Links: Unterschied zwischen den Versionen
Aus Chaostreff Gießen
(→Verweise auf Multimedia Inhalte (Video und Audio)) |
(→Verweise auf Multimedia Inhalte (Video und Audio)) |
||
(30 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
Zeile 11: | Zeile 11: | ||
|Description | |Description | ||
|- | |- | ||
− | |[ | + | |[http://channel9.msdn.com/Events/TechEd/NorthAmerica/2012/SIA302 Malware Hunting with the Sysinternals Tools] |
− | | | + | |Malware Hunting with the Sysinternals Tools, Date: June 12, 2012 from 3:15PM to 4:30PM, Speakers: Mark Russinovich |
|- | |- | ||
− | |[ | + | |[http://www.securitytube.net/ SecurityTube] |
− | | | + | |SecurityTube Powered by Binary Security |
|- | |- | ||
|[http://www.sempervideo.de/ Semper Video] | |[http://www.sempervideo.de/ Semper Video] | ||
Zeile 40: | Zeile 40: | ||
|URL | |URL | ||
|Description | |Description | ||
+ | |- | ||
+ | |[https://www.packetforensics.com/pflim1.safe Packet Forensics M1 Device] | ||
+ | |The M1 is tailored toward specific needs in the areas of lawful intercept, network intelligence collection, and communications policy enforcement. It is a complete turnkey Lawful Intercept solution fully contained in a proprietary hardware/software platform. (Prism ;-) | ||
+ | |- | ||
+ | |[http://sdr.osmocom.org/ OsmoSDR] | ||
+ | |OsmoSDR is a 100% Free Software based small form-factor inexpensive SDR (Software Defined Radio) project. | ||
+ | |- | ||
+ | |[http://www.heise.de/hardware-hacks/projekte/USB-Ladekabel-1562990.html USB-Ladekabel] | ||
+ | |Not-Energietransfer in allen mobilen Lebenslagen - Kein Ersatzakku, keine Steckdose? Verschiebe den Strom aus einer Blockbatterie in dein Handy, lade es an einer Solarzelle, schaffe irgendwie Energie da rein, aus fast jeder Quelle. | ||
+ | |- | ||
+ | |[http://www.spiegel.de/netzwelt/web/orvillecopter-kuenstler-baut-hubschrauber-aus-katze-a-836908.html Orvillecopter] | ||
+ | |Orvillecopter - Dieser Kater kann fliegen: Ein niederländischer Künstler hat aus seinem toten Haustier einen Hubschrauber gebaut, an jeder Pfote dreht sich ein Rotor. | ||
|- | |- | ||
|[http://www.makinterface.de/index_d.php3 MAKInterface] | |[http://www.makinterface.de/index_d.php3 MAKInterface] | ||
Zeile 49: | Zeile 61: | ||
|[http://www.imagepacdaylight.co.uk/ PhotoCentriC] | |[http://www.imagepacdaylight.co.uk/ PhotoCentriC] | ||
|PhotoCentriC StampMaking Kit (wer mal eben schnell ein "Dienstsiegel" braucht ;-) | |PhotoCentriC StampMaking Kit (wer mal eben schnell ein "Dienstsiegel" braucht ;-) | ||
+ | |- | ||
+ | |[http://www.tableau.com/pdf/en/Tableau_TACC_Product_Brief.pdf Tableau TACC1441] | ||
+ | |Tableau TACC1441 Hardware Accelerator - Product Brief (BKA Hardware). | ||
+ | |- | ||
+ | |[http://www.tableau.com/pdf/en/Tableau_TMSS-IIO1_Users_Guide.pdf Tableau TMSS-IIO1] | ||
+ | |Tableau TMSS-IIO1 Integrated Storage Module User's Guide. Portable Forensic Storage. The first member of the Tableau MSS storage family, the TMSS-IIO1, is an integrated storage system which combines a four-drive RAID-5 array, RAID electronics and fans in a single enclosure. (BKA Hardware). | ||
+ | |- | ||
+ | |[http://www.fte.com/docs/BPA500_datasheet.pdf BPA™ 500] | ||
+ | |Professioneller BT Sniffer. Bluetooth Sniffer: BPA™ 500 Dual Mode Bluetooth® Protocol AnalyzerData Sheet. [http://www.fte.com/products/BPA500.aspx] | ||
+ | |- | ||
+ | |[http://www.rohde-schwarz.de/file/GC128_en_WEB.pdf GC128 GSM] | ||
