ha.ckers.org web application security lab

ha.ckers.org web application security lab

Security and Technology Links

Hacking/Auditing

Way too much fun to play with: http://metasploit.org/
Great tools http://thc.org/
Discussion board and white papers http://www.governmentsecurity.org/

Online Tools

News

Security Focus: http://www.securityfocus.com/
Network Information Security & Technology News http://www.nist.org/news.php
SANS: http://www.sans.org/

Security Cheat Sheets

Mailing Lists

Bugtraq: http://www.securityfocus.com/archive/1
Fulldisclosure http://archives.neohapsis.com/archives/fulldisclosure/
Web Security: http://www.webappsec.org/lists/websecurity/
WebAppSec http://www.securityfocus.com/archive/107

Search Engine

Search hacking: http://www.searchlores.org/
Yahoo's search team's Jeremy Zawodny: http://jeremy.zawodny.com/blog/
Google search team's Matt Cutts: http://www.mattcutts.com/blog/
Google dorks johnny.ihackstuff.com
Wayback Machine: http://www.archive.org/web/web.php

Browsers

MSDN Internet Explorer Blogs: http://blogs.msdn.com/ie/
Firefox's blogs: http://weblogs.mozillazine.org/
Firefox's bugzilla: https://bugzilla.mozilla.org/
Old and esoteric browsers: http://browsers.evolt.org/

Security blogs

General resources

Default password lists: CIRT.net and phenoelit.de and cyxla.com
Old vulnerable software to test on: https://www.securinfos.info/old_softwares_vulnerable.php
Command equivalents in UNIX variants: http://bhami.com/rosetta.html
Open source vulnerability database: http://osvdb.org/
Common vulnerabilities and exposers: http://cve.mitre.org/
Best HTML reference, ever: http://www.blooberry.com/indexdot/html/tagindex/a.htm
Tor blacklist
d0ubl3_h3lix's Hacker Web Directory