Security and Technology Links
Hacking/Auditing
- Way too much fun to play with: http://metasploit.org/
- Great tools http://thc.org (down right now, not sure why) mirror at http://thc.org.segfault.net/
- Discussion board and white papers http://www.governmentsecurity.org/
News
- Security Focus: http://www.securityfocus.com/
- Network Information Security & Technology News http://www.nist.org/news.php
- SANS: http://www.sans.org/
Mailing Lists
- Bugtraq: http://www.securityfocus.com/archive/1
- Fulldisclosure http://archives.neohapsis.com/archives/fulldisclosure/
- Web Security: http://www.webappsec.org/lists/websecurity/
- WebAppSec http://www.securityfocus.com/archive/107
Search Engine
- Search hacking: http://www.searchlores.org/
- Yahoo's search team's Jeremy Zawodny: http://jeremy.zawodny.com/blog/
- Google search team's Matt Cutts: http://www.mattcutts.com/blog/
- Wayback Machine: http://www.archive.org/web/web.php
Browsers
- MSDN Internet Explorer Blogs: http://blogs.msdn.com/ie/
- Firefox's blogs: http://weblogs.mozillazine.org/
- Firefox's bugzilla: https://bugzilla.mozilla.org/
- Old and esoteric browsers: http://browsers.evolt.org/
General resources
- Default password list: http://www.cyxla.com/passwords/passwords.html
- Old vulnerable software to test on: https://www.securinfos.info/old_softwares_vulnerable.php
- Command equivalents in UNIX variants: http://bhami.com/rosetta.html
- Open source vulnerability database: http://osvdb.org/
- Common vulnerabilities and exposers: http://cve.mitre.org/
- Best HTML reference, ever: http://www.blooberry.com/indexdot/html/tagindex/a.htm