• https://en.wikipedia.org/wiki/Tamperproofing# SeC
• https://en.wikipedia.org/wiki/ISO/IEC_27001#
• https://llvm.org/docs/LibFuzzer.html
• https://github.com/google/fuzztest

Firewall Debian : http://www.cyberdogtech.com/firewalls/

sudo apt-get install fwbuilder fwbuilder-linux

firewall rules

iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 8000 -j DNAT --to-destination 192.168.0.1:80

nmaproot@ttyp0[[nrv]]# nmap localhost
Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-02-27 09:14 CET
Interesting ports on localhost (127.0.0.1):
(The 1639 ports scanned but not shown below are in state: closed)
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
25/tcp    open  smtp
53/tcp    open  domain
79/tcp    open  finger
80/tcp    open  http
98/tcp    open  linuxconf
110/tcp   open  pop3
111/tcp   open  rpcbind
113/tcp   open  auth
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
515/tcp   open  printer
631/tcp   open  ipp
953/tcp   open  rndc
993/tcp   open  imaps
995/tcp   open  pop3s
4000/tcp  open  remoteanything
8007/tcp  open  ajp12
10000/tcp open  snet-sensor-mgmt
Nmap run completed -- 1 IP address (1 host up) scanned in 4.953 seconds

check for unknown services :

nmap -sS -O -sV -vvv localhost

8007/tcp  open  ajp12?

lsof -i @localhost:8007
|   1322 www-data    5u  IPv4   4138       TCP localhost:8007 (LISTEN)

http://www.insecure.org/cgi-bin/servicefp-submit.cgi

netstat -tap | grep LISTEN # see [[IMAP]]

1029/tcp open     mstask         Microsoft mstask (task server - c:\winnt\system32\Mstask.exe) # http://grc.com/port_1029.htm
1110/tcp open     nfsd-status?

http://www.rootkit.nl/

ed2k://|file|rkhunter-1.2.3.tar.gz|169545|8f6c1d93e0f560f1891817904f1f494a|

I'am providing a Debian package

• http://www.nessus.org/
• http://ww7.be/neofutur/snort
• http://www.zeppoo.net

cat ~/.plan
SAFTport=48700

SAFT = Simple Asynchronous File Transfert @ 487

chkrootkit

SysteM :

• http://lwn.net/Articles/438139/

• use 10 digits
• not : a z q w m

• http://fail2ban.sourceforge.net/wiki/index.php/Main_Page

• https://gtfobins.github.io/#
• https://github.com/evilsocket/opensnitch#
• https://owasp.org/www-project-zap/#
• https://docs.sonarqube.org/latest/#
• https://github.com/SonarSource/sonar-scanner-cli#
• https://github.com/volatilityfoundation/volatility/wiki/Linux#

• https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=blob;f=security/smack/smack_lsm.c;h=45c32f074166b270fe5434cfcc24ffa076f8b7a3;hb=ff74ae50f01ee67764564815c023c362c87ce18b#l13
• http://stackoverflow.com/questions/24965781/smack-labels-for-created-files-not-set
• https://en.wikipedia.org/wiki/Smack_%28software%29
• http://lwn.net/Articles/244531/
• https://archive.fosdem.org/2014/schedule/event/smack/attachments/slides/442/export/events/attachments/smack/slides/442/smack_for_embeddes.pdf
• https://wiki.tizen.org/wiki/Security:Smack
• http://git.savannah.gnu.org/cgit/attr.git/tree/man/man5/attr.5#

• https://www.owasp.org/# CommunitY
• https://openssf.org/#

• https://katacoda.com/dashohoxha/scenarios/pw

• https://wiki.debian.org/AppArmor#
• http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/open-source-security.html#
• https://github.com/parallaxsecond#
• https://github.com/microbuilder/certificate_chains#

• https://stripe.com/blog/capture-the-flag
• http://preyproject.com/# ToDo SteaL
• https://firejail.wordpress.com/# LinuX NameSpace FlosS

• http://www.digitaldefense.net/labs/papers/Termulation.txt
• http://www.totalillusions.net/forum/index.php?showtopic=328&st=# Joke :

• French : http://linuxfr.org/~smorico/18372.html

ed2k://|file|Thomas_Xavier_Martin-Insecurite_info-UTLS.ogg|24076886|21cba343a8db4ea02a08366380d8d581|

• http://smorico.free.fr/static/Thomas_Xavier_Martin-Insecurite_info-UTLS.ogg
• http://site.voila.fr.nyud.net:8090/rzr/www.rzr.online.fr/tmp/Thomas_Xavier_Martin-Insecurite_info-UTLS.ogg
• http://www.wiggy.net/debian/developer-securing/
• http://syneticon.net/support/security/security-by-example.html

• http://linuxfr.org/2006/07/13/21092.html # ToRead
• https://docs.google.com/file/d/16lhyhyARygCvKTo-HW2Pxf3Bh16CKlPMpO79aCgCF3BwkTaIc_rYIrm5Sotd/edit?pli=1
• https://leap.se/en/home# LEAP Encryption Access Project

• https://developers.google.com/identity/protocols/OAuth_ref# PythoN AutH BuG
• https://www.passwordstore.org/# PassWord PiM
• https://news.ycombinator.com/item?id=16517412# JwT AutH
• http://waterken.sourceforge.net/aclsdont/current.pdf AcL
• http://mumble.net/~jar/pubs/secureos/secureos.html#
• https://sandstorm.io/news/2015-09-24-is-curl-bash-insecure-pgp-verified-install#
• https://haveibeenpwned.com/#
• https://portswigger.net/web-security/oauth#
• https://www.psacertified.org/what-is-psa-certified/why-choose-psa-certified/#
• https://salsa.debian.org/help/user/application_security/sast/index

@TaG : ReverseEngineering Networks Internet Web Privacy Server SSH Proxy Hack Security.fr

<iframe width="560" height="315" src="//www.youtube-nocookie.com/embed/Quv9iD75JJM?list=UUzbWKMmcGKHTi8R2giJx2VA" frameborder="0" allowfullscreen></iframe>