0x783kb / Security-Operation-Book
常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
☆603Updated 3 months ago
Related projects: ⓘ
- ATT&CK实操☆366Updated 5 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆810Updated 5 years ago
- ☆392Updated last year
- Oscp study group☆333Updated 3 years ago
- Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等☆1,117Updated last year
- 威胁情报播报☆372Updated this week
- Cooolis-ms是一个包含了Metasploit Payload Loader、Cobalt Strike External C2 Loader、Reflective DLL injection的代码执行工具,它的定位在于能够在静态查杀上规避一些我们将要执行且含有特征的…☆909Updated last month
- Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。☆966Updated 2 years ago
- Red-Team Attack Guid☆250Updated 3 years ago
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,676Updated 3 years ago
- 红队基础设施自动化部署 工具☆844Updated last year
- 侦查守卫(ObserverWard)的指纹库☆989Updated this week
- LSTAR - CobaltStrike 综合后渗透插件☆1,124Updated 2 years ago
- CobaltStrike后渗透测试插件☆1,463Updated 2 years ago
- ☆447Updated 11 months ago
- 2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。☆839Updated 5 years ago
- Kunyu, more efficient corporate asset collection☆1,003Updated last year
- 通过jsp脚本扫描java web Filter/Servlet型内存马☆813Updated last year
- A flexible scanner☆1,105Updated 3 months ago
- Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势☆1,349Updated 2 years ago
- 破解的cs4.0、cs4.0官方手册翻译和一些笔记☆396Updated 4 years ago
- Bypass firewall for traffic forwarding using webshell 一款使用webshell进行流量转发的出网工具☆1,363Updated 2 years ago
- OpenSource Poc && Vulnerable-Target Storage Box.☆671Updated last year
- EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation☆606Updated last year
- 用于记录内网渗透(域渗透)学习 :-)☆1,073Updated 3 years ago
- 恶意代码逃逸源代码 http://payloads.online☆725Updated 2 years ago
- 域渗透一条龙☆714Updated 2 years ago
- POC&EXP仓库、hvv弹药库、Nday、1day☆979Updated last year
- Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。☆850Updated last year
- 戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑☆454Updated 10 months ago