Tuesday, 30 August 2011

Security Testing Research, links galore

Over at the Software Testing Club I just added a list of resources for use by members of the Security Testing Group I set up. I thought I'd add the list here for reference and encourage readers to visit the STC group.

Websites and Forums

Dark Reading: http://www.darkreading.com/
Infosecurity: http://www.infosecurity-magazine.com/
Ethical Hacking Blog Site: http://www.ehacking.net/
The Ethical Hacker Network: http://www.ethicalhacker.net/

Podcasts and Video Series
Cigital Silver Bullet Security Podcast: http://www.cigital.com/silverbullet/

Security Testing Methodologies
OWASP: https://www.owasp.org/
OSSTM: http://www.isecom.org/osstmm/
ISSAF: http://www.oissg.org/issaf/

Threat & Incident Classification
WASC-TC: http://projects.webappsec.org/w/page/13246978/Threat%20Classification
WHID: http://projects.webappsec.org/w/page/13246995/Web-Hacking-Incident-Database
Taxonomy of Coding Errors: https://www.fortify.com/vulncat/en/vulncat/index.html


Backtrack: http://www.backtrack-linux.org/
NMap: http://nmap.org/
Nessus (Home Feed): http://www.tenable.com/products

Hack to learn, dont' learn to hack.


Anonymous said...

Good dispatch and this post helped me a lot in my college Assignement. Thank you, as your information .

Anonymous said...

brinkka2011 says: Sick! Just obtained a brand-new Pearl and I can now read your blog on my phone's browser, it didn't get the job done on my aged one.