mirror of
https://github.com/sbilly/awesome-security
synced 2024-11-26 05:10:23 +00:00
Merge branch 'master' into patch-1
This commit is contained in:
commit
2aee00c28b
1 changed files with 24 additions and 3 deletions
27
README.md
27
README.md
|
@ -21,12 +21,21 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
|
|||
- [Fast Packet Processing](#fast-packet-processing)
|
||||
- [Firewall](#firewall)
|
||||
- [Anti-Spam](#anti-spam)
|
||||
- [Docker](#docker)
|
||||
- [Docker](#docker-images-for-penetration-testing--security)
|
||||
- [Endpoint](#endpoint)
|
||||
- [Anti-Virus / Anti-Malware](#anti-virus--anti-malware)
|
||||
- [Configuration Management](#configuration-management)
|
||||
- [Authentication](#authentication)
|
||||
- [Mobile / Android / iOS](#mobile--android--ios)
|
||||
- [Forensics](#forensics)
|
||||
- [Threat Intelligence](#threat-intelligence)
|
||||
- [Web](#web)
|
||||
- [Organization](#organization)
|
||||
- [Web Application Firewall](#web-application-firewall)
|
||||
- [Scanning / Pentesting](#scanning--pentesting-1)
|
||||
- [Runtime Application Self-Protection](#runtime-application-self-protection)
|
||||
- [Big Data](#big-data)
|
||||
- [DevOps](#devops)
|
||||
- [Other Awesome Lists](#other-awesome-lists)
|
||||
- [Other Security Awesome Lists](#other-security-awesome-lists)
|
||||
- [Other Common Awesome Lists](#other-common-awesome-lists)
|
||||
|
@ -42,6 +51,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
|
|||
- [Metasploit Framework](https://github.com/rapid7/metasploit-framework) - A tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research.
|
||||
- [Kali](https://www.kali.org/) - Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. Kali Linux is preinstalled with numerous penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), and Aircrack-ng (a software suite for penetration-testing wireless LANs).
|
||||
- [pig](https://github.com/rafael-santiago/pig) - A Linux packet crafting tool.
|
||||
- [scapy](https://github.com/secdev/scapy) - Scapy: the python-based interactive packet manipulation program & library.
|
||||
- [Pompem](https://github.com/rfunix/Pompem) - Pompem is an open source tool, which is designed to automate the search for exploits in major databases. Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers. In its current version, performs searches in databases: Exploit-db, 1337day, Packetstorm Security...
|
||||
- [Nmap](https://nmap.org) - Nmap is a free and open source utility for network discovery and security auditing.
|
||||
|
||||
|
@ -136,7 +146,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
|
|||
- `docker pull kalilinux/kali-linux-docker` [official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/)
|
||||
- `docker pull owasp/zap2docker-stable` - [official OWASP ZAP](https://github.com/zaproxy/zaproxy)
|
||||
- `docker pull wpscanteam/wpscan` - [official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/)
|
||||
- `docker pull pandrew/metasploit` - [docker-metasploit](https://hub.docker.com/r/pandrew/metasploit/)
|
||||
- `docker pull remnux/metasploit` - [docker-metasploit](https://hub.docker.com/r/remnux/metasploit/)
|
||||
- `docker pull citizenstig/dvwa` - [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/)
|
||||
- `docker pull wpscanteam/vulnerablewordpress` - [Vulnerable WordPress Installation](https://hub.docker.com/r/wpscanteam/vulnerablewordpress/)
|
||||
- `docker pull hmlio/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/)
|
||||
|
@ -163,7 +173,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
|
|||
|
||||
- [google-authenticator](https://github.com/google/google-authenticator) - The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms, as well as a pluggable authentication module (PAM). One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth). These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. [Tutorials: How to set up two-factor authentication for SSH login on Linux](http://xmodulo.com/two-factor-authentication-ssh-login-linux.html)
|
||||
|
||||
### Mobile / Android /iOS
|
||||
### Mobile / Android / iOS
|
||||
|
||||
- [android-security-awesome](https://github.com/ashishb/android-security-awesome) - A collection of android security related resources. A lot of work is happening in academia and industry on tools to perform dynamic analysis, static analysis and reverse engineering of android apps.
|
||||
- [SecMobi Wiki](http://wiki.secmobi.com/) - A collection of mobile security resources which including articles, blogs, books, groups, projects, tools and conferences. *
|
||||
|
@ -172,6 +182,8 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
|
|||
|
||||
- [grr](https://github.com/google/grr) - GRR Rapid Response is an incident response framework focused on remote live forensics.
|
||||
- [Volatility](https://github.com/volatilityfoundation/volatility) - Python based memory extraction and analysis framework.
|
||||
- [mig](http://mig.mozilla.org/) - MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents and day-to-day operations security.
|
||||
|
||||
|
||||
## Threat Intelligence
|
||||
|
||||
|
@ -213,6 +225,10 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
|
|||
- [Recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) - Recon-ng is a full-featured Web Reconnaissance framework written in Python. Recon-ng has a look and feel similar to the Metasploit Framework.
|
||||
- [PTF](https://github.com/trustedsec/ptf) - The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
|
||||
|
||||
### Runtime Application Self-Protection
|
||||
|
||||
- [Sqreen](https://www.sqreen.io/) - Sqreen is a Runtime Application Self-Protection (RASP) solution for software teams. An in-app agent instruments and monitors the app. Suspicious user activities are reported and attacks are blocked at runtime without code modification or traffic redirection.
|
||||
|
||||
## Big Data
|
||||
|
||||
- [data_hacking](https://github.com/ClickSecurity/data_hacking) - Examples of using IPython, Pandas, and Scikit Learn to get the most out of your security data.
|
||||
|
@ -221,10 +237,15 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
|
|||
- [OpenSOC](https://github.com/OpenSOC/opensoc) - OpenSOC integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis.
|
||||
- [binarypig](https://github.com/endgameinc/binarypig) - Scalable Binary Data Extraction in Hadoop. Malware Processing and Analytics over Pig, Exploration through Django, Twitter Bootstrap, and Elasticsearch.
|
||||
|
||||
## DevOps
|
||||
|
||||
- [Securing DevOps](https://manning.com/books/securing-devops?a_aid=securingdevops&a_bid=1353bcd8) - A book on Security techniques for DevOps that reviews state of the art practices used in securing web applications and their infrastructure.
|
||||
|
||||
## Datastores
|
||||
|
||||
- [Vault](https://www.vaultproject.io/) - An encrypted datastore secure enough to hold environment and application secrets.
|
||||
- [Safe](https://github.com/starkandwayne/safe) - A Vault CLI that makes reading from and writing to the Vault easier to do.
|
||||
- [Sops](https://github.com/mozilla/sops - An editor of encrypted files that supports YAML, JSON and BINARY formats and encrypts with AWS KMS and PGP.
|
||||
|
||||
## Other Awesome Lists
|
||||
|
||||
|
|
Loading…
Reference in a new issue