#安全#SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
#网络爬虫#Maigret 是一个OSINT用户名检查器。输入目标用户名,即可从各大社交网站采集该用户信息的工具。fork自sherlock开源项目
#夺旗赛 (CTF) 和网络安全资源#E-mails, subdomains and names Harvester - OSINT
翻译 - 电子邮件,子域和名称Harvester-OSINT
#夺旗赛 (CTF) 和网络安全资源#精选的Unix二进制文件列表,可以用来绕过错误配置系统中的本地安全限制
#夺旗赛 (CTF) 和网络安全资源#Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Yakit是基于yak语言开发的网络安全单兵工具,旨在打造一个覆盖渗透测试全流程的网络安全工具库。
#速查表 cheatsheets#One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
翻译 - 所有默认凭据的一个地方,可以帮助蓝色/红色团队成员活动查找具有默认密码password️的设备
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
翻译 - 不会吸的信息安全参考
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
翻译 - Kubernetes山羊是一个“易受设计攻击的” Kubernetes集群。
#网络爬虫#Snoop — инструмент разведки на основе открытых данных (OSINT world)
翻译 - Snoop-开源情报工具
Rapidly Search and Hunt through Windows Forensic Artefacts
翻译 - 快速搜索和搜寻 Windows 事件日志
Tools and Techniques for Blue Team / Incident Response
Investigate malicious Windows logon by visualizing and analyzing Windows event log
翻译 - 通过可视化和分析Windows事件日志来调查恶意Windows登录
Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.
翻译 - 网络管道工手册的免费副本
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
翻译 - 真实情报威胁分析
HardeningKitty and Windows Hardening Settings
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
Adversary tradecraft detection, protection, and hunting
翻译 - Windows内核探索和跟踪工具