- Korea times
- 끌리면 오라...BGM 광고음악 라이브러리
- KartOO visual meta search engi…
- E-Book
- Channel9
- MSDN
- 여리의 작업실
- 유경상의 .NET 블로그
- window 쪼물딱 거리기
- 블루 홈(소현이 누님)
- IT 관련 전반 내용(정환이네)
- 비너스의 정보 공유(유틸리티들)
- 형기의 자료공간(디지털ERA에서 콘텐츠ERA로)
- EzineArticles (여러 분야의 글들이 올라옴)
- Relationship을 보여주는 라이브러리
- OpenRCE
- 젠틀의 블로그(무선 통신의 모든것)
- 헐랭이와 IT보안
- 워니. 추억ㅇㅔ ㅂㅣ추ㅇㅓ.
- Computer Forensics
- 토익 광장(YBM)
- Korea Times 이용하기
- Larkware Software
- TCP/UDP
- Black Hat
- DEF CON
- Slashdot
- ReallyUsefulEbooks.com Update
- 실리콘밸리 뉴스
- Application Development Trends
- Visual Studio Hacks
- MIT OCW
- Redmond Developer News
- SecurityFocus
- Microsoft Window Hacking Porta…
- Darknet - Don't Learn to Hack …
- Windows Tips, Tricks and Hacks
- Hack In the Box
- (IN)SECURE Magazine
- SuperSite Windows Vista
- Government Security
- Life is Still Talking (Good)
- PHRACK
- Found+Read(resource for startu…
- Jonathan Boutelle
- Venture Hacks
- 스마트플레이스
- All about Intellipedia
- Undocumented Windows 2000 Secr…
- HexBlog (Decompiler)
- TED (Ideas worth spreading)
- Crash Dump Analysis and Debugg…
- Rootkit
- DDK Developers(MS)
- 미친 감자의 블로그
- The Art of Assembly Language
- Chpie (키보드 후킹)
- Drivers Online
- (음악) Delicate SONG
- Reverse Engineering Community
- Software Best Practices
- Sara Ford's WebLog
- Cheat Happens
- Debugging,Unpacking,Assembling…
- 윤석찬님 블로그
- OK 괜찮아 다 잘 될거야
- RingBlog
- Art Life :: 하늘소
- IT's Paradise
- John Robbins!
- Wintellect
- Hacked Gadgets
- 소프트웨어 이야기
- Ryan Naraine's Zero Day
- VULN
- Stay Secure
- EBS 영어 공부(블루워터)
- 101BLoG : "Bright Size Life" o…
- Hacker Challenge
- Hackers Center
- White Hat, Chicago Con
- Ethical Hacker Network
- ChaseNet (Security)
- TechTarget
- Entrepreneur
- Infopackets
- Popular Science
- Dark Reading - The Business of…
- How Stuff Works
- codeDriver - Crack (역공학)
- Gadget (Windows)
- Serious Code
- Iguacu Blog(블루문)
- SecurityProof
- Power of Community(Hacker)
- Crack ?
- Security Freak
- Data Network Resource
- FoundStone - Security Consulti…
- Google Online Security Blog
- (BOOK) Cool DogBooks
- SachaBarber (좋은 개발자)
- System Software Incorporation
- 스카이 벤처
- NewsTorrent
- 글로벌 IT 네트워크
- Ethical Hacking and Infosec
- Realms of Hacking tricks
- CodeBreakers Journal
- Anti Rootkit Blog
- The Reverse Code Engineering C…
- Anti-Debug Tools
- Reverse Code Engineering Video…
- Damn Vulnerable linux
- Security Problems
- French Reverse Engineering Tea…
- Monac
- Open Source Vulnerability Data…
- Viruschaser 검사(바이러스)
- Windows Tips
- 보안 대처 연습
- [Download] Kartz CD
- [Download] FlMS Download
- [Download] DDL2
- 중국 해킹 사이트(안전중국)
- 바이러스 분석
- Javascript 전문가
- Virus Alert Zone (바이러스 분석)
- Computer World
- 문스랩닷컴(보안)
- Unpack China
- Black Storm Reverse Engineerin…
- 역공학 Reverser
- 문화 망명지 - 시, 소설
- WPF MVP
- Research Channel
- The Problem Solver - C# MVP
- Reversing - 리버스 엔지니어링
- Nigel Spencer's Blog (.NET)
- Kirill Osenkov (.NET C# IDE Te…
- H33T (BitTorrnet 검색 사이트)
- ITL (해킹, 보안)
- ITL (Invisible Things Lab) Blo…
- ebook, pdf, chm
- 주식 - 멘토클리닉
- CherryLove - 바이러스, 백신, 악성코드
- PMP
- 영원한 해커, hacker
- 리버싱, PE
- 신호철 - dsphome
- TechEd 2009
- SHOUT
- [도서] 오디오북
