Forensics

• CAINE – http://www.caine-live.net/
• Mobius Forensics Toolkit – http://freshmeat.net/projects/mobiusft
• Process Hacker – http://processhacker.sourceforge.net/
• Netwitness Free Edition – http://www.netwitness.com/
• Volatility – https://www.volatilesystems.com/default/volatility/: extract digital artifacts from volatile memory (RAM) samples – [Python based]
• SandMan – http://sandman.msuiche.net: read the hibernation file, regardless of Windows version – [Python based]
• LibForensics – http://code.google.com/p/libforensics/: library for developing digital forensics applications – [Python based]
• TrIDLib – http://mark0.net/code-tridlib-e.html: identify file types from their binary signatures. Now includes Python binding – [Python based]

Infosec online (= infosec sites)

Magazines

• (In)Secure Magazine: http://www.net-security.org/insecuremag.php
• Hackin9 Magazine – http://hakin9.org/, http://www.en.hakin9.org/
• SC Magazine – http://www.scmagazineus.com/ | digital downloads – http://www.scmagazineus.com/Digital-Download/section/ | podcast – http://www.scmagazineus.com/Digital-Download/section/255
• Infosecurity (USA) magazine – http://www.infosecurity-us.com/
• Club Hack Magazine (India) – http://chmag.in/

Knowledge and tools sites

• Biblio@Lotek.net – http://biblio.l0t3k.net/
• /dev/ttyS0 – Embedded Device Hacking – http://www.devttys0.com/

Hacking: a cultural phenomenon

• “The Hacker Manifesto” by “+++The Mentor+++” (1986.01.08) – http://www.mithral.com/~beberg/manifesto.html
• “How To Become A Hacker” by Eric Steven Raymond (2001) – http://www.catb.org/~esr/faqs/hacker-howto.html
  • Eric Raymond’s FAQ collection – http://www.catb.org/~esr/faqs/
• “Hackers and Painters” by Paul Graham (2003.05) – http://www.paulgraham.com/hp.html

Other sites

• Ashkan Soltani’s site – http://www.ashkansoltani.org/ – an independent researcher and consultant focused on privacy, security, and behavioral economics.
  • KnowPrivacy by Ashkan Soltani – http://knowprivacy.org/ – site dedicated to his Master’s thesis
• The National Software Reference Library (NSRL) Project Web Site (@NIST): http://www.nsrl.nist.gov/. They provide the Reference Data Set (RDS), which is a collection of digital signatures of known, traceable software applications. There are application hash values in the hash set which may be considered malicious, i.e. steganography tools and hacking scripts. There are no hash values of illicit data, i.e. child abuse images.
• (An compendium of US) State Security Breach Notification Laws – http://www.ncsl.org/IssuesResearch/TelecommunicationsInformationTechnology/SecurityBreachNotificationLaws/tabid/13489/Default.aspx
• Faves.com list of links:
  • Hacking – http://faves.com/users/jopiter/friends/dots/tag/hacking
  • Penetration testing – http://faves.com/users/jopiter/friends/dots/tag/penetration+testing
  • Framework – http://faves.com/users/jopiter/friends/dots/tag/framework
• Security-Shell blog – http://security-sh3ll.blogspot.com/ – tools.
• “SecurityConfig” site – http://www.securityconfig.com/ – tools
• ::eSploit:: – http://esploit.blogspot.com/ – looks like a blog linking to the various security/hacking resources.

Conferences

• Hak5 – http://www.hak5.org/

---

Related content at this blog:

• Infosec pages at this blog – https://eikonal.wordpress.com/2011/05/17/information-security-sites/
• Infosec online – https://eikonal.wordpress.com/2010/02/01/infosec-online/
• Infosec blogs – https://eikonal.wordpress.com/2010/03/17/infosec-blogs/
• Infosec wikies – https://eikonal.wordpress.com/2010/03/17/infosec-wikies/
• Infosec books – https://eikonal.wordpress.com/2010/10/19/infosec-books/
• InfoSec lists and newsgroups – https://eikonal.wordpress.com/2010/03/15/infosec-man-lists-and-newsgroups/
• Cloud security – https://eikonal.wordpress.com/2010/08/09/cloud-security/
• “Book: Enterprise Security For the Executive” – https://eikonal.wordpress.com/2010/01/07/book-enterprise-security-for-the-executive/
• IT Magazines – https://eikonal.wordpress.com/2010/03/01/it-magazines/

---