+ | |IMSI Catcher: Rohde & Schwarz GC128 GSM Communication Unit - Data sheet English (PD 0758.2402.32) (Mit Firmware Patch "Lieblingsspielzeug" deutscher Ermittler ;-) | ||
+ | |- | ||
+ | |[http://www.ipcop-forum.de/galerie/okosamastarr.php LEX Neo LinuZ FW by Okosama] | ||
+ | |LEX Neo embedded Linux Firewall (diskless, fanless, 24/7 system) | ||
|} | |} | ||
+ | |||
====Verweise auf k3wL3 NFOs==== | ====Verweise auf k3wL3 NFOs==== | ||
{| border="1" | {| border="1" | ||
|URL | |URL | ||
|Description | |Description | ||
+ | |- | ||
+ | |[http://de.fakenamegenerator.com Fake Name Generator] | ||
+ | |Identitäten zufällig generieren - Fake Name Generator | ||
+ | |- | ||
+ | |[http://invisiblethingslab.com Invisible Things Lab] | ||
+ | |Invisible Things Lab focuses on cutting-edge research in computer system security. We are well known for our pioneering research in the areas of kernel security, virtualization security and system/firmware level security. | ||
+ | |- | ||
+ | |[http://portswigger.net/burp/ Burp Suite] | ||
+ | |Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. | ||
+ | |- | ||
+ | |[http://pwnies.com/winners/ Pwnie Award winners 2k12] | ||
+ | |Neues vom Ponnyhof ;-) | ||
+ | |- | ||
+ | |[https://plus.google.com/u/0/103914348112156323844/posts Okosama's Google+ Profile] | ||
+ | |Some nice IT-Security related post's. Have pHun ;-) | ||
+ | |- | ||
+ | |[http://www.openwall.com/john/ John the Ripper password cracker (official free version)] | ||
+ | |John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. | ||
+ | |- | ||
+ | |[http://www.cl.cam.ac.uk/~sps32/Silicon_scan_draft.pdf Breakthrough silicon scanning discovers backdoor in military chip.] | ||
+ | |This paper is a short summary of the first real world detection of a backdoor in a military grade FPGA. Using an innovative patented technique we were able to detect and analyse in the first documented case of its kind, a backdoor inserted into the Actel/Microsemi ProASIC3 chips. | ||
+ | |- | ||
+ | |[http://labs.bitdefender.com/2012/05/cyber-espionage-reaches-new-levels-with-flamer/ Cyber Espionage Reaches New Levels with Flamer] | ||
+ | |Nützliches Programm von BitDefender zum Suchen und Entfernen des "Flame" Trojaners.) | ||
+ | |- | ||
+ | |[http://www.sensepost.com/blog/7045.html A closer look into the RSA SecureID software token] | ||
+ | |Widespread use of smart phones by employees to perform work related activities has introduced the idea of using these devices as an authentication token. I used the Windows version of the RSA SecurID Software Token for Microsoft Windows version 4.10 for my analysis and discovered the following issues: Device serial number of tokens can be calculated by a remote attacker !) | ||
|- | |- | ||
|[http://wikileaks.org/the-spyfiles.html The Spyfiles] | |[http://wikileaks.org/the-spyfiles.html The Spyfiles] | ||
Zeile 60: | Zeile 115: | ||
|[http://www.cl.cam.ac.uk/~sps32/#Updates Sergei Skorobogatov's Home Page] | |[http://www.cl.cam.ac.uk/~sps32/#Updates Sergei Skorobogatov's Home Page] | ||
|papers about semi invasive chip attacks | |papers about semi invasive chip attacks | ||
+ | |- | ||
+ | |[http://www.usdoj.gov/criminal/foia/docs/elec-sur-manual.pdf Electronic Surveillance Manual] | ||
+ | |Electronic Surveillance Manual | ||
+ | |- | ||
+ | |[http://info.publicintelligence.net/MaxPlanckInstitute-Presentation.pdf Gutachten der kriminologischen Abteilung des Max-Planck-Instituts] | ||
