Here you go KillJ0y:

http://hotfile.com/dl/98403978/f9fa519/Web-Shells-rev2.pdf.html

and http://www.megaupload.com/?d=MU3D86F9

and http://www.fileserve.com/file/6bu3QwV

The CISSP AIO 4th Edition is available on Google books:
http://books.google.com/books?id=tiKZ-0ssRvsC&printsec=frontcover&dq=cissp&hl=en&ei=Vg44TZOaG4aWhQevtaXkCg&sa=X&oi=book_result&ct=result&resnum=2&ved=0CDcQ6AEwAQ#v=onepage&q&f=false

The latest AIO version is the 5th edition released in 2010, I have heard that there isn't much of a difference between the 4th and 5th editions (but don't take my word for it) 

What OS will you be running on your laptop?

You're welcome, glad to help

Welcome to EH.NET

Regarding doing the CISSP first, I wouldn't worry too much about the CPE requirements as there are multiple methods to gain CPE's.
Depending on what certifications you currently hold, Security+ is also worthwhile doing since some of the information in Security+ is in the CISSP, so Sec+ is a good primer for CISSP plus having the Sec+ will benefit you for the 5 years experience requirement for CISSP, (ISC)2 will waiver one year experience if you have Sec+: https://www.isc2.org/credential_waiver/default.aspx

Rance, I ran into the same results you have when I was trying to figure this out a few years ago.  I also had problems trying to find the physical store, as well as reading information from MSDN that the certificates are stored in the registry ... or not  

I'm not sure if this will help you but I have tried the following: run certmgr.msc and then select View > Options > "Show the following: Physical certificate stores"

This didn't help much as the actual physical location information wasn't displayed, I then ran Process Monitor (Sysinternals) and monitored the mmc.exe process while I toggled "Show physical certificate stores" hoping that I will see an open/read file process to the local computer. Process Monitor did show some read file activity such as:
create file and query directory C:\Documents and Settings\<user>\Application Data\Microsoft\SystemCertificates\My\Certificates

I checked the directory mentioned above and that was empty.

I also saw a registry read request for: HKCU\Software\Microsoft\SystemCertificates\Root\PhysicalStores
which resulted in a "name not found"

I also tried the following from MMC: "Trusted Root Certification Authorities" > "Local Computer" > "Certificates" and then selected a random certificate and saw that a call to read the registry was made, an example below:

HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\049811056AFE9FD0F5BE01685AACE6A5D1C4454C

So it does appear that certificates are stored in the registry

Spam also dropped in December which might be relevant to the decrease of email viruses. The drop might be short lived though: http://www.bbc.co.uk/news/technology-12126880

"The amount of junk e-mail being sent across the globe has seen a dramatic fall in recent months.

The volume of spam has dropped steadily since August, but the Christmas period saw a precipitous decline.

One security firm detected around 200 billion spam messages being sent each day in August, but just 50 billion in December.

While the reasons for the decline are not fully understood, spam watchers warn the lull may not last."

And: http://www.bbc.co.uk/news/technology-12154118

That IP Address traces back to Korea:
http://whatismyipaddress.com/ip/220.90.198.65

Some additional info which might or might not be applicable (taken from http://www.pczone.com.tw/vbb3/archive/t-108256.html):

> download.microsoft.com
Server: query.ttn.net
Address: 202.145.138.1

Non-authoritative answer:
Name: a767.ms.akamai.net
Addresses: 220.90.198.90, 220.90.198.65, 220.90.198.83
Aliases: download.microsoft.com, download.microsoft.com.nsatc.net
download.microsoft.com.d4p.net, download.microsoft.com.georedirector.akadns.net

As ziggy_567 mentioned, capturing traffic and viewing the captured packets might give you an idea what connections are being created and the relative destination address.  You could also use TCPView from Sysinternals to gather more information about the connections on your computer: http://technet.microsoft.com/en-us/sysinternals/bb897437
Using TCPView, you can highlight the connection and view properties of that process (if possible) which might give you more information on what application created the connection.

Regarding setting up a lab, what I like to do is not install any A/V on the attacking/testing machine, I also make sure that this machine is isolated from the rest of my machines, I also ensure that this machine never connects to the internet once I'm done setting it up.

Mobile calls and texts made on any GSM network can be eavesdropped upon using four cheap phones and open source software, say security researchers.

