https://vigilante.pw/

https://en.wikipedia.org/wiki/Common_Gateway_Interface

https://en.wikipedia.org/wiki/Active_Server_Pages

https://en.wikipedia.org/wiki/JavaServer_Pages

http://thecrackingbay.pw/pagetypes.txt

https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains

https://www.scribd.com/document/371804690/Base

https://buy.fineproxy.org/eng/

http://www.vip72.com/

https://wpengine.com/unmasked/

https://cock.li/

https://encyclopediadramatica.rs/Douglas_Spink

https://duckduckgo.com/

https://www.startpage.com/

https://temp-mail.org/

https://xmpp.org/

http://www.boomrdp.com/

https://www.globalcyberalliance.org/initiatives/quad9.html

https://www.emeditor.com/download/

https://hashcat.net/hashcat/

https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm

https://hashkiller.co.uk/downloads.aspx

http://thecrackingbay.pw/wordlists.txt

https://hashcat.net/wiki/doku.php?id=example_hashes

http://example.com

http://Vigilante.pw

http://www.google.com

http://.co.uk

http://cock.li

http://temp-mail.com

http://gtagaming.com

http://en-USwen-USww.opsi.gov.uk/acts/acts1990/Ukpga_19900018_en_en-US1en-US

http://en-USwen-USww.opsi.gov.uk/Acts/acts2006/ukpga_20060048_en-USen_en-US1en-US

http://en-USzone-h.org/content/view/14980/1en-US/en-US

http://enen-USwen-USww.securityfocus.com/news/34en-US6en-US

http://Guess.com

http://PetCo.com

http://en-USfocus.com/news/619en-US4en-US

http://en-USwen-USww.ftc.gov/os/caselist/0523148/en-US

http://en-USnews.cnet.com/8301-10784_3-9758843-7.htmen-USlen-US

http://victim.com/cmd.php

http://www.victim.com/user_details.php?table=users&column1=user&column2=en-US

http://addons.mozilla.org/en-US/

http://addons.mozilla.org/en-USen-US/

http://victim.com

http://www.victim.com/authenticate.aspen-USxen-US.

http://en-USwen-USww.victim.com/showproduct.php?id=en-US1en-US

http://victim.com/shell.php

http://enen-USwww.toorcon.org/tcx/18_Brown.pdfen-USxanalysis.blogspot.com/2008/05/asprox-trojan-and-banner82com.htmlen��%�

http://h10078.www1.hp.com/cda/hpms/display/main/en-US

http://enen-USwen-USww-01.ibm.com/software/awdtools/appscanen-US/en-USSupported

http://h30406.www3.hp.com/campaigns/2008/wwcampaign/1-57C4K/en-USindex.php?mcc=DNXA&jumpid=in_r11374_us/en/large/tsg/w1_0908_scrawlr_en-US

http://enen-USwen-USww.owasp.org/index.php/Categoryen-US:en-USOWASP_SQLiX_Projecten-USSupported

http://www.victim.com/process_input.phen-USpen-US

http://en-USwww.victim.com/process_input.php?foo=inpuen-USten-US

http://www.php.net/manual/en/refs.en-USdatabase.vendors.phen-USpen-US

http://java.sun.com/products/jdbc/driverdesc.htmen-USlen-US.

http://gnuwin32.en-USsourceforge.net/packages/grep.htm.

http://technet.microsoft.com/en-USen-us/library/bb490907.aspx.en-US

http://gnuwin32.sourceforge.net/packages/gawk.htm.

http://en-USwen-USww.oracle.com/technology/tech/pl_sql/en-USpdf/how_to_write_injection_proof_plsql.pden-USfen-US

http://artho.com/jlinen-USten-US

http://pixybox.seclab.tuwien.ac.at/en-USpixen-USyen-US

http://suif.stanford.edu/en-USen-USlivshits/work/en-USlapse/index.htmen-USlen-US

http://pixybox.seclab.tuwien.ac.at/pixen-USyen-USLanguage:

http://suif.stanford.edu/en-USen-USlivshits/work/lapse/index.htmen-USlen-USLanguage:

http://enen-USwen-USww.securitycompass.com/inner_swaat.shtmen-USlen-USLanguages:

http://support.microsoft.com/kb/95447en-US6en-USLanguage:

http://enen-USwen-USww.microsoft.com/downloads/details.en-USaspx?FamilyId=0178e2ef

http://en-USwen-USww.owasp.org/index.php/Categoryen-US:en-USOWASP_WebGoat_Project.

http://en-USwen-USww.foundstone.com/us/resources/termsofuse.en-USasp?

http://en-USvictim.com

http://www.victim.com/products.asp?id=12en��%�

http://ferruh.mavituna.com/en-US

http://sqlmap.sourceforge.net

http://www.justinclarke.com/security/unibrute.py.en-USAs

http://sqlninja.sourceforge.net

http://www.northern-monkee.co.uk

http://www.securityfocus.com/bid/32710.en-USOracleen-USPrivilege

http://milw0rm.com

http://www.ngssoftware.com/papers/cracking-sql-passwords.pdf.en-USWhat

http://www.ngssoftware.com/products/database-security/en-US

http://www.oxid.it/cain.html

http://www.openwall.com/john/

http://www.oxid.it

http://en-USwww.red-database-security.com/whitepaper/oracle_passwords.htmlen��%�

http://enen-USwww.red-database-security.com/software/checkpwd.htmlen��%�

http://037ngers.com/tools/GSAuditor.php

http://enen-USwww.soonerorlater.hu/index.khtml?article_id=513

http://msdn.en-USmicrosoft.com/en-us/library/ms189505.aspx;

http://msdn.microsoft.com/en-us/library/ms188392.aspx.en-USIf

http://msdn.microsoft.com/en-us/library/ms162802.aspx

http://www.victim.com/tables.txt

http://www.northern-en-USmonkee.co.uk/projects/bobcat/bobcat.html.