+ | |Gutachten der kriminologischen Abteilung des Max-Planck-Instituts für ausländisches und internationales Strafrecht im Auftrag des Brandenburgischen Ministeriums des Innern. Titel: Recht und Praxis der anlassbezogenen automatischen Kennzeichenfahndung, Verkehrsdatenabfrage und Mobilfunkortung zur Gefahrenabwehr in Brandenburg. Wissenschaftliche Begleitforschung zu den §§ 33b Abs. 3, Abs. 6 Satz 2 und 36a BbgPolG. | ||
+ | |- | ||
+ | |[http://wikileaks.org/cablegate.html WikiLeaks Cabelgate Viewer] | ||
+ | |Secret US Embassy Cables. The best way to explore the data is using [http://www.cablegatesearch.net cablegatesearch]. | ||
+ | |- | ||
+ | |[http://www.dfn-cert.de/veranstaltungen.html DFN-CERT Veranstaltungen] | ||
+ | |Veranstaltungen zum Thema IT-Sicherheit. Erkannte Sicherheitslücken müssen schnell geschlossen werden. Das kann nur gelingen, wenn die Betroffenen vorbereitet sind. Nur dann sind besonnene, rasche und effektive Reaktionen möglich. Um dieses Wissen zu vermitteln, veranstaltet das DFN-CERT regelmäßig Tutorien und Workshops zu allen Fragen rund um Netzwerksicherheit und Incident Response. | ||
+ | |- | ||
+ | |[http://www.emsec.rub.de/research/publications/ Veröffentlichungen Ruhr-Universität-Bochum] | ||
+ | |Veröffentlichungen Ruhr-Universität-Bochum - Lehrstuhl für Embedded Security | ||
+ | |- | ||
+ | |[http://www.bundesnetzagentur.de/DE/Sachgebiete/QES/Veroeffentlichungen/Algorithmen/algorithmen_node.html Algorithmenkataloge der Bundesnetzagentur] | ||
+ | |Die Bundesnetzagentur veröffentlicht im Bundesanzeiger eine Übersicht über die Algorithmen und zugehörigen Parameter, die zur Erzeugung von Signaturschlüsseln, zum Hashen zu signierender Daten oder zur Erzeugung und Prüfung qualifizierter elektronischer Signaturen als geeignet anzusehen sind, sowie den Zeitpunkt, bis zu dem die Eignung jeweils gilt. Die Eignung ist jährlich sowie bei Bedarf neu zu bestimmen. | ||
+ | |- | ||
+ | |[http://www.tacnetsol.com/news/2011/12/28/cracking-wifi-protected-setup-with-reaver.html Cracking WiFi Protected Setup with Reaver] | ||
+ | |"Cracking WiFi Protected Setup with Reaver" by Tactical Network Solutions. "We have decided to announce and release Reaver, our WPS attack tool, to the open source community. Reaver is capable of breaking WPS pins and recovering the plain text WPA/WPA2 passphrase of the target access point in approximately 4-10 hours (attack time varies based on the access point)." | ||
+ | |- | ||
+ | |[http://www.perkeo.com/ PERKEO] | ||
+ | |PERKEO ist Standard bei deutschen und ausländischen Strafverfolgungsbehörden. Die Datenbank wird in Zusammenarbeit mit dem Deutschen Bundeskriminalamt (BKA) ständig erweitert und den PERKEO-Kunden zur Verfügung gestellt. | ||
+ | |- | ||
+ | |[http://info.publicintelligence.net/USArmy-UW.pdf U.S. Army Special Forces Unconventional Warfare Training Manual November 2010] | ||
+ | |The intent of U.S. UW efforts is to exploit a hostile power’s political, military, economic, and psychological vulnerabilities by developing and sustaining resistance forces to accomplish U.S. strategic objectives. | ||
+ | |- | ||
+ | |[http://www.enlisted.info/field-manuals/ Field Manual Listing] | ||
+ | |On this site, you can find over 220 declassified manuals produced by the United States Army. We are continually growing by adding more field manuals and other army information to our site to our site. | ||
|}<br> | |}<br> | ||
---- | ---- |
Aktuelle Version vom 12. Mai 2014, 11:18 Uhr
Inhaltsverzeichnis
elektronische Verweise
Einige Verweise auf externe Internet Angebote.
