Dobrodošli! U nastavku je popis tema:\\ ====Web sigurnost==== *Web općenito *[[http|HTTP]] *[[html-css-js|HTML, CSS & Javascript]] *[[sql|SQL]] *[[https://www.cert.hr/wp-content/uploads/2019/12/Apache_HTTP_posluzitelj.pdf|Apache HTTP Poslužitelj]] *Alati za manipulaciju HTTP zahtjevima *[[burp|Burp]] *[[https://www.cert.hr/wp-content/uploads/2018/11/owasp_zap.pdf|OWASP ZAP]] *[[https://www.cert.hr/wp-content/uploads/2020/04/Postman.pdf|Postman]] *Ranjivosti web aplikacija *[[sql_injection|SQL Injection]] *[[second_order_sqli|Second order SQL injection]] *[[blind_sqli|Blind SQL injection]] *[[command injection|Command injection]] *[[local file inclusion | Local file inclusion]] *[[xss napadi | XSS napadi]] *[[ssti|SSTI]] *[[deserializacija|Nesigurna deserializacija]] *[[file upload | File upload]] *[[IDOR|IDOR]] *[[CSRF|CSRF]] *Ostale teme web sigurnosti *[[https://www.cert.hr/wp-content/uploads/2021/06/Sigurnosni_rizici_Wordpress_CMS-a.pdf|Sigurnosni rizici Wordpress CMS-a]] *[[https://www.cert.hr/wp-content/uploads/2019/10/exploit_kitovi.pdf|Exploit kitovi]] *[[https://www.cert.hr/wp-content/uploads/2019/08/sigurnosni_rizici_javascript_koda.pdf|Sigurnosni rizici JS koda prilikom pregledavanja weba]] *[[https://www.cert.hr/wp-content/uploads/2018/12/visefaktorska_autentifikacija.pdf|Višefaktorska autentifikacija]] *[[https://www.cert.hr/wp-content/uploads/2020/03/Sigurnost_HTTP_API-ja.pdf|Sigurnost HTTP REST API-ja]] ====Kriptografija==== *Klasična kriptografija *[[cezar_sifra| Cezarova šifra]] *[[wiki:vigenere_sifra| Vigenèreova šifra]] *Kodiranja *[[https://www.cert.hr/wp-content/uploads/2019/08/CyberChef.pdf|Cyberchef]] *[[one-time-pad|One-time pad (Jednokratna bilježnica)]] *[[aes|AES]] *[[rsa|RSA]] *[[hash| Hash funkcije (Funkcije sažetka)]] *[[md5|MD5]] *[[sha|SHA]] *[[mac|MAC]] *[[length-extension-attack|Length extension attack]] *[[hmac|HMAC]] *[[https://www.cert.hr/wp-content/uploads/2019/04/NCERT-PUBDOC-2009-12-284.pdf|Diffie-Hellman razmjena ključeva]] *[[https://www.cert.hr/wp-content/uploads/2019/04/CCERT-PUBDOC-2007-02-182.pdf| Digitalni potpis]] *[[pfs|Perfect forward secrecy (Savršena unaprijedna sigurnost)]] *[[https://www.cert.hr/wp-content/uploads/2019/04/CCERT-PUBDOC-2007-09-205.pdf|IKE protokol]] *[[kerberos|Kerberos]] *[[https://www.cert.hr/wp-content/uploads/2018/01/sifriranje_diska.pdf|Šifriranje diska]] *[[prng|Sigurnosni problemi pri korištenju generatora pseudoslučajnih brojeva]] ====Mreže==== *[[tcp-ip|TCP/IP model]] *[[arp|ARP]] *[[arp-spoofing|ARP spoofing]] *[[dhcp|DHCP]] *[[dhcp-spoofing|DHCP spoofing]] *[[dns|DNS]] *[[https://www.cert.hr/wp-content/uploads/2021/08/TLS13.pdf|TLS v1.3]] *[[https://www.cert.hr/wp-content/uploads/2022/10/zastita_od_ddos_napada.pdf|Zaštita od DDoS napada]] *[[https://www.cert.hr/wp-content/uploads/2019/07/VPN_usluge.pdf|VPN]] *[[https://www.cert.hr/wp-content/uploads/2017/11/DNSSEC_0.pdf|DNSSEC]] ====Organizacijski i ljudski faktori==== *[[https://www.cert.hr/wp-content/uploads/2018/05/phishing.pdf|Phishing]] *[[https://www.cert.hr/wp-content/uploads/2023/06/Sigurnosni-rizici-pohrane-lozinki-u-preglednike.pdf| Sigurnosni rizici pohrane lozinki u web preglednike]] * [[https://www.cert.hr/wp-content/uploads/2019/11/Socijalni_inzenjering_na_webu.pdf|Socijalni inžinjering na webu]] * [[https://www.cert.hr/wp-content/uploads/2020/05/Hardverska_strana_socijalnog_inzenjeringa.pdf|Hardverska