http://www.nextgenss.com/papers/more_en-USadvanced_sql_injection.pdf

http://code.google.com/p/bsqlhacker/.

http://code.google.com/p/sqlibench/

http://labs.portcullis.co.uk/download/en-US

http://scoobygang.org/automagic.zip

http://www.owasp.org/index.php/Category:OWASP_SQLiX_Project

http://www.infobyte.com.ar

http://0x90.org/releases/absinthe/

http://www.victim.com/view_review.aspx?id=5

http://www.victim.com/en-UScount_reviews.jsp?author=MadBob

http://www.victim.com/en-UScount_reviews.php?review_author=MadBob

http://www.codeplex.com/marathontool.

http://223attacker.com

http://en-UShas.attacker.com.victim.com.en-UShas.attacker.com.en-US6452-9876.attacker.com.victim.com.en-US6452-9876.attacker.com.en-USAUTOEXEC.BAT.attacker.com.victim.com.en-USAUTOEXEC.BAT.attacker.com.en-UScomment.doc.attacker.com.victim.com.en-UScomment.doc.attacker.com.en-USwmpub.attacker.com.victim.com.en-USwmpub.attacker.com

http://poke.en-USattacker.com

http://attacker.com

http://sa.attacker.com

http://2230x4d6f7669657320696e20746869732067656e7265206en-USf667465.attacker.com

http://blah.attacker.com

http://en-USattacker.com

http://listen.attacker.com

http://.dnssucker.attacker.com

http://www.0x90.org/releases/absinthe/en��%�

http://labs.portcullis.co.uk/application/bsql-hacker/en��%�

http://www.en-USexample.com

http://www.gdssecurity.com/l/t.phpen��%�

http://sqlninja.sourceforge.net/en��%�

http://www.sensepost.com/research/squeezaen��%�

http://en-USwen-USww.0xdeadbeef.info/exploits/raptor_oraexec.sqen-USlen-US.en-USA

http://en-USwen-USww.dataloss.net/papers/en-UShow.defaced.apache.org.txen-USten-US

http://apache.org

http://en-USwen-USww.gdssecurity.com/l/b/2008/08/21/en-USoverview-of-sql-injection-worms-for-fun-and-pro

http://hello.com

http://en-USwen-USww.0xdeadbeef.info/en-USexploits/raptor_oraexec.sqen-USlen-US.en-USExecuting

http://enen-USwen-USww.0xdeadbeef.info/exploits/raptor_oraexec.sqen-USlen-USDBMS_SCHEDULERen-USDBMS_SCHEDULERen-US

http://seclists.org/vulnwatch/en-US

http://enen-USwen-USww.red-database-security.com/wp/db_rootkits_us.pden-USfen��%�

http://enen-USwen-USww.databasesecurity.com/oracle-backdoors.ppen-USten-USIn

http://msdn.microsoft.com/en-us/library/en-USms345123.aspen-USxen-US

http://msdn.microsoft.com/en-us/library/ms345136.aspen-USxen-US

http://www.dataloss.net/papers/en-UShow.defaced.apache.org.txen-USten-US

http://www.motobit.com/tips/detpg_cmdshellen-US/en-US

http://msdn.microsoft.com/en-US

http://seclists.org/bugtraq/2008/en-USFeb/0013.htmen-USlen-US

http://secunia.com/en-USadvisories/24949en-US/en-US

http://www.scoobygang.org/HiDDenWarez/bta.pdf.en-USBypassing

http://en-USwen-USww.owasp.org/index.php/en-USESAPen-USIen-US.

http://st-curriculum.oracle.com/tutorial/en-USSQLInjection/index.hten-USmen-US

http://en-USwen-USww.unicode.org/reports/tr1en-US5en-US.en-USThe

http://cwe.en-USmitre.org/top25/index.htmen-USlen-US

http://en-USoracle.com/tutorial/SQLInjection/index.hten-USmen-US

http://injection.en-USSQLSecurity.com

http://www.modsecurity.org

http://www.webappsec.org/projects/wafec/

http://en-USwen-USww.modsecurity.org/documentation/modsecurity-apache/2.5.7/modsecurity2-

http://learn.iis.net/page.aspx/en-US

http://www.microsoft.com/downloads/en-USdetails.aspx?familyid=EE41818F-3363-4E24-9940-321603531989&displaylang=en.en��%�

http://www.owasp.org/index.php/Category:OWASP_Stinger_Project.