Haftungshinweis: Trotz sorgfältiger inhaltlicher Kontrolle übernehmen wir keine Haftung für die Inhalte externer Links. Für den Inhalt der verlinkten Seiten sind ausschließlich deren Betreiber verantwortlich.
Bitte beachte in diesem Zusammenhang auch unseren Haftungsausschluss.
Verweise auf Multimedia Inhalte (Video und Audio)
URL | Description |
Malware Hunting with the Sysinternals Tools | Malware Hunting with the Sysinternals Tools, Date: June 12, 2012 from 3:15PM to 4:30PM, Speakers: Mark Russinovich |
SecurityTube | SecurityTube Powered by Binary Security |
Semper Video | Semper Video - Sehen ist Lernen |
Die Apple-Diktatur | Die Apple Diktatur - Die Welt wird einfach nur veräppelt! |
Black Hat Archives | Black Hat Multimedia Archives |
Was für "Musterknaben" | Mutter ist die beste Frau! |
Katana Slides | Katana Slides DefCon 2k10 |
Deutsche Überwachungstechnik im Ausland | Deutsche Überwachungstechnik im Ausland (powered by „FinFisher“ BigBro Award 2k12 ;-) |
Verweise auf k3wL3 Hardware
URL | Description |
Packet Forensics M1 Device | The M1 is tailored toward specific needs in the areas of lawful intercept, network intelligence collection, and communications policy enforcement. It is a complete turnkey Lawful Intercept solution fully contained in a proprietary hardware/software platform. (Prism ;-) |
OsmoSDR | OsmoSDR is a 100% Free Software based small form-factor inexpensive SDR (Software Defined Radio) project. |
USB-Ladekabel | Not-Energietransfer in allen mobilen Lebenslagen - Kein Ersatzakku, keine Steckdose? Verschiebe den Strom aus einer Blockbatterie in dein Handy, lade es an einer Solarzelle, schaffe irgendwie Energie da rein, aus fast jeder Quelle. |
Orvillecopter | Orvillecopter - Dieser Kater kann fliegen: Ein niederländischer Künstler hat aus seinem toten Haustier einen Hubschrauber gebaut, an jeder Pfote dreht sich ein Rotor. |
MAKInterface | MAKInterface (Modulares Allgemeines Kommunikations Interface) |
Digital Laboratory by Goran Vlaski | On this page you will find the toys, kids are playing with these days. (bit outdated) |
PhotoCentriC | PhotoCentriC StampMaking Kit (wer mal eben schnell ein "Dienstsiegel" braucht ;-) |
Tableau TACC1441 | Tableau TACC1441 Hardware Accelerator - Product Brief (BKA Hardware). |
Tableau TMSS-IIO1 | Tableau TMSS-IIO1 Integrated Storage Module User's Guide. Portable Forensic Storage. The first member of the Tableau MSS storage family, the TMSS-IIO1, is an integrated storage system which combines a four-drive RAID-5 array, RAID electronics and fans in a single enclosure. (BKA Hardware). |
BPA™ 500 | Professioneller BT Sniffer. Bluetooth Sniffer: BPA™ 500 Dual Mode Bluetooth® Protocol AnalyzerData Sheet. [1] |
GC128 GSM | IMSI Catcher: Rohde & Schwarz GC128 GSM Communication Unit - Data sheet English (PD 0758.2402.32) (Mit Firmware Patch "Lieblingsspielzeug" deutscher Ermittler ;-) |
LEX Neo LinuZ FW by Okosama | LEX Neo embedded Linux Firewall (diskless, fanless, 24/7 system) |
Verweise auf k3wL3 NFOs
URL | Description |
Fake Name Generator | Identitäten zufällig generieren - Fake Name Generator |
Invisible Things Lab | Invisible Things Lab focuses on cutting-edge research in computer system security. We are well known for our pioneering research in the areas of kernel security, virtualization security and system/firmware level security. |
Burp Suite | Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. |
Pwnie Award winners 2k12 | Neues vom Ponnyhof ;-) |
Okosama's Google+ Profile | Some nice IT-Security related post's. Have pHun ;-) |
John the Ripper password cracker (official free version) | John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. |
