常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
☆650Apr 30, 2026Updated last month
Alternatives and similar repositories for Threat-Analysis-Handbook
Users that are interested in Threat-Analysis-Handbook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等☆1,272Jul 8, 2023Updated 2 years ago
- ATT&CK实操☆372Sep 7, 2019Updated 6 years ago
- 应急相关内容积累☆1,190Sep 14, 2024Updated last year
- 基于Threathunting-book基础上完善的狩猎视角红队handbook☆119Feb 15, 2024Updated 2 years ago
- 红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。☆369Jun 19, 2024Updated last year
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- AD Security Intrusion Detection System☆1,320Mar 31, 2023Updated 3 years ago
- 对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecrypt…☆1,270Mar 16, 2022Updated 4 years ago
- 本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。☆2,817Aug 7, 2022Updated 3 years ago
- CobaltStrike后渗透测试插件☆1,566Oct 28, 2021Updated 4 years ago
- 红队基础设施自动化部署工具☆852Jan 4, 2023Updated 3 years ago
- 分享几个直接可用的内存马,记录一下学习过程中看过的文章☆985Mar 23, 2022Updated 4 years ago
- 记录自己编写、修改的部分工具☆1,464Oct 19, 2025Updated 7 months ago
- 个人域渗透学习笔记☆1,802Feb 7, 2020Updated 6 years ago
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,732Nov 15, 2020Updated 5 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- 学习安全运营的记录 | The knowledge base of security operation☆900Aug 27, 2023Updated 2 years ago
- PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penetration checklist☆669Feb 24, 2021Updated 5 years ago
- 傻瓜式漏洞PoC测试框架☆1,442Oct 30, 2023Updated 2 years ago
- 各种数据库的利用姿势☆1,034Jan 3, 2025Updated last year
- Nmap&Zmap特征识别,绕过IDS探测☆328Aug 1, 2019Updated 6 years ago
- 安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports mult…☆1,268Oct 17, 2023Updated 2 years ago
- 自己学习java安全的一些总结,主要是安全审计相关☆1,705Jan 5, 2022Updated 4 years ago
- 各种工具指纹收集分享☆528Nov 3, 2021Updated 4 years ago
- KunLun-M — Open-source static code analysis for PHP, JavaScript, Java, with AST-based semantic scanning and one-click AI Agent integratio…☆2,383May 22, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,404Jan 18, 2022Updated 4 years ago
- Burp suite 分块传输辅助插件☆2,033Feb 23, 2022Updated 4 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,397Dec 16, 2022Updated 3 years ago
- 用于记录内网渗透(域渗透)学习 :-)☆1,245Nov 9, 2020Updated 5 years ago
- 一款适用于红蓝对抗中的仿真钓鱼系统☆1,539May 30, 2023Updated 3 years ago
- sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆715Aug 3, 2021Updated 4 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆615Dec 29, 2021Updated 4 years ago
- Java漏洞学习笔记 Deserialization Vulnerability☆944Jun 14, 2023Updated 2 years ago
- 《云原生安全:攻防实践与体系构建》资料仓库☆777Feb 19, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- 戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑☆534Oct 25, 2023Updated 2 years ago
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,694Mar 14, 2024Updated 2 years ago
- Linux应急处置/信息搜集/漏洞检测工具,支持基础配置/网络流量/任务计划/环境变量/用户信息/Services/bash/恶意文件/内核Rootkit/SSH/Webshell/挖矿文件/挖矿进程/供应链/服务器风险等13类70+项检查☆2,075Jun 19, 2024Updated last year
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆819Sep 4, 2019Updated 6 years ago
- 侦查守卫(ObserverWard)的指纹库☆1,384Updated this week
- 2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~☆4,606Feb 24, 2023Updated 3 years ago
- Bypass firewall for traffic forwarding using webshell☆1,429Sep 29, 2021Updated 4 years ago