List of references for Volume I - Hackers Exposed!

Welcome and Introduction to the Instructor!
Nathan’s Twitter #GotoNathan
Nathan’s Cyber Security Blog

Why You Need Security – The Value Of A Hack
Norse threat map

Krebs on Security

Krebs on Security

Security Bugs and Vulnerabilities - The Vulnerability Landscape
Exploit pack updates

CVE details

Malware, viruses, rootkits and RATs
Malware stats

7 most common RATs

The state of Ransomware in 2015

Chef Jamie Oliver’s hacked for the third time

Norse threat map

Spyware, Adware, Scareware, PUPs & Browser hijacking
7Millions of computers may be compromised by US spyware
Lenovo Superfish Scandal
IT threat evolution in Q3 2015
McAfee Labs Threats Reports: February 2015

What is Phishing, Vishing and SMShing
Live phishing links
XSS example vulnerability
Homograph attack using internationalized domain name

Spamming & Doxing
Spam stats

Spam stats

Social engineering - Scams, cons, tricks and fraud
Top 10 scams
Consumer Fraud _Reports:_ing
Types of Fraud

Governments, spies and secret stuff part II
NSA Playset

NSA ANT Catalog
NSA Codenames
Through a PRISM, Darkly - Everything we know about NSA spying [30c3]

Regulating encryption, mandating insecurity & legalizing spying

UK data communications bill

WhatsApp was Banned for 48 Hours in Brazil

How India Regulates Encryption
Kazakhstans new encryption law

Clipper chip

NSA Admits It Collects Too MUCH Info to Stop Terror Attacks
Matt Blaze Speaking to a US congressional committee

Keys Under Doormats: Mandating insecurity by requiring government access to all data and communication

The Case against Regulating Encryption Technology

A Worldwide Survey of Encryption Products

A Worldwide Survey of Encryption Products
Encryption Technology and Possible US Policy Responses

Trust & Backdoors
Formal methods

Examples of backdoors
Apple removes malware infected apps from the app store

Apple backdoor order

On the Juniper backdoor

Reproducible builds
Deterministic Builds Part One: Cyberwar and Global Compromise
How to make your software build reproducibly

Google Censorship Ruling in Canada Has Worldwide Implications

European privacy requests for search removals
Government requests to remove content

Security News and Alerts – Stay Informed
Security News and Alerts

Hash Functions
Example hashes

Digital Signatures
Symantec Code Signing Certificates
Microsoft’s Device Guard locks down Windows 10 so it can only run trusted apps

Secure Sockets Layer (SSL) and Transport layer security (TLS)
Wikipedia Transport Layer Security (TLS) page

Mozilla Cipher Suite Recommendations
Weakdh Cipher Suite Recommendations
Steve Gibson’s Cipher Suite Recommendations

SSL Stripping
Intro to Sniffers
SSL Strip tool By Moxie Marlinspike
Cain & Abel
Arpwatch Tool to Monitor Ethernet Activity in Linux

sniffdet - Remote Sniffer Detection Tool/Library
WIFI Pineapple


Server Name Indication (SNI) Wiki

Certificate Authorities and HTTPS
CA Ecosystem
CA example mistake

Cert Fingerprints
SSL Sniff
Certificate patrol

List of Steg Tools
OpenPuff Manual

How Security and Encryption is Really Attacked
Security Pitfalls

Introduction to Setting up a Testing Environment Using Virtual Machines
Comparison of platform virtualization software


Vmware Virtual Appliance Marketplace
How to attach/configure image with VirtualBox?!
Virtual Machine - IT Community
Vmware Network Adapter Settings
Virtualbox Network Adapter Settings
VMware Images
VirtualBox Images
VirtualBoxes – Free VirtualBox® Images
Windows VMs here

VMware Workstation Player
Workstation Player or Workstation Pro - Choose the Right Version for You

Virtual box

Kali Linux
Kali Linux
Vmware and virtualbox Kali 2016 official images (Use as preferance)
Kali 2016 official ISO images

Security Bugs and Vulnerabilities
Top 50 products vs security bugs
Buying Into the Bias: Why Vulnerability Statistics Suck

Usage Share
OS usage share

Windows 10 - Privacy & Tracking
Cortana privacy faq
Microsoft Privacy Statement
Microsoft Service Agreement
With Windows 10, Microsoft Blatantly Disregards User Choice and Privacy: A Deep Dive

Windows 10 - Disable tracking automatically

Windows 10 - Tool : Disable Windows 10 Tracking

Windows 10 – Cortana
Cortana privacy faq
How to Disable Cortana in Windows 10’s Anniversary Update
How to Disable Cortana on Windows 10

Windows 10 – Privacy Settings
SmartScreen Filter: FAQ
Complete guide windows 10 privacy settings

**Windows 10 - WiFi Sense
Wi-Fi Sense in Windows 10 Insider Preview Build 14342

Windows 7, 8 and 8.1 - Privacy & Tracking
Microsoft - How to manage Windows 10 notification and upgrade options
How to block Windows 10 upgrades on your business network (and at home, too)
GWX Control Panel
Never 10 by Steve Gibson (Use this!)

