#安全#SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
#网络爬虫#Maigret 是一个OSINT用户名检查器。输入目标用户名,即可从各大社交网站采集该用户信息的工具。fork自sherlock开源项目
#夺旗赛 (CTF) 和网络安全资源#E-mails, subdomains and names Harvester - OSINT
#夺旗赛 (CTF) 和网络安全资源#精选的Unix二进制文件列表,可以用来绕过错误配置系统中的本地安全限制
#夺旗赛 (CTF) 和网络安全资源#Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Yakit是基于yak语言开发的网络安全单兵工具,旨在打造一个覆盖渗透测试全流程的网络安全工具库。
#速查表 cheatsheets#One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
#网络爬虫#Snoop — инструмент разведки на основе открытых данных (OSINT world)
Rapidly Search and Hunt through Windows Forensic Artefacts
Tools and Techniques for Blue Team / Incident Response
Investigate malicious Windows logon by visualizing and analyzing Windows event log
Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
HardeningKitty and Windows Hardening Settings
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
Adversary tradecraft detection, protection, and hunting