Attacks Around the World
Useful LinksDelegate Material Registration Link
Delegate Material Access Link Delegate Lab access Link (6 Months Access once redeemed) Instructor Access Course Material Link SY0-601 Exam Domains
Link 1. Attacks, Threats and Vulnerabilities 24% 2.0 Architecture and Designs 21% 3.0 Implementation 25% 4.0 Operation and Incident Response 16% 5.0 Governance, Risk and Compliance 14% EXAM Objectives CompTIA Roadmap Link Continuing Education Program FREE KALI LINUX PDF Install Kali Link Useful Files
Security+ YouTube Playlist SY0-601Useful WebsitesExcellent all in one Website re tools and methods Link
Excellent site on Worms and Trojans Link Most Common Password List Link Public Web Site for Hacking Link UNIX in a Browser (Practice) Link Recent Attacks (July 2020) Blackbaud Data Breach ransomware Link Garmin Attacks Link Premier League Link University of York (may to July) Link Amazon Link Hydro Norway Link MOZI IOT Attack Link Class Whiteboard FilesGeneral Drawings
VIGENERE (Polyalphabetic)
WEP
TKIP
SAML
Kerberos
All Ports Required
|
Course Content"The Art of War" by Sun Tzu Link
Lesson 1: Comparing Security Roles and Security ControlsThe CIA Triad Video Link aka AIC or PAIN
Infosec Link Cybersecurity Framework Five Functions Link Example of Data Security Policy Link NIST 800-53 Security Controls Link ISO 21K Link ISO 31K Link SSAE SOC1/2/3 Link OWASP Top Ten Web Application Security risks Link GDPR Link Playbooks Link 18 Biggest data breaches of the 21st Century Link Lesson 2: Explaining Threat Actors and Threat IntelligenceThe Sony Attack Link
Wannacry attack Link China's Great Cannon Link Fireeye Nation State report Link Kaspersky APT Predictions for 2020 Link SIM Swap fraud Link Garmin Hacker attack July 2020 Link Link2 Insider threat "Captital One" insider data breach Link Internal Twitter Attack Link Target attack via HVAC system (US) Link Tactics, Techniques and Procedures (TTPs) Mitre Navigator Link APT Groups Link The Pyramid of Pain (Mitre Attack Framework) Link Link2 The Deep Web and Dark Web Link Defcon Harvard (Eldo Kim) Bomb Attack Link 3rd Party Integration of SI Feeds (STIX/TAXII) Link Reconnaissance web site Shodan Link Using Shodan Video Link Open-source intelligence (OSINT) Link Link2 Google Dorks Link Virus Total Link Tracking SPAM Link MISP OSINT Threat Sharing Link CheckPoint's Live Threat Map Link Lesson 3: Performing Security Assessmentsnmap reference guide Link
nmap cheat sheet Link theHarvestor tool Link dnsenum tool Link scanless tool Link Port Scanning from GRC (remote) Link curl transferring data with URLs Link hping Link Nessus Link tcpreplay Link metasploit Pen Test framework Link Sn1per Tool Link Security Assessment Frameworks NIST SP 800-115 Link OpenVAS Vulnerability Scanner Link SCAP Protocol Link CVSS 3.0 Online Scoring Calculator Link Non-Intrusive scanner Zeek link Manauver Link List of Big Bounty Programs Link Orange is the new Purple (Team) exercise types Link War driving using Drones Link Lesson 4: Identifying Social Engineering and MalwareBruce Schneier's essays on social engineering Link
Credential Harvesting Link Credential Harvesting Madgecart Link Deep Fake (Voice and Video) Link Influence Campaigns (compromised twitter accounts) Link Rogueware, Scareware Ransomware Link Different Types of Viruses Link Conficker Worm Removal Link Removal for US Intel agencies Darkmatter Rootkit Link How does Bitcoin Mining work Link Cuckoo Sandbox automated malware detection Link Sysinternals Link Lesson 5: Summarizing Basic Cryptographic ConceptsCleartext vs Plaintext Link
ChaCha20 Stream cipher Link Comparison of Symentric Encryption Algorithms Chacha20 Vs RC4 is included Link Padding Oracle Attack with AES CBC Link Schneier's Law Link TLS V1.3 Update Link Smart Meter Security Link Is it still safe to use RSA Link Google demonstrates Quantum Computing Link YouTube video on Quantum Computing Link YouTube video Quantum Cryptography in 6 mins Link YouTube video Blockchain in 2 mins Link Stenography Page Link What3words the whole planet broken into blocks link Good for generating passwords Password Checking Site Link WPA3 Link Online Coder/Decoder Rot13 XOR etc Link Better Link On-Line MD5 Hashing Generator Link Rail Fence Cipher Link On Line XOR Calculator. AND/OR/XOR explained DHE Explained Link Diffie Hellman on-line calculator Link ECDH Video Link Lesson 6: Implementing Public Key InfrastructureEV Standards maintained by CA/Browser Forum Link
Wildcards in EV certificates like a Unicorn Link Heartbleed Bug (OpenSSL) Link Big Orgainisations let their certificates expire (Linkedin) Link CRL Distribution points in Certificate Link Certificate Transparency org Link Lesson 7: Implementing Authentication ControlsBrute Force attack Machine learning Link
