Security
Operating Systems
- Kali Linux: OS based on debian containing all the most famous packages for penetration testing
- OpenBSD: OS developed with security as focal point. Certainly the most secure OS in the world today. Only two remote holes in the default install in more than 10 years
Softwares
- GnuPG: also named GPG, allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories
- Aircrack-ng: WEP and WPA-PSK keys cracking
- John the Ripper: password cracking tool
- Snort Open Source Intrusion Prevention System (IPS)
- OSSEC Server Intrusion Detection
- Lynx: Text browser using through cli
- PassGAN : password cracking using machine learning outperforming John The Ripper - research paper
- Hashcat: advanced recovery password
- rizin: UNIX-like reverse engineering framework and command-line toolset.
- SecretPixel: a cutting-edge steganography tool designed to securely conceal sensitive information within images (trust ? only one author, no review)
Libraries
- LibreSSL: is a version of the TLS/crypto stack forked from OpenSSL in 2014, with goals of modernizing the codebase, improving security, and applying best practice development processes
- libgcrypt: an encryption library used by GnuPG
- libtomcrypt: another well maintained encryption library written in C
Note: See comparison
Protocols
- Noise Protocol Framework: framework for building crypto protocols. Noise protocols support mutual and optional authentication, identity hiding, forward secrecy, zero round-trip encryption, and other advanced features. used by WireGuard, Lightning
- Diffie Hellman
Hardware
- MNT Reform computer The open source DIY laptop for hacking, customization, and privacy (and open hardware)
- Librem 13: A computer security oriented from the hardware to the software
- Librem 5: A security and privacy focused phone no android it will be based on a GNU distribution (debian, fedora, PureOS, etc...) funding page
- Novena: Open Hardware computer crowd link
- Turris Omnia: open source hardware router based on open source OS OpenWRT
- USB Armory: an open source hardware and software computer on USB stick
- NitroKey: open hard & soft usb id manager.
Groups
- TOC - CIS: Cryptography and Information Security (CIS) group was founded by Professors Shafi Goldwasser, Silvio Micali, and Ron Rivest in the Fall of 1995
Key People
- Werner Koch: Principal author and maintainer of GnuPG. Also developer of libgcrypt library.
- Theo de Raadt: Founder and leader of OpenBSD and OpenSSH
- Bruce Schneier: CTO of IBM, writting a lot about security
- Thomas Pornin: Security Architect of Desjardin, designed a lot of algorithm, study them, and develop some (Makwa)
- Reyk Floter: Rust and C, sprinkled with some infosec. Former OpenBSD hacker.
- r00t-3xp10it
- Andrea Barisani: Head of Hardware Security F-Secure and Founder of inversepath
Articles
- Security of elliptic curves
- Is there any particular reason to use Diffie-Hellman over RSA for key exchange?
- Elliptic Curve Cryptography Explained
- Finding a prime greater than a given bound
- How many prime numbers are there (available for RSA encryption)?
- How Anybody Can Measure Your Computer's Wi-Fi Fingerprint - research paper. For example, the 802.11 protocol allows a Wi-Fi card to choose one of a number of predefined transmission rates; a Wi-Fi card transmits data packets, or frames, of a size that depends on the version of the IP and the applications involved; and the time between the arrival of successive frames depends on various factors such as their size. [...] They say that in ordinary conditions such as their office network, they uniquely identify machines with an accuracy of up to 95 percent.
- UCL researchers develop method for securing communications between quantum computers
- How to hack Wi-Fi for fun and imprisonment with crypto-mining inject
- What is AES? — Step by Steps
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies
- How many qubits are needed to factor 2048-bit RSA keys on a quantum computer?
- ANSI Terminal security in 2023 and finding 10 CVEs
- Colliding Secure Hashes
Other
- Awesome security
- Cryptopals: eight sets of our crypto challenges, with solutions in most mainstream languages
- StackExchange Security
- StackExchange Cryptography
- Bases Hacking
- Post quantum cryptography
- BB84 algorithm
- Self destruct algorithm / on time computer algorithm article - research paper
Attacks
- Predictable RNG - OpenSSL - Debian - 2008
- shattered attack, better than birthday attack on SHA1. I guess it also work for all hash functions.
- DolphinAttack: ultra sound to take control of an iphone through Siri
- Physical Side-Channel Key-Extraction Attacks On PCs
- New white paper maps the very real risks that quantum attacks will pose for Bitcoin see also research paper
- Acoustic Attack Against Accelerometers
- Practical malleability attack against CBC-Encrypted LUKS partitions
- Odds of collision on different hash sizes
