If you like this, you can use flattr. ;)
- Quickpost: Inspiring Windows software profilers and checkers
- 0x41 - back to bugs
- low footprint/hardware assisted virtualization with Linux and GrSec
- Postfix troubleshooting - a security nightmare
- New content soon
- 0x41 - (weekly) exploitation matters - Vista Heap, scripting debuggers with debug libs and how to learn to use that knowledge
- 0x41 - weekly exploitation matters - Shellcode and frameworks
- Explicit and implicit security in software development - measures and change
- 0x41 - weekly exploitation matters - Heap overflow fundamentals
- 0x41 - weekly exploitation matters - About
- wishinet: checking out GDB with Dtrace support for OS X... (1.9.2). Should be interesting.
- wishinet: RT @bfoo: Worth reading: http://merbist.com/2010/08/22/discussion-with-a-java-switcher/
- wishinet: nächstes Jahr Taikai in Nürnberg (http://www.taikai.de/) - und nu aus Nürnberg total groggy in die Falle! ;)
UnprotectedHex - about formal software verification
Sean's blog
Xecurity - a security feed collecter
Reddit RCE group
Freedom To Tinker
Emergent Chaos
Woodmann RCE forums
OpenRCE community forums
SecViz - security data visualization
DAVIX Live - for security metrics
Hex Live
Security Metrics
Immunity's Free Software
Core Security's OpenSouce research
Zynamics Blog
Unix
A practically secure mail setup - counter spammers with Linux mail-servers
Wed, 02/24/2010 - 23:03 | wishi
Who needs this?
Yay, free mails in a sustaining setup!
This is a tutorial on how to practically setup a relatively secure mail-server.
It's supposed to be as minimal as reasonable nowadays, and for a small amount of users (standard root server, max. ~20 mail-users at once). Without a real DB backend. It doesn't scale business-needs, however it's supposed to be extendable.
The reference system this setup works with is a Debian GNU Linux with:
- Maildrop - instead of Procmail for more flexible filter rulesets
- Postfix and Postfix-pcre ~ 2.7
wishi's blog | 
Add new comment | 1+[encrypted]+#b94+ | 
Tags: Configuration, Debian, Internet Protocols , Linux, pwnage, Security Tools, Unix
x86 differently: VINE and LLVM-klee
Sat, 09/19/2009 - 13:45 | wishi
The power of intermediate languages
That's a Pentium I form 1993... and it grows more complex since these days.
x86 for RCE isn't that kewl: you've to cope with CISC, mostly more than 7 general purpose registers, complex memory access operands, flags, condition codes, specific model registers... Even if you know your stuff it's not desirable to spend a hell lot of time reading and hacking x86 while other people have relationships and party hard.
Best of securitytube for RE and security
Sun, 09/13/2009 - 14:22 | wishi
A collection of tutorials, videos and fun
I think it's an amazing site. There're many video tutorial sites these days. However the quality differs a lot. In the following I listed stuff I like so far. Feel invited to watch everything:
Programming
Python programming course from MIT - the advanced stuff may be of some interest, however it starts of with fairly trivial and introductorily mentioned stuff.
So fast - so weekly: Hackers used for US budget affairs
Sun, 04/26/2009 - 17:14 | wishi
All I can say: yes, affordable now.
Keeping the tradition of the blog up... just a short write-up this week. Lots of other dings to do. Nevertheless I had some fun with the recent top security news.
Valgrind on MacOS X Leopard
Wed, 04/15/2009 - 20:39 | wishi
No Linux required
Since quite a while I intended to have a look at Valgrind to have some real fun with C, without having to assume where the errors are. Valgrind has been recommended by many very experienced people to me as "the solution". Nevertheless I didn't want a Linux VM. Even with Portable Ubuntu this sucks.
A new perspective for exploit development
wishi's blog | Add new comment | 1+[encrypted]+#b94+ | Tags: C, C++, commandline-fun, Exploits, Unix
