常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
☆646Jan 18, 2026Updated 2 months ago
Alternatives and similar repositories for Threat-Analysis-Handbook
Users that are interested in Threat-Analysis-Handbook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等☆1,266Jul 8, 2023Updated 2 years ago
- ATT&CK实操☆373Sep 7, 2019Updated 6 years ago
- 应急相关内容积累☆1,191Sep 14, 2024Updated last year
- 基于Threathunting-book基础上完善的狩猎视角红队handbook☆117Feb 15, 2024Updated 2 years ago
- 红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。☆366Jun 19, 2024Updated last year
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- AD Security Intrusion Detection System☆1,321Mar 31, 2023Updated 2 years ago
- 对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecrypt…☆1,261Mar 16, 2022Updated 4 years ago
- 本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。☆2,809Aug 7, 2022Updated 3 years ago
- CobaltStrike后渗透测试插件☆1,562Oct 28, 2021Updated 4 years ago
- 红队基础设施自动化部署工具☆852Jan 4, 2023Updated 3 years ago
- 分享几个直接可用的内存马,记录一下学习过程中看过的文章☆980Mar 23, 2022Updated 4 years ago
- 记录自己编写、修改的部分工具☆1,465Oct 19, 2025Updated 5 months ago
- 个人域渗透学习笔记☆1,802Feb 7, 2020Updated 6 years ago
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,733Nov 15, 2020Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- 学习安全运营的记录 | The knowledge base of security operation☆889Aug 27, 2023Updated 2 years ago
- PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penetration checklist☆667Feb 24, 2021Updated 5 years ago
- 傻瓜式漏洞PoC测试框架☆1,442Oct 30, 2023Updated 2 years ago
- 各种数据库的利用姿势☆1,033Jan 3, 2025Updated last year
- Nmap&Zmap特征识别,绕过IDS探测☆329Aug 1, 2019Updated 6 years ago
- 各种工具指纹收集分享☆529Nov 3, 2021Updated 4 years ago
- 自己学习java安全的一些总结,主要是安全审计相关☆1,697Jan 5, 2022Updated 4 years ago
- 安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports mult…☆1,271Oct 17, 2023Updated 2 years ago
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,382Jan 16, 2026Updated 2 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,405Jan 18, 2022Updated 4 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,392Dec 16, 2022Updated 3 years ago
- 用于记录内网渗透(域渗透)学习 :-)☆1,240Nov 9, 2020Updated 5 years ago
- 一款适用于红蓝对抗中的仿真钓鱼系统☆1,537May 30, 2023Updated 2 years ago
- Burp suite 分块传输辅助插件☆2,029Feb 23, 2022Updated 4 years ago
- sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆715Aug 3, 2021Updated 4 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆614Dec 29, 2021Updated 4 years ago
- 《云原生安全:攻防实践与体系构建》资料仓库☆777Feb 19, 2023Updated 3 years ago
- Java漏洞学习笔记 Deserialization Vulnerability☆946Jun 14, 2023Updated 2 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- 戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑☆536Oct 25, 2023Updated 2 years ago
- Linux应急处置/信息搜集/漏洞检测工具,支持基础配置/网络流量/任务计划/环境变量/用户信息/Services/bash/恶意文件/内核Rootkit/SSH/Webshell/挖矿文件/挖矿进程/供应链/服务器风险等13类70+项检查☆2,059Jun 19, 2024Updated last year
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,694Mar 14, 2024Updated 2 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆819Sep 4, 2019Updated 6 years ago
- 侦查守卫(ObserverWard)的指纹库☆1,341Mar 23, 2026Updated last week
- 2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~☆4,612Feb 24, 2023Updated 3 years ago
- Bypass firewall for traffic forwarding using webshell☆1,431Sep 29, 2021Updated 4 years ago