People and places you should get to know
If you need help with Netcat, or hacking in general, the following is a list of some people and places that will prove invaluable:
Official sites
Unix Netcat Homepage: http://nc110.sourceforge.net/
GNU Netcat Project: http://netcat.sourceforge.net/
Ncat – The Nmap Project: http://www.nmap.org/ncat
Articles and tutorials
Offensive Security explains how to create a persistent back door using Netcat and Metasploit's Meterpreter: http://www.offensive-security.com/metasploit-unleashed/Persistent_Netcat_Backdoor
Crazy Netcat Relays for Fun and Profit: http://pauldotcom.com/wiki/index.php/Episode195#Tech_Segment:_Crazy-Ass_Netcat_Relays_for_Fun_and_Profit
SANS Institute Netcat Pocket Cheatsheet: http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
Some interesting use cases not covered in this book by Johannes Franken: http://www.jfranken.de/homepages/johannes/vortraege/netcat.en.html
A great reference for using Netcat for debugging SOAP and XML web services using Netcat: http://parand.com/say/index.php/2005/03/11/simple-recipe-for-debugging-web-services/
Blogs and websites
Hackers for Charity is a fantastic organization that is impacting the lives of so many people around the world. I am proud to call Johnny Long my friend, and highly recommend you to give back to the community through this organization. The link is http://www.hackersforcharity.org/.
Vivek Ramachandran and the contributors to SecurityTube are providing a tremendous service to information security professionals by pooling excellent tutorials, training, and certifications. If you have never visited http://www.securitytube.org, you are missing out on a great opportunity to learn skills in a number of areas.
Information Security is a profession filled with personalities of all types. There are snake oil salesmen and gypsies that will take advantage of the mystic art of information security. My friends over at Attrition.org help police and expose fraudulent claims made by charlatans, detect plagiarism of materials from legitimate practitioners, and expose the underbelly of an otherwise honorable profession. Their research is always well-vetted and thorough, so you can be sure that if an entity finds their name on their list, there is good reason. Please check out their site at http://attrition.org/errata and help the solid stewards of the industry by exposing and flushing those that deserve to be exiled.
Many security conferences are cost prohibitive to the average practitioner. The organizers of the B-Sides community conferences are doing wonderful things by providing high-quality, local conferences at a very low cost (often free). I am friends with many of the organizers and participants, and they are absolutely some of the best people in the industry. Check them out at http://www.securitybsides.com, and find a conference near you (or organize one yourself).
Finally, a site that is near and dear to me personally is not a hacker site per se, but speaks of the very real and very serious issue of stress and burnout in the information security industry. I have had the good fortune of joining up with Josh Corman (
@joshcorman
), Gal Shpantzer (@shpantzer
), Jack Daniel (@jack_daniel
), Stacy Thayer(@stacythayer
), and Martin McKeay (@mckeay)
to provide research and raise awareness to psychological burnout in information security. Our website is http://www.itburnout.org.
The following people contribute greatly to the Netcat community and are among the best in the information security industry. I highly encourage following them on Twitter and meeting them in real life as well.
Follow Thomas Wilhelm on Twitter: https://twitter.com/#!/thomas_wilhelm
Follow Brian Baskin on Twitter: https://twitter.com/#!/bbaskin
Follow Michael Scherer on Twitter: https://twitter.com/#!/theprez98
Follow Ed Skoudis on Twitter: https://twitter.com/#!/edskoudis
For more Open Source information, follow Packt at: http://twitter.com/#!/packtopensource