Resources

Link digest curated for your reading pleasure. I collect the links and documents below as a database of things I have learnt or things I might need to refer to in the future. For suggestions, dead links or just to have a discussion, please contact me.

Interesting findings

• How to make a mint: The cryptography of anonymous electronic cash - (NSA document)

Bitcoin

• The Bitcoin White Paper - Satoshi Nakamoto
• Mastering Bitcoin - Andreas Antonopoulos
• How does Bitcoin work? - Pantera Capital
• Introduction to Digital Currencies, free MOOC - University of Nicosia
• How the Bitcoin Protocol Actually Works - Jan Møller, Mycelium
• The Complete Satoshi - Satoshi Nakamoto Institute
• Blockchain Demo - Anders Brownworth
• Lightning Network Summary - lighnting.network website
• Lightning Network Paper - J. Poon, T. Dryja, 2016
• List of Bitcoin software development tools: Awesome Bitcoin - Igor Barinov
• Ultimate Bitcoin Resources List - Jameson Lopp
• Raspnode: Bitcoin full node + LND 0.4 Beta installation script for RaspberryPi
• Pizza for (lightning) Bitcoins? - Laszlo Hanyecz

Cryptography

• Principles of Modern Cryptography - Dan Boneh, Victor Shoup
• New Directions in Cryptography - Whitfield Diffie, Martin Hellman
• A digital signature based on a conventional encryption function
• Cryptographic Apparatus and Method (Diffie-Hellman Key Exchange) - Diffie, Hellman, Merkle
• Cryptographic Communications System and Method (RSA)- Rivest, Shamir, Adleman
• An Efficient Protocol for Authenticated Key Agreement (Elliptic-Curve Diffie-Hellman, ECDH) - Law, Qu, Menezes, Solinas, Vanstone
• The Elliptic Curve Digital Signature Algorithm - Johnson, Menezes
• Introduction to Cryptography - Video lectures by Prof. Christof Paar

Cypherpunks

• Underground - Suelette Dreyfus, Julian Assange
• Cyphernomicon - Timothy C. May
• Cypherpunk Manifesto - Eric Hughes
• The Cypherpunk Revolution - Thomas Rid
• Cypherpunk Research - Tom Busby

Programming

• Go Programming Language Specification
• Learn Go
• Go by Example
• Learn Go Programming
• Learn Python - Free interactive Python tutorial
• The Hitchhiker’s Guide to Python
• Learn Python the Hard Way
• C++ Bjarne Stroustrup’s Homepage
• Learn C++ - This is the internet’s best website
• Shell Programming with Bash
• Bash Scripting Tutorial
• PHP at the Core: A Hacker’s Guide
• Free Interactive PHP Tutorial
• PHP Manual
• Advanced Java Programming - Udemy
• Coding Glossary for Kids

Security

• CISSP: Certified Information Systems Security Professions (Study Guide)
• Guide to Malware Incident Prevention and Handling for Desktops and Laptops - NIST
• The Basic Building Blocks of Malware - J. Shin, D. F. Spears, University of Wyoming
• Network Intrusion Detection. IEEE Network, 1994 - B. Mukherjee, L. T. Heberlein, K. N. Levitt
• Cisco Network-Based Intrusion Detection - Functionalities and Configuration
• Data Mining for Network Intrusion Detection: How to Get Started. The MITRE Corporation. - E. Bloedorn, A. D. Christiansen, W. Hill, C. Skorupka, L. M. Talbot, J. Tivel
• Network Intrusion Detection Systems - False Positive Reduction Through Anomaly Detection - E. Zambon, D. Bolzoni
• Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection - T. H. Ptacek, T. N. Newsham, Secure Networks, Inc. 1998.
• Meltdown Attack - M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas, S. Mangard, P. Kocher, D. Genkin, Y. Yarom, M. Hamburg
• Spectre Attacks: Exploiting Speculative Execution - P. Kocher, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz, Y. Yarom
• A Red Teamer’s guide to pivoting - Artem Kordatenko
• How to Build a Successful Information Security Career - Daniel Miessler
• Awesome Red Teaming - Ultimate Red Teams Resource List
• Pentest Tips and Tricks - EK
• Fuzzy Security

Security - Penetration Testing Practice

• HackTheBox
• VulnHub
• Exploit-Exercises
• ShellterLabs

Tools

• KeepNote - Best note keeping tool for documentation and organization
• Immunity Debugger - Debugger that can be used to write exploits, analyze malware and reverse engineer binary files.
• Metasploit Framework - Mega tool for vulnerability scanning, exploit execution and payload deployment
• Nmap - Powerful network and host scanner
• Ettercap - Man in the middle attack tool
• Bettercap - Man in the middle attack and credential sniffing tool (a.k.a. Ettercap on steroids, or Ninja Etercap)
• mitmproxy - HTTPS proxy for man in the middle attacks
• Wireshark - Network packet and protocol analyzer
• w3af - Web application security audit framework
• Burpsuite - Web application vulnerability scanner
• Cain & Abel - Windows password cracker
• John the Ripper - Password cracking
• sqlninja - SQL Server injection and takeover tool
• BeEF - Browswer exploitation framework
• Nikto - Web server vulnerability scanner

Blogs

• Schneier on Security
• Briston Cryptography Blog
• Cryptofails - Examples of bad cryptography
• Elliptic News
• Sockpuppet
• A Few thoughts on Cryptographic Engineering - Matt Green’s blog
• Microfocus - Data Security blog
• Stack Overflow blog
• Jeff Atwood’s blog
• Daniel Miessler’s blog
• Red Teams
• Dark Reading
• Harmj0y - Security at the misfortune of others
• SANS Pen-testing blog
• Small Team Tactics
• Social Egineer
• Red Team Analysis Society
• High on Coffee - A site about Penetration Testing & Security
• SecuritySift
• g0tmi1k
• Pentest blog
• Abatchy’s Security Blog

Audiovisual

• SecurityTube - Huge collection of security and hacking related videos

Forums

• Bitcoin Subreddit
• BTC Subreddit
• Bitcointalk.org - Forum started by Satoshi
• BTC Warriors

Products

• Pwnie Express
• Hakshop - by Hak5

Documentaries

• Banking on Bitcoin
• Bitcoins in Argentina
• Bitcoin in Uganda
• Life on Bitcoin
• The Rise and Rise of Bitcoin
• Bitcoin: The end of money as we know it