Security in all its wild weird ways

A Bookmark page by Andy of Konecny Consulting.

basics for all of us
16 Steps to Securing Your Data (and Life) Ouch! security newsletter for the typical computer user The Six Dumbest Ideas in Computer Security
Why Need a Shredder Internet Fraud Complaint Center No Kaboom Today
Canadian AntiFraud Centre Has your account been Pwned? Protect against Identity Theft
Scam Busters, fighting on-line scams Crypto-Gram newsletter Personal VPN value
Home network security protecting your stuff, simple but effective on-line banking safely by using Linux LiveCDs
What does the web say about you? What your email address says about you Complete Guide to Avoiding Online Scams
About Browser Cookies Malware lables Security BattleGround: an Executive Field Manual
10 crazy IT security tricks that actually work Social Engineering Terms of Service; Didn't Read
Security Awareness Courses and Posters Haft of The Spear: blog about the pointy end a downside of BYOD
good overview of PKI with old implimentation Verification Handbook Homeland Security: Cyber
Why privacy matters, even if you are innocent Upping your anit Phishing skills The Hacker Crackdown
infocon, threat status. Privacy: avoiding going overboard problem with 1 off solutions
starting point of Critical Security Controls 10 tech security basics for all Policy Expiry dates
When to not trust the Lock on a browser Effective security framework Pointers to Learn On Your Own
Reviewlab's safety guide Facebook, how to get what they have on you. Internet of things security view
Intro to PKI, TLS, and x509 BS triggers by Vendors (not just in security) How we are all tracked
location tracking privacy tips downside of personal VPNs Consumer VPNs: May B Fine Without
General use terms Habits of hackers & counters to Who Hacked Us? generator
CISA Ransomware Guide


Passwords, protecting the keys
Why you should have good passwords how to choose good passwords Passwords can be recovered
Default Passwords List How I'd Hack Your Weak Passwords Establish-Maintain your identity
default router pws top 500 worst passwords SHA256 hash Calculator
analysis of breached Sony pw database Change your Password day reveal 'hidden' pw in browsers
Common hiding places 4pw xkcd; easy strong passwords next gen of passwords
Use Your Password to Improve Your Life pw entropy tester w/ source code Secret Life of Passwords:psychology of
Password Recovery/cracking Speeds Passwords to Never use Admin/Root password guides
What Certificate Authorities Are default passwords has your password been exposed
has your ID/address been exposed Beyond Passwords Signing GitHub Commits
Cryptography basics with OpenSSL OpenSSH server best practices LetsEncrypt free SSL
ZeroSSL free SSL The Encryption Fallacy x509 certs explained
MFA, good but not the holy grail


Security Technical Implimentation Guides (STIGS)


other testing tools
SSL cert tools Qualys SSL Labs tester Comodo/Sectigo's SSL Analyzer
DigiCert test tool Symantec's SSL/TLS tester CSR Decoder
SSLTLS testing tools How to check certs on other ports cert n keystore management tools
Hardenize security report Gibson Research tools Virus Total, scans a file agaist many AV tools
Comodo, AV file scanner Using Google as a hack tool Google Dorks
About Google hacking what Facebook can show of you Kali: pen tester Linux distro
Has my account been part of a breach? Where to Submit Malware VirusTotal submission options
BitcoinAbuse database crt.sh issued certs CertDB discovered certs
cert recon script csr Decoder cipher test script
openssl toolkit Verifying SSL/TLS settings testssl.sh
ID that ransomware Gordon cyber rep checks about Gordon


PC level issues&tools
SpyWare Guide test if a file is infected LH votes best AntiVirus 2009
encrypt v-partition Win7+ Make Windows10 less Creepy Browser privacy test
stop weak crypto and protocols on Windows PC Flank Duo Security's VPN Hunter
Privacy Analyzer


spam, spam, and spam with spam on the side
spam history & primer of SpamAssassin some filtering techniques origins of the term spam
SpyWare Warrior, a good reference Pseudo Anonymous eMail nslookup|dig Spamhaus for IP reputation


Network level issues
Wireless security Johnny, I Hack Stuff Instant SSL
Live DDOS activity monitor Upside-Down-ternet Network Forensics with Dshell
Qs for IoT vendors The Bro Security Monitor (IDS) personal VPN primer
Basic CIS controls guide NetFlow: lightweight traffic summerizer Locking down eDirectory
SecurityOnion distro (IDS,logging,+) OpenVAS Vulnerabitlity Assessement System Securing Exchange Online
Shodan CenSys ZMap project
Sooty: SOC Analyst's All-in-One Tool Why let systems talk to everywhere? setup DShield for pfSense
SCADA-ICS security whitepages The Attack Path, defending it


Linux
Werner Puschitz' Securing Linux 20 Linux Server Hardening Security Tips 2FA for SSH
where is this|that machine tools Wireguard VPN


General
The threat is real. Think before you link. broad cybersecurity advice test your phishing IQ
a Phishing Test Beginner CaptureTheFlag scammer baiters
collection of Security Tools Jan's resource-tool list
Toronto Area Security Klatch, monthly
SecTor annual conference The Ethical Hacker Network BlackHat session videos
SecTor session videos No More Ransom project
Are Your Cookies for sale? StopRansomWare CISA How to bypass phsical controls


Oopses (breaches and bad practices)
Drop MS Passport advises Gartner Security Ignorance Program Microsoft support Scammers
Eye of Sauron Is Modern Surveillance State MS Outlook for iOS violates security thread of hybrid phishing - stopped



Tip Jar
Updates last posted 2021-08-26