/netsec/ - Net Sec General
- Home
- Board: /g/ - Technology
- Reading: /netsec/ - Net Sec General
/netsec/ is dedicated to everything about computer security, networks, exploits, reverse engineering, social engineering, hacking, tricks, etc.
Daily Programming Thread: >>55592646 (Cross-thread)
Web Dev General: >>55574020 (Cross-thread)
How To Become a Hacker: http://catb.org/~esr/faqs/hacker-howto.html
Learning
https://cybrary.it/
https://n0where.net/
https://www.offensive-security.com/metasploit-unleashed
http://resources.infosecinstitute.com/
http://www.windowsecurity.com/articles-tutorials/
https://www.sans.org/reading-room/
https://www.corelan.be/index.php/articles/
http://opensecuritytraining.info/Training.html
https://www.blackhat.com/html/archives.html
http://www.securitytube.net/
News/CVE releases
https://threatpost.com/
https://www.deepdotweb.com/
https://packetstormsecurity.com/
https://www.cvedetails.com/
http://routerpwn.com/
http://www.exploit-db.com/
https://www.rapid7.com/db/
http://0day.today/
Wargames
https://overthewire.org/wargames/
https://www.pentesterlab.com/
http://www.itsecgames.com/
https://exploit-exercises.com/
https://www.enigmagroup.org/
http://smashthestack.org/
http://3564020356.org/
https://www.hackthissite.org/
http://www.hackertest.net/
http://0x0539.net/
https://vulnhub.com
https://ringzer0team.com/
https://root-me.org/
https://microcorruption.com/
https://starfighter.io/
>>55608818
What are good proxies to use?
This is the best 'general' on /g/.
Full stop.
Anyone got recommendations for a good security podcast?
>>55609215
proxies are garbage thats baby tier security this isnt 20th century
So about that esr dude. I like his writing and his ideas but how do you make a living being a hacker according to his view of the term? How do you get food in the table only writing open source / free software?
>>55612048
On the table *
Also I wonder how this topic seemingly attracts nobody. Not even (that many) snarky comments.
>>55612095
I'm interested but have no time because of work.
does the hackrf one make a decent spectrum analyzer or is it really that much better to get expensive equipmen?.
>>55612048
you get hired by a company doing open source development or create a software support company that sells technical support to companies using open source software. there's no money in giving your stuff away for free, but maybe you can hack that system and figure something out.
>>55612238
I've only ever heard that you should buy Ettus Research or better.
>>55608818
aes-xts-plain64
what does plain64 mean? is it plain text?
Also i hear xts is bad. what should i use instead,and how to change it
>>55611265
Defensive Security is pretty good
>>55611265
Risky.biz is fab
How would one get started in bug bounties and such? Should I start off spending loads of time on sites like root-me, dvwa etc to build up skills then move on to bounties? Or should I just try and try and try on "real" websites and learn that way?
>be me
>want to debug elf file in debugger
>download edb-debugger (open source).
>doesn't have any 3rd party plugin, especially to hide debugger
>missing features from closed source Windows debugger
>run application
>closes itself because it detects debugger
>close edb-debugger
>segmentation fault
4/10 see me after class.
>>55614879
i thought bug bounties were offered on specific products? maybe you should start by working on those products.
>>55615721
They are - what I meant was should I start by trying to attack those products, or should I start by spending loads of time on practice sites (as in, which would I learn more from and make better progress in). Perhaps I am best to take the direct approach though!
>>55611347
What about VPNs? Now lets say a VPN wasn't available and you needed to use a proxy, would proxies like hidemyass be good?
what's with endbranch? can you still jump into the middle of an instruction as long as the bits match endbranch? what about direct jumps?
>>55615776
if you have the skills, don't waste time on contrived tests. the real stuff is much more tricky and as long as you can legally attack an application or system you should legally attack that application or system.
>>55615777
only if you chain proxies through multiple jurisdictions and bounce through a few different anonymous hosts.
>>55615840
Alright cool, thanks for the advice!
>>55608818
fuck this thread
>>55608818
CANCER
A
N
C
E
R
