Sunday, July 17, 2011

Know what you are doing

>>> Know what you are doing <<< Works ------------------------------------ | Ettercap Credentials Repository [ Download ] - [ README ] | DefensePro logs visualization tool | v1.0.1 - CLI [ Download ] | v2.0.0 - GUI [ Download ] | => requires ATT Graphic Visualization Library from http://www.graphviz.org/.
| DNS Flooder [ Download ] - [ README ]
| DCE-RPC Evasion proof-of-concept [ Download ]
| HTTP I(D|P)S detection & evasion tools [ Download ] - [ README ]
| Packet injection tool [ Download ] - [ README ]
| URL mutation [ Download ] - [ README ]
| IPS detection [ Download ] - [ README ]
| Multi-purpose port knocker [ Download ] - [ README ]
| Fake SNMP server module for honeyd [ Download ] - [ README ]
| Network, service (HTTP,FTP,SMTP,NNTP,POP3) and HTML pages integrity checking software [ Download ] - [ README ]

Papers -----------------------------------
| Web Services Security [ View ]
| Mitigating Scanners and Crackers [ View ]
| Contourner les I(D|P)S sans rien y connaître [ View ]
| How to test an IPS [ View ]
| Denial of Service Attacks [ View ]
| Covert Channels [ View ]
| Concepts and implementation of a security operation center [ View ]

Major Technical Conferences ------------------------
| OWASP France 2009 - Attacks on Web Services [ View ] [ POC ]
| BlackHat US 2006 - IPS Shortcomings [ View ]
| SSTIC 2006 - Contounement des I(D|P)S pout les nuls [ View ]
| IT Underground Prague 2006 - Some More DCE-RPC Tips and Tricks [ View ]
| CanSecWest 2006 - How to test an IPS [ View ]
| RSA 2006 - Encryption Issues [ View ]
| Assises de la sécurité 2005 - IPS Mythes et Réalité [ View ]
| BlackHat US 2005 - A dirty blackmail story [ View ]

Non Technical Talks ------------------------
| OSSIR Bretagne 2008 - Représentation graphique d'événements de sécurité [ View ]
| IT Security Summit 2008 - Fighting the Botnet Ecosystem [ View ]
| InfoSecurity 2007 - Turning an Intrusion Attempt into a Waterloo disaster [ View ]

Publications -----------------------------
|
| >> Published in MISC - French Security Magazine [ More ]
| #50 - Modèles de sécurité des WAF - July 2010
| #50 - Dossier Jeux en Ligne - July 2010
| #43 - Dossier Web Services - May 2009
| #37 - Dossier Dénis de Services - May 2008
| #34 - Représentation graphique des attaques - November 2007
| HS1 - Outils de scan - November 2007
| #30 - Analyse des botnets - March 2007
| #29 - Les Network Processors - January 2007
| #26 - Comment tester les IPS - July 2006
| #24 - HTTP Smuggling and splitting - March 2006
| #22 - Reporting et procédures de réaction - November 2005
| #22 - Collecte d'informations - November 2005
| #21 - Détecter les équipements en ligne - September 2005 - [ http-ips-detect.pl ]
| #19 - Les Dénis de Service réseau - May 2005
| #18 - Canaux cachés (ou furtifs) - March 2005
| #15 - Protocole RADIUS - September 2004
| #15 - Principes de l'authentification - September 2004
| #13 - Méthodes d'analyses de logs - May 2004
| #11 - Utilisation de SNMP (get|set) - January 2004 - [ SNMaP.sh ] [ SNMPoof.pl ]
| #10 - Technologies de VPNs - November 2003
| #09 - Le rôle d'un CERT - September 2003
| #09 - Collecte de traces Post-intrusion - September 2003
| #07 - Méthodologies d'audit de sécurité - May 2003
| #07 - Fuite d'informations - May 2003 - [ imgsrc.pl ]
| #04 - Les failles du protocole DHCP - November 2002 - [ maraveDHCP.pl ]
| #03 - Concept et contournement des IDS – June 2002
|
| >> Published in LinuxMag - [ More ]
| #HS13 - Définition d’architectures sécurisées – January 2003
| #HS12 - Gestion de logs de firewalls hétérogènes – November 2002
|
| >> Books
| Maîtrise des risques informatiques - Editions WEKA - [ More ]

Other ------------------------------------
| CTO of DenyAll [ Go ]
| Reach me : renaud @ domain.name.of.this.web.site
| Twitt (for site updates) : http://twitter.com/rbidou

http://www.iv2-technologies.com/~rbidou/