Getting your fill of Security
Friday, May 29, 2009 at 3:35PM I recently posted a blog post to Exotic Liability’s website with the same title, and I realized that it would make a great thing to post to here, and update regularly, or just put it on the wiki I keep saying that I get going here. Enough rambling, here is how you can get your fill of security:
Podcasting:
GetMon - http://www.getmon.com/ - This is a great site because you can download or listen to any of the security podcasts right from their site if you want to.
HackerMedia - http://www.hackermedia.org/ - They put together like podcasts into different categories, and they overlap. So if you want the "Linux" feed, you'll get podcast A, B, and C. But maybe podcast C does Linux security, so if you subscribe to the "Security" feed, you might get C, E, and G. You can also get the everything feed
Bloggers (RSS Feeds):
Security Bloggers Network - http://www.securitybloggers.net/ - A consolidated feed of a HUGE list of security blogs
Twitter:
Security Twits - http://www.security-twits.com/ - A long list of security related twitter accounts. From people to events, to companies.
Places to learn:
The Academy Pro - http://www.theacademypro.com/
Learn Security Online - http://www.learnsecurityonline.com/
Free IT Security Training - http://www.freeitsecuritytraining.com/
Virtual Training Environment by Carnegie Mellon - https://www.vte.cert.org/vteweb/
Challenge Sites and Sites that are OK to attack:
(Make sure you know which is which before you haul off and start attacking though)
(Most of these stolen from Chris Nickerson’s reply to Show 17 Links blog post)
http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
http://testasp.acunetix.com/Default.asp
http://test.acunetix.com/
http://hackme.ntobjectives.com/
http://www.foundstone.com/us/resources/proddesc/hacmeshipping.htm
http://www.foundstone.com/us/resources/proddesc/hacmecasino.htm
http://www.foundstone.com/us/resources/proddesc/hacmebooks.htm
http://www.foundstone.com/us/resources/proddesc/hacmetravel.htm
http://lampsecurity.org/capture-the-flag-5
http://zero.webappsecurity.com/
http://www.hackertest.net/
http://www.hackthissite.org/
http://www.mavensecurity.com/WebMaven.php
http://ha.ckers.org/challenge/
http://ha.ckers.org/challenge2/
http://demo.testfire.net/
http://scanme.nmap.org/
http://www.hellboundhackers.org/
http://www.overthewire.org/wargames/
http://roothack.org/
http://heorot.net/
http://www.irongeek.com/i.php?page=security/mutillidae-deliberately...
http://wocares.com/xsstester.php
https://how2hack.net
http://hax.tor.hu/
http://www.bright-shadows.net/
http://www.dareyourmind.net/
http://hackergames.net/
http://www.hackquest.com/
http://www.darkmindz.com/
http://www.caesum.com/game/
http://www.net-force.nl/
http://www.osix.net/
http://www.mibs-challenges.de/
http://projecteuler.net/
http://uva.onlinejudge.org/
http://ace.delos.com/usacogate
So now you have absolutely ZERO reason to have one moment of time on your hands ;-)
Know of another good resource? Post a comment.
UPDATE: ethicalhack3r from http://www.ethicalhack3r.co.uk pointed me to his project called “Damn Vulnerable Web App”. You can find it on Sourceforge here: http://sourceforge.net/projects/dvwa/
Rob Fuller
A must larger post was made:
http://www.linux-ninja.com/infosec-self-education-resources/
there are a ton of resources out there... now you don't even have to google for them...
Hacking, learning, links, security in Uncategorized 
Reader Comments (3)
Thanks for the links! Great resources. :)
[...] security-related Twitter accounts, and sites that you’re free to hack. You can check out the list here. You can also check out our list of security resources for additional [...]
[...] Getting your fill of Security I recently [...]