Security links by David Papkin

This page by David Papkin has information on security. All hacking information is for penetration testing and educational purposes only. Please make sure you have signed letter of authorization before doing penetration testing.

Authentication

OpenID – single sign-on for consumers
SAML – single sign-on for enterprise users
OAuth – API authorization between applications

LDAP vs Kerberos vs OAuth2 vs SAML vs RADIUS

The Difference Between SAML 2.0 and OAuth 2.0

SAML vs OAuth 2.0 vs OpenID Connect White Paper

IDPS

NIST Guide to Intrusion Detection and Preventions Systems 

RADIUS vs TACACS+

 RADIUS  TACACS+
Protocol and Port(s) Used UDP: 1812 & 1813
-or- UDP: 1645 & 1646
TCP: 49
Encryption Encrypts only the Password Field Encrypts the entire payload

TACACS+ and RADIUS Comparison (Cisco)

RADIUS versus TACACS+

Standards

The National Institute of Standards and Technology

FEDERAL INFORMATION STANDARDS (FIPS)

ISO/IEC 27001 formally specifies an Information Security Management System (ISMS)

Payment Card Industry Data Security Standard (PCI DSS)

Sarbanes Oxley Act (SOX) and Compliance Requirements for Protecting Data-at-Rest

HIPAA Security Rule

Berkely Information Security and Policy Best Practices & How-To Articles

Cisco Best Practices: Device Hardening and Recommendations

Camera

CAMSECURE SMART MDM

General

OSSIM is an open source security information and event management system

Network Security Toolkit (NST)

National Vulnerability Database

Physical Security and Why It Is Important

Microsoft Server Hardening: Windows Server 2012

Microsoft Security Hardening Tips and Recommendations

RSA Conference 2016 Top 10 Security Hardening Settings for Windows Servers and Active Directory

SSL Strip for newbies

New Tricks For Defeating SSL In Practice

SecTools.Org: Top 125 Network Security Tools

Encryption

Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password

What’s the Difference Between BitLocker and EFS (Encrypting File System) on Windows?

S-HTTP vs HTTPS

S/MIME

Email encryption

Understanding Application Layer Protocols (Informit)

Which layer of the OSI model do SSL and TLS belong to? (Cisco)

Where does SSL encryption take place?

What is the difference between DNS over TLS & DNS over HTTPS?

Exposing Cyber espionage unit

Standardizing Cyber Threat Intelligence Information with the Structured Threat Information eXpression (STIX™)

Wireshark

Wireshark HTTPS (Has 9 learning Activities.Very good!))

Wireshark SSL

https://wiki.wireshark.org/DisplayFilters

How to build Display Filters

Ethernet Capture

NMAP OS Detection

Understanding an Nmap Fingerprint

Healthcare ransomware attack: Prevention and backups are critical

Ten ways to stop a ransomware threat targeting healthcare data

How to Use SSH keys with Windows on Azure

Web shell

Credential Guard

Protect derived domain credentials with Windows Defender Credential Guard

Secure MOR implementation

Securing Domain Controllers Against Attack
Securing Privileged Access

OWASP TOP 10 VULNERABILITIES

Frameworks

NIST CYBERSECURITY FRAMEWORK

COBIT (Control Objectives for Information and Related Technologies)

SABSA (Sherwood Applied Business Security Architecture)

ISO/IEC 27001 formally specifies an Information Security Management System (ISMS)

Utilities

SSL Utilities

Free Security Software