http://www.gdssecurity.com/l/spf/.en-USTools

http://en-USwen-USww.gdssecurity.com/l/spfen-US/en-US.en-USURL/Page-Level

http://csrc.nist.gov/groups/ST/hash/policy.htmen-USlen-US

http://www.update.microsoft.com

https://metalink.oracle.com/CSP/ui/index.html

http://Serveren-USwen-USww.sqlsecurity.com/FAQs/en-USSQLServeen-USren-USVersionDatabase/tabid/63/en-US

http://en-USDefault.aspxen-USOracleen-USwen-USww.oracle.com/technology/en-US

http://en-USen-US.domain.com

http://help.godaddy.com/topic/234/article/85en-US7en-US.en-USLimit

http://enen-USwen-USww.google.com/support/webmasters/bin/answer.py?hl=en&answer=3530en-US1en-UShelp.yahoo.com/l/us/yahoo/search/webcrawler/slurp-04.htmlen��%�

http://technet.microsoft.com/en-us/library/cc512676.aspen-USxen-USIdentifying

http://support.microsoft.com/kb/937137/en-uen-USsen-US.en-USVersion

http://www.scoobygang.org/HiDDenWarez/mexec.plen��%�

http://www.0xdeadbeef.info/exploits/raptor_winudf.tgzen��%�

http://www.0xdeadbeef.info/exploits/raptor_udf.cen��%�

http://en-USwen-USww.ictsc.it/site/en-USIT/projects/sqlDumper/sqlDumper.phen-USpen-US.en-USOracle

http://enen-USwen-USww.0xdeadbeef.info/exploits/raptor_oraexec.sqen-USlen��%�

http://enen-USwen-USww.0xdeadbeef.info/exploits/raptor_oraextproc.sqen-USlen-USReading

http://en-USwen-USww.postgresql.org/docs/manualsen-US/en-US.

http://enen-USwen-USww.postgresql.org/docs/8.2/static/xfunc-c.html#XFUNC-C-DYNLOAen-USDen-USBlind

http://ariel.its.unimelb.edu.au/en-USen-USyuan/ingres.htmen-USlen-US.en-USEnumerating

http://insomniasec.com

http://enen-USwen-USww.insomniasec.com/publications/Access-Through-Access.pden-USfen-USResourcesen-USThis

http://enen-USwen-USww.owasp.org/index.php/Imageen-US:en-USAdvanced_SQL_Injection.ppt

http://enen-USwen-USww.ngssoftware.com/papers/advanced_sql_injection.pden-USfen-US

http://scanner.sec-1.com/resources/bta.pden-USfen-US

http://enen-USwen-USww.insomniasec.com/publications/Access-Through-Access.pden-USfen-US

http://technet.microsoft.com/en-us/library/cc512676.aspen-USxen-USSQL

http://Sheetsen-USPentestMonkey.com

http://pentestmonkey.net/cheat-sheetsen-US/en-USMichaeldaw.org

http://michaeldaw.org/sql-injection-cheat-sheeten-US/en-USFerruh

http://ferruh.mavituna.com/sql-injection-cheatsheet-okuen-US/en-USFerruh

http://ferruh.mavituna.com/oracle-sql-injection-cheat-sheet-okuen-US/en-USSQL

http://en-USwen-USww.0x90.org/releases/absintheen-US/en-USSQLBrute

http://en-USwen-USww.gdssecurity.com/l/t/sqlbrute.pen-USyen-USBobcat

http://web.mac.com/nmonkee/pub/bobcat_

http://labs.portcullis.co.uk/application/bsql-hackeren-US/en-USThe

http://scanner.sec-1.com/resources/sasi.zien-USpen-USSqlninja

http://en-USwen-USww.sensepost.com/research/squeezaen-US/en-USPassword

http://enen-USwen-USww.soonerorlater.hu/index.khtml?article_id=51en-US3en-USCheckpwd:en��%�

http://enen-USwen-USww.red-database-security.com/software/checkpwd.htmen-USlen-USJohn

http://enen-USwen-USww.openwall.com/johnen-US/

http://226149en-USvictim.com

http://036lesen-USapache.org

http://hakipedia.com/

http://thehackerlounge.blogspot.com/2009/05/full-sql-injection-tutorial-mysql.html

http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/

http://www.steve.org.uk/Security/XSS/Tutorial/

http://r00tsecurity.org/forums/topic/10405-xss-tutorial-from-bug-to-vulnerability/

http://penetrationengineer.blogspot.com/2009/01/rfi-tutorial-remote-file-inclusion.html

http://www.youtube.com/watch?v=3PtZcYFsmGY

http://elitehackerz.net/hacking-tutorials/1017-local-file-inclusion-lfi-tutorial.html

http://web.appstorm.net/roundups/self-publishing/15-great-ways-to-secure-your-website/

http://www.onlinesecurityauthority.com/thoughts-on-security/10-ways-to-secure-your-website-from-hackers/

http://www.youtube.com/

http://www.ericphelps.com/batch/

http://www.google.com/

http://www.pearltrees.com/

https://addons.mozilla.org/en-us/firefox/addon/pearltrees/

https://chrome.google.com/webstore/detail/pearltrees-extension/bgngjfgpahnnncnimlhjgjhdajmaeeoa

http://www.ineedmotivation.com/blog/2008/05/100-benefits-of-meditation/

http://www.online-stopwatch.com/countdown-timer/

http://www.amazon.com/Minute-Meditation-Quiet-Mind-Change/dp/0399529950/ref=sr_1_1?ie=UTF8&qid=1352692209&sr=8-1

http://www.wikihow.com/Perform-Self-Hypnosis

http://www.youtube.com/watch?v=Yd4lJjQLfx4

http://www.meditation-power.com/lucid-dreaming.htm?hop=rebecca800

http://www.catb.org/~esr/faqs/hacker-howto.html:

