# Learning #### Government sites - [資通安全署 Administration for Cyber Security, moda](https://moda.gov.tw/ACS/) - [國家資通安全研究院 - 首頁 (nat.gov.tw)](https://www.nics.nat.gov.tw/) - [TWCERT/CC台灣電腦網路危機處理暨協調中心](https://www.twcert.org.tw/tw/mp-1.html) #### Security sites
網站功能描述
shodan.io搜索互聯網連接設備的搜索引擎。
censys.io提供互聯網設備和網絡資產信息的搜索平台。
hunter.io查找與特定域名相關的電子郵件地址的工具。
fullhunt.io自動化攻擊面管理和漏洞發現平台。
onyphe.io網絡資產搜索和網絡安全信息收集引擎。
socradar.io提供實時網絡威脅情報和數字風險保護服務。
binaryedge.io互聯網範圍掃描和網絡風險評估平台。
ivre.rocks開源網絡偵察框架。
crt.sh搜索和查詢SSL/TLS證書的數據庫。
vulners.com綜合性漏洞數據庫和安全內容存儲庫。
publicwww.com源代碼搜索引擎,用於在網頁源碼中查找特定代碼片段。
pulsedive.com威脅情報和網絡安全數據聚合平台。
intelx.io多源開放源情報(OSINT)搜索和分析工具。
wigle.net無線網絡數據庫和地圖服務。
viz.greynoise.io分析和可視化互聯網噪聲和惡意活動的平台。
#### Security Platform - [Kali Linux](https://www.kali.org/) - [ParrotOS](https://www.parrotsec.org/) #### Threat Intelligence Detection & Analysis Tools - [VirusTotal](https://www.virustotal.com/gui/home) is a service that allows anyone to analyze suspicious files, domains, URLs, and IP addresses for malicious content. VirusTotal also offers additional services and tools for enterprise use. - [Jotti's malware scan](https://virusscan.jotti.org/) is a free service that lets you scan suspicious files with several antivirus programs. There are some limitations to the number of files that you can submit. - [Urlscan.io](https://urlscan.io/) is a free service that scans and analyzes URLs and provides a detailed report summarizing the URL information. - [MalwareBazaar](https://bazaar.abuse.ch/browse/) is a free repository for malware samples. Malware samples are a great source of threat intelligence that can be used for research purposes. #### Security Tools - [10 Top Open Source Penetration Testing Tools](https://www.esecurityplanet.com/applications/open-source-penetration-testing-tools/) - [OSV-Scanner](https://osv.dev/) - [5 Tools to Scan a Linux Server for Malware and Rootkits (tecmint.com)](https://www.tecmint.com/scan-linux-for-malware-and-rootkits/) ##### - Wazuh - The Open Source Security Platform - [https://wazuh.com/](https://wazuh.com/) - \[Video\] [this Cybersecurity Platform is FREE](https://www.youtube.com/watch?v=i68atPbB8uQ) - \[Video\] [you need this FREE CyberSecurity tool](https://www.youtube.com/watch?v=3CaG2GI1kn0) ##### - Web Check All-in-one OSINT tool for analysing any website - [Web Check (web-check.xyz)](https://web-check.xyz/) - GitHub: [https://github.com/Lissy93/web-check](https://github.com/Lissy93/web-check) ##### - OWASP - Nettacker Automated Penetration Testing Framework (自動滲透測試框架) - [OWASP/Nettacker: Automated Penetration Testing Framework](https://github.com/OWASP/Nettacker) ##### - WAF: Web Application Firewall - [GoTestWAF](https://github.com/wallarm/gotestwaf) - [Test and evaluate your WAF before hackers](https://lab.wallarm.com/test-your-waf-before-hackers/) ##### - Pi-Alert: WiFi/LAN 連網裝置偵測 - [Pi.Alert](https://github.com/pucherot/Pi.Alert) - \[Video\] [Pi Alert - Open Source, Self Hosted, Network Device Change Notification and Intrusion Detection](https://www.youtube.com/watch?v=oKl3WFQloE4) ##### - WatchYourLAN - GitHub: [https://github.com/aceberg/WatchYourLAN](https://github.com/aceberg/WatchYourLAN)