# Learning #### Government sites - [資通安全署 Administration for Cyber Security, moda](https://moda.gov.tw/ACS/) - [國家資通安全研究院 - 首頁 (nat.gov.tw)](https://www.nics.nat.gov.tw/) - [TWCERT/CC台灣電腦網路危機處理暨協調中心](https://www.twcert.org.tw/tw/mp-1.html) #### Security sites
網站功能描述
shodan.io搜索互聯網連接設備的搜索引擎。
censys.io提供互聯網設備和網絡資產信息的搜索平台。
hunter.io查找與特定域名相關的電子郵件地址的工具。
fullhunt.io自動化攻擊面管理和漏洞發現平台。
onyphe.io網絡資產搜索和網絡安全信息收集引擎。
socradar.io提供實時網絡威脅情報和數字風險保護服務。
binaryedge.io互聯網範圍掃描和網絡風險評估平台。
ivre.rocks開源網絡偵察框架。
crt.sh搜索和查詢SSL/TLS證書的數據庫。
vulners.com綜合性漏洞數據庫和安全內容存儲庫。
publicwww.com源代碼搜索引擎,用於在網頁源碼中查找特定代碼片段。
pulsedive.com威脅情報和網絡安全數據聚合平台。
intelx.io多源開放源情報(OSINT)搜索和分析工具。
wigle.net無線網絡數據庫和地圖服務。
viz.greynoise.io分析和可視化互聯網噪聲和惡意活動的平台。
#### Security Platform - [Kali Linux](https://www.kali.org/) - [ParrotOS](https://www.parrotsec.org/) #### Threat Intelligence Detection & Analysis Tools - [VirusTotal](https://www.virustotal.com/gui/home) is a service that allows anyone to analyze suspicious files, domains, URLs, and IP addresses for malicious content. VirusTotal also offers additional services and tools for enterprise use. - [Jotti's malware scan](https://virusscan.jotti.org/) is a free service that lets you scan suspicious files with several antivirus programs. There are some limitations to the number of files that you can submit. - [Urlscan.io](https://urlscan.io/) is a free service that scans and analyzes URLs and provides a detailed report summarizing the URL information. - [MalwareBazaar](https://bazaar.abuse.ch/browse/) is a free repository for malware samples. Malware samples are a great source of threat intelligence that can be used for research purposes. #### Security Tools - [10 Top Open Source Penetration Testing Tools](https://www.esecurityplanet.com/applications/open-source-penetration-testing-tools/) - [OSV-Scanner](https://osv.dev/) - [5 Tools to Scan a Linux Server for Malware and Rootkits (tecmint.com)](https://www.tecmint.com/scan-linux-for-malware-and-rootkits/) ##### - Wazuh - The Open Source Security Platform - [https://wazuh.com/](https://wazuh.com/) - YT: [this Cybersecurity Platform is FREE](https://www.youtube.com/watch?v=i68atPbB8uQ) - YT: [you need this FREE CyberSecurity tool](https://www.youtube.com/watch?v=3CaG2GI1kn0) - YT: [Wazuh Open Source SIEM Tutorial - YouTube](https://www.youtube.com/watch?v=u4tMvUCUXqY) ##### - Web Check All-in-one OSINT tool for analysing any website - [Web Check (web-check.xyz)](https://web-check.xyz/) - GitHub: [https://github.com/Lissy93/web-check](https://github.com/Lissy93/web-check) ##### - OWASP - Nettacker Automated Penetration Testing Framework (自動滲透測試框架) - [OWASP/Nettacker: Automated Penetration Testing Framework](https://github.com/OWASP/Nettacker) ##### - WAF: Web Application Firewall - [GoTestWAF](https://github.com/wallarm/gotestwaf) - [Test and evaluate your WAF before hackers](https://lab.wallarm.com/test-your-waf-before-hackers/) - [SafeLine](https://waf.chaitin.com/) - A self-hosted WAF(Web Application Firewall) - YT: [SafeLine: A Feature-Rich WAF with a Catch (or Two)](https://www.youtube.com/watch?v=AwfNqWvMVTI) ##### - Pi-Alert: WiFi/LAN 連網裝置偵測 - [Pi.Alert](https://github.com/pucherot/Pi.Alert) - \[Video\] [Pi Alert - Open Source, Self Hosted, Network Device Change Notification and Intrusion Detection](https://www.youtube.com/watch?v=oKl3WFQloE4) ##### - WatchYourLAN - GitHub: [https://github.com/aceberg/WatchYourLAN](https://github.com/aceberg/WatchYourLAN) ##### - VMs for Cybersecurity Professional - [TOP VIRTUAL MACHINES FOR CYBERSECURITY PROFESSIONALS | by Flavio Queiroz | CTI Flash Insights | Medium](https://medium.com/cti-insights/top-virtual-machines-for-cybersecurity-professionals-b111930c2ba2) ##### - ntopng: Network traffic monitor - [ntopng – ntop](https://www.ntop.org/products/traffic-analysis/ntop/) - YT: [NTopNG - A Free, Open Source, Self Hosted, Network Monitoring and Analysis Tool. - YouTube](https://www.youtube.com/watch?v=sJkLmjaj02E&list=PLjLkaXQ35322Of0hhUfhlMuGEl-feXZQB) ##### - ImHex: Hex Editor A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM - GitHub: [https://github.com/WerWolv/ImHex/](https://github.com/WerWolv/ImHex/) ##### - OSSIEM Open Source SIEM Stack, Wazuh + Graylog + Velociraptor + Copilot - GitHub: [https://github.com/socfortress/OSSIEM](https://github.com/socfortress/OSSIEM) ##### - Scanner - [RustScan : The Modern Port Scanner](https://github.com/RustScan/RustScan) - [Vuls](https://vuls.io/) : Agentless Vulnerability Scanner for Linux/FreeBSD - GitHub: [https://github.com/future-architect/vuls](https://github.com/future-architect/vuls) - [Vuls: A Free, Open Source Vulnerability Scanner for Linux - The New Stack](https://thenewstack.io/vuls-a-free-open-source-vulnerability-scanner-for-linux/) ##### - Fishing Test - [pfish](https://github.com/pow1e/pfish) - 轻量级的无害化钓鱼 ##### - CISO Assistant CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management - GitHub: [https://github.com/intuitem/ciso-assistant-community](https://github.com/intuitem/ciso-assistant-community) #### AI Cybersecurity - \[pyimagesearch\] [Build a Network Intrusion Detection System with Variational Autoencoders](https://pyimagesearch.com/2024/11/18/build-a-network-intrusion-detection-system-with-variational-autoencoders/) #### Security Jobs ##### Interview - This [blog](https://allthingspwned.com/) offers lots of helpful tips, information, and practice scenarios on preparing for technical interviews in the cybersecurity field.