diff options
author | Eduardo Julian | 2022-06-30 13:26:43 -0400 |
---|---|---|
committer | Eduardo Julian | 2022-06-30 13:26:43 -0400 |
commit | e853e9340d41724a86c9c0a837d86b2764bfcbab (patch) | |
tree | 1ea4cf881ef6ce6ab38b7ab556106be760a3c8d4 /documentation/bookmark/security | |
parent | 664e02d1b5e5aa479869c4e17ec4128f5cfd04e2 (diff) |
Better naming for measure/quantity types.
Diffstat (limited to '')
-rw-r--r-- | documentation/bookmark/security.md | 23 | ||||
-rw-r--r-- | documentation/bookmark/security/breach.md | 6 |
2 files changed, 29 insertions, 0 deletions
diff --git a/documentation/bookmark/security.md b/documentation/bookmark/security.md index bb88f8a3f..8cbde16c8 100644 --- a/documentation/bookmark/security.md +++ b/documentation/bookmark/security.md @@ -1,84 +1,103 @@ # ID +0. []() 0. [Code Smell 120 - Sequential IDs](https://maximilianocontieri.com/code-smell-120-sequential-ids) # Anti-Debugging +0. []() 0. [JavaScript AntiDebugging Tricks](https://x-c3ll.github.io/posts/javascript-antidebugging/) # Supply chain +0. []() 0. [chainguard](https://chainguard.dev/) # Restraint | Sand-boxing +0. []() 0. [JavaScript Restrictor](https://polcak.github.io/jsrestrictor/) # Memory +0. []() 0. [Provably Safe Pointers for a Parallel World](https://www.youtube.com/watch?v=ugf58HNd7Rg) # User/human-level +0. []() 0. [Securing your development environment](https://stsewd.dev/posts/securing-your-dev-environment/) 0. [Security Checklist: Tools and resources designed to improve your online privacy, safety, and security.](https://brianlovin.com/security) # Secrets | Confidentiality +0. []() 0. [ConfLLVM: A Compiler for Enforcing Data Confidentiality in Low-level Code](https://www.microsoft.com/en-us/research/publication/an-instrumenting-compiler-for-enforcing-confidentiality-in-low-level-code/) 0. [How to Handle Secrets on the Command Line](https://smallstep.com/blog/command-line-secrets/) # Capability +0. []() 0. [A Comparison of the Capability Systems of Encore, Pony and Rust](https://uu.diva-portal.org/smash/get/diva2:1363822/FULLTEXT01.pdf) # Homomorphic encryption +0. []() 0. https://github.com/Microsoft/SEAL # Privacy +0. []() 0. [Programming Differential Privacy](https://uvm-plaid.github.io/programming-dp/intro.html) 0. https://privacypatterns.org/ # Inspiration +0. []() 0. [Kasm: Desktop and Browser Isolation Platform](https://www.kasmweb.com/) 0. https://www.mailvelope.com # Finger-printing +0. []() 0. [How Browser Fingerprinting Works](https://kevq.uk/how-browser-fingerprinting-works/) 0. https://github.com/Valve/fingerprintjs2 # Access Control List +0. []() 0. [Capirca: Multi-platform ACL generation system](https://github.com/google/capirca) # Return-oriented programming +0. []() 0. https://github.com/immunant/selfrando # Static analysis +0. []() 0. [Cam Tenny - Beyond the Paper - End-to-End Program Analysis](https://www.youtube.com/watch?v=hmDz0Rv6hKI) 0. https://www.curry-on.org/2019/sessions/beyond-the-paper-end-to-end-program-analysis.html # Programming language +0. []() 0. [Secure Compilation](https://blog.sigplan.org/2019/07/01/secure-compilation/) # Cautionary tale +0. []() 0. [Thou Shalt Not Depend on Me: A look at JavaScript libraries in the wild](https://queue.acm.org/detail.cfm?id=3205288) 0. https://medium.com/@nodepractices/were-under-attack-23-node-js-security-best-practices-e33c146cb87d # Surface area +0. []() 0. [Towards Automated Application-Specific Software Stacks](https://arxiv.org/pdf/1907.01933.pdf) # Vulnerability +0. []() 0. [Big List of Naughty Strings](https://github.com/minimaxir/big-list-of-naughty-strings) 0. [SAML is insecure by design](https://joonas.fi/2021/08/saml-is-insecure-by-design/) 0. [Against Cipher Agility in Cryptography Protocols](https://paragonie.com/blog/2019/10/against-agility-in-cryptography-protocols) @@ -96,6 +115,8 @@ # Reference +0. []() +0. [Suricata: the leading independent open source threat detection engine](https://suricata.io/) 0. [CS 253 Web Security](https://web.stanford.edu/class/cs253/) 0. [Secure By Design](https://www.amazon.com/Secure-Design-Daniel-Deogun/dp/1617294357) 0. [Intro to Just-In-Time Access](https://compliance.dev/2021/04/29/introduction-to-just-in-time-access/) @@ -133,5 +154,7 @@ 0. [Information Technology — Programming languages — Guidance to avoiding vulnerabilities in programming languages](http://www.open-std.org/jtc1/sc22/wg23/docs/ISO-IECJTC1-SC22-WG23_N0751-tr24772-1-after-pre-meeting-51-webex-20171016.pdf) # Control-flow integrity + +0. []() 0. [On the Effectiveness of Type-based Control Flow Integrity](https://sajjadium.github.io/files/acsac2018typecfi_paper.pdf) diff --git a/documentation/bookmark/security/breach.md b/documentation/bookmark/security/breach.md new file mode 100644 index 000000000..2d9e92ebf --- /dev/null +++ b/documentation/bookmark/security/breach.md @@ -0,0 +1,6 @@ +# Reference + +0. []() +0. [Canary Tokens](https://canarytokens.org/generate) + 0. [Canarytokens.org - Quick, Free, Detection for the Masses](https://blog.thinkst.com/p/canarytokensorg-quick-free-detection.html) + |