- [도서] 전자책
- [도서] 국내도서요약
- [도서] 해외도서요약
- TopCorder - 프로그래밍 연습
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | ||
6 | 7 | 8 | 9 | 10 | 11 | 12 |
13 | 14 | 15 | 16 | 17 | 18 | 19 |
20 | 21 | 22 | 23 | 24 | 25 | 26 |
27 | 28 | 29 | 30 | 31 |
- english
- Microsoft
- Windows 7
- Visual Studio
- 닷넷
- 보안
- 비주얼스튜디오
- VSTS 2010
- Windows
- 마이크로소프트
- 디버그랩
- .NET Framework
- 해킹
- 비주얼 스튜디오
- 디버깅
- security
- visual studio 2010
- 책
- debugging
- VSTS
- hacking
- 구글
- MVP
- 역공학
- C#
- .net framework 4
- WPF
- .net
- Today
- Total
NaggingMachine
포렌식스 관련 웹 정보 본문
이 글은 다음 사이트에서 가져온 것입니다.
http://blog.naver.com/seoinbum?Redirect=Log&logNo=20034689111
Tony님 감사합니다.
■ 사고대응관련 기관
국내
CERTCC-KR - http://www.certcc.or.kr/
SecurityMap.Net IRC - http://www.securitymap.net/
KRNIC - http://ip.nic.or.kr/
CONCERT - http://www.concert.or.kr/
경찰청 - http://www.ctrc.go.kr/
검찰청 - http://icic.sppo.go.kr/
국정원 - http://www.nis.go.kr/
국외
FIRST - http://www.first.org/
APCERT - http://www.apcert.org/
TF-CERT - http://www.terena.nl/tech/task-forces/tf-csirt/
■ 취약성 정보 제공 사이트
CVE
http://cve.mitre.org/
CERTCC-KR
http://www.certcc.or.kr/
Securityfocus
http://www.securityfocus.com/
CERTCC
http://www.cert.org/
CIAC
http://www.ciac.org/ciac/
SANS ISC
http://isc.sans.org/
■ PGP software
PGPi
http://www.pgpi.org/
GnuPG
http://www.gnupg.org/
## 유닉스 피해시스템 분석 ##
■ 분석 도구
netcat
cryptcat
http://www.atstake.com/research/tools/network_utilities/
http://sourceforge.net/projects/cryptcat/
lsof
ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof
nmap
http://www.nmap.org
http://www.certcc.or.kr/tools/Nmap.html
http://www.neohapsis.com/neolabs/neo-ports/
chkrootkit
http://www.chkrootkit.org/
sleuthkit/autopsy
http://www.sleuthkit.org/index.php
TCT
http://www.porcupine.org/forensics/
분석도구링크사이트
http://www.sleuthkit.org/links.php
http://www.opensourceforensics.org/tools/index.html
http://www.linux-forensics.com/downloads.html
분석 CD
snarl - http://snarl.eecue.com/articles/
FIRE - http://fire.dmzs.com/
■ 무결성 관련 사이트 및 도구
Tripwire
http://www.certcc.or.kr/tools/tripwire.html
SUN fingerprint
Database
http://sunsolve.Sun.COM/pub-cgi/show.pl?target=content/content7
Known Goods
http://www.knowngoods.org/
Cyber Abuse
http://rk.cyberabuse.org/
NIST NSRL
http://www.nsrl.nist.gov/
Hacker Keeper
http://www.hashkeeper.org/
■ LKM 관련 자료
Solaris LKM/BSD LKM/Linux LKM
http://www.thc.org/papers.php
Knark 분석문서
http://www.certcc.or.kr/paper/paper-2.htm
http://www.securityfocus.com/guest/4871
Runtime Kernel Patch
http://phrack.org/phrack/58/p58-0x07
Adore LKM
http://www.team-teso.net/releases.php
kstat
http://s0ftpj.org/en/site.html
carbonite
http://www.foundstone.com/
■ log 분석 및 관리
Counterpane
http://www.counterpane.com/log-analysis.html
■ 코드분석
strace
http://www.liacs.nl/~wichert/strace/
ltrace
http://packages.debian.org/stable/utils/ltrace.html
fenris
http://lcamtuf.coredump.cx/fenris/devel.shtml
REC
http://www.backerstreet.com/rec/rec.htm
IDA Pro
http://www.datarescue.com/idabase/ida.htm
## Windows 피해시스템 분석 ##
■ 디스크 복제
EnCase http://www.guidancesoftware.com/
Safeback http://www.forensics-intl.com/
Ghost http://www.symantec.co.kr/
