9.9. 防御

9.9.1. 日志检查

• Sysmon

• LastActivityView

• Regshot

9.9.2. 终端监控

• attack monitor Endpoint detection & Malware analysis software

• artillery The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

• yurita Anomaly detection framework @ PayPal

9.9.3. XSS防护

• js xss

• DOMPurify

• google csp evaluator

9.9.4. 配置检查

• Attack Surface Analyzer analyze operating system’s security configuration for changes during software installation.

• gixy Nginx 配置检查工具

• dockerscan Docker security analysis & hacking tools

9.9.5. 安全检查

• lynis

• linux malware detect

9.9.6. IDS

• ossec

• yulong

• AgentSmith

9.9.7. SIEM

• panther Detect threats with log data and improve cloud security posture

9.9.8. 威胁情报

• threatfeeds

• abuseipdb

9.9.9. APT

• APT Groups and Operations

• APTnotes

9.9.10. 入侵检查

• huorong

• check rootkit

• rootkit hunter

• PC Hunter

• autoruns

9.9.11. 进程查看

• Process Explorer

• ProcessHacker

9.9.12. Waf

• naxsi

• ModSecurity

• ngx_lua_waf

• OpenWAF

9.9.13. 病毒在线查杀

• virustotal

• virscan

• habo

9.9.14. WebShell查杀

• D盾

• 深信服WebShell查杀

9.9.15. IoC

• malware ioc

• fireeye public iocs

• signature base

• yara rules

9.9.16. 内存取证

• SfAntiBotPro

• volatility

9.9.17. 审计工具

• Cobra

• NodeJsScan

• RIPS

• pyvulhunter

• pyt

• Semmle QL

• prvd

• find sec bugs

• trivy

• chip

• php malware finder

• phpvulhunter

• Sourcetrail free and open-source cross-platform source explorer

9.9.18. Security Advisories

• apache httpd security advisories

• nginx security advisories

• Jetty Security Reports

• Apache Tomcat

• OpenSSL

9.9.19. 风险控制

• aswan 陌陌风控系统静态规则引擎