Csus/resource/concentration/infosec

From wiki.ucalgary.ca
< Csus‎ | resource
Revision as of 20:51, 21 March 2015 by Mbclark (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Information Security

General

  • POC||GTFO - International Journal of Proof of Concept or Get the Fuck Out, a friendly little journal for ladies and gentlemen of distinguished ability and taste in the Feld of computer security and the architecture of weird machines.
  • Phrack Magazine - Phrack issues are released irregularly, and like academic publications issues are grouped into volumes. Each issue comprises a number of Philes: stand-alone text files of very technical or counter-cultural content. Philes are submitted by members of the hacker underground community, and are reviewed by the editors. [TODO: Better description]
  • SecurityTube - Site dedicated to security videos and tutorials.
  • What I Wish I Knew Before Studying Computer Security in College
  • Penetration Testing Labs - A categorized list of vulnerable web applications, operating system installations, old software and war games [hacking] sites, to practice your skills.

Application Security

Cryptology

  • Black-Box Assessment of Pseudorandom Algorithms - Whitepaper (+Tool) on predicting PRNG output.
  • The NSA back door to NIST - This article gives a brief mathematical description of the NIST standard for cryptographically secure pseudo-random number generation by elliptic curves, the back door to the algorithm discovered by Ferguson and Shumow, and finally the design of the back door based on the Diffie-Hellman key exchange algorithm.
  • Elliptic Curve PrimerA relatively easy to understand primer on elliptic curve cryptography.
  • When AES(☢) = ☠ - A crypto-binary magic trick. Exploiting chain block ciphers to encode a valid polygot.

Hardware Security

Malware

Network Security

Physical Security

Privacy

Reverse Engineering

  • Jailbreaking the GameBoy - A video demonstrating how user gameplay can be used to write to memory, essentially allowing the gamer to "write a program" and then jump execution to that program.
  • Cryptic Crossword - Amateur Crypto and Blackbox Reverse Engineering

Social Engineering

Systems Security

Web Security

Tools

Pen Testing

Web

XSSless - Automatic XSS payload generator.