Mac OS X - Privacy & Tracking
Fix Mac OS X
Yosemite Phone Home?
The Washington Post - How Apples OS X Yosemite tracks you

Linux and Unix “like” Operating systems

** General Use Operating Systems (Windows, MacOS and Linux)**
Linux Mint

** General Use Operating Systems With a Security and Privacy Focus (Debian, Arch)**

** Pure Security Focused Operating Systems (QubesOS, Subgraph OS, Trisquel OS)**
Qubes OS
Subgraph OS
Trisquel OS
Hardened Gentoo Linux
Astra Linux
Security-Enhanced Linux (SELinux)

** Anonymity Focused Operating Systems (Tails and Whonix OS)**
Tails OS
Qubes OS

** Penetration Testing and Ethical Hacking Focused Operating Systems**
Kali Linux
Parrot GNU/Linux
BlackArch Linux
BackBox Linux

** Mobile Operating Systems with Security & Privacy Focus (LineageOS, Sailfish)**
PureOS Librem 5

** Linux - Debian 8 Jessie - Virtual box guest additions Issue**
Debian Live CD/DVD
Download Debian
Free Debian Books and Guides

Windows - Criticality and Patch Tuesday
Microsoft Security Bulletins
Common Vulnerabilities and Exposures
National vulnerability database
Windows 10 Ditches Patch Tuesday for Security’s Sake
Patch Tuesday may be dead, but Microsoft’s not confessing to the crime

Windows 7, 8, 8.1 & 10 - Automate the pain away from patching
Flexera Personal Software Inspector - Previously Secunia PSI

Linux - Debian – Patching
Debian Security Page
Automatic Security Updates
Software distributions based on Debian

Mac OS X – Patching
Apple security updates
igeekblogs - How to enable updates
Mac Update
Homebrew - The missing package manager for macOS

Information Disclosure and Identity Strategies for Social Media
Facebook terms and conditions: why you don’t own your online life
Terms of Service Didn’t Read

Welcome to diaspora* The online social world where you are in control
The Friendica Project is a decentralised social platforms and technology for the coming post-Facebook world.
Federated social web servers
The complete guide to facebook privacy settings
Twitter Privacy Settings
List of Personally Identifiable Information (PII)
Who Has Your Back? 2015: Protecting Your Data From Government Requests

Identify Verification and Registration
ow to Get Email Headers
BugMeNot: find and share logins
Mailinator is Free, Public, Email system
Guerrilla Mail - Disposable Temporary E-Mail Address
Anonymous email service
Free, receive only, temporary, throwaway, e-mail accounts.
Disposable email service
Disposable random email address
Free, completely anonymous one-time email address
Disposable Temporary E-Mail Address
Temporary mail address
Free temporary email service
Disposable mailbox
Temporary e-mail without registering
Example SMS recieve online site
Top 10 sites receive sms online without phone

Behavioural Security Controls Against Social Threats (Phishing, Spam) Part 1
Reputation Checker Tool

Behavioural Security Controls Against Social Threats (Phishing, Spam) Part 2
External parsing tool for emails
Whois Record for
Whois Record for
Upload files via email and receive the scan results in your mailbox

Technical Security Controls Against Social Threats (Phishing, Spam, Scam & Cons)
How to Freeze or Block Access to Your Credit!
National Fraud and Cyber Crime _Reports:_ing Centre
Internet Scams, Identity Theft, and Urban Legends: Are You at Risk?

Physical and Hardware: Isolation - How to change the Mac Address
Linux - How to use macchanger
Mac OS X - How to change the mac address
Diagram of Mac
Windows - Tmac
Mac OS X - Macdaddyx
Mac OS X - Wifispoof

Physical and Hardware: Isolation - Hardware: Serials
Windows - CPU Z
Linux - i-nex
Mac OS X - Mac Cupid
Windows - dmidecode
Linux and Mac OS X - dmidecode
Mac OS X - Installing dmidecode with brew
Secure your digital life whit physical USB key.

USB authentication key

Virtual Isolation
Portable Apps
Pen Drive Apps
Aegis Secure Key - USB 2.0 Flash Drive

Dual Boot
Dual Booting explained

Built-in Sandboxes and Application Isolation
Chromium sandbox design
Mozilla Sandbox design

Windows - Sandboxes and Application Isolation
Deepfreeze Standard
Deepfreeze Cloud Browser and Desktop

Windows - Sandboxes and Application Isolation – Sandboxie
Introduction and quick guide sandboxie
Sandboxie guide
Sandboxie forum
Sandboxie How it Works

Linux - Sandboxes and Application Isolation
Script Sandfox
Linux Sandbox
Trusted BSD

Mac OS X - Sandboxes and Application Isolation
Mac OS X - App Sandbox
Sandbox Man page
Apple Sandbox Guide
How to run your applications in a mac os x sandbox to enhance security
Firefox profile
Buckle Up

Virtual Machines
Wikipedia - Hypervisor

Wikipedia - Kernel-based Virtual Machine
Wikipedia - Comparison of platform virtualization software

Virt Manager
KVM Debian Jessie
Turnkey Linux - Openvpn

Virtual Machine Weaknesses
Example VMware security bug
A look at malware with VM detection
Timing channel
Covert channel
x86 virtualization
Exploiting dram rowhammer (Could be used on VMs in the future)
Cross-VM Side Channels and Their Use to Extract Private Keys

Virtual Machine Hardening
Convert VM to ISO

Whonix OS - Anonymous Operating system
Whonix and virtualbox
Whonix Stream Isolation
How to implement physical isolation
Whonix Features
Whonix VM snapshots
If setting up your own workstations - MUST READ
Privacy and Anonymity OS
ARM - Anonymizing relay monitor
Whonix Check

Whonix OS – Weaknesses
Whonix - Warnings
Whonix’s lack of an Amnesic feature

Qubes OS
Disposable VMs (DispVMs)
Qubes docs
Split GPG
Compatibility List (HCL)
Qubes Download
Debian template(s)
Windows templates
Whonix templates
Librem 13 laptop
Video Tour of Qubes

Security Domains, Isolation and Compartmentalization
Partitioning my digital life into security domains


Don’t know if this has been mentioned yet but I went to the VmWare site, and found this item.

VMware Workspace ONE UEM - Getting Started Hands-on Lab