Skip to content

SANS AUD507 Web References

This page gives links to Internet resources commonly discussed in the course and given in the course book notes.

General Security Principles

Saltzer/Schroeder Protection of Information in Computer Systems

Sample Work Programs

Federal Financial Institution Examination Council (FFIEC) IT Handbook

CIS Benchmarks – These will be referenced throughout the week

Time-Based Security

Ponemon Study on Breach Cost

Measures and Metrics for Critical Controls v7

NMap

Nmap online man page

Windows

Microsoft Product Lifecycle Policy

Windows lifecycle fact sheet - Windows 10

Windows 10 Release Information

NIST SP800-53

PowerShell

PowerShell 5.1 Online Documentation

PowerShell 6 Online Documentation

PowerShell GitHub Reference Repository

PowerShell Compatibility Matrix - contains Windows and Linux install files

Windows PowerShell cmdlets removed from PowerShell 7.x+

PowerShell Gallery

WMI

DMTF CIM Standard

WMIC on Linux

DMTF CIM Schema

Patch Management

WSUS Third-Party Patching

Microsoft Endpoint Configuration Manager (MECM)

Local Users/Active Directory

Microsoft Local Administrator Password Soultion (LAPS)

List of All AD Schema Attributes

SysInternals AD Explorer

Passwords

Dumping AD Hashes for Cracking

Tool to Extract Hashes

Permissions: Numeric Values for Windows File System Access Controls

Microsoft

Stack Overflow

User Rights

List of Windows User Rights

Microsoft Security Compliance Toolkit

User Rights PowerShell Module

File Integrity Assessment

Tripwire

OSSEC

Group Policy

Microsoft Security Compliance Toolkit

OSQuery/FleetDM

OSQuery

OSQuery Schema

FleetDM

Sans Whitepaper: Open-Source Endpoint Detection and Response with CIS Benchmarks, Osquery, Elastic Stack, and TheHive

Accreditation Checklist References

Center for Internet Security

DISA STIGs

NSA Cyber Security Guidance

GIAC White Papers

NIST National Checklist Program (NCP) repository - Includes Ansible Playbooks, SCAP content, and Prose

File Integrity Monitoring

Tripwire Open Source

OSSEC

Linux/UNIX Patching

Oracle Support Site

Oracle Patch Check Advanced

AIX "oslevel" Command

Alma Linux Security Advisories (ALSA)

Ubuntu Security Notices (USN)

SSH

Mozilla Recommended SSH Settings

NFS

NFSTrace

Systemd

Redhat Systemd Reference Card

Linux Training Academy Systemd Cheat Sheet

Fedora Magazine Seven-Part Series on Systemd

Loggly Article on Systemd Logging

Linux Kernel Live-Patching

Cloud and Containers Audit Resources

NIST Definition of the Cloud

Amazon Shared Responsibility Model

AICPA Sample SOC2 Report Plus CCM

Cloud Security Alliance Cloud Controls Matrix (CSA CCM)

Cloud Security Alliance Security Guidance version 4

Cloud Security Alliance STAR certification program

ENISA Cloud Security Risk Assessment (Dated 2009 but still considered a definitive source)

ENISA Cloud Security for Healthcare Services

Amazon Web Services CSA Star questionnaire

Google Cloud Self-Assessment

Illustrated Children’s Guide to Kubernetes - Video

Illustrated Children’s Guide to Kubernetes - PDF

ISACA Container Auditing Guideline - (Costs USD 50 for non-members)

SANS Reading Room Paper on Docker Auditing

Cloud Security Alliance Container Working Group

General Cloud Guidance/Shared Responsibility

NSA Cloud Guidance

NIST Definition of the Cloud

Amazon Shared Responsibility Model

AICPA sample SOC2 with CCM

AWS Compliance Resources

ElectricEye

Prowler

AWS Security Hub Features

AWS Security Finding Format (ASFF)

Amazon Inspector

Using Chef InSpec profiles with Systems Manager Compliance

AWS Access Analyzer User Guide

AWS Well-Architected Framework

Introduction to Auditing the Use of AWS

How to Audit Your AWS Resources for Security Compliance by Using Custom AWS Config Rules - Amazon Blog Post

AWS Security Best Practices

AWSLabs CIS Benchmark-related Github repo

AWS Security Maturity Model

Cloud Formation Drift Detection

AWS Security Audit Checklist

AWS Pillars of the Well-Architected Framework

ToniBlyx Arsenal of AWS Security Tools

Cloud Provider CLI References

AWS CLI Command Reference

VMWare

VMWare Product Lifecycle Matrix

VMWare Hardware Compatibility Lookup

VMWare vSphere 6.7 Release Notes - (Note the discontinued support for many CPU series)

VMWare vSphere 7.0 Release Notes

VMWare PowerCLI

PowerCLI Cheat Sheet

RobWare RV Tools - VMWare/VCenter Info GUI

HTTP/HTML Intro

Stack Overflow SQL Injections

HTTP Status Codes

Web Services

RESTful APIs (Roy Fielding’s doctoral dissertation)

Amazon S3 REST introduction

Example SOA Web Service

Cookies

Cookies - Mozilla Developer Network

Burp Proxy

PortSwigger Website

PortSwigger Documentation - Trusting the Burp CA Certifciate

OWASP Controls

OWASP Top Ten

OWASP Proactive Controls

Netcraft

Netcraft Site Report

Netcraft Browser Plugin

TLS

OWASP TLS Cheat Sheet

SSLyze TLS Testing Tool

Qualys SSL Labs Site Test

Qualys SSL Labs Server Rating Guide

Mozilla SSL Configuration Generator

Fuzzing

FuzzDB Github Site

Framework/Library Testing

Node Back Door News Story

More Examples of Package Misuse/Abuse 2020

More Examples of Package Misuse/Abuse 2021

Retire.JS testing tool

Wappalyzer

Wappalyzer browser plugins - Chrome

Wappalyzer browser plugins - Firefox

Business Logic and Application Testing

QVC Logic Flaw

OWASP Application Security Verification Standard

Authentication

NIST Digital Identity Guidance

HaveIBeenPwned password checking API

Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery Intro

OWASP CSRF guide

OWASP SameSite Cookie Attribute page

Script Injection (Cross-Site Scripting)

OWASP DOM XSS page

OWASP XSS Prevention Cheat Sheet

SQL Injection

SQLMap

SQLMap Gitub Site

OWASP SQL Injection Prevention Cheat Sheet

NetSparker SQL Injection Tutorial Cheat Sheet

GIAC Exam Resources

GSNA Exam page

GIAC Proctored Exam Information

Leslie Carhart's Exam Index Tips

Matt Toussain's Online Index Builder