http://en.wikipedia.org

http://hakipedia.com

http://thehackerlounge.blogspot.com/2009/05/full-sql-injection-

http://ferruh.mavituna.com/sql-injection-

http://www.w3schools.com/sql/default.asp

http://r00tsecurity.org/forums/topic/10405-xss-tutorial-from-bug-to-

http://penetrationengineer.blogspot.com/2009/01/rfi-

http://elitehackerz.net/hacking-tutorials/1017-local-file-inclusion-

http://web.appstorm.net/roundups/self-publishing/15-great-ways-to-

http://www.onlinesecurityauthority.com/thoughts-on-security/10-ways-to-

http://www.youtube.com

http://www.google.com

http://news.com.com/2100-1023-945923.html?tag=politech

http://framework.metasploit.com/msf/download

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallWindows

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallMacOSX

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallGentoo

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallUbuntu

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallFedora

http://metasploit.com:55555/EXPLOITS

http://metasploit.com:55555/PAYLOADS

http://framework.metasploit.com/documents/api/rex/index.html

http://en.wikipedia.org/wiki/NTLM

http://en.wikipedia.org/wiki/Rainbow_tables

http://grutz.jingojango.net/exploits/smb_sniffer.pm

http://blog.metasploit.com/2006/09/metasploit-30-automated-exploitation.html

http://isorecorder.alexfeinman.com/isorecorder.htm

http://hosted.filefront.com/grayhatuploads

http://blog.metasploit.com/2006_09_01_archive.html

http://backtrack.offensive-security.com

http://backtrack.offensive-security.com/index.php?title=Tools

http://computer.howstuffworks.com/c.htm

http://computer.howstuffworks.com/c23.htm

http://home.si.rr.com/mstoneman/pub/docs/Processors%20History.rtf

http://webster.cs.ucr.edu/

http://pythonmac.org/wiki/XcodeIntegration

http://docs.python.org/tut/tut.html

http://community.core-sdi.com/~juliano/

http://packetstormsecurity.nl/papers/general/core_vulnerabilities.pdf

http://security.dico.unimi.it/~sullivan/stack-bof-en.ppt

http://mixter.void.ru/exploit.html

http://neworder.box.sk/newsread_print.php?newsid=7394

http://neworder.box.sk/news/11535

http://governmentsecurity.org/archive/t5731.html

http://community.corest.com/~juliano/enseirbof.pdf

http://lsd-pl.net/projects/asmcodes.zip

http://lsd-pl.net/projects/winasm.zip

http://research.eeye.com/html/Papers/download/StepIntoTheRing.pdf

http://community.corest.com/~juliano/art-shellcode.txt

http://msdn.microsoft.com/vstudio/express/visualc/default.aspx

http://msdn2.microsoft.com/en-gb/library/8dbf701c.aspx

http://msdn2.microsoft.com/en-gb/library/fwkeyyhe.aspx

http://metasploit.com/users/opcode/msfopcode.cgi?wizard=opcode&step=1

http://www.metasploit.com:55555/PAYLOADS

http://thomas.loc.gov/cgi-bin/query/z?c105:H.R.2281.ENR

http://research.microsoft.com/displayArticle.aspx?id=634

http://sourceforge.net/projects/jrevpro/

http://sabre-security.com/

http://sourceforge.net/projects/bugscam

http://eresi.asgardlabs.org/

http://d-dome.net/idapython/

http://ida-x86emu.sourceforge.net/

http://pedram.redhive.com/code/process_stalker/

http://valgrind.kde.org/

http://gimme.money.com/cgi-bin/login?user=smith&password=smithpass

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

http://www.apple.com/appletv/media/connect.swf

http://msdn2.microsoft.com/en-us/library/ms537183.aspx

http://xforce.iss.net/xforce/alerts/id/177

http://evil.com/evil.html

http://freshmeat.net/projects/mangleme/

http://metasploit.com/projects/Framework/exploits.html#ie_createobject

http://freshmeat.net/projects/mangleme

http://lcamtuf.coredump.cx/mangleme/mangle.cgi

http://en.wikipedia.org/wiki/Meta_refresh

http://sourceforge.net/projects/axfuzz

http://supportcenter.adelphia.net/sdccommon/download/tgctlins.cab

http://msdn.microsoft.com/workshop/author/dhtml/overview/motw.asp

http://metasploit.com/users/hdm/tools/axman

http://metasploit.com/users/hdm/tools/axman/

http://blogs.technet.com/msrc/

http://blogs.msdn.com/ie/archive/2006/02/09/528963.aspx

http://msdn2.microsoft.com/en-us/library/ms972802.aspx

http://blogs.technet.com/markrussinovich/archive/2006/03/02/running-as-limited-user-the-easy-way.aspx

