Suggested resources for understanding Information Assurance (IA) and Cyber Security

Penetration Testing, Exploiting and Vulnerability Assessment

 

Fast and Easy Hacking with Armitage for Metasploit: A demonstration of the software used in scanning for targets, attacking hosts with client side attacks or remote exploits, and working the network using pass-the-hash techniques.

Hacking using Nmap, Nessus and Metasploit: A tutorial on how to use Nmap, Nessus, and Metasploit to launch and attack on a vulnerable system.

 

Understanding and Using SQL Injection Attack

 

Man-in-the-Middle Attack (MitM) using Secure Socket Layer (SSL) Stripping

 

Real World Pen Testing – Client Side and Pivot Attacks on Fully-Patched Systems: A demonstration of common risks found that he sees whilst carrying out penetration tests.

Security Tools

Cain & Abel Password Cracking Application for Windows
Dsniff Network Auditing Suite
Hping3 Network Probing Tool
John the Ripper Password Cracking Application
Metasploit Framework Security Testing Framework (see Documentation below)
Nessus Vulnerability Accessment Tool
Netcat / Cryptcat The Network “Swiss Army Knife”
Ophcrack Password Cracking Application for Windows based on Rainbow Tables
PuTTY Secure Shell Client
Snort Intrusion Detection System
THC Hydra Network Authentication (SSH) Cracking Application
Wireshark Network Sniffer and Packet Analyzer
WhosThere Tool to List Logon Sessions with NTLM Credentials on Windows Domains
winAUTOPWN Auto hacking shell gaining tool

 

Online Sources

NIST Quick Guide for 800-53 (Apple IOS) html
NIST Quick Guide for 800-53 (Android) html
Booz-Allen-Hamilton iAssurance for 800-53 (Apple IOS) html
NIST Specifical Publication 800-53 Rev. 3 Desktop Tool (Windows) html
National Vulnerability Database – NIST Special Publication 800-53 Rev. 3 (http) html
National Vulnerability Database – CVSS Scoring Tool html
NIST Computer Forensics Tool Catalog html 

News

ISSSource html
Threat Level (Wired) html
Homeland Security Newswire html

 

IA Software

Cyber Security Evaluation Tool         
Kali Linux         
Firewall Builder for Windows / Mac / Linux         
pfSense Security Appliance         
Vyatta Security Appliance         
Clonezilla Disk Imaging Utility         
Redo Disk Imaging Utility         
ModbusPal Java-based Modbus/TCP Simulator         
SCADA Honeynet         
Triangle MicroWorks Test Harness for Windows         
Security Onion Linux (Xubuntu) Distro         
Metasploit Community Edition for Windows/Linux         
Microsoft Baseline Security Advisor for Windows         
Microsoft Message Analyzer         
Microsoft Network Monitor         
Nessus Bandolier ICS Audit Files         
Nessus Center for Internet Security (CIS) Benchmark Files         
Nessus Vulnerability Scanner         
Wireshark         
Solarwinds Network Tools for Windows         
Libre Office (replaces Open Office) for Windows / Mac / Linux         
Ophcrack Password Utility LiveCD         
Password Rainbow Tables for Ophcrack         
XP Password Recovery Tool (Linux)         
QuickDraw IDS Signatures and PCAP Test Files         
AlienVault Open-Source Security Incident Monitor (OSSIM)         
Splunk Syslog Server for Windows / Mac / Linux         
Snare Syslog Agent for Windows         
TrueCrypt Disk Encryption Utility for Windows/Linux/Mac OS X         
Checksum (hash) Generation Utility for Windows         
Putty Telnet/SSH Client         
UNetBootin USB Boot Creation Utility for Windows / Mac / Linux