The Twitterverse offers all kinds of gems for offensive security, so i whipped up a short guide on how to leverage twitter to stay current. Check that out.
Also some very cool stuff has come up:
First up: Bactrack 4 pre final was released by Muts and the offensive security team. Download from:
http://www.remote-exploit.org/backtrack_download.html
Secondly: Chris Eng has good video on Crypto for Pentesters for OWASP
Thirdly: A new attack environment based on the OWASP top 10 vulnerabilities was released and demoed by none other that Adrian Crenshaw (Irongeek) and its a nice alternative to Webgoat. Check out the Mutillidae presentation.
Fourth: You remember that Penetration Testing and Vulnerability Analysis class I was raving about by Dan Guido? Well he has released all the course materials online finally. GO check that out, there is awesome material there.
http://pentest.cryptocity.net/
Fifth (and definitely hot) is the slides from the SANS Pentest Summit, closing thoughts, and Ed Skoudis’ tweets about the conference. Thanks to Ed and SANS, you guys rock.
Lastly, Rsnake released a wicked DoS tool called Slowloris for apache (who runs apache anyways, right?) and Muts posted some breakdowns on exploiting itunes…
Good stuff!