adric: books icon (c) 2004 adric.net (Default)
[personal profile] adric

Do you want to know more?

Want to learn more about memory analysis?

  • Install Volatility or grab SIFT VM
  • Get memory image samples from:
    • Volatility wiki: https://code.google.com/p/volatility/wiki/PublicMemoryImages
    • HoneyNet: http://honeynet.org/challenges/2010_3_banking_troubles
    • Book:
  • Practice, practice, practice
    • Image your own hosts and analyze them
  • Write about what you find out!
Want to learn more about (web) application security?
  • Install proxy tools and browser plugins or get Samurai WTF
  • Get sample vulnerable web apps :
    • Samurai includes WebGoat, Mutilidae, and others
    • Google Gruyere: http://google-gruyere.appspot.com/
    • BodgeIt Store : http://code.google.com/p/bodgeit/
    • Book: The Tangled Web : http://lcamtuf.coredump.cx/tangled/
    • Read, participate: OWASP:  https://www.owasp.org/index.php/Main_Page
  • Practice, practice, practice
    • Test your own apps in the lab
  • Write about what you find out!
What to learn more about host forensics?
  • Get SIFT and FTK Imager (etc)
  • Get sample images and challenges:
    • HoneyNet Challenges: http://honeynet.org/challenges
    • EH Net Challenges: https://www.ethicalhacker.net/category/features/skillz
    • Advanced Digital Corpora: http://digitalcorpora.org/corpora/scenarios
    • Book: File System Forensics Analysis: http://www.digital-evidence.org/
  • Practice, practice, practice
    • Image your own hosts and analyze them
  • Write about what you find out!
Want to learn more about network monitoring, network forensics?
  • Get Security Onion and SIFT
  • Get some sample captures and logs:
    • /opt/samples in SecurityOnion
    • Wireshark's samples wiki :http://wiki.wireshark.org/SampleCaptures
    • (Network) Forensics Contest . com : http://forensicscontest.com/
    • Advanced: Johannes packet challenges:  http://johannes.homepc.org/packet.txt
    • Book: Practice of NSM and samples : http://nostarch.com/nsm
  • Practice, practice, practice
    • Record, monitor, analyze your own networks
  • Write about what you find out!
Want to learn more about artifact analysis and reverse engineering malware?
  • Get REMnux and demos of IDA, Hopper. Download OllyDbg
  • Get some sample files:
    • Contagio : http://contagiodump.blogspot.com/
    • VirusShare : https://virusshare.com/
    • your inbox
    •  Book: Practical Malware Analysis and exercises: http://practicalmalwareanalysis.com/
  • Practice, practice, practice
    • Dissect and analyze the files around you
  • Write about what you find out!

^.*$


Comments appreciated. Live wiki doc is at http://f.adric.net/index.cgi/wiki?name=LearnMoreSecurity

March 2014

S M T W T F S
      1
2345678
9 101112131415
16171819202122
23242526272829
3031     

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated 22 October 2017 04:45 am
Powered by Dreamwidth Studios