百度翻译源码java-Awesome-Security:真棒-安全_wireshark_debian_其他

# Awesome Security [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome) A collection of awesome software, libraries, documents, books, resources and cool stuff about security. Inspired by [awesome-php](https://github.com/ziadoz/awesome-php), [awesome-python](https://github.com/vinta/awesome-python). Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/contributors), you're awesome and wouldn't be possible without you! The goal is to build a categorized community-driven collection of very well-known resources. - [Awesome Security](#awesome-security) - [Network](#network) - [Scanning / Pentesting](#scanning--pentesting) - [Monitoring / Logging](#monitoring--logging) - [IDS / IPS / Host IDS / Host IPS](#ids--ips--host-ids--host-ips) - [Honey Pot / Honey Net](#honey-pot--honey-net) - [Full Packet Capture / Forensic](#full-packet-capture--forensic) - [Sniffer](#sniffer) - [Security Information & Event Management](#security-information--event-management) - [VPN](#vpn) - [Fast Packet Processing](#fast-packet-processing) - [Firewall](#firewall) - [Anti-Spam](#anti-spam) - [Docker](#docker-images-for-penetration-testing--security) - [Endpoint](#endpoint) - [Anti-Virus / Anti-Malware](#anti-virus--anti-malware) - [Content Disarm & Reconstruct](#content-disarm--reconstruct) - [Configuration Management](#configuration-management) - [Authentication](#authentication) - [Mobile / Android / iOS](#mobile--android--ios) - [Forensics](#forensics) - [Threat Intelligence](#threat-intelligence) - [Web](#web) - [Organization](#organization) - [Web Application Firewall](#web-application-firewall) - [Scanning / Pentesting](#scanning--pentesting-1) - [Runtime Application Self-Protection](#runtime-application-self-protection) - [Development](#development) - [Usability](#usability) - [Big Data](#big-data) - [DevOps](#devops) - [Operating Systems](#operating-systems) - [Online resources](#online-resources) - [Datastores](#datastores) - [EBooks](#ebooks) - [Other Awesome Lists](#other-awesome-lists) - [Other Security Awesome Lists](#other-security-awesome-lists) - [Other Common Awesome Lists](#other-common-awesome-lists) - [Contributing](#contributing) ------ ## Network ### Scanning / Pentesting - [OpenVAS](http://www.openvas.org/) - OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. - [Metasploit Framework](https://github.com/rapid7/metasploit-framework) - A tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research. - [Kali](https://www.kali.org/) - Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. Kali Linux is preinstalled with numerous penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), and Aircrack-ng (a software suite for penetration-testing wireless LANs). - [pig](https://github.com/rafael-santiago/pig) - A Linux packet crafting tool. - [scapy](https://github.com/secdev/scapy) - Scapy: the python-based interactive packet manipulation program & library. - [Pompem](https://github.com/rfunix/Pompem) - Pompem is an open source tool, which is designed to automate the search for exploits in major databases. Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers. In its current version, performs searches in databases: Exploit-db, 1337day, Packetstorm Security... - [Nmap](https://nmap.org) - Nmap is a free and open source utility for network discovery and security auditing. - [Amass](https://github.com/caffix/amass) - Amass performs DNS subdomain enumeration by scraping the largest number of disparate data sources, recursive brute forcing, crawling of web archives, permuting and altering names, reverse DNS sweeping and other techniques. - [Anevicon](https://github.com/Gymmasssorla/anevicon) - The most powerful UDP-based load generator, written in Rust. - [Finshir](https://github.com/Gymmasssorla/finshir) - A coroutines-driven Low & Slow traffic generator, written in Rust. - [Legion](https://github.com/GoVanguard/legion) - Open source semi-automated discovery and reconnaissance network penetration testing framework. ### Monitoring / Logging - [justniffer](http://justniffer.sourceforge.net/) - Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all "intercepted" files from the HTTP traffic. - [httpry](http://dumpsterventures.com/jason/httpry/) - httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the traffic as it is parsed, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. - [ngrep](http://ngrep.sourceforge.net/) - ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop. - [passivedns](https://github.com/gamelinux/passivedns) - A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring (NSM) and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers in-memory, limiting the amount of data in the logfile without loosing the essens in the DNS answer. - [sagan](http://sagan.quadrantsec.com/) - Sagan uses a 'Snort like' engine and rules to analyze logs (syslog/event log/snmptrap/netflow/etc). - [Node Security Platform](https://nodesecurity.io/) - Similar feature set to Snyk, but free in most cases, and very cheap for others. - [ntopng](http://www.ntop.org/products/traffic-analysis/ntop/) - Ntopng is a network traffic probe that shows the network usage, similar to what the popular top Unix command does. - [Fibratus](https://github.com/rabbitstack/fibratus) - Fibratus is a tool for exploration and tracing of the Windows kernel. It is able to capture the most of the Windows kernel activity - process/thread creation and termination, file system I/O, registry, network activity, DLL loading/unloading and much more. Fibratus has a very simple CLI which encapsulates the machinery to start the kernel event stream collector, set kernel event filters or run the lightweight Python modules called filaments. - [opensnitch](https://github.com/evilsocket/opensnitch) - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall ### IDS / IPS / Host IDS / Host IPS - [Snort](https://www.snort.org/) - Snort is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS)created by Martin Roesch in 1998. Snort is now developed by Sourcefire, of which Roesch is the founder and CTO. In 2009, Snort entered InfoWorld's Open Source Hall of Fame as one of the "greatest [pieces of] open source software of all time". - [Bro](https://www.bro.org/)