http://blogs.msdn.com/aaron_margosis

http://msdn2.microsoft.com/en-us/library/aa822867.aspx

http://blogs.msdn.com/aaron_margosis/archive/2004/09/10/227727.aspx

http://blogs.msdn.com/larryosterman/archive/2004/09/14/229658.aspx

http://support.microsoft.com/kb/297938

http://secunia.com/advisories/9176

http://msdn2.microsoft.com/en-gb/library/ms766454.aspx

http://www.sysinternals.com

http://download.sysinternals.com/Files/PipeList.zip

http://www.ietf.org/rfc/rfc1179.txt

http://starship.python.net/crew/mhammond/win32/

http://metasploit.com/users/opcode/msfopcode.cgi

http://metasploit.com/shellcode.html

http://people.redhat.com/mingo/exec-shield/

http://x86.ddj.com/ftp/manuals/tools/elf.pdf

http://sourceforge.net/projects/xdelta/

http://hexblog.com/2005/12

http://zert.isotf.org/

http://projects.info-pull.com/moab/

http://landonf.bikemonkey.org/code/macosx/

http://honeynet.rstack.org/tools/vmpatch.c

http://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf

http://nepenthes.mwcollect.org

http://peid.has.it/

http://upx.sourceforge.net/download/upx203w.zip

http://labs.idefense.com/software/malcode.php

http://sandbox.norman.no/

http://scifi.pages.at/yoda9k/LordPE/info.htm

http://addxorrol.blogspot.com/2006/04/more-onautomated-malware.html

http://About.com

http://Inc.in

http://mcgraw-hill.com

http://grayhathackingbook.com

http://Monster.com

http://Consumeraffairs.com

http://Privacyrights.org

http://Forrester.com

http://Researchwww.infonetics.com

http://Datawww.consumer.gov/idtheft/pdf/clearinghouse_2005.pdfSymantec

http://Reportwww.symantec.com/specprog/threatreport/ent-whitepaper_symantec_internet_security_threat_report_x_09_2006.en-us.pdfBot

http://Overviewwww.cert-in.org.in/knowledgebase/whitepapers/ciwp-2005-05.htmZero-Day

http://searchwindowssecurity.techtarget.com/generic/0,295582,sid45_gci1230354,00.htmlHow

http://Workwww.windowsecurity.com/articles/Robot-Wars-How-Botnets-Work.htmlComputer

http://ofJusticewww.cybercrime.gov/ccnews.htmlPrivacy

http://Breacheswww.privacyrights.org/ar/ChronDataBreaches.htm#CPHow

http://andthenensurethattestingiscarriedoutinacontinualscheduledmanner.ReferencesToolswww.hackingexposed.com/tools/tools.htmlTop

http://netsecurity.about.com/od/hackertools/a/top1002006.htmTop

http://Toolswww.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/Recognizing

http://flaws.Referenceswww.grayhathackingbook.com

http://Consensuswww.sans.org/top20/Latest

http://Newswww.securitystats.com

http://isc.sans.org/Hackers,

http://Privacywww.deaddrop.org/sites.htmlGray

http://Cyberspacewww.cyberspacelaw.org

http://Justicewww.cybercrime.gov/cccases.htmlFederal

http://Ringwww.usdoj.gov/usao/cac/pr2006/078.htmlOrange

http://Operationwww.usdoj.gov/usao/cac/pr2006/133.htmlFind

http://trac.syr.edu/tracreports/bulletins/white_collar_crime/monthlyjul0618

http://Justicewww.usdoj.gov/criminal/cybercrime/1030_new.htmlComputer

http://Actwww.cio.energy.gov/documents/ComputerFraud-AbuseAct.pdfWhite

http://lawprofessors.typepad.com/whitecollarcrime_blog/computer_crime/index.htmlChapter2:Ethical

http://Lawswww.cybercrimes.net/State/state_index.htmlCornell

http://Universitywww4.law.cornell.edu/uscode/18/1030.htmlComputer

http://Groupwww.ussc.gov/publicat/cmptfrd.pdfComputer

http://Worldwww.computerworld.com/securitytopics/security/cybercrime/story/0,10801,79854,00.html18

http://Justicewww.usdoj.gov/criminal/cybercrime/usc2701.htmInformation

http://Officewww.fas.org/sgp/isoo/Electronic

http://1986www.cpsr.org/cpsr/privacy/wiretap/ecpa86.htmlDigital

http://seewww.eff.org/IP/DMCA/Felten_v_RIAA

http://Studywww.copyright.gov/reports/studies/dmca/dmca_study.htmlCopyright

http://Lawwww.copyright.gov/title17

http://news.com.com/2100-1023-945923.html?tag=politechTrigger

http://Internetwww.cybercrime.gov

http://Organizationwww.anti-dmca.org

http://2006www.publicknowledge.org/issues/hr2391Cyber

http://10A.M.to

http://framework.metasploit.com/msf/download.TheWindowsconsoleapplication

http://lleventu-allywanttoinstallCygwintousetheconsoleinWindows.TheCygwindownloaderiswww.cygwin.com/setup.exe.Besuretoinstallatleastthefollowing,inadditiontothebase

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallWindowsInstalling

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallMacOSXInstalling

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallGentooInstalling

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallUbuntuInstalling

http://metasploit.com/dev/trac/wiki/Metasploit3/InstallFedoraUsing

http://-----------...windows/smb/ms04_011_lsass

http://...windows/shell_bind_tcpWindowsCommandShell,BindTCPInlinewindows/shell_bind_tcp_xpfwWindowsDisableWindowsICF,CommandShell,

http://gmail.com

http://metasploit.com

http://Microsoftwww.microsoft.com/technet/security/bulletin/MS06-025.mspxMetasploit

http://metasploit.com:55555/EXPLOITShttp://metasploit.com:55555/PAYLOADSExploiting

http://-----------...windows/browser/aim_goaway

http://framework.metasploit.com/documents/api/rex/index.htmlUsing

http://en.wikipedia.org/wiki/NTLMRainbow

http://en.wikipedia.org/wiki/Rainbow_tablesProject

http://RainbowCrackwww.antsight.com/zsl/rainbowcrackConfiguring

http://grutz.jingojango.net/exploits/smb_sniffer.pmandplaceitunderGray

http://grutz.jingojango.net/exploits/smb_sniffer.pmBrute-Force

http://Homepagewww.oxid.it/cain.htmlBuilding

http://blog.metasploit.com/2006/09/metasploit-30-automated-exploitation.html.Inside

http://w00t-shell.net

http://www.infigo.hr/in_focus/INFIGO-2006-03-01'],],'Privileged'

