Study Notes

Binary Exploitation
BSD
- FreeBSD
CCTV
Computer Science
Cryptography
- Asymmetric-Encryption
  - RSA
- Encoding
  - Base64
  - URL Encoding
- Hash Functions
  - MD5
- Password Hashing
  - LM Hash
- Symmetric Encryption
  - Block Ciphers
    - AES
    - DES
Defensive Security
- Elastic
- Malware Analysis
- MITRE
  - MITRE ATT&CK
- Splunk
DIY
- Cantenna
GNU / Linux
- Story
- Debian
  - Debian Package Manager
  - Firmware
- GNU coreutils
  - What is GNU coreutils
  - Basic operations
    - cp
    - dd
    - mv
    - rm
    - shred
  - Changing file attributes
    - chgrp
    - chmod
    - chown
    - touch
  - Directory listing
    - dir
    - ls
    - vdir
  - File permissions
  - File space usage
    - df
    - du
  - Output of entire files
    - base64
    - cat
    - tac
  - Output of parts of files
    - head
    - tail
  - Printing text
    - echo
    - printf
  - Process control
    - kill
  - Redirection
    - tee
  - Special file types
    - mkdir
  - Summarizing files
    - wc
  - System context
    - arch
    - date
    - hostname
    - uname
    - uptime
  - User information
    - groups
    - id
    - logname
    - pinky
    - users
    - who
    - whoami
  - Working context
    - pwd
- Linux Networking
- Shell
  - ls alieas
  - Shell Commands
  - Shell Variables
- System
  - services (daemons)
- Users
  - su (switch user)
  - Users
Hardware
- ESP32
- GPIO
- Integrated circuit
- microcontroller
- PN532
- RC522
- RTOS
K&R
- Ch 1 - A Tutorial Introduction
macOS
Networking
- Ethernet
- Networking Fundamentals
- Ports
- Pivoting
- Protocols
  - Networking Protocol?
  - ARP
  - DHCP
  - DNS
    - DNS Attacks
    - DNS Fundamentals
  - FTP
  - ICMP
  - RTSP
  - SSH
    - (0) What is SSH
    - OpenSSH
  - TCP
  - UDP
- Proxy
  - Proxy Fundamentals
- VPN
- Wireless
  - (0) Fundamentals
  - Bluetooth
  - NFC
  - RFID
  - Wi-Fi
    - Wi-Fi Alliance
Offensive Security
- Malware Development
Scripting & Automation
- DQ
- Regular Expression
- Shells
Tools
- Nmap
  - Nmap Options
  - What is Nmap
VCS
- What is VCS / Git / GitHub
- Git
- GitHub
  - GitHub Setup and Config
Virtualization
- Virtualization Fundamentals
Web Application Security
- HTTP Headers
  - Content Security Policy (CSP)
Windows
- Microsoft Management Console (MMC)
- Windows NT & MS-DOS
- Active Directory
  - AD Fundamentals
  - AD Attacks & Defense
    - AS-REProasting
    - Kerberoasting
  - AD Protocols
    - DNS in AD
    - Kerberos
    - LDAP
    - MSRPC
    - NTLM
  - AD Users
- File Systems
- Powershell
  - cmdlet
    - cmdlet (command-let)
    - cmdlet commands
      - Active Directory
        
        -Properties
        
        Get-ADGroup
        
        Get-ADUser
- Windows Event Logs
  - EventLog & Event Viewer
  - Get-WinEvent

ONVIF (Open Network Video Interface Forum)

ONVIF is an industry standard and interoperability initiative for IP-based physical security products. It defines how devices such as IP cameras, network video recorders (NVRs), video management systems (VMS), access-control systems, and analytics platforms communicate with each other over a network.

In practical terms, ONVIF exists so that equipment from different manufacturers can work together without requiring proprietary integrations.

ONVIF Profiles

One of the most important ONVIF concepts is the Profile.

Profile	Real Purpose
S	Basic IP camera streaming
T	Modern streaming + H.265 + analytics
G	Recording/playback/storage
M	AI metadata/analytics
A	Access control
C	Door/access events

A profile is a predefined feature set that guarantees compatibility for a specific use case.

Profile S

Streaming Profile. Most common profile. Supports:

Video streaming
Audio streaming
PTZ
Metadata

Used by:

IP cameras
NVRs
VMS platforms

Profile G

Recording & Storage. Supports:

Edge storage
Playback
Recording management

Useful for SD-card recording cameras and NVR integration.

Profile T

Profile T is essentially the successor to Profile S. Supports:

H.265
Advanced analytics metadata
Improved streaming
Motion regions

Widely used in modern AI-enabled cameras.

Profile M

Metadata & Analytics. Focused on:

Object detection
AI metadata
Bounding boxes
Analytics interoperability

Used in smart surveillance systems.

Profile A & C

Access Control. Supports:

Door controllers
Credential management
Access events

Technical Architecture

Technology	Purpose
SOAP/XML	Control messaging
HTTP/HTTPS	Transport
WS-Discovery	Device discovery
RTSP	Video streaming
RTP	Media transport
XML schemas	Data structure

Historically ONVIF relied heavily on SOAP web services.

Authentication

ONVIF commonly supports:

Username/password
HTTP Digest Authentication
WS-Security
TLS/HTTPS

Security quality varies significantly between vendors.