Security BSides Warszawa 2019

Linki do różnych narzędzi, artykułów, blogów itp o których dowiedziałem się podczas konferencji Security BSides Warsaw 2019

Nagrania

http://frankowicz.me/sbs2019 Trzy lata fuzzingu… I czy coś to zmieniło?
https://aptmasterclass.com/bsides19/ Nietrywialna komunikacja C2 - jakie to proste!
https://www.slideshare.net/wojdwo/budowanie-i-hakowanie-nowoczesnych-aplikacji-ios Budowanie i hakowanie nowoczesnych aplikacji iOS

AFL++ American Fuzzy Lop plus plus
bandit A tool designed to find common security issues in Python code. A.K.A.: security linter for Python
CRITs Collaborative Research Into Threats
CyberChef The Cyber Swiss Army Knife
DynamoRIO a runtime code manipulation system that supports code transformations on any part of a program, while it executes
Google dorks Google Hacking Database by exploit-db
mimikatz A little tool to play with Windows security
Powershell Kung Fu scripts by APT Master Class
socat A more complex variant of netcat

buckets by Gray Hat Warfare Open Amazon s3 Buckets and their contents
CertStream Real-time certificate transparency log update stream
DNSdumpster.com is a FREE domain research tool that can discover hosts related to a domain
PhishTank is a collaborative clearing house for data and information about phishing on the Internet
robtex.com An index of public information about IP numbers, domain names, host names, Autonomous systems, routes etc
urlscan.io is a service to scan and analyse websites

Any Run Interactive Malware hunting service
APT master class szkolenia w zakresie bezpieczeństwa, znajomości technik i sposobów na wykrywanie luk, podatności etc.
domaintools.com offer tools to analyse Whois records, passive DNS data, related screenshots, IP addresses, hosting data, name servers, and other DNS data
RiskIQ provides cloud-based software as a service (SaaS) for organizations to detect phishing, fraud, malware, and other online security threats.