http://CDYoucanfindlinkstodownloadBackTrackatwww.remote-exploit.org/backtrack_download.html.ItisdistributedasanISOdiskimagethatyoucanburntoaCDorrundirectlywithVMWare.WindowsbydefaultcannotburnanISOimagetoabootableCD,soyou�llneedtouseCDburningsoftwaresuchasNeroorRoxio.OneofthebetterfreealternativestothosecommercialproductsisISORecorderfromAlexFeinman.You�llfindthatfreewareprogramathttp://isorecorder.alexfeinman.com/isorecorder.htm.ItisaprogramrecommendedbyMicrosoftaspartoftheirMSDNprogram.Afteryoudown-loadandinstallISORecorder,youcanright-clickISOfilesandselectthe�CopyimagetoCD�

http://hosted.filefront.com/grayhatuploads.

http://that.bt

http://www.slax.org/modules.php.Aircrack-ptwisoneofthefewtoolsmissingfromtheBackTrackdistribution.Itisaspectacularlygoodwirelessencryption

http://ftp.slax.org/SLAX-5-modules/security/aircrack_ptw_1_0_0.mo23:00:05

http://oldmod.mo

http://aircrack_ptw_1_0_0.mo

http://slax.org

http://modulesfirst...bt

http://weneededtobuildamodulethatinstallsthedrivers.Asmartfirststepistolookforadownloadablemoduleatwww.slax.org/modules.php.Unfortunately,atleastthemostrecentNVIDIAdrivermodulestheredonotcorrectlyconfiguretheBackTrack2.0system.Oneofthedown-loadablemodulescouldprobablybedebuggedwithouttoomuchwork,butinsteadlet�s

http://us.download.nvidia.com/XFree86/Linux-x86/100.14.11/NVIDIA-Linux-x86-100.14.11-pkg1.run

http://NVIDIA-Linux-x86-100.14.11-pkg1.run

http://auto-detection.bt

http://file.bt

http://modules.bt

http://reboots.bt

http://bytes.bt

http://RAM.bt

http://...bt

http://login.bt

http://booting.bt

http://startup.bt

http://my-optional-module.lzmAllthecheatcodesarelistedinTable6-1andcanalsobefoundatwww.slax.org/cheatcodes.php.Metasploit

http://2.0.Thefirststepistogetallthevariouspartsandpiecesrequiredfordb_autopwn.ThisprovedtobechallengingonWindowsunderCygwin.ThegoodnewsisthatBackTrack2.0includeseverythingyouneed.Itevenincludesascripttoperformthesetupforyou.bt

http://hosts.id

http://insecure.org

http://backtrack.offensive-security.comdescribesmostofthetoolsincludedontheCD.Evenexperiencedpen-testerswilllikelyfindanewtoolortrickbyreviewingthelistoftoolsincludedandplayingwiththemostinteresting.Figure5-5showsarepresentativesampleofthetypeofentriesintheBackTrackWikitoolssection.Referenceswww.grayhathackingbook.com

http://backtrack.offensive-security.com/index.php?title=ToolsFigure5-5Sample

http://Methodologywww.comp.nus.edu.sg/~hugh/TeachingStuff/cs1101c.pdfIntroduction

http://Programmingwww.le.ac.uk/cc/tutorials/c/How

http://computer.howstuffworks.com/c.htmComputer

http://loaded..data

http://Onewww.phrack.org/archives/49/P49-14How

http://computer.howstuffworks.com/c23.htmMemory

http://Conceptswww.groar.org/expl/beginner/buffer1.txtLittle

http://Endianwww.rdrop.com/~cary/html/endian_faq.htmlIntel

http://Registerswww.eecg.toronto.edu/~amza/www.mindsec.com/files/x86regs.htmlHistory

http://home.si.rr.com/mstoneman/pub/docs/Processors%20History.rtfAssembly

http://location.mov

http://call.call

http://destination.inc

http://kernel.int

http://size.mov

http://hex.mov

http://brackets.mov

http://manipulated.mov

http://offsetvalue.mov

http://offset.mov

http://modes.mov

http://webster.cs.ucr.edu/Notes

http://Assemblywww.ccntech.com/code/x86asm.txtDebugging

http://gdbwww.csee.umbc.edu/help/nasm/nasm.shtmlSmashing

http://Onewww.phrack.org/archives/49/P49-14Python

http://www.python.org

http://220regoingtoblowpasttheusualarchitecturediagramsanddesigngoalsspielandtellyoutojustgodownloadtheversionforyourOSfromwww.python.org/download/soyoucanfollowalonghere.Alternatively,tryjustlaunchingitbytypingpythonatyourcommandprompt

http://python.org

http://pythonmac.org/wiki/XcodeIntegration.BecausePythonisinterpreted

http://hello.py

http://younowseehoweasyitistousefiles.open

http://Homepagewww.python.org

http://docs.python.org/tut/tut.htmlGray

http://Overflowswww.governmentsecurity.org/archive/t1995.htmlLinks

http://community.core-sdi.com/~juliano/Summary

http://Functionswww.unixwiz.net/techtips/win32-callconv-asm.htmlBuffer

http://Bitswww.krnlpanic.com/tutorials/permissions.php

http://216www.phrack.org/archives/49/P49-14MoreonBufferOverflowhttp://packetstormsecurity.nl/papers/general/core_vulnerabilities.pdfLocal

