Security Pill

Secpedia - IT Security Encyclopedia

Secpedia - Information security encyclopedia for hackers

Secpedia.net is an IT security knowledge sharing platform

Having an information security encyclopedia is very much essential as both newcomers and experienced people are depending on blogs, underground forums and social networks to get information and knowledge. Most of the times, these leads to false information and may drive them to a completely different culture. Since Secpedia is using a wiki model, everyone is welcome to make their edits and contributions. Thus ensuring that we are getting the best possible information.

Secpedia is a wiki based information security encyclopedia built with the aim of bringing quality information to those who need it. The portal is still on the process of development and there are few quality articles there at the time of writing.

One of the interesting thing about this portal is that all the text contents are released under Creative Commons Share-Alike 3.0 license and are thus belong to the public. All the contents are categorized neatly and is very much accessible. The interface is also very light, neat and pleasing to the eyes.

Efforts like Secpedia can bring quality and standards to the industry which is of at most importance. We also feel that knowledge should be accessible to those who seeks for it.

Secpedia website: secpedia.net
Blog: blog.secpedia.net

K K Mookhey

K K Mookhey is the founder of Network Intelligence and The Institute of Information Security.

He is the author of two books:

1. Linux-- Security, Audit and Control Features and
2. Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research

and has also written many articles including some for Evan Charmichael.

InCTF

Amrita Centre for Cyber Security of Amrita Vishwa Vidyapeetham conducts ‘India Capture the Flag (InCTF)', an ethical hacking contest. It is to promote awareness about cyber security among students and hive them hands on experience in secure coding practices.

It is a war game designed to mimic the real world security challenges. The contest is open to students across India. They can participate from their respective institutions without travelling to the venue.

Those interested should form a team of minimum of three members and maximum of five and register the team on www.inctf.in. There is no registration fee.

Teams have to clear two rounds before entering the final round of the contest. The first round consists of questions on security concepts and in the second round the teams are tested on Web-based exploitation, binary exploitation, cryptography, forensics, and reversing.

Official website of InCTF.

Garage4Hackers

Garage4Hackers(G4H) is an open security community for information security enthusiasts. The community is very active and members share knowledge using forums and blogs. The range of topics discussed varies from basics to very advanced topics.

Apart from discussions G4H team releases tutorials, papers, tools, scripts, exploits etc.

Visit Garage4Hackers now..

Susam Pal

Susam Pal is a mathematician, programmer and a security evangelist known for multiple talents ranging from composing music to playing with complex mathematics.

On June 22, 2007 Susam Pal published a security advisory along with Vipul Agarwal on Orkut vulnerabilities related to authentication issues which made him popular.

Some of the other important security advisories published by Susam Pal includes:

He has also contributed to Apache Nutch, an open source web-search software project.

Other notable projects initated by Susam Pal includes:

Hackers loves music and Susam Pal composes music.

You can listen them over here.

Want to know more? Visit personal website of Susam Pal.

Nishant Das Patnaik

Nishant Das Patnaik is a secuirty evanglist and author well known for his great technical skills in the field of information security.

Nishant Das Patnaik is the founder president of NEHA (National Ethical Hackers Association) and co-founder of Innovate7 Technologies - an information security company. He is also very much active in the industry with various projects, advisories and research papers.

Tools developed by Nishant Das Patnaik includes:

iSENSE
SmartEye
ADSlookup
SureDelete!
SureLock!
SureProtect!
SecureMail !
Anti-Forensic Toolkit
Sense7 Proactive Firewall
Sense7 End-Point Security
gwk
getfoxpass
cleanlog
SHANK

He has also written a book titled " Software Hacking" along with Ankit Fadia

Visit Nishant Das Patnaik's official website for more details.

SecurityXploded

SecurityXploded is a popular information security research and development portal delivering the latest information in various areas of security such as anti spyware, reverse engineering, cryptography, password recovery, network security, forensics etc. So far it has published so many research articles and free security tools.

Tools

Password Recovery Tools

AIMPasswordDecryptor
AsteriskPasswordSpy
BrowserPasswordDecryptor
ChromePasswordDecryptor Updated
DigsbyPasswordDecryptor
DreamweaverPasswordDecryptor
ExcelPasswordRecovery
FacebookPasswordDecryptor
FilezillaPasswordDecryptor
FireMaster
FiremasterLinux
FirePassword
FirePasswordViewer Updated
FlashfxpPasswordDecryptor
FoxmailPasswordDecryptor
FTPCommanderPasswordDecryptor
FtpPasswordDecryptor
FTPPasswordSniffer
GooglePasswordDecryptor Updated
IDMPasswordDecryptor
IEPasswordDecryptor
IncrediMailPasswordDecryptor
iTunesPasswordDecryptor
JDownloaderPasswordDecryptor
KeychainRecovery
MailPasswordDecryptor
MeeboPasswordDecryptor
MessengerPasswordDecryptor
MirandaPasswordDecryptor
MSNLivePasswordDecryptor Updated
MyspacePasswordDecryptor
MysqlPasswordAuditor
NetworkPasswordDecryptor Updated
OperaPasswordDecryptor
OraclePasswordAuditor
OrbitPasswordDecryptor
OutlookPasswordDecryptor Updated
PaltalkPasswordDecryptor
PasswordUnlocker Updated
PDFLocker
PDFPasswordRecovery
PDFUnlocker
PidginPasswordDecryptor
RarPasswordUnlocker
SafariPasswordDecryptor
SmartftpPasswordDecryptor
SXPasswordSuite
ThunderbirdPassDecryptor
TrillianPasswordDecryptor
TwitterPasswordDecryptor Updated
WordPasswordRecovery
WS_FTPPasswordDecryptor
XfirePasswordDecryptor
YahooPasswordDecryptor
ZipPasswordUnlocker

