OffSec Blog

SECURITY EDUCATION, PRIVACY GUIDANCE, THREAT AWARENESS, OPEN SOURCE TOOLS, RESEARCH NOTES, AND RESPONSIBLE TECHNOLOGY CONTENT

  • Penetration Testing Distribution - BackBox

    BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing...

  • Pentest Distro Linux - Weakerth4n

    Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox...

  • The Amnesic Incognito Live System - Tails

    Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship...

  • Penetration Testing Distribution - BlackArch

    BlackArch is a penetration testing distribution based on Arch Linux that provides a large amount of cyber security tools. It is an open-source distro created specially for penetration testers and security researchers...

  • The Best Penetration Testing Distribution - Kali Linux

    Kali Linux is a Debian-based distribution for digital forensics and penetration testing, developed and maintained by Offensive Security. Mati Aharoni and Devon Kearns rewrote BackTrack...

  • Friendly OS designed for Pentesting - ParrotOS

    Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting...

Tuesday, February 2, 2016

Rootkits For Dummies

      , ,       No comments    


Book Description:

A rootkit is a type of malicious software that gives the hacker root or administrator access to your network. They are activated before your system’s operating system has completely booted up, making them extremely difficult to detect. Rootkits allow hackers to install hidden files, processes, and hidden user accounts. Hackers can use them to open back doors in order to intercept data from terminals, connections, and keyboards. A rootkit hacker can gain access to your systems and stay there for years, completely undetected.

Learn from respected security experts and Microsoft Security MVPs how to recognize rootkits, get rid of them, and manage damage control.


 alt : Rootkits For Dummies.pdf


Source: allitebooks

By Offensive Sec
Share:

Securing Ajax Applications

      , ,       No comments    


Book Description:

Ajax applications should be open yet secure. Far too often security is added as an afterthought. Potential flaws need to be identified and addressed right away. This book explores Ajax and web application security with an eye for dangerous gaps and offers ways that you can plug them before they become a problem. Learn how to build secure Ajax applications and discover how to respond quickly when attacks occur.


 alt : Securing Ajax Applications.pdf


Source: allitebooks

By Offensive Sec
Share:

Securing VoIP Networks

      , ,       No comments    


Book Description:

In Securing VoIP Networks,two leading experts systematically review the security risks and vulnerabilities associated with VoIP networks and offer proven, detailed recommendations for securing them. Drawing on case studies from their own fieldwork, the authors address VoIP security from the perspective of real-world network implementers, managers, and security specialists. The authors identify key threats to VoIP networks, including eavesdropping, unauthorized access, denial of service, masquerading, and fraud; and review vulnerabilities in protocol design, network architecture, software, and system configuration that place networks at risk. They discuss the advantages and tradeoffs associated with protection mechanisms built into SIP, SRTP, and other VoIP protocols; and review key management solutions such as MIKEY and ZRTP. Next, they present a complete security framework for enterprise VoIP networks, and provide detailed architectural guidance for both service providers and enterprise users.


alt : Securing VoIP Networks.pdf


Source: allitebooks

By Offensive Sec
Share:

Security Metrics

      , ,       No comments    

Book Description:

Security Metrics is the first comprehensive best-practice guide to defining, creating, and utilizing security metrics in the enterprise.

Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization’s unique requirements. You’ll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. alt : Security Metrics.pdf


Source: allitebooks

By Offensive Sec
Share:

Security Power Tools

      , ,       No comments    


Book Description:

What if you could sit down with some of the most talented security engineers in the world and ask any network security question you wanted? Security Power Tools lets you do exactly that! Members of Juniper Networks’ Security Engineering team and a few guest experts reveal how to use, tweak, and push the most popular network security applications, utilities, and tools available using Windows, Linux, Mac OS X, and Unix platforms.



 alt : Security Power Tools.pdf


Source: allitebooks

By Offensive Sec
Share:

Disassembling Code - IDA Pro and SoftICE

      , ,       No comments    



Book Description:

This book describes how software code analysis tools such as IDA Pro are used to disassemble programs written in high-level languages and recognize different elements of disassembled code in order to debug applications in less time. Also described are the basics of Assembly language programming (MASM) and the system and format of commands for the Intel microprocessor. Aspects of disassembling, analyzing, and debugging software code are considered in detail, and an overview of contemporary disassemblers and debuggers used when analyzing executable code is provided. The basics of working with these tools and their operating principles are also included, and emphasis is placed on analyzing software code and identifying the main structure of those languages in which they were written.


 alt : Disassembling Code - IDA Pro and SoftICE.pdf


Source: allitebooks

By Offensive Sec
Share:

Network Security Hacks - 2nd Edition

      , ,       No comments    



Book Description:

In the fast-moving world of computers, things are always changing. Since the first edition of this strong-selling book appeared two years ago, network security techniques and tools have evolved rapidly to meet new and more sophisticated threats that pop up with alarming regularity. The 2nd edition offers both new and thoroughly updated hacks for Linux, Windows, OpenBSD, and Mac OS X servers that not only enable readers to secure TCP/IP-based services, but helps them implement a good deal of clever host-based security techniques as well.


 alt : Network Security Hacks - 2nd Edition.pdf


Source: allitebooks

By Offensive Sec
Share:

PGP & GPG

       No comments    


Book Description:

OpenPGP is the most widely used email encryption standard in the world. It is based on PGP (Pretty Good Privacy) as originally developed by Phil Zimmermann. The OpenPGP protocol defines standard formats for encrypted messages, signatures, and certificates for exchanging public keys.

PGP & GPG is an easy-to read, informal tutorial for implementing electronic privacy on the cheap using the standard tools of the email privacy field – commercial PGP and non-commercial GnuPG (GPG). The book shows how to integrate these OpenPGP implementations into the most common email clients and how to use PGP and GPG in daily email correspondence to both send and receive encrypted email.

The PGP & GPG book is written for the moderately skilled computer user who is unfamiliar with public key cryptography but who is nevertheless interested in guarding their email privacy. Lucas’s trademark informal and relaxed tone makes public key cryptography as simple and clear as possible, so that any reasonably savvy computer user can understand it.




 alt : PGP & GPG.pdf


Source: allitebooks

By Offensive Sec
Share:

Network Security - Bible

      , ,       No comments    


Book Description:

º A must for working network and security professionals as well as anyone in IS seeking to build competence in the increasingly important field of security

º Written by three high-profile experts, including Eric Cole, an ex-CIA security guru who appears regularly on CNN and elsewhere in the media, and Ronald Krutz, a security pioneer who cowrote The CISSP Prep Guide and other security bestsellers

º Covers everything from basic security principles and practices to the latest security threats and responses, including proven methods for diagnosing network vulnerabilities and insider secrets for boosting security effectiveness






 alt : Bible.pdf


Source: allitebooks

By Offensive Sec
Share:
Established in 2015. Offensive Sec Blog has been sharing security research, hacking tools, threat intelligence, and offensive security content since 2015.
Copyright © OffSec Blog | Powered by OffensiveSec
Design by OffSec | Built for the security community