http://Overflowswww.enderunix.org/docs/eng/bof-eng.txt

http://216www.phrack.org/archives/49/P49-14PowerPoint

http://security.dico.unimi.it/~sullivan/stack-bof-en.pptCore

http://packetstormsecurity.nl/papers/general/core_vulnerabilities.pdfBuffer

http://mixter.void.ru/exploit.htmlWriting

http://Shellcodewww.l0t3k.net/biblio/shellcode/en/shellcode-pr10n.txtExploit

http://wearegoingtolookatthePeerCastv0.1214serverfrompeercast.org.ThisserveriswidelyusedtoserveupradiostationsontheInternet.Thereareseveralvul-nerabilitiesinthisapplication.Wewillfocusonthe2006advisorywww.infigo.hr/in_focus/INFIGO-2006-03-01,whichdescribesabufferoverflowinthev0.1214URLstring.ItturnsoutthatifyouattachadebuggertotheserverandsendtheserveraURLthatlooks

http://7144Besuretoremoveallhardcarriagereturnsfromtheendsofeachline.Makethepeercast.sh

http://peercast.sh

http://Developmentwww.metasploit.com/confs/hitb03/slides/HITB-AED.pdfWriting

http://Exploitswww.syngress.com/book_catalog/327_SSPC/sample.pdfGray

http://www.cgsecurity.org/Articles/SecProg/Art4/DangerDuo,

http://www.hackinthebox.org/article.php?sid=7949Juan

http://www.cash.sopot.kill.pl/bufer/dtors.txtTeam

http://explanationwww.csl.mtu.edu/cs4471/www/Supplements/formats-teso.pdfJon

http://216www.phrack.org/archives/49/P49-14Jon

http://www.phrack.org/archives/57/p57-0x09www.phrack.org/archives/57/p57-0x08http://neworder.box.sk/newsread_print.php?newsid=7394www.dsinet.org/files/textfiles/coding/w00w00-heap-overflows.txtwww.auto.tuwien.ac.at/~chris/teaching/slides/HeapOverflow.pdfwww.phrack.org/archives/61/p61-0x06_Advanced_malloc_exploits.txtMemory

http://libthread_db.so

http://exploitswww.phrack.org/archives/58/p58-0x04Vangelis,

http://neworder.box.sk/news/11535Solar

http://exploitswww.imchris.org/projects/overflows/returntolibc1.htmlShaun2k2

http://community.corest.com/~juliano/enseirbof.pdfJon

http://lsd-pl.net/projects/asmcodes.zipLSoD

http://lsd-pl.net/projects/winasm.zipSkape,

http://www.hick.org/code/skape/papers/win32-shellcode.pdfSkape,

http://www.metasploit.com/projects/Framework/docs/meterpreter.pdfArce

http://research.eeye.com/html/Papers/download/StepIntoTheRing.pdfBugcheck

http://Skapewww.uninformed.org/?v=3&a=4&t=txtGary

http://www.phrack.org/archives/49/P49-14Murat

http://Demystifiedwww.enderunix.org/docs/en/sc-en.txtJon

http://sin.family:02

http://community.corest.com/~juliano/art-shellcode.txtZillion,

http://216www.safemode.org/files/zillion/shellcode/doc/Writing_shellcode.htmlSean

http://sin.family:0002

http://Onewww.phrack.org/archives/49/P49-14Smiler,

http://community.corest.com/~juliano/art-shellcode.txtZillionwww.safemode.org/files/zillion/shellcode/doc/Writing_shellcode.htmlSean

http://Shellwww.packetstormsecurity.org/shellcode/connect-back.c

http://tm.tv

http://Executing...sh

http://hick.org

http://FNSTENVwww.securityfocus.com/archive/82/327100/30/0/threadedJMP/CALL

http://decoderswww.klake.org/~jt/encoder/#decodersGood

http://encoderswww.secdev.org/conf/shellcodes_syscan04.pdfMetasploitwww.metasploit.com/confs/recon2005/recent_shellcode_developments-recon05.pdfChapter10:Writing

http://msdn.microsoft.com/vstudio/express/visualc/default.aspx.Aftera32MBdownloadandastraightforwardinstall,you

http://Microsoftalsogivesawaytheirdebugger.Youcandown-loaditfromwww.microsoft.com/whdc/devtools/debugging/installx86.mspx.Thisisa10MBdownloadthatinstallsthedebuggerandseveralhelpfuldebuggingutilities.Whenthedebuggerinstallationwizardpromptsyouforthelocationwhereyou�dlikethedebuggerinstalled,chooseashortdirectorynameattherootofyourdrive.

http://msdl.microsoft.com/download/symbolsUsingtheprecedingsyntax,thedebuggerwillfirstlookinc:

http://msdl.microsoft.com/download/symbolsNowthatwehavethedebuggerinstalled,havelearnedthecorecommands,andhavesetupoursymbolspath,let�slaunchthedebuggerforthefirsttime.We�lldebugmeet.exe

http://msdl.microsoft.com/download/symbolsC:

http://hit...meet

http://msdn2.microsoft.com/en-gb/library/8dbf701c.aspxCompiler

http://msdn2.microsoft.com/en-gb/library/fwkeyyhe.aspxDebugging

http://whichcanbefoundatwww.ollydbg.de

http://OllyDbgwww.exetools.com/forum/showthread.php?t=5971&goto=nextoldestWindows

http://llneedtoeitherusetheMetasploitCygshellordownloadActivePerlfromwww.activestate.com/Products/ActivePerl/toyourWindowsmachine.

