PUBLIC MARKS with tags info-sec & programming

Here you can find a collection of exercises that will help you teach yourself the art of insecure programs exploitation. It's not complete, but it's minted to open your mind. The idea is NOT to use any human help. In case you doubt it, we could exploit all but two of them, stay calm and good luck.

This package provides a complete http client library. It currently implements most of the relevant parts of the HTTP/1.0 and HTTP/1.1 protocols, including the request methods HEAD, GET, POST and PUT, and automatic handling of authorization, redirection requests, and cookies. Furthermore the included Codecs class contains coders and decoders for the base64, quoted-printable, URL-encoding, chunked and the multipart/form-data encodings. The whole thing is free, and licenced under the GNU Lesser General Public License (LGPL) (note that this is not the same as the GPL).

Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.

Writing Secure PHP

Free Programmers', Webmasters' and Security Resources

.NET, Java, C++, Web Dev, Database, SECURITY, Open Source, XML, VB, ASP/ASP .NET, Enterprise, Wireless/Mobile, Coder Challenge, 10 Minute Solutions, Menuing Software

:: Security :: Exploits :: Vulnerabilities :: Ebooks :: Downloads :: Programming

WinDump is the official Windows version of tcpdump, the command line network analyzer for UNIX. WinDump is fully compatible with tcpdump and can be used to watch, diagnose and save to disk network traffic according to various complex rules. It can run under Windows 95, 98, ME, NT, 2000, XP, 2003 and Vista.

Underlying the Java platform is a dynamic, extensible security architecture, standards-based and interoperable. Security features -- cryptography, authentication and authorization, public key infrastructure, and more -- are built in. The Java security model is based on a customizable "sandbox" in which Java software programs can run safely, without potential risk to systems or users.

Informative information for the uninformed

This is the Metasploit Project. The goal is to provide useful information to people who perform penetration testing, IDS signature development, and exploit research. This site was created to fill the gaps in the information publicly available on various exploitation techniques and to create a useful resource for exploit developers. The tools and information on this site are provided for legal penetration testing and research purposes only.

The Attack Tool Kit (ATK) is an open-source security scanner and exploiting framework

This is the Metasploit Project. The goal is to provide useful information to people who perform penetration testing, IDS signature development, and exploit research. This site was created to fill the gaps in the information publicly available on various exploitation techniques and to create a useful resource for exploit developers. The tools and information on this site are provided for legal penetration testing and research purposes only.

The Packetfactory is a clearing house for cool-ass network and network security related endeavors. Here you’ll find all manner of useful security tools like firewalk, network tools such as ngrep, and programming components such as libnet. Feel free to peruse and download. Everything here is free and open-sourced. If you have something you think is cool-assed enough to be hosted here, please send email to mike underscore schiffman at hotmail dot com We are always on the lookout for exceptional new projects or papers to host here.