Security links

This page by David Papkin has information on security. All hacking information is for penetration testing and educational purposes only. Please make sure you have signed letter of authorization before doing penetration testing.

ISO/IEC 27001 formally specifies an Information Security Management System (ISMS)

Payment Card Industry Data Security Standard (PCI DSS)

Sarbanes Oxley Act (SOX) and Compliance Requirements for Protecting Data-at-Rest

HIPAA Security Rule

OSSIM is an open source security information and event management system

Network Security Toolkit (NST)

National Vulnerability Database

Physical Security and Why It Is Important

Berkely Information Security and Policy Best Practices & How-To Articles

Cisco Best Practices: Device Hardening and Recommendations

Microsoft Server Hardening: Windows Server 2012

Microsoft Security Hardening Tips and Recommendations

RSA Conference 2016 Top 10 Security Hardening Settings for Windows Servers and Active Directory

SSL Strip for newbies

New Tricks For Defeating SSL In Practice

SecTools.Org: Top 125 Network Security Tools

What’s the Difference Between BitLocker and EFS (Encrypting File System) on Windows?



Email encryption


Wireshark HTTPS (Has 9 learning Activities.Very good!))

Wireshark SSL

How to build Display Filters

Ethernet Capture

NMAP OS Detection

Understanding an Nmap Fingerprint

Healthcare ransomware attack: Prevention and backups are critical

Ten ways to stop a ransomware threat targeting healthcare data

How to Use SSH keys with Windows on Azure

Credential Guard

Protect derived domain credentials with Windows Defender Credential Guard

Secure MOR implementation

Securing Domain Controllers Against Attack
Securing Privileged Access