9.11. 防御

9.11. 防御

9.11.1. 日志检查

• Sysmon
• LastActivityView
• Regshot

9.11.2. 终端监控

• attack monitor Endpoint detection & Malware analysis software
• artillery The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.
• urita Anomaly detection framework @ PayPal

9.11.3. XSS防护

• js xss
• DOMPurify
• google csp evaluator

9.11.4. 配置检查

• Attack Surface Analyzer analyze operating system’s security configuration for changes during software installation.
• gixy Nginx 配置检查工具
• dockerscan Docker security analysis & hacking tools

9.11.5. 安全检查

• lynis
• linux malware detect

9.11.6. IDS

• ossec
• yulong
• AgentSmith

9.11.7. SIEM

• panther Detect threats with log data and improve cloud security posture

9.11.8. 威胁情报

• threatfeeds
• abuseipdb

9.11.9. APT

• APT Groups and Operations
• APTnotes

9.11.10. 入侵检查

• huorong
• check rootkit
• rootkit hunter
• PC Hunter
• autoruns

9.11.11. 进程查看

• Process Explorer
• ProcessHacker

9.11.12. Waf

• naxsi
• ModSecurity
• ngx_lua_waf
• OpenWAF

9.11.13. 病毒在线查杀

• virustotal
• virscan
• habo

9.11.14. WebShell查杀

• D盾
• 深信服WebShell查杀

9.11.15. IoC

• malware ioc
• fireeye public iocs
• signature base
• yara rules

9.11.16. 内存取证

• SfAntiBotPro
• volatility

9.11.17. 审计工具

• Cobra
• NodeJsScan
• RIPS
• pyvulhunter
• pyt
• Semmle QL
• prvd
• find sec bugs
• trivy
• chip
• php malware finder
• phpvulhunter
• Sourcetrail free and open-source cross-platform source explorer
• fortify

9.11.18. Security Advisories

• Apache httpd Security Advisories
• Apache Solr
• Apache Tomcat
• Jetty Security Reports
• Nginx Security Advisories
• OpenSSL

9.11.19. Security Tracker

• Nginx Security Tracker

9.11.20. 风险控制

• aswan 陌陌风控系统静态规则引擎

9.11.21. 规则

• AttackDetection Suricata PT Open Ruleset
• DailyIOC IOC from articles, tweets for archives