I recently posted a blog post to Exotic Liability’s website with the same title, and I realized that it would make a great thing to post to here, and update regularly, or just put it on the wiki I keep saying that I get going here. Enough rambling, here is how you can get your fill of security:


  • GetMon - http://www.getmon.com/ - This is a great site because you can download or listen to any of the security podcasts right from their site if you want to.
  • HackerMedia - http://www.hackermedia.org/ - They put together like podcasts into different categories, and they overlap. So if you want the “Linux” feed, you’ll get podcast A, B, and C. But maybe podcast C does Linux security, so if you subscribe to the “Security” feed, you might get C, E, and G. You can also get the everything feed

Bloggers (RSS Feeds):


Places to learn:

Challenge Sites and Sites that are OK to attack:

(Make sure you know which is which before you haul off and start attacking though)
(Most of these stolen from Chris Nickerson’s reply to Show 17 Links blog post)

So now you have absolutely ZERO reason to have one moment of time on your hands ;-)

Know of another good resource? Post a comment.

UPDATE: ethicalhack3r from http://www.ethicalhack3r.co.uk pointed me to his project called “Damn Vulnerable Web App”. You can find it on Sourceforge here: http://sourceforge.net/projects/dvwa/

Update on 2009-12-09 05:30 by Rob Fuller

A must larger post was made:


there are a ton of resources out there… now you don’t even have to google for them…