#+TITLE: Cybersecurity

Information about cybersecurity.

* To Learn
https://www.malwaretech.com/2015/12/kelihos-analysis-part-1.html
https://www.wired.com/story/eternalblue-leaked-nsa-spy-tool-hacked-world/
https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/
https://www.arbazsiddiqui.me/a-complete-guide-to-man-in-the-middle-attacks/
https://www.netmeister.org/resume.html
https://www.malwaretech.com/2014/12/phase-bot-exploiting-c-pane.html
https://www.malwaretech.com/2016/02/necursp2p-hybrid-peer-to-peer-necurs.html
https://wojciechregula.blog/post/stealing-your-sms-messages-with-ios-0day/
https://www.reddit.com/r/Bitcoin/comments/wvm2w/secure_multiparty_bitcoin_anonymization/
https://cointelegraph.com/news/defi-can-now-choose-to-run-trustless-zero-knowledge-proofs/amp
https://donotpay.com/
https://toc.cryptobook.us/
https://wiki.osdev.org/Expanded_Main_Page
https://raft.github.io/
https://jackdoerner.net/research/

https://vx-underground.org/
[[https://github.com/NationalSecurityAgency/ghidra][hidra is a software reverse engineering (SRE) framework]]
https://github.com/s1gh/ctf-literature

* cryptography
https://github.com/DimitarPetrov/stegify
https://github.com/adjoint-io/bulletproofs
https://github.com/Magentron/chkrootkit

[[https://github.com/openwall/john ][John the Ripper, a popular password cracker]]
[[https://www.mattblaze.org/blog/p25][johnny can't encrypt]]
https://github.com/The-Art-of-Hacking/h4cker
[[https://github.com/cassidoo/scrapers][web scrapers]]
[[https://news.ycombinator.com/item?id=23174421][saltpack crypto messaging format]]
https://parachute.live/blog/forensic-investigation-the-shocking-state-of-privacy-in-safety-apps
https://news.ycombinator.com/item?id=23245724

[[https://cryptpad.fr/][CryptPad: Zero Knowledge, Collaborative Real Time Editing]]

** snowden
[[https://www.theatlantic.com/magazine/archive/2020/06/edward-snowden-operation-firstfruits/610573/][paranoia]]
[[https://news.ycombinator.com/item?id=23221517][the surveillance story]]
** !! Important !!
- [[https://news.ycombinator.com/item?id=23500462][Best practices for managing and storing secrets like API keys and credentials | Hacker News]]
- [[https://web.archive.org/web/20130507230947/http://www.heise.de/tp/artikel/2/2898/1.html][Only NSA can listen, so that's ok]]
- [[https://arxiv.org/abs/2005.09535][backstabbers knife collection]]
- https://www.nist.gov/blogs/cybersecurity-insights/threat-models-differential-privacy
- http://matt.might.net/articles/practicing-privacy-encryption/ quick overview of encryption
- https://www.edwinwenink.xyz/posts/41-function_creep_encryption/ function creep, cryptography and security
- https://blog.excalidraw.com/end-to-end-encryption/: using the crypto js API to encrypt and decrypt things in the browser without much work!
- [[https://pwning.systems/posts/an-introduction-to-kernel-exploitation-part1/][tutorial for kernel exploitation]], as recommended by a key linux contributor