TrueImage http://www.acronis.com/products/trueimage/
Windows dd http://unxutils.sourceforge.net/
http://fire.dmzs.com/
VOGON Image http://www.vogon-international.com
Fastbloc http://www.guidancesoftware.com
netcat
http://www.atstake.com/
http://sourceforge.net/projects/cryptcat/
■ 피해 정보 수집
psinfo, uptime, loggedon,
pslist, listdlls, handle, streams http://www.sysinternals.com
fport/vision, sfind http://www.foundstone.com
promiscdetect http://ntsecurity.nu/toolbox/promiscdetect
listmodules, LNS http://www.ntsecurity.nu/
■ 초기대응 자동화 도구
Biatchux http://biatchux.dmzs.com/
IRCR
http://packetstormsecurity.nl/Win/IRCR.zip
■ 파일 분석
fs
http://protools.anticrack.de/files/utilities/fs.zip
SECRETS http://www.invisiblesecrets.com
EnCase http://www.guidancesoftware.com
FTK http://www.accessdata.com
bintext http://www.foundstone.com
■ NT 루트킷
NT 루트킷 동작원리 http://www.phrack.org/show.php?p=55&a=5
NT 후크(hook) 프로그래밍 http://www.iamaphex.cjb.net
NT 후크(hook) API http://www.anticracking.sk/elicz
HookTool http://www.ivosoft.com/
Windows API 보호 프로그램 http://www.watchguard.co.kr/slock.htm
■ 디스크 분석
디스크 탐색기 http://www.restorer2000.com
http://www.runtime.org/
플로피디스크/하드디스크 분석 http://home.ahnlab.com/securityinfo
Seagate 디스크 유틸리티 http://www.seagate.com/support/software
Maxtor 디스크 유틸리티 http://www.maxtor.com/en/index.htm
SAMSUNG 디스크 유틸리티 http://www.sec.co.kr
슬랙 공간 검색 프로그램(NTI) http://www.secure-data.com
■ 메모리 덤프
Windows NT memory dumps http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q235496&
Windows 2000/xp/2003 memory dumps http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q254649&
Windows Debugging Tools http://www.microsoft.com/whdc/ddk/debugging/default.mspx
pmdump http://ntsecurity.nu/toolbox/pmdump
■ Timeline 분석
Wininterrogate http://winfingerprint.sourceforge.net
■ 파일 복구
휴지통 폴더 분석(Rifiuti) http://sourceforge.net/projects/odessa
파일 복구(Undelete) http://www.execsoft.com/undelete
GetDataBack http://www.runtime.org
File Recover http://www.filerecover.com
■ 임시파일 분석
Cache Auditor http://www.webknacks.com/
PurgeIE Pro http://www.purgeie.com/
History Reader http://www.wbaudisch.de/HistoryReader.htm
IE Cookie File
IE Internet Activity http://sourceforge.net/project/odessa
Examiner http://www.paraben-forensics.com/examiner.html
■ 로그 파일 분석
NT Security Event IDs http://support.microsoft.com/default.aspx?scid=kb;en-us:174074 --> x
Windows 2000 Event IDs http://www.microsoft.com/korea/windows2000/techinfo/messages/default.asp
EventCombMT http://www.microsoft.com/downloads/release.asp?releaseid=36834
이벤트 로그 모니터링 http://www.tntsoftware.com
원격 이벤트 로그 수집 http://www.kiwisyslog.com/
http://www.rippletech.com
Log Parser http://www.microsoft.com/windows2000/downloads/tools/default.asp
웹서버 공격 로그 점검 http://www.securitymap.net/sdm/docs/ids/fingerprint-80-attack.txt
Log Parser http://securityfocus.com/infocus/1712
SQL-Inject 공격 분석 http://www.nextgenss.com/papers/advanced_sql_injection.pdf
http://www.spidynamics.com/whitepapers/WhitepaperSQLInjection.pdf
■ 바이너리 프로그램 분석
Filemon, Regmon, CPUmon, TDImon, procexp, strings http://www.sysinternals.com
Winalysis http://www.winalysis.com
strace http://razor.bindview.com/tools
