songh's repositories
ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
awesome-threat-detection
A curated list of awesome threat detection and hunting resources
clair
Vulnerability Static Analysis for Containers
coreruleset
OWASP ModSecurity Core Rule Set (Official Repository)
envoy
Cloud-native high-performance edge/middle/service proxy
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
gpt4free
decentralising the Ai Industry, just some language model api's...
ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
modsecurity-docker
The official ModSecurity Docker images
MrKaplan
MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
octosuite
Advanced Github OSINT Framework
openvas-scanner
This repository contains the scanner component for Greenbone Vulnerability Management (GVM). If you are looking for the whole OpenVAS framework please take a look at https://community.greenbone.net/t/frequently-asked-questions-faq/5558.
ossim
Core OSSIM (Open Source Software Image Map) package including C++ code for OSSIM library, command-line applications, tests, and build system
packj
The vetting tool 🚀 behind our large-scale security analysis platform to detect malicious/risky open-source packages
QingScan
一个漏洞扫描器粘合剂,添加目标后30款工具自动调用;支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证,SSH批量测试、vulmap。
RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
scope
Monitoring, visualisation & management for Docker & Kubernetes
Security-Datasets
Re-play Security Events
SikuliX1
SikuliX version 2.0.0+ (2019+)
skywalking
APM, Application Performance Monitoring System
skywalking-banyandb
An observability database aims to ingest, analyze and store Metrics, Tracing and Logging data.
Slides
Misc Threat Hunting Resources
suricata
Suricata git repository maintained by the OISF
sysmon-config
Sysmon configuration file template with default high-quality event tracing
ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
ThreatHunting-2
Tools for hunting for threats.
wechatBot
微信每日说,三步教你用Node做一个微信哄女友(基友)神器!还能帮女朋友解决垃圾分类难题
yakit
Cyber Security ALL-IN-ONE Platform
yingji
应急相关内容积累