strana socijalnog inženjeringa]] * [[https://www.cert.hr/ARuBDUb|Rubber ducky]] * [[https://www.cert.hr/wp-content/uploads/2018/11/soc_inz_i_zlonamjerni_softver-2.pdf|Socijalni inženjering i zlonamjerni softver]] ====Operacijski sustavi==== *[[https://www.cert.hr/wp-content/uploads/2018/08/android.pdf|Android]] *[[https://www.cert.hr/wp-content/uploads/2019/01/uvod_u_linux.pdf|Uvod u Linux]] *[[https://www.cert.hr/wp-content/uploads/2019/09/VirtualBox.pdf|Virtualbox]] *[[https://www.cert.hr/wp-content/uploads/2021/12/Linux_server_hardening.pdf|Osnovno ojačavanje Linux poslužitelja]] *[[linux|Osnovne Linux naredbe]] ====Privatnost i cenzura==== *[[https://www.cert.hr/wp-content/uploads/2017/12/osnove_privatnosti_na_Internetu_0.pdf|Osnove privatnosti na internetu]] *[[https://www.cert.hr/wp-content/uploads/2022/01/privatnost_DNS_prometa.pdf|Privatnost DNS prometa]] *[[https://www.cert.hr/wp-content/uploads/2018/08/anonimizacija_i_pseudonimizacija_podataka.pdf|Anonimizacija i psudonimizacija podataka]] *[[https://www.cert.hr/wp-content/uploads/2018/02/tor_tehnicka_pozadina_i_napredno_koristenje.pdf|TOR mreža]] *[[https://www.cert.hr/wp-content/uploads/2019/10/NoScript.pdf|NoScript]] *[[https://www.cert.hr/wp-content/uploads/2018/04/signal.pdf|Signal]] *[[https://www.cert.hr/wp-content/uploads/2018/02/gpg4win_0.pdf|Gnupg]] ====Izviđanje (eng. recon)==== *[[nmap|NMAP]] ====Detekcije napada i incident response==== *[[https://www.cert.hr/wp-content/uploads/2021/08/splunk_free.pdf|Splunk free]] *[[https://www.cert.hr/wp-content/uploads/2019/12/Fail2Ban.pdf|fail2ban]] *[[https://www.cert.hr/wp-content/uploads/2018/07/cryptosearch.pdf|Cryptosearch]] ====Forenzika==== *RAM forenzika *[[https://www.cert.hr/wp-content/uploads/2018/03/alat_volatility.pdf|Alat Volatility]] *Forenzika diska *[[ddrescue|ddrescue]] *[[autopsy|Autopsy]] *[[https://www.cert.hr/wp-content/uploads/2019/04/file_carving.pdf|File carving]] *[[https://www.cert.hr/wp-content/uploads/2019/05/recuva.pdf|Recuva]] *Mrežna forenzika *[[https://www.cert.hr/wp-content/uploads/2018/01/wireshark.pdf|Wireshark]] *[[email_header_forensics|Forenzika e-mail zaglavlja]] *Hex editori *[[xxd|xxd]] *[[https://www.cert.hr/wp-content/uploads/2019/03/HxD.pdf|HxD]] ====Reverzno inženjerstvo i analiza zloćudnih programa==== * Postupci i alati *[[gdb|GNU Debugger (gdb)]] *[[https://www.cert.hr/wp-content/uploads/2021/01/ghidra.pdf|Ghidra]] *[[https://www.cert.hr/reverzni-inzenjering-android-aplikacija/|Reverzno inženjerstvo android aplikacija]] *[[https://www.cert.hr/wp-content/uploads/2019/07/analiza_zlonamjernog_softvera_online_alatima.pdf|Osnovna analiza zlonamjernog softvera pomoću online alata]] * Zloćudni programi *[[https://www.cert.hr/wp-content/uploads/2017/02/NCERT-PUBDOC-2017-2-346_0.pdf|Ransomware]] *[[https://www.cert.hr/wp-content/uploads/2018/02/WannaCry.pdf|WannaCry]] *[[flame|Flame]] *[[https://www.cert.hr/wp-content/uploads/2022/03/Pegasus.pdf|Pegasus]] *[[https://www.cert.hr/wp-content/uploads/2019/09/analiza_zlonamjernog_softvera_NotPetya.pdf|NotPetya]] ====Binarna eksploatacija==== *[[stack overflow|Stack overflow]] *[[variable overwrite|Variable overwrite]] *[[ret2win|Ret2win]] *[[ret2libc|Ret2libc]] *[[string format read|String format read]] *[[integer overflow|Integer overflow]]