & Apps:
Hacking Without All the Jailtime
Damn Vulnerable Linux
WebGoat
Metasploitable
Deliberately Insecure Web Applications For Learning Web App Security
MOTH (Collection of vulnerable web apps)
De-ICE

Groups you may want to attend meetings with or consider membership in:
OWASP
ISSA
ISACA
HTCIA
ISECOM

[sickness]

Epic :X, thank you very much.

[hhmatt]

Fixed a few links here or similar.

Muts new blog
Information Security Training Blog

This is possibly the 10 laws you may not even know you're breaking but still a worthwhile read even if it isn't.
10 ways you might be breaking the law with your computer: UPDATED | 10 Things | TechRepublic.com

The analysis of 20,000 myspace passwords.
Analyzing 20,000 MySpace Passwords | Cyberknowledge Tech Blog

is it down - Someone on these forums posted this and I've found it to be useful.
Down for everyone or just me?

lmgtfy
Let me google that for you

Some security sites I check for news and updated info.
http://www.securityfocus.com/
http://secunia.com/
http://www.securecomputing.net.au/News/Default.aspx
http://www.exploit-db.com/

[sickness]

If anyone is still interested in some links I made a blog about security and Backtrack too.

ihasomgsecurityskills

[thorin]

14-June-2010 : Another one I recently added to my bag of tricks:

Scan Websites for Viruses - URLVoid.com BETA

Multiple corrections/updates and additions.

14-Sept-2010 : Added "Testing Environments & Apps" section.

[billo2310]

Hi,

Firstly excellent list I was just wondering if you knew of any programming tutorial websites that you or members of these forums may know of or recommend?
And would anyone recommend a language to learn
I've played with C (hello world etc) a little..
and have been enjoying Micro Marts (UK Computing magazine) 12 week article on C but was wondering if any of yourselves could recommend a language or resources...?

Anyway I digress.....

Once again thanks for the list it is awesome,

B.

[Archangel-Amael]

And would anyone recommend a language to learn

Just to keep this thread on topic. I am going to settle this for you real fast.
Learn a language. An easy way to start, is with bash. Basically pick one that seems somewhat interesting to you, and learn it, then pick another, rather, rinse, repeat. Some big names are python, perl, ruby. They are in no order of importance, and of course there are many more. There are endless arguments pro and con for the different languages. Further there are many threads here on the subject.

[billo2310]

Just to keep this thread on topic. I am going to settle this for you real fast.
Learn a language. An easy way to start, is with bash. Basically pick one that seems somewhat interesting to you, and learn it, then pick another, rather, rinse, repeat. Some big names are python, perl, ruby. They are in no order of importance, and of course there are many more. There are endless arguments pro and con for the different languages. Further there are many threads here on the subject.

Cheers its appreciated sorry for wandering somewhat off topic.

B.

[adriankeith]

Thanks for this impressive list of resources. Definitely something I will be reading over the course of learning my way through using the various tools provided with backtrack.

[thorin]

I'm migrating my list to the stickied thread in the Experts Forum:
http://www.backtrack-linux.org/forum...ted-links.html

and will be maintaining it there.