Peering Inside the PE

Format PE

LordPE
ResHack

Resource Hacking

BinDiff
PatchDiff2

IDA

IDA Python
Reversing Windows

OllyDbg
Paimei

Dissas / Debug

Immunity Debugger
Hex-Rays Decompiler
VERA
Bindiff

Comparaison
Format ELF

Reversing

.gdbinit

GDB

Manuel

Reversing Linux

Dissas / Debug

strace
watch
Bindiff

Comparaison
ForumCrack

French Reverse Engineering Team

Laboskopia

Websites

OpenRCE
Collaboratif

Woodmann
Fusil
Spike
BFB
Sulley

WSFuzzer

Web

JBroFuzz
Wireplay

Fuzzers

Protocoles

SSS
Nessus
Saint
Cisco-torch
GFI Languard

Rseau

Retina
SATAN
OpenVAS
NeXpose
Nikto
SecurityQA
Appscan
Acunetix
WebInspect
N-stalker
Dibuster

File Discover

Wikto
Nessus

SSL Ciphers

SSL digger
SQLix
SQL Power Injector
Orascan

Oracle

Absinthe

Blind

SQL Injection

SQLInjector
BSQL Hacker
Pangolin
Cookie Digger

Cookie

Add N Edit Cookies

Filext

Web

Extensions

Sprajax

Ajax

Firebug
Venkman

Javascript

Web Developer
Cenzic Hailstorm
Burp Intruder
R4ZCheater

Recherche de
vulnrabilits

Scanners

Flash
W3af

WSDigger
WSFuzzer

WSDL

Fuzzware
Websecurify
Netsparker
User-Agents
Firefuzzer
Skipfish
Lens
BugScam

ASP

IDApro

Binaires

RATS
ITS4
Fortify 360
Veracode
Pscan

Format String

Boon

Buffer Overflow

Splint

Code C
FlawFinder
CodeSonar

LAPSE

J2EE

Sources

Web Application
PMD

Java

FindBugs
FxCop

MSIL

Pixy
Spike PHP

PHP

RIPS
XSSDetect

.Net

NGSSquirreL

DBMS

Typhon III

Burp Suite
Paros
WebScarab
x5s

FireShark

Stack overflow

Definition

Heap overflow

Proxy

Web

Outils

Fiddler
CAL9000

Kernel Map

Web

Noyau Linux

Code Source

Buffer Overflow

Off-By-one

Integer Overflow
Race Condition

Principe
Exemples
Shellcodes

Shell-Storm
Beta3

Applicatif

Encodeur

Kernel Exploitation

Mac OS X
Windows

Return into glibc

Return into PLT

Exploitation

Linux

Ret-onto-ret
xssed.com
Short URL
Filter Evasion
Cross Site Scripting (XSS)

XSS Proxy

Proxy XSS

BeEF

Guide Bypass Filter

XST
CSRF
Blind SQL Injection
BSQL Hacker

SQL Injection

SQLmap
SqlNinja

MSSQL

Sqldumper

MySQL

Outils

wget

Aspiration

httrack
ReamWeaver
Astuces PHP

Web

Phishing

Exploitation de failles

Server Side Include (SSI)

Directory Listing
Cookies
Buffer Overflow
Escape shell
Fixation de session
XPATH

Base64

decode

__VIEWSTATE
Ldap Injection
ORM

Clickjacking Tool

Clickjacking

No More and 1=1

Core Impact
VulnDisco

Canvas

v3
Unleashed
Metasploit

XLSinjector
Ne0matrix

NST
BackTrack
Emerge

LiveCDs Scurit

Neosploit
Icepack
Underground

Firepack

Frameworks

Mpack
Irongeek

Outils PDA

NeoPwn

W3af
Netifera
VAST
Ronin
Matriux
Durzosploit
PenTBox
ISR-evilgrade
Definition
Site Digger
Google Gath
GoogleHacks

