打造一套全面防护的生态体系
全防护生态体系,集成所有的防护体系,打造较为完整的安全防护项目。
- 便于本地复盘防护方法,防护个人和组织的信息安全。
- 流量分析包采用 wireshark/netsniff-ng 等
- IPS/IDS 采用 snort/suricata
- WAF 采用 modsecurity
- HonneyPot 采用tpot
- 威胁情报 采用 MISP
- 日志体系采用 ELK
- 一天的热度,觉得索然无味,还是回去弄扫描器了。
Type: Organization
打造一套全面防护的生态体系
全防护生态体系,集成所有的防护体系,打造较为完整的安全防护项目。
automated penetration toolkit
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Damn Vulnerable Web Application Docker container
Damn Vulnerable Web Application (DVWA)
应急响应实战笔记,一个安全工程师的自我修养。
Docker image for Fluentd
GRR Rapid Response: remote live forensics for incident response
Credentials catching honeypot
jxwaf-mini server
Kali Linux工具清单
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
ModSecurity v3 Nginx Connector
CODO是一款为用户提供企业多混合云、一站式DevOps、自动化运维、完全开源的云管理平台、自动化运维平台
The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Passive Real-time Asset Detection System
Real Intelligence Threat Analytics
An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
Linux distro for intrusion detection, enterprise security monitoring, and log management
tengine+modesecurity 打造Web防火墙,并且产生日志存储到 fluentd -> mongodb -> mysql; 下一个版本直接从Mongo到establish
bili开放API可以下载视频 用models.py 但是太慢了。有时候
Install Some Kali Tools In Ubuntu1604
🚀Vulfocus 是一个漏洞集成平台,将漏洞环境 docker 镜像,放入即可使用,开箱即用。
使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
👮🏻♂️ xss 攻防靶场,issues 有答案
xx-scan 开源漏洞扫描器。 结合openvas/nessus/vuls/sn1per/nicto2/vulscan/wpscan/descver/yasuo..等扫描器。 结合 celerytalks的设计**打造出最强的并发扫描器。
结合 awesome-security上的主流防护工具,集成IPS、WAF、蜜罐、分析情报等一体化分析管理工具。
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.