mirror of
https://github.com/euphrat1ca/Security-List.git
synced 2026-06-30 21:09:51 +08:00
395
This commit is contained in:
parent
f37e082a7c
commit
2bcebb4f0f
@ -85,11 +85,11 @@
|
||||
- http://plcscan.org/blog/2014/08/ics-security-attack-demo-rail-transit/ //工控安全攻防演练场景实现分享(轨道交通)。W:乌云工控漏洞;--
|
||||
- https://www.freebuf.com/articles/network/178251.html //工控安全现场实施经验谈之工控系统如何加强主机防护。
|
||||
- https://www.freebuf.com/vuls/230453.html/ //当PLC偶遇老旧但不乏经典的高级组包工具Hping。DOS攻击
|
||||
- https://www.freebuf.com/articles/ics-articles/212283.html //西门子S7通信过程及重放攻击分析。利用snap7与isf对s7300进行重放测试。P:ics-articles/228770.html;--
|
||||
- https://www.freebuf.com/articles/ics-articles/220239.html/ //西门子S7comm-plus通信过程及重放攻击分析.P:ics-articles/230676.html;--
|
||||
- https://www.freebuf.com/articles/ics-articles/212283.html //西门子S7通信过程及重放攻击分析,利用snap7与isf对s7300进行重放测试。P:ics-articles/228770.html;--
|
||||
- https://www.freebuf.com/articles/ics-articles/220239.html //西门子S7comm-plus通信过程及重放攻击分析.P:ics-articles/230676.html;--
|
||||
- https://www.freebuf.com/articles/ics-articles/231701.html //西门子S7系列中间人攻击:流量劫持和转发(一)
|
||||
- https://www.freebuf.com/articles/ics-articles/233160.html //西门子S7系列中间人攻击:PLC探测和流量分析(二)
|
||||
- https://www.freebuf.com/articles/ics-articles/234845.html/ //Modbus PLC攻击分析:从Modbus PollSlave到M340
|
||||
- https://www.freebuf.com/articles/ics-articles/234845.html //Modbus PLC攻击分析:从Modbus PollSlave到M340
|
||||
### ICS资产探测
|
||||
- https://dragos.com/community-tools/ //工业网络安全公司 Dragos Inc.发布的Integrity(Sophia)被动ICS网络资产发现,CyberLens ICS数据包处理\捕获\可视化显示。
|
||||
- https://github.com/splone/splonebox-core //C。工业控制系统的网络评估工具。G:cisagov/cset/;--
|
||||
|
||||
@ -117,13 +117,14 @@
|
||||
### 混淆命令检测
|
||||
- https://github.com/We5ter/Flerken //py。跨平台混淆命令检测的解决方案
|
||||
## 网络流量分析
|
||||
- https://mp.weixin.qq.com/s/w6nvyYFsTaZqE2AcoTvEIA //Intro。攻守道—流量分析的刀光剑影,wireshark操作指令。
|
||||
- http://www.colasoft.com.cn/download.php //科来科来网络分析系统/ping工具/mac地址扫描工具/数据包重放工具/数据包生成工具
|
||||
- https://github.com/wireshark/wireshark //Lua。议解析流量分析还原。可通过Windows变量名“SSLKEYLOGFILE”的变量导出目标网站证书,进行密钥导入到Wireshark流量解析。
|
||||
- https://mp.weixin.qq.com/s/w6nvyYFsTaZqE2AcoTvEIA //Intro。攻守道—流量分析的刀光剑影,wireshark操作指令。
|
||||
- https://github.com/secdev/scapy //Py。内置了交互式网络数据包处理、数据包生成器、网络扫描器网络发现和包嗅探工具,提供多种协议包生成及解析插件,能够灵活的的生成协议数据包,并进行修改、解析。
|
||||
- http://tcpick.sourceforge.net //TCP流嗅探和连接跟踪工具
|
||||
- https://github.com/zerbea/hcxdumptool //从Wlan设备上捕获数据包
|
||||
- https://github.com/nospaceships/raw-socket-sniffer //C。PS。无需驱动抓取Windows流量
|
||||
- https://github.com/nospaceships/raw-socket-sniffer //C。PS。无需驱动抓取Windows流量。
|
||||
- https://github.com/aol/moloch //大规模流量包捕获分析系统,capture/viewer/elasticsearch。
|
||||
### 网络流量协议解析
|
||||
- http://lcamtuf.coredump.cx/p0f3 //C。p0f升级版,被动的流量指纹识别TCP/http
|
||||
- https://github.com/zeek/zeek //C++。bro的升级版,主要用于对链路上所有深层次的可疑行为流量进行安全监控,为网络流量分析提供了一个综合平台,特别侧重于语义安全监控。
|
||||
|
||||
Loading…
Reference in New Issue
Block a user