Tools

Goog-mail.py
Gpscan
intitle:
site:
Google Hacking

filetype:
ext:

Operateurs

|
intext:
inurl:
Advanced

GHDB
Google SOAP API Key
Societe.com
Pages Jaunes

France

Google Finance
Moteur de recherche

Yahoo Finance
intelius.com
webinvestigator.org

International

Entreprise

EDGAR
Swiss army knife internet tool
411

US

thephonebook

UK

123People
Pages Blanches
ip:

Personnes

France

Operateurs

MSN Hacking
Kartoo
Gegereka
Definition
DNS
SpiderFoot
Site digger

Rcolte d'information

SamSpade
Tools

Maltego

Footprinting

FOCA
Hostmap
Whois
Reverse IP
Netcraft
ManHack
Google groups

Newsgroups

Pagesjaunes

Annuaires

archives.org

Sauvegardes

monster.fr

Emploi

myspace

Social

facebook
LanSurveyor

Mapping

Web Profond
Heritrix
The Insider

Windows

HTTP

Reverse

Trojans

Meterpreter
Netcat
Web Backdoors

Web

c99madshell

Backdoors
SecurityFocus

Dnscat

Secunia

Ncat

CVE

Rootkit.com

Rootkits

Bootkit

USDOJ

ISS XForce

CWSandbox

Spy Act

Certa

USC 18, 1029

OSVDB

Sanboxie

Analyse

USC 18, 1030

Malware

Microsoft MP

USC 18, 1831

SecurityForest

USC 18, 2318

Vupen

Virus

USC 18, 2320

VulnDisco

Worms

USC 18, 2510

Keyloggers

USC 18, 2701

Astalavista

USC 47, 605

Rootexploits

US

Yet Another Binder

Lois

Pretator Wrapper
Binders

One File EXE Maker

Portugal

Stealth Tools

Inj3ct0r

Lei 109/91

Exploit Database

BoxedApp
offensivecomputing

OPSI

Europe

Datatbase

LesNouvelles.net

Actualit

Europa.eu

Packers

Packet Storm

Exploits

Policia Judiciaria

Angleterre

UPX

Gerix

Bruce Schneier
Milw0rm

Anubis

NetStumbler

Crypto

USC 18, 1362

Wepawet

Portail Scuit Informatique

LegiFrance

Deface

Juriscom

Attaques

Linux

France

Lgislation

Scanner

Talisker

Windows

DADVSI

aircrack-ng

FlazX

Ebooks

Hadopi

Zillr
SANS

Veille

LOPSI

airbase-ng

Aircrack

NIST

OCLCTIC

wessid-ng
Cracker WEP

Respect

WepAttack

France

SpoonWep
Drivers Linux

hostapd

Signalement
WiFi

DST

SecurityProcedure

BEFTI

Politiques de scurit
Chats

Internet Signalement

IRC

Usenet

Opensc

iwpriv

Hoax

HoaxBuster

Videos

Matriel

SecurityTube
HZV

aireplay-ng

Hakin9

Airpwn

Injecteur

Magazines

Lorcon
Bbkeys

#hzv

Governmentsecurity

Commandes

Alvarion

Comptechdoc

HackerzVoice
Forums

Fab-Corp

irc.worldnet.net

Newsgroups

CERT

iwconfig
iwlist

CERT

Ressources

CNIL

Ralink AP

Autoformation

Zone-H

Article 323

MAC

Kismet

NIST NVD

VirusTotal