Password Checker (GRC) Link Cain and Abel, Password cracker download Link Hashcat (Fast Password Recovery) Link FIDO/U2F Key Link How FIDO Works Link SMS Intercept Attacks Link Facial Recognition abandoned in Kings Cross Link Lesson 8: Implementing Identity and Account Management ControlsAmazon Capital One Breach Insider Link
Managed Service Accounts Link NIST Updated Guidance on Password Policies Link Adobe Data Breach 2013 helped by password hints Link Password Strength Cartoon fun Link SOAP Link illustrated Guide to Oauth and OIDC Link American Red Cross Rogue tweet Disaster McDonalds Twitter Campaign gone wrong Lesson 9: Implementing Secure Network DesignsSecuring the Data Centre (Cisco ASAv) Link
WiFi has new numbers (1/2/3/4/5) Link WiFI 6 Link Easyconnect and DPP replacement for WPS Link EAP-TLS explained (Non-Tunneled) Link Radius Federation, University students eduroam Link WPA2/WPA2 Replay Attack called KRACK Link DNS DDOS attack. it almost broke the Internet 3/2013 (New Amplification) NTP Attack Feb 2014 (Amplification) Lesson 10: Implementing Network Security AppliancesLesson 11: Implementing Secure Network Protocols.htaccess redirects Link
Talos Domain Reputation Link TLS V1.3 Link Cisco Support TLS V1.3 Link RSS and Atom Feeds Link PPTP Insecure Link PPTP Vs L2TP Link Precision Time Protocol PTP Link Apache Guacamole HTML5 remote desktop solution Link Canvas Element Link Lesson 12: Implementing Host Security SolutionsTrusted Computing Group Link
Christopher Tarnovsky TPM Keys extraction Link Link2 TPM on Window PC Link Disk encryption Std OPAL Link O.MG Cable Hak5 Link Huawei Phones Link Six Sigma Link Microsft Secuiry Compliance Tool Link Missed Patch caused Equifax Data Breach Link DLP Cisco Umbrella (Cloud Security) Link CME Maintained by Mitre (Like CVE) Link Microsoft System Internals Link The things network - LoraWan Link Hacking Phillips Hue Link Traffic Light Vulnerability Link Nissan Leaf DOS attack Link Insulin Pump Attack Link UK Government loses data on 25 million Britons Link CiscoLive Presenatation on Embedded System Security Link Lesson 13: Implementing Secure Mobile SolutionsFBI Ask Apple to help unlock IPhone Link
Russian soldier reveals location through geo-tag photo Link SS7 Attack in the Telecoms Network Link GPS Spoofing Link What is a Wireless Mesh Link Security in Wireless Mesh Link RFID Skimming attack Video Link Juice Jacking Link Hacked SS7 in the Telecomms Link Stingray/TMSI Catcher Link Lesson 14: Summarizing Secure Application ConceptsExternalBlue Exploit Link
Race Condition Attack Dirty COW Link Pass the HASH Video (Mimikatz) Link Difference between URL and URI Link OWASP CSRF disguise the attack Link SSL Strip Link Directory Travesal Attack Link Link2 Server Side Request Forgery Link Network Tab tool in Chrome Browser Link Attributes in Cookies (httpOnly etc) Link What is Magecart (Implant code to skim credt card infor Link Check for Magecart Link urlscan.io Static Secure Code Analysers Link SDN and Orchestration Link PsExec Link Powershell Constrained Language Mode Link Beef Project - Pen Test Tool on Web Browser Link Lesson 15: Implementing Secure Cloud SolutionsWhat is a Cloud Service Link
*aas options defined Link docker.com Link Spectre and Meltdown effects security of VM Host Link VM Escaping Link Docker -- Container Security Link Storage Tiers classes Link AWS Transit Gateway Link Firewalling between Security Groups Link NetFlix and AWS Lambda Case Study Link SDN Overview Link What is NFV Link Cisco SOAR Link Fog Computing by Cisco Link Lesson 16: Explaining Data Privacy and Protection ConceptsUS Privacy Shielding Link
IP (Intellectual property) Theft China Link Encrypt Data in Use Intel Software Guard Link De-Identification (NIST) Link Lesson 17: Performing Incident ResponsePlaybooks Link
Lockheed Martin Kill Chain Link Incident response Exercises Mitre Playbook Link Syslog PRI (Priority Code) explained calculated Link sysmon Link IPFIX Standard version of Netflow IETF Link Confusing AI Link Lesson 18: Explaining Digital ForensicsEnCase and Forensic Toolkit Link Link2
Sleuth Kit disk imaging etc Link WinHex Link The Volatility Framework Link Write Blocker Ultradock Link Lesson 19: Summarizing Risk Management ConceptsLesson 20: Implementing Cybersecurity ResilienceReplace RAID arrays with SSDs Link
BA Data Centre Problems Link Host Naming Link Blockchain an alternative IAM Link Breadcrumb Deception Link Lesson 21: Explaining Physical Security | ||||||||||||||||||||||