From 2f57a9093423630278fdfd8fc17f80a92f61a7b7 Mon Sep 17 00:00:00 2001 From: whoami Date: Fri, 18 Sep 2020 08:12:52 +0800 Subject: [PATCH] 1 --- wiki_ExpandAuth.md | 2 +- wiki_FreeConnect.md | 1 + wiki_IoT&ICS.md | 3 ++- wiki_ToolDevelop.md | 1 + wiki_TowerDefence.md | 1 + 5 files changed, 6 insertions(+), 2 deletions(-) diff --git a/wiki_ExpandAuth.md b/wiki_ExpandAuth.md index c246acc..9b8efe1 100644 --- a/wiki_ExpandAuth.md +++ b/wiki_ExpandAuth.md @@ -160,7 +160,7 @@ - https://github.com/DamonMohammadbagher/FakeFileMaker //更换图标和名称 - https://github.com/deepzec/Bad-Pdf //生成一个pdf文件,内含payload来窃取win上的Net-NTLM哈希 - https://github.com/3gstudent/Worse-PDF //向PDF文件中插入恶意代码,来窃取win上的Net-NTLM哈希 -- https://www.cnblogs.com/modou/p/3573772.html/ //NSIS - Windows安装程序制作工具,重制作安装包 +- https://www.cnblogs.com/modou/p/3573772.html/ //NSIS - Windows安装程序制作工具,Nullsoft 脚本安装重制作安装包 ### Windows混淆免杀 - https://github.com/danielbohannon/Invoke-DOSfuscation //对powershell文件进行混淆,加密操作以及重新编码。G:/cwolff411/powerob //powershell混淆;G:/OmerYa/Invisi-Shell;-- - https://github.com/danielbohannon/Invoke-DOSfuscation/ //PS。cmd命令混淆。 diff --git a/wiki_FreeConnect.md b/wiki_FreeConnect.md index d6ac043..a569b48 100644 --- a/wiki_FreeConnect.md +++ b/wiki_FreeConnect.md @@ -1,5 +1,6 @@ # 通讯工具技术相关 ## 通讯服务 +- https://github.com/aqiongbei/buy_pig_plan //JS。利用客服系统电话轰炸机。G:/xxcosmos/buy_pig_plan_python;-- ### 办公通讯 - http://sc.ftqq.com/3.version //ServerChan信息通知server酱方糖信息提醒。P:/slack 通讯框架;P:/企业微信;P:/钉钉;P:/TG BOT telegram机器人;-- - https://mattermost.com/ //协同办公通讯。W:github.com/mattermost;-- diff --git a/wiki_IoT&ICS.md b/wiki_IoT&ICS.md index 07c77a5..04282d1 100644 --- a/wiki_IoT&ICS.md +++ b/wiki_IoT&ICS.md @@ -93,7 +93,8 @@ - https://zhuanlan.zhihu.com/p/93070821 //工控CTF技能点学习总结 - http://plcscan.org/blog/2014/08/ics-security-attack-demo-rail-transit/ //工控安全攻防演练场景实现分享(轨道交通)。W:乌云工控漏洞;-- - https://www.freebuf.com/articles/network/178251.html //工控安全现场实施经验谈之工控系统如何加强主机防护。 -- https://www.freebuf.com/vuls/230453.html/ //当PLC偶遇老旧但不乏经典的高级组包工具Hping。DOS攻击 +- https://www.freebuf.com/vuls/230453.html/ //当PLC偶遇老旧但不乏经典的高级组包工具Hping。DOS攻击。 +- https://www.anquanke.com/post/id/206579 //S7CommPlus协议研究,系列文章。techteach。 - https://www.freebuf.com/articles/ics-articles/212283.html //西门子S7通信过程及重放攻击分析,利用snap7与isf对s7300进行重放测试。P:/ics-articles/228770.html;-- - https://www.freebuf.com/articles/ics-articles/220239.html //西门子S7comm-plus通信过程及重放攻击分析.P:/ics-articles/230676.html;-- - https://www.freebuf.com/articles/ics-articles/231701.html //西门子S7系列中间人攻击:流量劫持和转发(一) diff --git a/wiki_ToolDevelop.md b/wiki_ToolDevelop.md index cd8efa2..cc6c8cf 100644 --- a/wiki_ToolDevelop.md +++ b/wiki_ToolDevelop.md @@ -27,6 +27,7 @@ - https://github.com/portswigger/http-request-smuggler //http请求走私 - https://github.com/yandex/burp-molly-pack //XXE、SSRF漏洞利用探测。 ## Nmap/Masscan拓展插件相关工具 +- https://xz.aliyun.com/t/6002 //如何修改nmap, 重新编译,绕过IDS流量检测。G:/al0ne/Nmap_Bypass_IDS;-- - https://github.com/Ullaakut/nmap //Go。Nmap调用库go - https://github.com/savon-noir/python-libnmap //Py。nmap调用库python - https://github.com/johnnyxmas/scancannon //Bash。联动masscan和nmap diff --git a/wiki_TowerDefence.md b/wiki_TowerDefence.md index 834c904..59a5504 100644 --- a/wiki_TowerDefence.md +++ b/wiki_TowerDefence.md @@ -80,6 +80,7 @@ - https://github.com/StamusNetworks/SELKS //基于Debian的入侵检测系统,组件包含Suricata IDPS与ELK和Scirius。 - https://github.com/Security-Onion-Solutions/security-onion //Security Onion洋葱安全入侵检测系统。基于Ubuntu涵盖ELK\Snort\Suricata\Bro等组件,作为传感器分布在网络中监控多个VLAN和子网。ids kali系统类。 - https://www.elastic.co/cn/blog/discovering-anomalous-patterns-based-on-parent-child-process-relationships //基于父子进程关系来检测异常模式,使用机器学习中的异常模型来检测攻击者。TechTeach。 +- https://www.freebuf.com/articles/network/244094.html //NIDS(suricata)中的DNS隐蔽隧道检测。techteach。 ## 防火墙网关 - https://github.com/0xInfection/Awesome-WAF //awesome waf - http://www.safedog.cn/ //安全狗Web服务器网站防护。商业版 社区版。