SandBox API

KisMac

PhpSecure

Alertes

2600
MISC

BBOX

Hotspot

(IN)Secure

Bloover

Wiki

BlueMaho

Hakipedia

Education

Jacknsee

BTCrack

Netvibes

Outils

BluePrint

PullThePlug

Yahoo Pipes

BTscanner

Outils de veille

BT Info

Newbie Contest

PostRank

Try2Hack

Tattler

BlueJacking

Bluetooth

Security Challenge

Dapper

HackBBS

BlueSpam
BlueSnarfing

Challenges

BlueBug

Attaques

BTKeylogging

Overthewire
Intruded
Smashthestack
Crackmes

BluePrinting

DefisFC

BlueSmacking

FPGA

Short Pairing

XSS Test

Wireshark

WebGoat

Cain&Abel
Dsniff

Outils

Dawn Vulnerable Web App

Sniffing

Mutillidae

tcpdump

Moth

Ettercap
Yersinia
Smac

Framework Web

DHCP

Mise en Pratique

Linux

Hackme Casino

MAC
Spoofing

All Manuel
Yersinia

NseDoc

Samurai
OWASPBWA

Routage

Arp-sk

Hackme Bank
Hackme Books

Windows

Mac Changer

lekernel

Damn Vulnerable Linux

ARP
LiveCD

Scripts NSE

nmap

RadialNet

De-ICE Challenge Disks 1

PenTest Lab Project 1

Outils

Scanning

pWnOS

thcrut

Oldapps

Scapy
Anciennes Versions Logiciels

Nemesis
Forging

Packet Excalibur

OldVersion
Old Vulnerable Softwares

Machines Vmware

Mausezahn
httport

De-ICE Challenge Disks 2

HTTP

httptunnel
Stunnel

SSL

Corkscrew

SSH

itun
ptunnel

ICMP

Tunneling

icmptx
nstx
Heyoka

HZV

DNS

THC

Iodine
SteganRTP
Windows 4
Linux

CCC

RTP

Externe

2600

Interne

Libre

Activation Routage

Applicatif

2600fr

ping
En ligne
VisualRoute

PhenoElit

VisualRoute

Catgories

rootsecurity

Wireless

/tmp/lab

Telephonie
Physique

FNORG

Neotrace

traceroute

traceroute

Routing

Outils

CLUSIF

Communauts

Command

tracert

Professionnels

tcptraceroute

Hunt

BGP

nmap

Boite Blanche

OSSIR

Boite Noire

SANS

Secret 1

Modes

MITRE

IRPAS

sprint

Types

Public 2

ANSSI

OWASP

ENISA

CHECK
Publique

HackerSpaces

Actif

Techniques et outils

xprobe2

OISSG

OS

p0f

ISACA

Methodologies

Passif

IBM

nmap
amap
Httprint
CMS Explorer

Smtpscan
midfp

Hacking

Rseau

ISS

Test d'intrusion

Proprietaire

Fingerprinting

Applicatif

SMTP

TCP/IP

CEH
ECSA / LTP

Client Mail

mssqlfp

MSSQL

ScoopyNG

VMware

CISSP
CISA
CHECK

masqd

Timestamp

Winfingerprint

Certifications

Enumration

WinScanX

CPTS

Netbios

Security560

community

private

GPEN

snmpwalk
Outils

Engineer's Toolset

SNMP
Hacker's Manifesto_by_The Mentor

Philosophie

C
x86

MIBsearch

MIBS

oidview

arm
ASM

dnsstuff
Perl

host
nslookup

