The Web Local


Links Page


Hopefully the links below will prove a good starting point for any Vulnerability Assessment/ Penetration Testing information you require across a number of different specialisations.


Vulnerability Information


The following sites are an excellent resource for Vulnerability Information:



Exploits Information


The following sites are an excellent resource for obtaining exploits or information about them:



Security Info - General


  • Talisker:- Large index of IT Sy resources, including a glossary of Intrusion Detection and Prevention systems.  

  • The Register:- Offers news, views, opinions and reviews on what's latest in the IT industry.

  • Security Database:- Excellent portal gathering information on Security Tools and advisories etc.

  • VulnerabilityDatabase:- Excellent portal gathering information on Security Tools and White Papers etc.


Security Scanners


  • Nessus:- Security scanner for Linux, BSD, Solaris, and other flavours of Unix.

  • GFI:- LANguard Network Security Scanner is a security & port scanner tool to audit network security.

  • Insecure:- Developers of NMAP, a network port scanner and service detector offering stealth SYN scan, ping sweep, FTP bounce, UDP scan etc.

  • Sensepost: - Makers of quality web application and general security scanning software, both free and commercial.

  • THC:- Website for various exploits and hacking (and Vulnerability Assessment) tools including Hydra and Amap.


Web Application Scanners


  • Acunetix: - Acunetix provide a fully loaded and extensible web application scanner.

  • Nikto:- A web server scanner which performs comprehensive tests against web servers for multiple items, including dangerous files/CGIs.

  • NStalker:- NStalker provides a comprehensive Web Application Scanning suite.


Oracle - General


  • Integrigy:- A leader in Application Security for Enterprise, Mission Critical Applications.

  • Pete Finnigan:- Oracle and Oracle Security papers, Tools, Links and Information from an Oracle security expert.

  • Redbase Security:- Red-Database-Security GmbH is specialised in Oracle security.


Wireless - General


  • WirelessDefence:- Site provided for Wireless (802.11a/b/g/n...) LAN Security Auditors and Penetration Testers.

  • NetStumbler:- Includes news, access point mapping, and software.

  • Russwill:- Wireless distro - Russix. How-To's on breaking WEP/ WPA and general wireless information.





IT Security News:


Pen Testing Framework: