常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
☆647Jan 18, 2026Updated 3 months ago
Alternatives and similar repositories for Threat-Analysis-Handbook
Users that are interested in Threat-Analysis-Handbook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等☆1,269Jul 8, 2023Updated 2 years ago
- ATT&CK实操☆373Sep 7, 2019Updated 6 years ago
- 应急相关内容积累☆1,192Sep 14, 2024Updated last year
- 基于Threathunting-book基础上完善的狩猎视角红队handbook☆118Feb 15, 2024Updated 2 years ago
- 红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。☆367Jun 19, 2024Updated last year
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- AD Security Intrusion Detection System☆1,320Mar 31, 2023Updated 3 years ago
- 对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecrypt…☆1,265Mar 16, 2022Updated 4 years ago
- 本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。☆2,813Aug 7, 2022Updated 3 years ago
- CobaltStrike后渗透测试插件☆1,564Oct 28, 2021Updated 4 years ago
- 红队基础设施自动化部署工具☆852Jan 4, 2023Updated 3 years ago
- 分享几个直接可用的内存马,记录一下学习过程中看过的文章☆982Mar 23, 2022Updated 4 years ago
- 记录自己编写、修改的部分工具☆1,465Oct 19, 2025Updated 6 months ago
- 个人域渗透学习笔记☆1,804Feb 7, 2020Updated 6 years ago
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,731Nov 15, 2020Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- 学习安全运营的记录 | The knowledge base of security operation☆895Aug 27, 2023Updated 2 years ago
- PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penetration checklist☆668Feb 24, 2021Updated 5 years ago
- 傻瓜式漏洞PoC测试框架☆1,442Oct 30, 2023Updated 2 years ago
- 各种数据库的利用姿势☆1,034Jan 3, 2025Updated last year
- Nmap&Zmap特征识别,绕过IDS探测☆329Aug 1, 2019Updated 6 years ago
- 各种工具指纹收集分享☆529Nov 3, 2021Updated 4 years ago
- 安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports mult…☆1,270Oct 17, 2023Updated 2 years ago
- 自己学习java安全的一些总结,主要是安全审计相关☆1,699Jan 5, 2022Updated 4 years ago
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,384Jan 16, 2026Updated 3 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,405Jan 18, 2022Updated 4 years ago
- Burp suite 分块传输辅助插件☆2,031Feb 23, 2022Updated 4 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,392Dec 16, 2022Updated 3 years ago
- 用于记录内网渗透(域渗透)学习 :-)☆1,240Nov 9, 2020Updated 5 years ago
- 一款适用于红蓝对抗中的仿真钓鱼系统☆1,539May 30, 2023Updated 2 years ago
- sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆716Aug 3, 2021Updated 4 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆615Dec 29, 2021Updated 4 years ago
- Java漏洞学习笔记 Deserialization Vulnerability☆944Jun 14, 2023Updated 2 years ago
- 《云原生安全:攻防实践与体系构建》资料仓库☆776Feb 19, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- 戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑☆536Oct 25, 2023Updated 2 years ago
- Linux应急处置/信息搜集/漏洞检测工具,支持基础配置/网络流量/任务计划/环境变量/用户信息/Services/bash/恶意文件/内核Rootkit/SSH/Webshell/挖矿文件/挖矿进程/供应链/服务器风险等13类70+项检查☆2,062Jun 19, 2024Updated last year
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,696Mar 14, 2024Updated 2 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆821Sep 4, 2019Updated 6 years ago
- 侦查守卫(ObserverWard)的指纹库☆1,358Updated this week
- 2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~☆4,612Feb 24, 2023Updated 3 years ago
- Bypass firewall for traffic forwarding using webshell☆1,430Sep 29, 2021Updated 4 years ago