gcc

DNS
Linux

SSTIC

dig

txdns

Programmation

Insomni'hack

Enumration

ARP Cache Poisoning

iAWACS

MAC Flooding

FrHack

Dev-CPP
Windows

HES

ICMP Redirect

RSSIL

tasm
Windows Batch
c++
Base de donnes

Pas Sage en Seine

webmitm

DefCon

HTTPS
Las Vegas 2009

SSLStrip
MITM
Service

SSH

Format de fichiers

Blackhat

Info Security

sshmitm

IDE

Salons/Confrences

Ruby

AppSec

filtre ettercap

Hack at Random

dnsspoof

ConfCon

International
DNS

SecurityTubeCon
Passerelle

EICAR

Ldapbrowser

Rooted Con

Jxplorer

Codegate

dnsmasq

Ldapminer

Calendrier Google Securit

LDAP

Modsecurity

w2kdad.pl
Apache

AD Explorer
EggDrop
HNAP0wn

Bot

Mod_antiloris
IISLockDown
URLScan

Citrix

PageXchanger

IIS

H.323

.NET

SIP
Web

Firefox

Client

SIP

EnumIAX

IAX

Ioncube
PHP

ZendGuard

Enumration

Online

sipsak

Interpolique
VoIP

Sivus

JSecurityModule

Scanner

Java

Forgeur

Web Checksums

SIP

smap

NoScript

Framekiller

MGCP
Fournisseurs

Sipscan

Code Access Security

Librairie AntiXSS

Protocoles

IAX
Megaco

Mod_negotiation

IRC

HNAP (Dlink routeur)

Skinny

OWASP ESAPI
Wafp
Zabbix

Fingerprint

Nagios

sipcrack

SIP

sipvicious

Cracker

Plugin IAX

Ntop
Outils

OSSIM

Cain & Ebel

Wireshark

Alertes IDS

Flux RTP

Honeynet Security Console

Schma

Zoiper

Visio

Splunk
Centreon

Bande Passante
46Bouncer

The Art of Deception

Monitoring-Fr

IPv6

Livres

ARPWatch NG

ARP

Winarpwatch

dumpster diving
chantage

DNS

Techniques

DNSSEC
Mthodes de dtection

vol d'identit

Promiscan

mail

Promiscious

messenger

ProDetect

Moyen
netcat

physique

socat

fax

Netcat SSL

Outils

SE Framework

TCP/IP

SocialPET

putty

Framework

plink

SE Toolkit
Diffrentielle

Cryptanalyse

Quadratique

Rseau

Matriel

Routage Avanc Linux

Linux

QOS

wipe
DECAF

Anti COFEE

802.1p

SnortSam
Writing Rules

NIDS
BRO
Suricata

DEFT Linux

OSSEC

LiveCD

Scanlogd

WeakNet

HIDS

PHP-IDS

Forensics WiKi

Fail2Ban

Winlockpwn

FireWire

WinLockPwn Update
Gonzor SwitchBlade

Performances

DOS

Prolexic

Internet Box

antidos.cfg

Matriel

Consoles

Xbox

PortSentry

IPS

GSM
EEE PC

iperf

DOS-Deflate

USB U3

Wii

Upgrade

LdapWiki

Forensic

Helix

Livebox

LDAP

Snort

Volatility

Freebox

802.1q

AcidLab

MoonSols

Open Freebox

ToS <-> DSCP

VLAN

Logiciel

Analyse de liens

Windows Memory Toolkit

HTB

DSCP

Encase
FTK

Apache

Nipper

Routeurs

"Unbalanced Oil and Vinegar"

