blueteam

#安全#SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

#网络爬虫#Maigret 是一个OSINT用户名检查器。输入目标用户名，即可从各大社交网站采集该用户信息的工具。fork自sherlock开源项目

#夺旗赛 (CTF) 和网络安全资源#E-mails, subdomains and names Harvester - OSINT

#夺旗赛 (CTF) 和网络安全资源#精选的Unix二进制文件列表，可以用来绕过错误配置系统中的本地安全限制

#夺旗赛 (CTF) 和网络安全资源#Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Yakit是基于yak语言开发的网络安全单兵工具，旨在打造一个覆盖渗透测试全流程的网络安全工具库。

#速查表 cheatsheets#One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

#Awesome#该仓库汇总了一系列增强安全指南和最佳实践的清单

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

#网络爬虫#Snoop — инструмент разведки на основе открытых данных (OSINT world)

Tools and Techniques for Blue Team / Incident Response

Rapidly Search and Hunt through Windows Forensic Artefacts

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.

HardeningKitty and Windows Hardening Settings

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

Adversary tradecraft detection, protection, and hunting