|
SecLists.Org Security Mailing List Archive
Any hacker will tell you that the latest news and exploits are not
found on any web site—not even Insecure.Org. No, the cutting edge
in security research is and will continue to be the full
disclosure mailing lists such as Bugtraq. Here we provide web
archives and RSS feeds (now including message extracts), updated in real-time, for many of our favorite lists. Browse the individual lists below, or search them all:
Nmap Hackers -- Moderated list for announcements, patches, and light discussion regarding the Nmap Security Scanner and related projects.
 Current year |  Archived posts |  RSS Feed |  About list
Nmap Development -- Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to Nmap and related projects.
Current quarter | Archived posts | RSS Feed | About list
| Other Excellent Security Lists |
|---|
Bugtraq -- The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Current month | Archived posts | RSS Feed | About list
Full Disclosure -- An unmoderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately 80% of the posts are worthless drivel, so finding the gems takes patience.
Current month | Archived posts | RSS Feed | About list
Security Basics -- A high-volume list which permits people to ask "stupid questions" without being derided as "n00bs". I recommend this list to network security newbies, but be sure to read Bugtraq and other lists as well.
Current month | Archived posts | RSS Feed | About list
Penetration Testing -- While this list is intended for "professionals", participants frequenly disclose techniques and strategies that would be useful to anyone with a practical interest in security and network auditing.
Current month | Archived posts | RSS Feed | About list
Info Security News -- Carries news items (generally from mainstream sources) that relate to security.
Current month | Archived posts | RSS Feed | About list
Firewall Wizards -- Tips and tricks for firewall administrators
Current month | Archived posts | RSS Feed | About list
Incidents -- Lightly moderated list for dicussing actual security incidents (unexplained probes, breakins, etc). Topics include information about new rootkits, backdoors, trojans, virii, and worms.
Archived posts | RSS Feed | About list
Vulnerability Development -- A moderated list for discussing possible security issues and devising exploits for them.
Previous month | Archived posts | RSS Feed | About list
IDS Focus -- Technical discussion about Intrusion Detection Systems. You can also read the archives of a previous IDS list
Current month | Archived posts | RSS Feed | About list
Web App Security -- Provides insights on the unique challenges which make web applications notoriously hard to secure.
Current quarter | Archived posts | RSS Feed | About list
Daily Dave -- This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries particpate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.
Current quarter | Archived posts | RSS Feed | About list
Security Jobs -- A popular list for advertising or finding jobs in the security field. Employers post openings and job seekers post resumes (run by SecurityFocus). For privacy reasons, only the current year is archived.
Current month | Archived posts | RSS Feed | About list
Honeypots -- Discussions about tracking attackers by setting up decoy honeypots or entire honeynet networks.
Current quarter | Archived posts | RSS Feed | About list
VulnWatch -- A non-discussion, non-patch, all-vulnerability annoucement list supported and run by a community of volunteer moderators distributed around the world.
Archived posts | RSS Feed | About list
MS Sec Notification -- Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products -- note how most have a prominent and often-misleading "mitigating factors" section.
Current quarter | Archived posts | RSS Feed | About list
These may not all be directly security related, but I couldn't resist including them.
Politech -- Journalist Declan McCullagh's list of news updates relating to politics and technology
Archived posts | RSS Feed | About list
The RISKS Forum -- Peter G. Neumann moderates this regular digest of current events which demonstrate risks to the public in computers and related systems. Security risks are often discussed.
Current quarter | Archived posts | RSS Feed | About list
Other useful list archives:
CERT,
SecurityFocus
Or read some old-school private security digests such as Zardoz at SecurityDigest.Org
|
