Hi all,
We are starting with a monthly reading-list for people who are unable to keep up with the latest in the field of IT Security.
A few articles (like the ones below) may be informational to the non-technical readers as well to improve their tech know-how and security posture 🙂
The What And The Why Of Professional Penetration Testing
http://www.darkreading.com/blog/archives/2010/09/professional_pe.html
The Case of Zero-Day Penetration Testing
http://www.darkreading.com/blog/archives/2010/08/the_case_for_ze.html
Zero-Day Pentesting Under Fire
http://www.darkreading.com/blog/archives/2010/10/i_wrote_a_blog.html
Stuxnet: FAQ – F-Secure Blog
http://www.f-secure.com/weblog/archives/00002040.html
TOOLS:
OracleEnumerator
http://www.woany.co.uk/oracleenumerator-v1-1-1/
SQL Server 2005 Baseline Analyzer
http://www.microsoft.com/downloads/en/details.aspx?FamilyId=da0531e4-e94c-4991-82fa-f0e3fbd05e63&displaylang=en
http://blog.sqlauthority.com/2007/07/05/sql-server-2005-best-practices-analyzer-tutorial-sample-example/
USBSploit –  USB Exploitation using Metasploit
http://secuobs.com/news/12102010-usbsploit_v0.3b_meterpreter_msf_3.shtml
DriveSploit – Drive-by-Download using Metasploit
http://www.drivesploit.org/home
If you have any links/articles/tools etc. which you would like to share with others, then send it along and I’ll include it in the next release of the newsletter.