Breakthrough silicon scanning discovers backdoor in military chip. | This paper is a short summary of the first real world detection of a backdoor in a military grade FPGA. Using an innovative patented technique we were able to detect and analyse in the first documented case of its kind, a backdoor inserted into the Actel/Microsemi ProASIC3 chips. |
Cyber Espionage Reaches New Levels with Flamer | Nützliches Programm von BitDefender zum Suchen und Entfernen des "Flame" Trojaners.) |
A closer look into the RSA SecureID software token | Widespread use of smart phones by employees to perform work related activities has introduced the idea of using these devices as an authentication token. I used the Windows version of the RSA SecurID Software Token for Microsoft Windows version 4.10 for my analysis and discovered the following issues: Device serial number of tokens can be calculated by a remote attacker !) |
The Spyfiles | WikiLeaks: The Spy Files) |
Sergei Skorobogatov's Home Page | papers about semi invasive chip attacks |
Electronic Surveillance Manual | Electronic Surveillance Manual |
Gutachten der kriminologischen Abteilung des Max-Planck-Instituts | Gutachten der kriminologischen Abteilung des Max-Planck-Instituts für ausländisches und internationales Strafrecht im Auftrag des Brandenburgischen Ministeriums des Innern. Titel: Recht und Praxis der anlassbezogenen automatischen Kennzeichenfahndung, Verkehrsdatenabfrage und Mobilfunkortung zur Gefahrenabwehr in Brandenburg. Wissenschaftliche Begleitforschung zu den §§ 33b Abs. 3, Abs. 6 Satz 2 und 36a BbgPolG. |
WikiLeaks Cabelgate Viewer | Secret US Embassy Cables. The best way to explore the data is using cablegatesearch. |
DFN-CERT Veranstaltungen | Veranstaltungen zum Thema IT-Sicherheit. Erkannte Sicherheitslücken müssen schnell geschlossen werden. Das kann nur gelingen, wenn die Betroffenen vorbereitet sind. Nur dann sind besonnene, rasche und effektive Reaktionen möglich. Um dieses Wissen zu vermitteln, veranstaltet das DFN-CERT regelmäßig Tutorien und Workshops zu allen Fragen rund um Netzwerksicherheit und Incident Response. |
Veröffentlichungen Ruhr-Universität-Bochum | Veröffentlichungen Ruhr-Universität-Bochum - Lehrstuhl für Embedded Security |
Algorithmenkataloge der Bundesnetzagentur | Die Bundesnetzagentur veröffentlicht im Bundesanzeiger eine Übersicht über die Algorithmen und zugehörigen Parameter, die zur Erzeugung von Signaturschlüsseln, zum Hashen zu signierender Daten oder zur Erzeugung und Prüfung qualifizierter elektronischer Signaturen als geeignet anzusehen sind, sowie den Zeitpunkt, bis zu dem die Eignung jeweils gilt. Die Eignung ist jährlich sowie bei Bedarf neu zu bestimmen. |
Cracking WiFi Protected Setup with Reaver | "Cracking WiFi Protected Setup with Reaver" by Tactical Network Solutions. "We have decided to announce and release Reaver, our WPS attack tool, to the open source community. Reaver is capable of breaking WPS pins and recovering the plain text WPA/WPA2 passphrase of the target access point in approximately 4-10 hours (attack time varies based on the access point)." |
PERKEO | PERKEO ist Standard bei deutschen und ausländischen Strafverfolgungsbehörden. Die Datenbank wird in Zusammenarbeit mit dem Deutschen Bundeskriminalamt (BKA) ständig erweitert und den PERKEO-Kunden zur Verfügung gestellt. |
U.S. Army Special Forces Unconventional Warfare Training Manual November 2010 | The intent of U.S. UW efforts is to exploit a hostile power’s political, military, economic, and psychological vulnerabilities by developing and sustaining resistance forces to accomplish U.S. strategic objectives. |
Field Manual Listing | On this site, you can find over 220 declassified manuals produced by the United States Army. We are continually growing by adding more field manuals and other army information to our site to our site. |