Anti-Spyware/Anti-Rootkit Tools

AdvancedWinServiceManager
DllHijackAuditor
ExeScan
ShellDetect New
SpyBHORemover
SpyDLLRemover
StreamArmor

Network Tools

DirectoryScanner
LDAPSearch
NetShareMonitor
PortScanner
ProcNetMonitor
RemoteDirDetector
SSLCertScanner
WebDirectoryBuster
WinSniff

System Tools

AutoScreenCapture
DownloadHashVerifier
HashCompare
HashGenerator
PcproxRFIDReader
PESpinPlugin
ProcHeapViewer
RemoteDLL
SFCLister
VistaUACMaker
Zexplo

Security Research Articles

Rootkit/Malware Analysis

Analysis of Malicious PDF File
Hidden Registry Detection
Hidden Rootkit Process Detection
Hidden Rootkit Services Detection
IceSword : Cool Tool to Break the ICE

Password Recovery

Decrypting the Sign-on Secrets of Firefox Using FirePassword
Exposing the Facebook Password Secrets
Exposing the Google Password Secrets
Exposing the Password Secrets of Apple Safari
Exposing the Password Secrets of Beyluxe Messenger
Exposing the Password Secrets of Digsby
Exposing the Password Secrets of Internet Explorer
Exposing the Password Secrets of Meebo
Exposing the Password Secrets of Miranda
Exposing the Password Secrets of MSN/Windows Live Messenger
Exposing the Password Secrets of PaltalkScene
Exposing the Password Secrets of Trillian
Exposing the Password Secrets of WS_FTP Professional
Exposing the Secret of Decrypting Network Passwords
Exposing the Secret of Decrypting Opera's Magic Wand
Exposing the Secret of Decrypting Outlook Passwords
Exposing the Secrets of Google Chrome
Exposing the Twitter Password Secrets
Password Secrets of Popular Windows Applications
Recover Windows Password in Seconds using RainbowCrack
Recovering the Firefox Master Password using FireMaster
Windows Password Recovery

Reverse Engineering

Andriod Reverse Engineering - A Kick Start
Discovering Windows Default Password Using LsaRetrievePrivateData
Faster method to Enumerate Heaps on Windows
Hacker Reversing Challenge 2007: Analysis of Problem & Solution
Jailbreaking HTC Wildfire to Run Latest Android
Manually Unpacking UPX packed binary file using OllyDbg
PDF - Vulnerabilities, Exploits and Malwares
Remote Buffer Overflow Exploits
Reversing Basics - A Practical Approach Using IDA Pro
Reversing Tutorial - Cracking Registration of A-One Video Converter
The covert way to find the Reference Count of DLL
Writing PESpin Plugin for ImpREC

System Internals

Bypassing Anti-virus using Code Injection Technique
Changing MAC Address of your Computer
Exploring Hidden Alternate Data Streams
Investigating Corrupt/Malicious PDF Document
PDF Overview - Peering into the Internals of PDF
Remote Thread Execution in System Process using NtCreateThreadEx for Vista/Win7
The Art of ARP Spoofing/Flooding/Poisoning
Tutorial on Basics of NIC, MAC and ARP
Uncovering the Hidden Processes on Windows System

Web Security

Bruteforcing File Names on Webservers using DirBuster
Hacking ADSL Routers - Is Your Home Internet Secure?
Hacking into the BSNL Router using Andriod
Hacking Web Applications using WebScarab
Remote File Inclusion Tutorial

Pen Testing & Exploit Research

Demystifying the Android Malware
Detecting and Exploiting XSS injections using XSSer Tool
JBoss Exploitation
Nexpose + Metasploit = Shell
Penetration Testing with Metasploit Framework
Set up your own Pen-testing/Hacking Lab Network using a Single System New
Vulnerable Facebook Applications

General Security

BackTrack : Quick way to fix the Windows Registry
Best Computer Security Solutions Guide
Errata Guide to Ettercap GUI : Through Trial, Error & Experience
Hacking Crazy Taxi Game on Facebook
How to Remove Hacking Edge 'Virus'
Social Engineering - The Human Factor New

and much more....

Visit SecurityXploded website now.