serhii.net LINKS BLOG!

categories: Infosec

• How to Handle Secrets on the Command Line
• 🔍 Facebook Scanner
• How CNN captured video of the Roger Stone raid - CNNPolitics
• Tracking friends and strangers using WhatsApp - Robert Heaton
• OSINT Framework
• Penetrating Testing/Assessment Workflow - WorkFlowy
• Security - My notepad · GitBook
• Inside Russia’s Fake News Playbook
• Wappalyzer - Detecting Web Applications on websites
• Andrea Scarpino - How my car insurance exposed my position
• Attacked Over Tor - The Hacker Factor Blog
• Body By Victoria - The Hacker Factor Blog
• Nation State Threat Attribution: a FAQ - tisiphone.net
• Starting an InfoSec Career – The Megamix – Chapters 4-5 - tisiphone.net
• Hacker to Security Pro! On the Shoulders of -InfoSec Giants
• Learning remote enumeration (Part 1)
• Penetration Testing Tools Cheat Sheet
• SQL Injection Wiki - SQL Injection Cheat Sheets
• OSINT Training created by Michael Bazzell - Open Source Intelligence Techniques - Buscador Social Engineering Linux Distro
• lame hackers guide: How I rooted Ew_Skuzzy: 1
• The Document Which Was Formerly Called The MIT Guide to Lockpicking
• The Ukrainian Hacker Who Became the FBI’s Best Weapon—And Worst Nightmare - WIRED
• BriMor Labs: Identifying TrueCrypt Volumes For Fun (and Profit?)
• Confundo - tool to create similar-looking Unicode strings
• Security Engineering - A Guide to Building Dependable Distributed Systems
• The CIA Rule Book on Malware Creation - Hacking Tutorials by Xeus
• Origin of Wireless Security: the Marconi Radio Hack of 1903 - Hackaday
• Stealth Post Exploitation Framework: PhpSploit
• Troy Hunt: Your login form posts to HTTPS, but you blew it when you loaded it over HTTP
• Using Ordered Markov Chains and User Information to speed up Password Cracking - Fsecurify
• 2016 Guide to User Data Security - Inversoft
• Keyboards and Covert Channels (Jitterbug)
• digital-scurf → software → libgfshare (Sharing tool, 3-of-5 for example)
• Steganography in Linux from the command line – scottlinux.com - Linux Blog
• 6
• Attacking machine learning with adversarial examples
• Offensive Thinking
• Zombiehelp54: SQL injection in an UPDATE query - a bug bounty story!
• lame hackers guide: Safe cracking
• lame hackers guide: Sans Holiday Challenge 2016
• Who Ran Leakedsource.com? — Krebs on Security
• Local File Inclusion (LFI) Security Testing Techniques - Aptive
• AES Crypt - Advanced File Encryption
• De-Anonymizing Browser History Using Social-Network Data - Schneier on Security
• PaulSec/awesome-sec-talks: A collected list of awesome security talks
• Troy Hunt: Your affairs were never discreet – Ashley Madison always disclosed customer identities
• Browser Autofill Phishing
• GitHub - mzet-/linux-exploit-suggester
• GitHub - x0rz/tweets_analyzer: Tweets metadata scraper & activity analyzer
• Who is Anna-Senpai, the Mirai Worm Author? — Krebs on Security
• How I socially engineered my girlfriend’s proposal. – Medium
• How to identify the rogue White House tweeter in 3 easy steps
• Life plus Linux: Look before you paste from a website to terminal
• Ultimate-GPG-Settings · GitHub
• VPN Gate - Public Free VPN Cloud by Univ of Tsukuba, Japan
• 12 Million Declassified CIA Documents Now Free Online: Secret Tunnels, UFOs, Psychic Experiments & More @ Open Culture
• Details • Psioπ • Hackaday.io ("Reverse engineering the keyboard,part 3)
• Reasons not to use (i.e., be used by) Facebook
• The Line of Death (Security UI) – text/plain
• Stealing passwords from McDonald's users - Tijme Gommers
• Names...Names Everywhere! The Problem, and Non-Problem, of Name Pollution - ActiveResponse.org
• 1N3/Findsploit: Find exploits in local and online databases instantly
• 1N3/PrivEsc: A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
• Vulnerability Search Engine
• GitHub. Ссылки на софт для пентестинга @ NetCat.Pro
• kernel exploits search
• Translations of English infosec resources to Russian - "Welcome to the matrix"
• 5
• Cult Of Russian Underground - Private Russian Project
• Documentation - Mailvelope
• The Visual Microphone
• Дербаним картинки из qt
• Persistent XSS In Verizon
• "SO I LOST MY NAS PASSWORD" password recovery
• A Lesson In Timing Attacks (or, Don’t use MessageDigest.isEquals) @ codahale.com
• How To Safely Store A Password @ codahale.com
• resources - netsecstudents
• My First 5 Minutes On A Server; Or, Essential Security for Linux Servers
• NSA-proof your emails in 2 hours
• blog.filippo.io
• I'M GIVING UP ON PGP
• Securing a travel iphone