Tools, Software, Products
Education, Reading, Learning
nist cyber security framework – Google Search
cyber security framework – Google Search
Category:Vulnerability Scanning Tools – OWASP
EFF: Surveillance Self-Defense | Tips, Tools and How-tos for Safer Online Communications
SSL & DNS
Podcasts
People in InfoSec
Good Reads
Top Picks
What I Learned Trying To Secure Congressional Campaigns (Idle Words)
Stuff that needs sorting
DLA Piper GDPR data breach survey: February 2019 | Insights | DLA Piper Global Law Firm
cyber security before, during and after attack – Google Search
ModSecurity: Open Source Web Application Firewall
ctf security for beginners – Google Search
CTF365 – Capture The Flag | Security Training Platform
Capture The Flag (CTF ) – Code Like A Girl
Encryption software to secure cloud files | Boxcryptor
11 Best PHP Code Security Scanner to Find Vulnerabilities
Security Vulnerabilities Detected by RIPS
Community Edition | SonarSource
Sven Morgenroth, Netsparker – Paul’s Security Weekly #584 – YouTube
Never Pass Untrusted Data to Unserialize in PHP | Netsparker
1.1.1.1 — the Internet’s Fastest, Privacy-First DNS Resolver
prtg message software monitoring – Google Search
The 21 biggest data breaches of 2018 | Business Insider
Mozilla – *privacy not included
Govt pushes Flash, Java, web ad blocks in revised infosec manual – Security – iTnews
2-factor authentication may be hackable, expert says
14 Best Open Source Web Application Vulnerability Scanners [Updated for 2018]
People older than 65 share the most fake news, a new study finds – The Verge
damn vulnerable web app – Google Search
DVWA – Damn Vulnerable Web Application
Authy | Two-factor Authentication (2FA) App & Guides
type juggling owasp – Google Search
Government shutdown: TLS certificates not renewed, many websites are down | ZDNet
For Owners of Amazon’s Ring Security Cameras, Strangers May Have Been Watching
10 GitHub Security Best Practices | Snyk
StopSIMCrime | Let’s make mobile carriers stop!
NIST on Privileged Access Management: Secure the Keys to your Kingdom – The LastPass Blog
How Much of the Internet Is Fake?
Weekly Update 122 (and Lenovo P50)
security asset management – Google Search
phywical office awareness – Google Search
google maps location sharing – Google Search
web application hacker’s handbook – Google Search
browser hackers handbook – Google Search
Access via public WiFi – Man in the middle – Reset main account passwords – Google Search
CRLF Injection Into PHP’s cURL Options – TomNomNom – Medium
The curious case of the Raspberry Pi in the network closet
WiGLE: Wireless Network Mapping
It’s Time To Audit All The Extensions You’ve Installed On Your Browser | Gizmodo Australia
Analyzing a Week of Blocked Attacks
Home network/wifi segmentation – Google Search
home network security – Google Search
why unique passwor.d password stuffing from people operating community websites – Google Search
Don’t Toss That Bulb, It Knows Your Password | Hackaday
Pwn the LIFX Mini white – Limited Results
googling help numbers that are a scam – Google Search
Google releases Chrome extension that alerts users of breached passwords | Ars Technica
Photo Location & Online EXIF Data Viewer – Pic 2 Map
Facebook Is Tracking You! Here’s How to Stop It
uBlock Origin – Chrome Web Store
Privacy Badger | Electronic Frontier Foundation
Use Windows Event Forwarding to help with intrusion detection (Windows 10) | Microsoft Docs
windows event log forwarding – Google Search
Using Gmail “Dot Addresses” to Commit Fraud – Schneier on Security
keyless entry car relay attack – Google Search
charles proxy android – Google Search
clear web data breaches – Google Search
why do hotels require passports – Google Search
mega.nz data breach – Google Search
Open sourcing ClusterFuzz | Google Open Source Blog
Open sourcing ClusterFuzz | Google Open Source Blog
usb device driver infect at DuckDuckGo
nist phone sms 2fa at DuckDuckGo
NIST declares the age of SMS-based 2-factor authentication over | TechCrunch
Sms 2fa not secure at DuckDuckGo
Top Cyber Security Journalist Award Winnners | SANS Institute
The passwordless web explained – Naked Security
Improvements for Sharing Securely on Box | Box Blog
Online safety cartoons for young kids
The passwordless web explained – Naked Security
CheatSheetSeries/Password_Storage_Cheat_Sheet.md at master · OWASP/CheatSheetSeries
W3C approves WebAuthn as the web standard for password-free logins | VentureBeat
us munitions list – Google Search
Electronic Frontier Foundation | Defending your rights in the digital world
The Threat Intelligence Handbook | Recorded Future
abuse.ch | Fighting malware and botnets
SSL Server Test (Powered by Qualys SSL Labs)
Making Passwords Simple | SANS Security Awareness
A Few Simple Steps to Vastly Increase Your Privacy Online
Threatpost | The first stop for security news
Jeremy from Marketing – Darknet Diaries Podcast
Special Publication 800-63 | NIST
So You Want To Be a Pentester? – Jack Hacks
Why Every Privacy Activist Should Embrace* DNS-over-HTTPS
Top 5 Configuration Mistakes That Create Field Days for Hackers | Threatpost
14 Best Open Source Web Application Vulnerability Scanners [Updated for 2019]
Category:Vulnerability Scanning Tools – OWASP
Canary tokens to detect site cloning – Google Search
AppSec
ThreatPlaybook – Home – ThreatPlaybook
Open Source Security Platform | Snyk
rollbar raygun sentry – Google Search
vulnerability database – Google Search
Data breach detection, prevention and notification – DataBreachToday
OWASP Dependency Check – OWASP
OWASP Dependency Track Project – OWASP
secure code warrior – Google Search
paper towns on maps – Google Search
ThreatPlaybook – Home – ThreatPlaybook
splunk logging – Google Search
datadog logging – Google Search
Password security
Passwords in online services | ICO
Troy Hunt: Passwords Evolved: Authentication Guidance for the Modern Era
Bug Hunting Is Cybersecurity’s Skill of the Future – Infosecurity Magazine
New machine learning algorithm breaks text CAPTCHAs easier than ever | ZDNet
How Facebook Tracks Non-Users via Android Apps | Threatpost | The first stop for security news
ecthros/uncaptcha2: defeating the latest version of ReCaptcha with 91% accuracy
Host Websites On Github – JerryGamblin.com
webhint, the hinting engine for web best practices
Network Scanning
php script to scan ip addresses – Google Search
Script to collect the Hostname, MAC & IP Address – Windows Forum – Spiceworks
IP scanner, give it range of IPs and it’ll return the website title
Smaash/hostscan: php tool for network scanning
LastPass & Have I Been Pwned
lastpass have i been pwned – Google Search
LastPass Forums • View topic – Pwned Passwords check
LastPass Forums • View topic – Have I Been Pwned Integration?
php – RegEx to find and remove event attributes ex. onclick, onload, onhover etc – Stack Overflow
How do you parse and process HTML/XML in PHP? – Stack Overflow
NIST Asks for Input on Building Secure Software – Nextgov
Rolling out LastPass? Don’t Miss These 5 Tools – The LastPass Blog
LockPickingLawyer – YouTube
Notifiable Data Breaches Scheme 12‑month Insights Report| Office of the Australian Information Commissioner – OAIC