P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way.
A Document that tries to give a complete overview over what TLS/SSL protocols and what ciphers are available on different platforms and browsers.
While smartphones have been heralded as the coming of the next generation of communication and collaboration, they are a step backwards when it comes to personal security, anonymity and privacy. The Guardian Project aims to create easy to use apps, open-source firmware MODs, and customized, commercial mobile phones that can be used and deployed around the world, by any person looking to protect their communications and personal data from unjust intrusion and monitoring.
The Common Weakness Scoring System (CWSS) provides a mechanism for scoring weaknesses in a consistent, flexible, open manner while accommodating context for the various business domains.
The Common Weakness Risk Analysis Framework (CWRAF) provides a means for software developers and consumers to prioritize software weaknesses that are relevant for their business, mission, and deployed technologies.
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end
Wie verwalten bestimmte Programme die Userpasswörter und Tools zum auslesen
wlan als "untrusted" markieren -> ssh-tunnel benutzen, soll gg firesheep helfen