Karsten Nohl and Sylvain Munaut demonstrated their eavesdropping toolkit at the Chaos Computer Club Congress (CCC) in Berlin.

The work builds on earlier research that has found holes in many parts of the most widely used mobile technology.

The pair spent a year putting together the parts of the eavesdropping toolkit.

"Now there's a path from your telephone number to me finding you and listening to your calls," Mr Nohl told BBC News. "The whole way."

He said many of the pieces in the eavesdropping toolkit already existed thanks to work by other security researchers but there was one part the pair had to create themselves.

"The one piece that completed the chain was the ability to record data off the air," he said.

In a demonstration at the CCC, the pair took attendees through all the steps that led from locating a particular phone to seizing its unique ID, then leap-frogging from that to getting hold of data swapped between a handset and a base station as calls are made and texts sent.

More info here: http://www.bbc.co.uk/news/technology-12094227

Happy New Year EHNet members!

Logical Security has a full free Wireless Security Course and Labs available on the following website: www.logicalsecurity.com/resources/resources_videos.html 
[Requires registration with a valid email address]

The course contains the following modules:

Wireless Integration and Security Course - Introduction to Wireless Integration and Security Course
Wireless Integration and Security Course - Module 1 – Introduction to WLANs
Wireless Integration and Security Course - Module 2 – Radio Frequency Fundamentals
Wireless Integration and Security Course - Module 3 – Radio Transmission Technologies
Wireless Integration and Security Course - Module 4 – Wireless LAN Devices
Wireless Integration and Security Course - Module 5 – Antennae
Wireless Integration and Security Course - Module 6 – 802.11 Network Architecture Design
Wireless Integration and Security Course - Module 7 – WLAN Security
Wireless Integration and Security Course - Module 8 – WLAN Site Surveying and Troubleshooting
Wireless Integration and Security Course - Module 9 – WPAN, WWAN and Cellular Technologies
Wireless Integration and Security Course - Lab 1 - Installation and Configuration of a Wireless Network Interface Card Part 1
Wireless Integration and Security Course - Lab 1 - Installation and Configuration of a Wireless Network Interface Card Part 2
Wireless Integration and Security Course - Lab 2 – Associating with a Wireless Access Point on a Windows Vista Computer
Wireless Integration and Security Course - Lab 3 – Understanding Radio Frequency Waves
Wireless Integration and Security Course - Lab 4 – Decibel Calculations
Wireless Integration and Security Course - Lab 5 – Securing an enterprise grade Wireless Access Point with Cisco 1220 AP
Wireless Integration and Security Course - Lab 6 – Securing a high speed 802.11n wireless access point using a Cisco Linksys WRVS4400n access point
Wireless Integration and Security Course - Lab 7 – Performing wireless frame analysis using Wireshark, a free sniffer tool

I don't think that it's worth your time and energy pursuing this, especially since the card has been cancelled and you have received a refund. Hopefully your bank has tracked down the criminals.
I also doubt that Anglian Water will tell you the name or account number of the criminal that used your card to pay for the bill. They would most probably require an account number or an address to reference the bill but using just your card details I doubt it.

It sounds like your card may have been cloned, did you use your card in an ATM recently or shop online or use it anywhere else that could be suspicious?

I'd recommend joining Linkedin (http://www.linkedin.com) and joining a few of the Security groups such as Ethical Hackers, Infosec Careers, Information Security and more. If you search for the relevant groups you'll find a long list available. Most Security related groups have a sub group for job openings or contracts posted mostly by recruitment agents and you can contact them directly for any opportunities.

What IP Address does your friend have recorded, the one allocated by his ISP? If so, it might be worth contacting his ISP and notifying them that the laptop has been stolen and hopefully the ISP can assist when/if the laptop connects to the ISP. Depending on the thief, the thief might not even connect the laptop to the same ISP or connect to the internet at all. The thief could also decide that once all the interesting data on the laptop has been extracted to then format the laptop. 

In order to track the laptop's location, the laptop will have to have had some tracking software installed prior to being stolen. Something like the following, (both free) can help: http://preyproject.com/ or http://adeona.cs.washington.edu/

Have you tried running Dirbuster in headless mode and see if it makes any difference?

java -jar Dirbuster-0.12.jar -H http://www.foo.com

This might help:

cd /pentest/web/dirbuster

java -jar Xmx256m Dirbuster-0.12.jar

The example above assigns 256 MB of memory to the Dirbuster jar file