Hi All,
I’ve complied a list of interesting articles and tools you might be interested in checking out. I’ve added some web application testing software as well as Dictionary Files + Pen testing tools.
Web Application Security
Dissecting Web Attacks
http://www.blackhat.com/presentations/bh-dc-09/ValSmith/BlackHat-DC-09-valsmith-colin-Dissecting-Web-Attacks.pdf
http://www.blackhat.com/presentations/bh-dc-09/ValSmith/BlackHat-DC-09-valsmith-colin-Web-Attack-Disection-slides.pdf
New Techniques for Defeating SSL/TLS
https://media.blackhat.com/bh-dc-09/video/Marlinspike/blackhat-dc-09-marlinspike-slide.mov
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
XSS Anonymous Browser
http://www.blackhat.com/presentations/bh-dc-09/Flick/BlackHat-DC-09-Flick-XAB_Slides.pdf
http://www.blackhat.com/presentations/bh-dc-09/Flick/BlackHat-DC-09-Flick-XAB-wp.pdf
OWASP Linux Distro&Virtual Machine:
http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
OWASP Running An ISO In Vmware
http://securitydistro.com/video-tutorials/53/Running-an-ISO-on-VMware.php
Acunetix WVS
http://www.acunetix.com/
WebScarab
http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
SPIKE Proxy : HTTP Hacking
http://www.immunitysec.com/resources-freesoftware.shtml
Rootkits + Pentesting
http://sectools.org/crackers.html
http://www.offensive-security.com/cons/shmoo2008/muts_at_shmoo.html
Fast-Track
http://www.thepentest.com/
http://www.shmoocon.org/slides/DKENNEDY_FastTrack_ShmooCon_2009.pdf
Wordlists/Dictionary Files:
http://www.outpost9.com/files/WordLists.html
ftp://ftp.ox.ac.uk/pub/wordlists/
ftp://ftp.mirrorgeek.com/openwall/wordlists
Alice in User-Land: Hijacking the Linux Kernel via /dev/mem
http://www.blackhat.com/presentations/bh-europe-09/Lineberry/BlackHat-Europe-2009-Lineberry-code-injection-via-dev-mem-slides.pdf
.NET Framework Rootkits: Backdoors Inside Your Framework
http://www.blackhat.com/presentations/bh-europe-09/Metula/BlackHat-Europe-2009-Metula-NET-Framework-rootkits-whitepaper.pdf
iRK – Crafting OS X Kernel Rootkits
https://www.blackhat.com/presentations/bh-usa-08/D’Auganno/D’Auganno_Extras.zip
https://www.blackhat.com/presentations/bh-usa-08/D’Auganno/BH_US_08_DAuganno_iRK_OS_X_Rootkits.pdf
A New Breed of Rootkit: The System Management Mode (SMM) Rootkit
https://www.blackhat.com/presentations/bh-usa-08/Embleton_Sparks/BH_US_08_Embleton_Sparks_SMM_Rootkits_Slides.pdf
Nmap: Scanning the Internet
https://www.blackhat.com/presentations/bh-usa-08/Vaskovich/BH_US_08_Vaskovich_Nmap_Scanning_the_Internet.pdf
Meet The Owner Of a Real Hacked Company – Forensic Investigation
https://www.blackhat.com/presentations/bh-usa-08/Shelhart/BH_US_08_Trustwave_Presentation_Shelhart_Meet_Owner.pdf
Dan Kaminsky
Weaponizing Noam Chomsky, or Hacking with Pattern Language