ISCForensic

HAProxy

Load Balancer

Linaire

LnkAnalyser

AntiSniff

Social Engineering

tlphone

Ordinateur

SourceFire

IPv6

IPv6 Broker

NAC

PacketFence

Gestion de parc

Jtag Toolkit
OpenOCD

Switchs

JTAG

GLPI

OpenFlow

Grsecurity

Cables
Linux

PirateBay
Mininova

PaX
Debian

Torrent

Demonoid

OS

Windows

Backports

ADS

ADS Spy

Anti ADS

StrmExt.dll 3

Cracks.am
Craagle
RemoveWAT

FreeBSD

Cracks
BSD

Windows 7
Cracklab

NetBSD
OpenBSD

Softs
Gestion Patch

mencoder

Encoder Downloader

mimms

TNT via Internet

TNT

pfsense
Netfilter

MySQL

Ebooks

Zillr

Certificats

TinyCA
Gandi

Recherche

Multi-Load

Outils

OVH

Upload

Free
John the ripper

GreenSQL

Cacert

Convertion

IRC

APF

FwBuilder

MP3
SQL

FlazX

Convertfiles

WSUS

Vyatta

StationRipper

Searchirc

Warez

Videos

TV Online

Winamp PlayList

Microsoft

m0n0wall

Firewall

wwiTV

Distributed John

Scurit

Images

Bayimg

Blogs

Linux

Baywords

Power-heberg

pwdump

Hbergement

Dump SAM

fgdump
lsadump2

Dedibox

Dump LSA

VPSlink

US

Comparatif

MSCash

Bunker

Dump Cache

CyberBunker

Bulletproof

Cain & Abel

Vmware

Windows

DUMP SAM / LSA / Cache

EasyVMX

Virtual Box

Virtualisation

Local

LCP

Hostbp

Virtual PC

Windows Serials
LC5

Xen

Brute Force

OpenVZ

PasswordPro

HoneyNet

Astuces
Cmospwd

Honeyd

Linux

BIOS

!Bios

Nepenthes

Honeypots

Windows

Ophcrack

Windows

NTRecovery

CDrom

Specter
HoneyWall

LiveCD
CobiT

Kon-boot
GooglePasswordDecryptor

Standarts

Google

Mehari
PCI DSS

Access Diver
Bugmenot

En Ligne

HTTP

Serveur

smbcrack2

SquidGuard

Squid

DansGuardian

SMB
netstat

Medusa
Hydra

Process Explorer

Divers

Monitoring Local

Service

Ncrack

Regmon
Filemon

IKECrack

IPsec

VPN

VNCPwdump

VNC

TSgrinder

RDP

IKE-scan

Dictionnary Maker

Tripwire
AIDE
Intgrit

Integrit
ISC White List Hashs

Gnrateur

Sauvegarde

Liste Phenoelit

Cracking

Par dfaut

Liste CIRT.net

Bacula

G4U

Ghost

OpenWall

G4L

Dictionnaire
Clamav

SourceForge
AntiVirus

ftp.ox.ac.uk

Windows

Mobile

Fichiers

Word-list.com

Chkrootkit
Linux

Outpost9

Rootkit Hunter
Rootkit Profiler

WEP

AntiRootkit
Sophos Anti-Rootkit

Skullsecurity
Windows

FreeRainbowTables

McAfee Rootkit Detective

En ligne

Passcracking

GMER
TightVNC

WPA Rainbow

Rainbow Table

Fichiers

Offensive WPA Rainbow

Pstool
Distance

RainbowCrack

RealVNC

Outils

LogMeIn

The-UDC
Administration

Distributed Hash Cracker

Distributed

WPA Cracker

OS

Mosix

Matriel

MD5

Alternate Data Stream (ADS)

