Re: Good references to enhance security programming



Wayne,

On Sun, 27 Jan 2007, wayneho123@xxxxxxxxx wrote:

Does anyone know any good references (books, website, training) for programming skills targeting for security professionals? I want to find some good references to accelerate my programming skills (c, Assembly) targeting kernel, writing exploits, or to understand security research papers.

You may want to take a look at my homepage:

http://www.0xdeadbeef.info/

I've compiled a good collection of links about security research, coding, and more. Additionally, i've published some exploitation studies:

http://www.0xdeadbeef.info/code/abo-exploits.tgz
http://www.0xdeadbeef.info/code/fs-exploits.tgz
http://www.0xdeadbeef.info/code/vulndev-exploits.tgz
http://www.0xdeadbeef.info/code/linux-x86-exploits.tgz
http://www.0xdeadbeef.info/code/solaris-sparc-exploits.tgz

Finally, real-world exploits and tools may help you in your activities.

Cheers,

--
Marco Ivaldi
Antifork Research, Inc. http://0xdeadbeef.info/
3B05 C9C5 A2DE C3D7 4233 0394 EF85 2008 DBFD B707



Relevant Pages

  • Re: Good references to enhance security programming
    ... You might also consider reading The Art of Software Security Assesment ... programming skills targeting for security professionals? ... find some good references to accelerate my programming skills (c, ... I've compiled a good collection of links about security research, ...
    (Vuln-Dev)
  • Re: security engineer skills set for software engineering background
    ... different aspects of security: crypto, access control, protocols, ... Programming skills are relatively unimportant. ... expertise in crypto software development ... I'm also not a math god. ...
    (sci.crypt)
  • Re: [Full-disclosure] [SE-2012-01] New Reflection API affected by a known 10+ years old
    ... most bragging and egoistic one of those (and online security sites ... we don't share our Java findings with governments, other vendors, OpenJDK ... we inform a vendor and a public on the same day about our findings, ... Java security research creates equal opportunities for everyone. ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Evidence of fake security research from SecurStar GmbH
    ... ] On Behalf Of Fabio Pietrosanti ... now we have the evidence: The research was a fake security research arranged for a marketing campaign. ... they leaked the IP of the anonymous author of http://infosecurityguard.com and it's confirmed that it come from SecurStar GmbH office: ...
    (Full-Disclosure)
  • This Screms Rip me off!
    ... If you don?t want people creating money from nothing, ... attention to the security research before investing. ... been widely known to use a smartcard system called MIFARE Classic, ...
    (misc.news.internet.discuss)