Alternatives Digital Products Services

23 February 2025

Alternatives to digital technology and services #

I will attempt to compile and share web sites, podcasts, companies, and technolgies that provide an alternative to the dominant, and often centric, companies.

European Alternatives
European alternatives for digital products
We help you find European alternatives for digital service and products, like cloud services and SaaS products.

Canadian Tech This site indexes technology companies and services based in Canada, as an alternative to the big tech giants. The resources listed here are provided freely, with no specific criteria other than being made available by Canadian organizations or companies. This site is not affiliated with any company or government entity. While we strive to provide safe and accurate information, we can’t guarantee the safety of external links. Use your own discretion.

Fake Linked on Job Posts

4 December 2023

Fake Job Posts on LinkedIn. #

Always be alert, suspicious and verify before even clicking. #

There’s been several posts in the media, articles and blogs by people describing how LinkedIn is being used to recruit, deceive, or scam job seekers.

I am receiving emails with job offers with “High experience match”, “High skills match”, or “Be first to apply” LinkedIn [pretend] labels.

I checked “Fudan University” in Hafnarfjörður (On-site) under the Icelandic Yellow Pages, nothing found: “Engar niðurstöður fundust fyrir „fudan university“ Ástæðan gæti verið að leitarorðið er rangt skrifað eða ekki á skrá.” Google Translate: “No results found for “fudan university” The reason could be that the keyword is misspelled or not in the file.” https://ja.is/?q=fudan%20university

OWASP Wrong Secrets

2 October 2023

OWASP Wrong Secrets #

I came across this resource from OWASP. I’m yet to give it a try but it looks great.It’s a series of challenges which aim at teaching how to recognize common mistakes when it comes to handling secrets and the secret strategy. 
OWASP Github https://github.com/OWASP/wrongsecrets

EU Pilot European Digital Skills

2 May 2023

There is a pilot European Digital Skills Certificate.

I hope this works and becomes a true alternative to those expensive security certificates out there. “…mutual recognition of digital skills certifications by governments, employers and other stakeholders across Europe. It should allow people to indicate their level of digital competence corresponding to the DigComp proficiency levels and encourage individuals to acquire new digital skills.”

https://education.ec.europa.eu/focus-topics/digital-education/action-plan/action-9 #eu #EuropeanYearOfSkills #EUDigitalEducation #security #cybersecurity #securite #certification

ACM Policy AI Survey

24 March 2023

Organizations and institutions are shifting gears to address the use of AI in their respective fields. I’m happy to see that ACM is looking for feedback to update the authorship policy.

====

ACM is updating its authorship policy to address the use of Artificial Intelligence tools for authoring research papers and to provide clear guidelines to the community for the appropriate use of these tools in ACM Publications.

The ACM Publications Board which oversees ACM Publications Policy is seeking your feedback on this draft policy. Your valued feedback will be shared with and considered carefully by the ACM Publications Board prior to finalizing the updated policy.

Kali Purple

14 March 2023

Kali Purple.
#

This is a defensive security distro. It includes a new tools:

• Arkime full packet capture
• Cyberchef
• Elasticsearch SIEM
• GVM vulnerability scanner
• TheHive incident response platform
• Malcolm
• Suricata IDS
• Zeek ID
  From the DevOps perspective, this one caught my attention is Kubernetes-Helm - An open-source Kubernetes package management platform.
  https://gitlab.com/kalilinux/kali-purple/documentation/-/wikis/home #security #cybersecurity #kalilinux #devops #kubernetes

Github Secret Scanning

3 March 2023

Github has now free secret scanning and alerts (on public repos). It’s always beneficial to have visibility. Intentionally, by mistake, temporarily, secrets often find their way into repos. #github #secrets #devops #devsecops #security #cybersecurity https://github.blog/2023-02-28-secret-scanning-alerts-are-now-available-and-free-for-all-public-repositories/

Fraud Tragedies

6 February 2023

Fraud and Tragedies: a reminder #

Fraudsters often take advantage of tragedies, like the recent earthquakes in #turkey and #syria. This is a friendly reminder to be specially mindful of phishing emails and fraudulent communications. Always verify URL links!

