You are here
Fri, 02/24/2017 - 16:35 — yonatan zilpa
Vulnerability Databases and Search Engines
- CVE Details Provides an easy to use web interface to CVE vulnerability data
- IT Security Database
site collects OVAL(Open Vulnerability and Assessment Language) definitions from several sources like Mitre, Red Hat, Suse, NVD, Apache etc and provides a unified, easy to use web interface to all IT security related items including patches, vulnerabilities and compliance checklists.
- NVD (National Vulnerability Database) is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics.
- NVD Search for CVE (Common Vulnerabilities and Exposure) and CCE(Common Configuration Enumeration) Vulnerability database.
- Exploit Database by Offensive-Security.
- Rapid7 Vulnerability + Exploit search engine and database.
- Security-Focus Vulnerability DB and search engine.
- WPScan Vulnerability DB
- valdb.com part of SCIP group.
- OSVDB (Open Source Vulnerability Data BASE)
Malware Analysis Tools
- Kali Tools contains a large amount of penetration testing tools from various different niches of the security and forensics fields that shipped with Kali Linux Distro (special Linux distribution for penetration testing).
- Virus Total: A free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
- OWASP The free and open software
- Open Security Training
- CSRC (Computer Security Resource Center) by
NIST (National Institute of Standards and Technologies)
- NICE (National Initiative For Cybersecurity
Education) led by the National Institute of Standards and Technology (NIST), is a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development. The mission of NICE is to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development.
- CEP (Cyber Education Project)
- The Ethical Hacker Network (Free online magazine for the security professional)
- hack all things Professional training for manipulating anything
- Peerlyst is a Social networking for cybersecurity experts.
- OCW: Network and Computer Security (taught in 2014)
- OCW: Advanced Topic in Cryptography
- OCW: Selected Topics in Cryptography
- Reverse Engineering for Beginners by Dennis Yurichev
- Sansecurity (Pishing, Scam and Maleware signatures for ClamAv)
- Alexandre Dulaunoy's blog
MIT 6.858 Computer System Security (Videos from Youtube)
Hack Night (Open weekly training session lab)
Offensive security (Spring 2013 Lectures and Videos)