Cybersecurity Tools

Websites

• 10 Top Open Source Penetration Testing Tools
• OSV-Scanner
• 5 Tools to Scan a Linux Server for Malware and Rootkits (tecmint.com)

網站	功能描述
shodan.io	搜索互聯網連接設備的搜索引擎。
censys.io	提供互聯網設備和網絡資產信息的搜索平台。
hunter.io	查找與特定域名相關的電子郵件地址的工具。
fullhunt.io	自動化攻擊面管理和漏洞發現平台。
onyphe.io	網絡資產搜索和網絡安全信息收集引擎。
socradar.io	提供實時網絡威脅情報和數字風險保護服務。
binaryedge.io	互聯網範圍掃描和網絡風險評估平台。
ivre.rocks	開源網絡偵察框架。
crt.sh	搜索和查詢SSL/TLS證書的數據庫。
vulners.com	綜合性漏洞數據庫和安全內容存儲庫。
publicwww.com	源代碼搜索引擎,用於在網頁源碼中查找特定代碼片段。
pulsedive.com	威脅情報和網絡安全數據聚合平台。
intelx.io	多源開放源情報(OSINT)搜索和分析工具。
wigle.net	無線網絡數據庫和地圖服務。
viz.greynoise.io	分析和可視化互聯網噪聲和惡意活動的平台。

Tools

-Wazuh

The Open Source Security Platform

• https://wazuh.com/
• YT: this Cybersecurity Platform is FREE
• YT: you need this FREE CyberSecurity tool
• YT: Wazuh Open Source SIEM Tutorial - YouTube
• YT: Wazuh! Powerful, Open Source Endpoint Security Monitoring!

-Web Check

All-in-one OSINT tool for analysing any website

• Web Check (web-check.xyz)
• GitHub: https://github.com/Lissy93/web-check 

-OWASP: Nettacker

Automated Penetration Testing Framework (自動滲透測試框架)

• OWASP/Nettacker: Automated Penetration Testing Framework

-WAF: Web Application Firewall

• GoTestWAF
• Test and evaluate your WAF before hackers
• SafeLine - A self-hosted WAF(Web Application Firewall)
  • YT: SafeLine: A Feature-Rich WAF with a Catch (or Two)

-Pi-Alert: WiFi/LAN 連網裝置偵測

• Pi.Alert
• [Video] Pi Alert - Open Source, Self Hosted, Network Device Change Notification and Intrusion Detection

-WatchYourLAN

• GitHub: https://github.com/aceberg/WatchYourLAN 

-ntopng

Network traffic monitor

• ntopng – ntop
• YT: NTopNG - A Free, Open Source, Self Hosted, Network Monitoring and Analysis Tool. - YouTube

-ImHex: Hex Editor

A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM

• GitHub: https://github.com/WerWolv/ImHex/ 

-OSSIEM

Open Source SIEM Stack, Wazuh + Graylog + Velociraptor + Copilot

• GitHub: https://github.com/socfortress/OSSIEM 

-Scanner

• RustScan : The Modern Port Scanner
• Vuls : Agentless Vulnerability Scanner for Linux/FreeBSD
  • GitHub: https://github.com/future-architect/vuls
  • Vuls: A Free, Open Source Vulnerability Scanner for Linux - The New Stack

-Fishing Test

• pfish - 轻量级的无害化钓鱼

-CISO Assistant

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management

• GitHub: https://github.com/intuitem/ciso-assistant-community 

-Cybersecurity OS platforms

• TOP VIRTUAL MACHINES FOR CYBERSECURITY PROFESSIONALS | by Flavio Queiroz | CTI Flash Insights | Medium
• Kali Linux
• ParrotOS

-MISP

MISP (Malware Information Sharing Platform)

• https://www.misp-project.org/