# Learning
#### Government sites
- [資通安全署 Administration for Cyber Security, moda](https://moda.gov.tw/ACS/)
- [國家資通安全研究院 - 首頁 (nat.gov.tw)](https://www.nics.nat.gov.tw/)
- [TWCERT/CC台灣電腦網路危機處理暨協調中心](https://www.twcert.org.tw/tw/mp-1.html)
#### Security sites
網站 | 功能描述 |
---|
shodan.io | 搜索互聯網連接設備的搜索引擎。 |
censys.io | 提供互聯網設備和網絡資產信息的搜索平台。 |
hunter.io | 查找與特定域名相關的電子郵件地址的工具。 |
fullhunt.io | 自動化攻擊面管理和漏洞發現平台。 |
onyphe.io | 網絡資產搜索和網絡安全信息收集引擎。 |
socradar.io | 提供實時網絡威脅情報和數字風險保護服務。 |
binaryedge.io | 互聯網範圍掃描和網絡風險評估平台。 |
ivre.rocks | 開源網絡偵察框架。 |
crt.sh | 搜索和查詢SSL/TLS證書的數據庫。 |
vulners.com | 綜合性漏洞數據庫和安全內容存儲庫。 |
publicwww.com | 源代碼搜索引擎,用於在網頁源碼中查找特定代碼片段。 |
pulsedive.com | 威脅情報和網絡安全數據聚合平台。 |
intelx.io | 多源開放源情報(OSINT)搜索和分析工具。 |
wigle.net | 無線網絡數據庫和地圖服務。 |
viz.greynoise.io | 分析和可視化互聯網噪聲和惡意活動的平台。 |
#### Security Platform
- [Kali Linux](https://www.kali.org/)
- [ParrotOS](https://www.parrotsec.org/)
#### Threat Intelligence
Detection & Analysis Tools
- [VirusTotal](https://www.virustotal.com/gui/home) is a service that allows anyone to analyze suspicious files, domains, URLs, and IP addresses for malicious content. VirusTotal also offers additional services and tools for enterprise use.
- [Jotti's malware scan](https://virusscan.jotti.org/) is a free service that lets you scan suspicious files with several antivirus programs. There are some limitations to the number of files that you can submit.
- [Urlscan.io](https://urlscan.io/) is a free service that scans and analyzes URLs and provides a detailed report summarizing the URL information.
- [MalwareBazaar](https://bazaar.abuse.ch/browse/) is a free repository for malware samples. Malware samples are a great source of threat intelligence that can be used for research purposes.
#### Security Tools
- [10 Top Open Source Penetration Testing Tools](https://www.esecurityplanet.com/applications/open-source-penetration-testing-tools/)
- [OSV-Scanner](https://osv.dev/)
- [5 Tools to Scan a Linux Server for Malware and Rootkits (tecmint.com)](https://www.tecmint.com/scan-linux-for-malware-and-rootkits/)
##### - Wazuh - The Open Source Security Platform
- [https://wazuh.com/](https://wazuh.com/)
- \[Video\] [this Cybersecurity Platform is FREE](https://www.youtube.com/watch?v=i68atPbB8uQ)
- \[Video\] [you need this FREE CyberSecurity tool](https://www.youtube.com/watch?v=3CaG2GI1kn0)
##### - Web Check
All-in-one OSINT tool for analysing any website
- [Web Check (web-check.xyz)](https://web-check.xyz/)
- GitHub: [https://github.com/Lissy93/web-check](https://github.com/Lissy93/web-check)
##### - OWASP - Nettacker
Automated Penetration Testing Framework (自動滲透測試框架)
- [OWASP/Nettacker: Automated Penetration Testing Framework](https://github.com/OWASP/Nettacker)
##### - WAF: Web Application Firewall
- [GoTestWAF](https://github.com/wallarm/gotestwaf)
- [Test and evaluate your WAF before hackers](https://lab.wallarm.com/test-your-waf-before-hackers/)
##### - Pi-Alert: WiFi/LAN 連網裝置偵測
- [Pi.Alert](https://github.com/pucherot/Pi.Alert)
- \[Video\] [Pi Alert - Open Source, Self Hosted, Network Device Change Notification and Intrusion Detection](https://www.youtube.com/watch?v=oKl3WFQloE4)
##### - WatchYourLAN
- GitHub: [https://github.com/aceberg/WatchYourLAN](https://github.com/aceberg/WatchYourLAN)