ADFS, Federation and Single Sign Out

AD FS: How to Invoke a WS-Federation Sign-Out http://social.technet.microsoft.com/wiki/contents/articles/1439.ad-fs-how-to-invoke-a-ws-federation-sign-out.aspx

Single Sign Off between RP’s, ADFS and Custom STS’s http://social.msdn.microsoft.com/Forums/en-US/Geneva/thread/bfea7540-dc3a-4568-b9c5-6bc93b705340/

ADFS 2.0 content map http://social.technet.microsoft.com/wiki/contents/articles/2735.ad-fs-2-0-content-map.aspx

OAUTH

OWIN/Katana

Claims language

SharePoint 2013

Installing SharePoint 2013 pre-requisites on Windows Server 2012 R2

Configure an environment for apps for SharePoint (SharePoint 2013) http://technet.microsoft.com/en-us/library/fp161236.aspx

Plan for apps for SharePoint 2013 http://technet.microsoft.com/en-us/library/fp161237.aspx

Create SharePoint 2013 Claims Web Application With PowerShell http://gallery.technet.microsoft.com/office/Create-SharePoint-2013-1d7c3337

SharePoint 2013 offline installation http://spdevlab.com/2013/05/31/offline-sharepoint-2013-installation-recap-2/

Office Web Apps

Planning

Configuring Office Web Apps

Business Intelligence

BI Scenarios

Design

Develop a design

Master page

Composed look

Azure Service Bus authentication and federation

Securing and authenticating azure service bus relay messages using a shared secret http://acaseyblog.wordpress.com/2013/03/22/securing-and-authenticating-azure-service-bus-relay-messages-using-a-shared-secret/

Accessing a Service on the Windows Azure Service Bus from Windows Phone 7 http://michaelcollier.wordpress.com/2011/08/19/azure-sb-and-wp7/

.NET On-Premises/Cloud Hybrid Application Using Service Bus Relay http://www.windowsazure.com/en-us/develop/net/tutorials/hybrid-solution/

WCF service using Azure relay and ADFS authentication http://blog.repsaj.nl/?p=870

Federated Authentication for Windows Azure Service Bus http://msdn.microsoft.com/en-us/library/jj136813.aspx

Federating Windows Azure Service Bus & Access Control Service with a custom STS: thinktecture IdentityServer helps with more real-world-ish Relay and Brokered Messaging http://weblogs.thinktecture.com/cweyer/2012/09/federating-windows-azure-service-bus-access-control-service-with-a-custom-sts-thinktecture-identityserver-helps-with-more-r.html

Choosing Authentication for a Service Bus Application http://msdn.microsoft.com/en-us/library/windowsazure/dd582752.aspx

Choosing a Type of Relay Authentication http://msdn.microsoft.com/en-us/library/windowsazure/dd582766.aspx

Service Bus Authentication and Authorization with the Access Control Service http://msdn.microsoft.com/en-us/library/windowsazure/hh403962.aspx

How to Use the Service Bus Relay Service http://www.windowsazure.com/en-us/develop/net/how-to-guides/service-bus-relay/

How to: Configure AD FS 2.0 as an Identity Provider http://msdn.microsoft.com/en-us/library/gg185961.aspx

How to: Create a Federated Client http://msdn.microsoft.com/en-us/library/ms731690.aspx

How to: Create a Security Token Service http://msdn.microsoft.com/en-us/library/ms733095.aspx

Identity delegation with ADFS 2.0 http://technet.microsoft.com/en-us/library/adfs2-identity-delegation-step-by-step-guide(WS.10).aspx

Hacker tools you should know and worry about

From TechEd 2013

Hussain Alshakarti, Marcus Murray


Fiddler man in the middle extension. Modifies input field to javascript post on every change.

nmap. Nework mapper and scanner.

hydra. brute force password attack various services. Can be used as denial of service. http://www.thc.org/thc-hydra/

air-crack. airdump – sniff & capture packets, aircrack-ng – crack password, airbase – dummy access points.

wireshark

ncat. http://nmap.org/download.html

axpshell.aspx

mssqlscan.cmd

tssql.exe. SQL brute force.

sqlshell.exe.

remotecopy.

gsecdump.

wce.exe. Windows Credentials Editor.

mimikatz. Extract passwords and certificates from memory.

iodine. DNS tunnelling server.

metaploit. meterpreter – steal_token [pid].

Core Impact commercial framework

john. the ripper

inception – firewire emulator. http://breaknenter.org/projects/inception

firewire – direct memory access.

pci express card. http://www.windowsscope.com/. Memory controller – disable direct memory access.