Security Resources

This page is a reference with security documents, posts, videos and presentations I find useful for staying up to date on current security issues and exploits.
Last Updated: May 2016

Note that this page isn’t actively updated. Visit the Attack, Defense, & Detection page for updated content.

 

Microsoft Enterprise & Active Directory Security Documents (& Blog Posts):

NOTE: Application whitelisting is not a panacea and is a journey – it takes time to build a secure enterprise and every defensive layer helps, though each layer on its own may not be enough to stop an attack.

 

Raphael Mudge (@armitagehacker) has great resources (and videos) describing red team actions and is extremely helpful in understanding how attackers compromise an environment. While much of the content is specific to Cobalt Strike, it’s a treasure trove of red team information. Highly recommended!
http://blog.cobaltstrike.com/2015/09/30/advanced-threat-tactics-course-and-notes/

 

ADSecurity.org Active Directory Security Posts:

 

Sean Metcalf’s (ADSecurity.org) Active Directory Security Presentations

Other Great Enterprise & AD Security Resources

 

Microsoft Ignite 2015 Security Sessions

Windows Security Sessions:

How to Protect Your Corporate Resources from Advanced Attacks (Microsoft Advanced Threat Analytics, formerly Aorato)
https://channel9.msdn.com/Events/Ignite/2015/BRK3870
Demi Albuz, Michael Dubinsky, Benny Lakunishok, Idan Plotnik
Slides (view online)

How You Can Hack-Proof Your Clients and Servers in a Day
Hasain Alshakarti, Marcus Murray
https://channel9.msdn.com/Events/Ignite/2015/BRK2346

Hacker Tools for Ethical Hackers to Protect Windows Clients
Raymond Comvalius, Erdal Ozkaya
https://channel9.msdn.com/Events/Ignite/2015/BRK2332
Slides (view online)

Detecting the Undetectable
Roger Grimes
https://channel9.msdn.com/Events/Ignite/2015/BRK2344
Slides (view online)

Adventures in Underland: What Your System Stores on the Disk without Telling You
Paula Januszkiewicz
https://channel9.msdn.com/Events/Ignite/2015/BRK3320

Hidden Talents: Things Administrators Never Expect from Their Users Regarding Security
Paula Januszkiewicz
https://channel9.msdn.com/Events/Ignite/2015/BRK3323

The Ultimate Hardening Guide: What to Do to Make Hackers Pick Someone Else
Paula Januszkiewicz
https://channel9.msdn.com/Events/Ignite/2015/BRK3343

Black Belt Security with Windows 10
Sami Laiho
https://channel9.msdn.com/Events/Ignite/2015/BRK3336

Zero Admins – Zero Problems
Sami Laiho
https://channel9.msdn.com/Events/Ignite/2015/BRK2335
Slides (view online)

Barbarians Inside the Gates: Protecting against Credential Theft and Pass the Hash Today
Aaron Margosis, Mark Simos
https://channel9.msdn.com/Events/Ignite/2015/BRK2334
Slides (view online)

Advanced Windows Defense
Erdal Ozkaya
https://channel9.msdn.com/Events/Ignite/2015/BRK2311
Slides (view online)

Zombies in Social Networks
Erdal Ozkaya
https://channel9.msdn.com/Events/Ignite/2015/BRK2315
Slides (view online)

Modern Hardening: Lessons Learned on Hardening Applications and Services
Shawn Rabourn, Mark Simos
https://channel9.msdn.com/Events/Ignite/2015/BRK3486

 

Windows 10 Security Sessions:
Dropping the Hammer Down on Malware Threats with Windows 10’s Device Guard
Scott Anderson, Jeffrey Sutherland
https://channel9.msdn.com/Events/Ignite/2015/BRK2336
Slides (view online)

The End Game for Passwords and Credential Theft?
Nelly Porter
https://channel9.msdn.com/Events/Ignite/2015/BRK2333
Slides (view online)

Overview of Windows 10 for Enterprises
Jeremy Chapman, Dustin Ingalls
https://channel9.msdn.com/Events/Ignite/2015/THR0342

Windows 10: Disrupting the Revolution of Cyber-Threats with Revolutionary Security!
Chris Hallum, Dustin Ingalls
https://channel9.msdn.com/Events/Ignite/2015/BRK2306
Slides (view online)

A New Era of Threat Resistance for the Windows 10 Platform
Chris Hallum, Dustin Ingalls
https://channel9.msdn.com/Events/Ignite/2015/BRK2325
Slides (view online)

Next Generation Malware Detection with Windows Defender
Dustin Ingalls, Deepak Manohar
https://channel9.msdn.com/Events/Ignite/2015/BRK2327
Slides (view online)

Misc:

Sysinternals Primer: Ignite 2015 Edition
Aaron Margosis
https://channel9.msdn.com/Events/Ignite/2015/BRK3337

Active Directory Security Presentations (DerbyCon 2014 Videos):

 Active Directory Security Presentations (Black Hat USA 2014 Videos):

Active Directory Security Presentations (TechEd USA 2014 Videos & Presentation files):

 Pass-the-Hash & Kerberos Attack Resources:

General Hacking Videos:

Advanced Threat Tactics Course and Notes  – Great coverage of attack methodology and tactics.

Hacking History:

Networking:

MetaSploit:

Services:

Programming:

Wireshark:

Other:

 

Security (Hack) Tools:

Defense Tools:

 

 General Disclaimer:
This information is for educational purposes only. Using this information to attack systems you don’t own may result in law enforcement knocking down your door. Use your own lab for testing and don’t hack your neighbor or your workplace.

 

 

 

(Visited 47,405 times, 6 visits today)

1 comment

    • Jack Perry on April 20, 2017 at 11:30 am
    • Reply

    The link for Best Practices for Securing Active Directory is broken. I did a search, and found the following article. Haven’t had time to read it yet, but hopefully this is an updated version.

    https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory

Leave a Reply to Jack Perry Cancel reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.