exploit.education provides a variety of resources that can be used to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues.
Des tutos basiques d'utilisation de Metasploit, Burp, et plein d'autres choses.
(site horripilant par un popup d'achat)
Minimum Viable Secure Product is a minimalistic security checklist for B2B software and business process outsourcing suppliers.
Designed with simplicity in mind, the checklist contains only those controls that must, at a minimum, be implemented to ensure a reasonable security posture.
What are XS-Leaks? # Cross-Site Leaks are a class of vulnerabilities that have been present on the web for a long time, gaining new attention at the end of 2018 when a formal name was assigned and a repository of some of them was created. These vulnerabilities are Browser Side-channel Attacks and most of them exploit behaviors inherent to the design of the web, which increases the complexity around their mitigation.
et AES-Killer v3.0 - Burp Plugin To Decrypt AES Encrypted Traffic Of Mobile Apps On The Fly
https://www.kitploit.com/2018/11/aes-killer-v30-burp-plugin-to-decrypt.html
methodology,checklists, tools, vulnerable webapps
et aussi http://resources.infosecinstitute.com/14-popular-web-application-vulnerability-scanners/
Great guidance from IEEE's Center for Secure Design
https://discussions.nessus.org/servlet/JiveServlet/download/4615-1194/Nessus_Question.doc
http://www.tenable.com/sites/drupal.dmz.tenablesecurity.com/files/uploads/documents/whitepapers/Tenable_Web_App_Scanning_0.pdf
http://www.tenable.com/sites/drupal.dmz.tenablesecurity.com/files/uploads/documents/whitepapers/Using%20Nessus%20in%20Web%20Application%20Vulnerability%20Assessments.pdf
https://www.owasp.org/images/4/4f/Web_Application_Vul_Testing_with_Nessus_2012.02.01.pdf
Playgrounds For Your Web App Assessments
• Virtual Machines
– DVL (Damn Vulnerable Linux) • http://www.damnvulnerablelinux.org/
– Moth • http://www.bonsai-sec.com/en/research/moth.php
- metasploitable http://sourceforge.net/projects/metasploitable/ https://community.rapid7.com/docs/DOC-1875
- OWASP BWA https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
- LAMPsecurity http://sourceforge.net/projects/lampsecurity/ - http://www.madirish.net/
• Stand-alone Applications
– Stanford SecuriBench • http://suif.stanford.edu/~livshits/securibench/
– WebGoat • http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
– Mutillidae • http://www.irongeek.com/i.php?page=security/mutillidae-deliberatelyvulnerable-php-owasp-top-10&mode=print
• Remote Sites
– Acunetix: • http://testphp.acunetix.com/ - Vulnhub: https://www.vulnhub.com/ donkeydocker et plein de VM et autres ressources
• Scanning Multiple Apache VirtualHosts With Nessus – http://blog.tenablesecurity.com/2009/05/scanning-multiple-virtual-hosts-withnessus.html
• Tips For Using Nessus In Web Application Testing – http://blog.tenablesecurity.com/2009/04/tips-for-using-nessus-in-web-applicationtesting.html
• Auditing PHP Settings to OWASP Recommendations with Nessus
– http://blog.tenablesecurity.com/2009/03/auditing-php-settings-to-owasprecommendations-with-nessus.html
• Detecting Base64 Encoded Authentication Requests
– http://blog.tenablesecurity.com/2009/03/detecting-base64-encoded-authenticationrequests.html
http://lab.lonerunners.net/blog/virtual-host-and-dns-names-enumeration-techniques et hostmap réécrit en ruby https://github.com/jekil/hostmap