Info-Letter vol. 1

Hi all,

We are starting with a monthly reading-list for people who are unable to keep up with the latest in the field of IT Security.
A few articles (like the ones below) may be informational to the non-technical readers as well to improve their tech know-how and security posture 🙂

The What And The Why Of Professional Penetration Testing
http://www.darkreading.com/blog/archives/2010/09/professional_pe.html

The Case of Zero-Day Penetration Testing
http://www.darkreading.com/blog/archives/2010/08/the_case_for_ze.html

Zero-Day Pentesting Under Fire
http://www.darkreading.com/blog/archives/2010/10/i_wrote_a_blog.html

Stuxnet: FAQ – F-Secure Blog
http://www.f-secure.com/weblog/archives/00002040.html

TOOLS:

OracleEnumerator
http://www.woany.co.uk/oracleenumerator-v1-1-1/

SQL Server 2005 Baseline Analyzer
http://www.microsoft.com/downloads/en/details.aspx?FamilyId=da0531e4-e94c-4991-82fa-f0e3fbd05e63&displaylang=en
http://blog.sqlauthority.com/2007/07/05/sql-server-2005-best-practices-analyzer-tutorial-sample-example/

USBSploit –  USB Exploitation using Metasploit
http://secuobs.com/news/12102010-usbsploit_v0.3b_meterpreter_msf_3.shtml

DriveSploit – Drive-by-Download using Metasploit
http://www.drivesploit.org/home

If you have any links/articles/tools etc. which you would like to share with others, then send it along and I’ll include it in the next release of the newsletter.

Author


Leave a Reply

Your email address will not be published. Required fields are marked *