If you want to donate do it via official and known establishments.

#phishing #fraud #donate #donations #turquie #turquia #cybersecurityawareness #security #securityawareness

Cybersecurity Resources

16 January 2023

Blogs, cybersecurity news sites, and resources I come across #

Pentesting #

• https://github.com/TCM-Course-Resources/Practical-Ethical-Hacking-Resources
• pentestmonkey
  • pentestmonkey: reverse shell cheat sheet
• https://tryhackme.com/
• https://www.hackthebox.com/
• https://www.offensive-security.com/

Writing a report #

• https://github.com/hmaverickadams/TCM-Security-Sample-Pentest-Report
• Tool, pckg to install https://github.com/blacklanternsecurity/writehat

Containers #

• https://github.com/krol3/container-security-checklist

News sites #

• https://thehackernews.com
• https://thehackernews.com/
• https://www.theregister.com/
• https://www.schneier.com/
• https://www.bleepingcomputer.com
• https://nakedsecurity.sophos.com/
• https://gru.gq/
• https://risky.biz/

OSINT Search Engines #

• Shodan search engine

Github projects #

• Password audit, brute force crack of authentication systems: https://github.com/vanhauser-thc/thc-hydra
  • https://kalilinuxtutorials.com/thc-hydra/

Certifications #

• EC Council

Cybersecurity Search Engines #

Daniel Kelly, 22 Aug 2023, LinkedIn

1. DeHashed—View leaked credentials.
2. SecurityTrails—Extensive DNS data.
3. DorkSearch—Really fast Google dorking.
4. ExploitDB—Archive of various exploits.
5. ZoomEye—Gather information about targets.
6. Pulsedive—Search for threat intelligence.
7. GrayHatWarfare—Search public S3 buckets.
8. PolySwarm—Scan files and URLs for threats.
9. Fofa—Search for various threat intelligence.
10. LeakIX—Search publicly indexed information.
11. DNSDumpster—Search for DNS records quickly.
12. FullHunt—Search and discovery attack surfaces.
13. AlienVault—Extensive threat intelligence feed.
14. ONYPHE—Collects cyber-threat intelligence data.
15. Grep App—Search across a half million git repos.
16. URL Scan—Free service to scan and analyse websites.
17. Vulners—Search vulnerabilities in a large database.
18. WayBackMachine—View content from deleted websites.
19. Shodan—Search for devices connected to the internet.
20. Netlas—Search and monitor internet connected assets.
21. CRT sh—Search for certs that have been logged by CT.
22. Wigle—Database of wireless networks, with statistics.
23. PublicWWW—Marketing and affiliate marketing research.
24. Binary Edge—Scans the internet for threat intelligence.
25. GreyNoise—Search for devices connected to the internet.
26. Hunter—Search for email addresses belonging to a website.
27. Censys—Assessing attack surface for internet connected devices.
28. IntelligenceX—Search Tor, I2P, data leaks, domains, and emails.
29. Packet Storm Security—Browse latest vulnerabilities and exploits.
30. SearchCode—Search 75 billion lines of code from 40 million projects

Bug Bounty #

How I’d Get Into Bug Bounty Hunting: A Practical Guide #

Daniel Kelly, Apr 22, 2023 Daniel Kelly

Podcasts

12 January 2023

Podcasts I come across #

Security, Cybersecurity #

• Darknet Diaries https://darknetdiaries.com/
• Defensive Security https://defensivesecurity.org/
• Open Source Security https://opensourcesecurity.io/category/podcast/, RSS, Spotify, iTunes
• Smashing Security RSS, Graham Cluley, Spotify, Apple Podcast, Google Podcast

DevOps, DevSecOps #

• Change Log https://changelog.com/podcasts