Fichiers

Collisions

Suppression donnes
FAT32

TrueCrypt

Systme de fichier

Linux

GPG

MAC

MACGPG

Eraser

Linux

Lsat

Ext2/3

tunefs

Checksec.sh
MBSA

chattr
Audit Systme

UFS

Windows

Security System Analyser

AccountAudit

hping2
firewalk

CIS Benchmark Tools

Test

NSA Configuration Guides

ftester

Firewalling

httptunnel

PSSI

Guide

SSI
Gestion de risques

Covert Channel

httport / Htthost

Sensibilisation

Source Port
Test

IDS

Physique
Portable

Web

Track

Postes

Nuker
Trinoo

DOS

TFN2K
BotNET
Energy Mech
Botnet

Kreiosc2
TRiAD
slowloris

Apache

pyloris
Ecoute tlphonique
Camra vido
Emetteur GSM
GPS
Micro espion
KeyGhost

Espionnage

Matriel

Sans Fils
Keylogger

Event Interface
LKL

UserLand

Linux

Logiciel

KernelLand
Tempest
Appsentry
Toad

Outils

Client

Oracle

Toad

Client

Outils

MSSQL

Toad

Client

Outils

MySQL

Outils
Toad

Client

Base de donnes

PostGRE

Outils

Multiproxy

DB2

Parallle

Proxychains

Srie

Sockschain
Tor

Distribu

OnlineAnonymizer

Proxy

En ligne

Samair.ru

Listes

Access Diver
ProxyJudge

Script

Proxy Checker

ProxFetch
WiFi

Anonymat

Jetable.org
Slopsbox

Email

Yopmail
No-Log

Internet

3G SFR
IPredator

VPN

Ipodah

Yescard
RFID Zapper
RFIdiot

Carding

RFID

RFDump
CanalSat
THC Scan
THC-SCAN NG
Wardialer

iWar
PhoneSweep
Blue Box
Beige Box

Attaques

Phreaking

Outdial
Hacking PABX
Blacklisting
Modem Motorola SM56

Commandes AT

Modems

Minicom
bumping
dcodage
impression

techniques

clef molle
raclage
demi-diamant
snake
five mountains
broken-key extractor

picks

lune

Lockpicking

demi-lune
double-lune
pickgun

automatiss

lockpicks.com

Outils

revendeurs
bumpkeys
passes
jigglers

trousseau de st pierre
Blackbag

Sites

Image
Video
Son
Spammimic

Stganographie

Spam

Stegdetect
StegSpy
Analyse

StegAlyzerAS
StegSecret
iFuntastic
AppSnapp

ZiPhone
AnySIM
Attack with Metasploit
BBProxy

JailBreak

Unlock

BlackJacking
ActiveSync

blackhatseo
seoblackout

Iphone

Attaque

GSM

BlackBerry

Windows Mobile

Black SEO

RSSI

Optimisation

Email Bomber

DDOS

Prey

Consultant

Ping of the Death

Tribe Flood

Adeona

DSI

Stress

The Grinder

Advanced Email Bomber

MEHARI

Mobilegov

WAS
Jmeter

EBIOS

Secureman

Amovible

TCPOpera

Keylog

Mthodes

Bypass

TCPRelay

Keykeriki

GPG

Lynis

chmod

Electromagntique

EFS

Wipe

Ext2 IFS

fpipe

Keepass

Linux Live Scripts

Windows

NTFS

Junction Point

Linux

Cryptographie

Cartes FPGA

Gestionnaire

Ma-config

Partitions

Clustering

OpenMosix

HashClash

Baies

Pilotes

LCIC

Pico

Rseau

Mot de passe

WPA Password Cracker

linux

F-secure

Iscanner

Cotse

WepAttack Wordlist

OpenDNS

Proxy

Fireforce

windows

VisioCafe

LinuxMCE

Softphone

eyeP
FranceIP

Sguil

Monitoring

Vomit

Xlite

Rfrencement

Cygwin
masm

GS Days

Rseau

DHCP Spoofing

RockXP

Visual Studio

Francophone

Port Stealing

Pwdumpx

Compilateurs

Les Assises

dnsenum.pl

CacheDump

fasm
nasm

Nuit du hack

fierce

VoIPscanner.com

sparc
mips

BiLe

filtre ettercap

Editeur

PHP

snmpcheck.pl

SSH2 Downgrade

OSCE

Python

MIB Browser

filtre ettercap

OPST

OSCP

public

John The Ripper

FoundStone
EC-Council LPT

HTTP

CMS

OSSTMM

Poste client

Windows

CCleaner

Packets ARP

Eclipse

DBDesigner
Wotsit
FilExt
PyDev

Ruby Best Practices

Leo

Notes
1) Secret
Personne n'est au courant du droulement du test d'intrusion sauf le rsponsable scurit.

2) Public
Toute l'quipe scurit est au courant du droulement du test d'intrusion

3) StrmExt.dll
opier cette dll dans votre rpertoire systme "system32" (probablement "c:\windows\system32"). Faites "Dmarrer > Excuter" et tapez
"regsvr32 StrmExt.dll".

4) Windows
Base de registre:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
Cl:
IPEnableRouter
Valeur:
1

5) Linux
Commande Shell:
echo '1' > /proc/sys/net/ipv4/ip_forward