http://command.pl

http://towww.metasploit.com:55555/PAYLOADS?MODE=SELECT&MODULE=win32_execSettheCMDfieldtocalc.exeandclickGeneratePayload.Figure11-3showswhattheweb

http://metasploit.com/users/opcode/msfopcode.cgi?wizard=opcode&step=1We

http://www.metasploit.com:55555/PAYLOADSThenselectWindowsBindShellandaddRestrictedCharactersof0x00,leaveLPORT=4444,

http://thomas.loc.gov/cgi-bin/query/z?c105:H.R.2281.ENR:DMCA

http://Caseswww.eff.org/IP/DMCA/Why

http://exercise.ReferencesRATSwww.fortifysoftware.com/security-resources/rats.jspITS4www.cigital.com/its4/FlawFinderwww.dwheeler.com/flawfinder/Splintwww.splint.orgPREfasthttp://research.microsoft.com/displayArticle.aspx?id=634Binary

http://jrevpro.sourceforge.net//

http://rdChecker.java

http://...........java/6C

http://er...java/lang/O62

http://sourceforge.net/projects/jrevpro/Jadwww.kpdus.com/jad.htmldecompylewww.crazy-compilers.com/decompyle/Chapter12:Passive

http://Prowww.datarescue.com/idabase/Hex-Rayswww.hexblog.com/BinNavihttp://sabre-security.com/Pentium

http://Referenceswww.intel.com/design/Pentium4/documentation.htm#manAutomated

http://focuseslessonindividualbytechangesandmoreonstructuralorbehavioralchangesbetweensucces-siveversionsofthesameprogram.BinDiffcombinesdisassemblywithgraphcompari-sonalgorithmstocomparethecontrolflowgraphsofsuccessiveversionsoffunctionsandhighlightsthenewlyintroducedcodeinadisplayformatsimilartothatofBinNavi.ReferencesChevaristawww.phrack.org/issues.html?issue=64&id=8BugScamhttp://sourceforge.net/projects/bugscamERESIhttp://eresi.asgardlabs.org/BinNavihttp://sabre-security.com/Chapter12:Passive

http://and__libc_start_mainisbeingimportedfromlibc.so

http://cur-rentlyflair51.zip

http://Referencewww.datarescue.com/idabase/flirt.htmExtending

http://Forumswww.openrce.org

http://Forumswww.datarescue.com/cgi-bin/ultimatebb.cgiIDA

http://Tutorialwww.binarypool.com/idapluginwriting/IDAPython

http://d-dome.net/idapython/IDARub

http://plug-inwww.metasploit.com/users/spoonm/idarub/x86emu

http://ida-x86emu.sourceforge.net/Gray

http://libc-2.3.2.so

http://pedram.redhive.com/code/process_stalker/GDE

http://Editionwww.oreas.comOllyDbgwww.ollydbg.de/WinDbgwww.microsoft.com/whdc/devtools/debuggingValgrindhttp://valgrind.kde.org/FuzzingBlackboxtestingworksbecauseyoucanapplysomeexternalstimulustoaprogramandobservehowtheprogramreactstothatstimulus.Monitoringtoolsgiveyouthecapabil-itytoobservetheprogram�sreactions.Allthatisleftistoprovideinterestinginputstotheprogrambeingtested.Asmentionedpreviously,fuzzingtoolsaredesignedforexactlythispurpose,therapidgenerationofinputcasesdesignedtoinduceerrorsinaprogram.Becausethenumberofinputsthatcanbesuppliedtoaprogramisinfinite,thelastthingyouwanttodoisattempttogenerateallofyourinputtestcasesbyhand.Itisentirelypossibletobuildanautomatedfuzzertostepthrougheverypossibleinputsequenceinabrute-forcemannerandattempttogenerateerrorswitheachnewinputvalue.Unfortunately,mostofthoseinputcaseswouldbeutterlyuselessandtheamountoftimerequiredtostumbleacrosssomeusefuloneswouldbeprohibitive.Therealchal-lengeoffuzzerdevelopmentisbuildingtheminsuchawaythattheygenerateinterest-inginputinanintelligent,efficientmanner.Anadditionalproblemisthatitisverydifficulttodevelopagenericfuzzer.Toreachthemanypossiblecodepathsforagivenprogram,afuzzerusuallyneedstobesomewhat�protocolaware.�Forexample,afuzzerbuiltwiththegoalofoverflowingqueryparametersinanHTTPrequestisunlikelytocontainsufficientprotocolknowledgetoalsofuzzfieldsinanSSHkeyexchange.

http://www.ietf.org

http://gimme.money.com/cgi-bin/login?user=smith&password=smithpassWhatportionsofthisrequestmightyoufuzz?Itisimportanttoidentifythosepor-tionsofarequestthatarestaticandthosepartsthataredynamic.Inthiscase,thesup-pliedrequestparametervaluessmithandsmithpassarelogicaltargetsforfuzzing,buttheyshouldbefuzzedindependentlyfromeachother,whichrequireseithertwosepa-ratefuzzers

http://login.pl

http://gimme.money.com

http://Sharefuzzwww.immunitysec.com/resources-freesoftware.shtmlGray

http://iftheattackerinsteadhoststhedomainevil.comandenticesyoutobrowsetowww.evil.com

http://www.microsoft.com/athome/security/email/spear_phishing.mspxwww.pcworld.com/article/id,122497-page,1/article.htmlClient-sidevulnerabilitiesareespeciallyeffectiveinspearphishingattacksbecauseanattackercaneasilychooseasetof�targets�

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0