Tripwire http://www.tripwire.com
Undelete 3.0 http://www.execsoft.com/undelete
INTACT http://www.pedestalsoftware.com
API Spy http://www.matcode.com/apis32.htm
SoftICE http://www.numega.com/
PE File Format http://spiff.tripnet.se/~iczelion/files/pe1.zip
http://www.windowsitlibrary.com/Content/356/11/toc.html
PEiD http://www.mesa-sys.com/~snaker/peid
UPX http://upx.sourceforge.net
gt030 http://surf.to/phax
fd/fi FileScanner http://protools.anticrack.de/files/utilities/fd.zip
http://protools.anticrack.de/files/utilities/fi.zip
Programmer’s Tools http://protools.cjb.net/
IDA Pro http://www.datarescue.com/idabase/ida.htm
PE Exploere http://www.heaventools.com/
■ 패스워드 해독
@stake LC http://www.atstake.com/
John the Ripper http://www.openwall.com/john/
chntpw http://ntpass.blaa.net/
rawwrite2 http://home.eunet.no/~pnordahl/ntpasswd
패스워드 복구 프로젝트 http://www.openwall.com/passwords
ELCOMSOFT http://www.crackpassword.com/
Russian password crackers http://www.password-crackers.com/
Passware Kit http://www.lostpassword.com/
AccessData http://www.accessdata.com/
PasswordService http://www.passwordservice.com/
## 공격자 모니터링 ##
■ 네트워크 모니터링
TCPDump
http://www.tcpdump.org
http://windump.polito.it/
tcpflow
http://www.circlemud.org/~jelson/software/tcpflow/
ngrep
http://www.packetfactory.net/Projects/ngrep
ethereal
http://www.ethereal.com/
snort
http://www.snort.org/
p0f
http://www.stearns.org/p0f/
dsniff
http://monkey.org/~dugsong/dsniff/
■ 시스템 모니터링
sebek
http://www.honeynet.org/papers/honeynet/tools/index.html
ComLog
http://iquebec.ifrance.com/securit/
evtsys
https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys
원격 이벤트 로그 수집
http://www.kiwisyslog.com/
■ Honeynet/Honeypot
Honeynet.Org
http://www.honeynet.org/
backofficer
http://www.nfr.com/resource/backOfficer.php
Deception Toolkit
http://all.net/dtk/index.html
Honeyd
http://www.citi.umich.edu/u/provos/honeyd/
Tracking Hackers
http://www.tracking-hackers.com/
Honeypots.net
http://www.honeypots.net/
bridge Firewall
http://doc.kldp.org/wiki.php/DocbookSgml/Bridge_Firewall-KLDP
Firewall 관련자료
http://doc.kldp.org/wiki.php/LinuxdocSgml/Firewall-HOWTO
Netfilter
http://doc.kldp.org/wiki.php/DocbookSgml/Netfilter-hacking-TRANS
Firewall 설정
스크립(rc.firewall)
http://www.honeynet.org/papers/gen2/rc.firewall
Vmware
http://www.vmware.com/products/
UML
http://user-mode-linux.sourceforge.net/
## 공격자 추적 및 대응 ##
samspade
http://www.samspade.org/ssw/
ARIN
http://www.arin.net/index.html
APNIC
http://www.apnic.net/apnic-bin/whois.pl
RIPE
http://www.ripe.net/perl/whois
LACNIC
http://lacnic.net/cgi-bin/lacnic/whois
KRNIC
http://whois.nic.or.kr/
이메일 환경개선 추진 협의체
http://www.antispam.or.kr/
Network Abuse Clearinghouse
http://www.abuse.net/
Fight Spam
http://spam.abuse.net/
Spamcop
http://www.spamcop.net/
Mail Abuse Prevention System
http://mail-abuse.org/
'TechnoBabbler' 카테고리의 다른 글
티스토리에서 소스 코드 깔끔하게 보여주기 (0) | 2008.01.24 |
---|---|
Installing and booting Windows XP from USB drive -- Guide (1) | 2008.01.07 |
Certified Ethical Hacker - CEH (0) | 2007.12.28 |
Microsoft, 테스터들을 끌어안다. (0) | 2007.11.06 |
Internet Security (0) | 2007.10.29 |