Awesome-Mirrors/awesome-cybersecurity-blueteam
1
0
Fork 0
mirror of https://github.com/fabacab/awesome-cybersecurity-blueteam.git synced 2025-02-02 01:15:14 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add DumpsterFire, NotRuler.

Browse Source
This commit is contained in:
Meitar M 2018-07-31 17:12:06 -04:00
parent 21dfdff83c
commit 17c32c45d4
No known key found for this signature in database
GPG Key ID: 07EFAA28AB94BC85
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -13,11 +13,13 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
- [Host-based tools](#host-based-tools)
- [Network Security Monitoring (NSM)](#network-security-monitoring-nsm)
- [Network perimeter defenses](#network-perimeter-defenses)
- [Practice, training, and drills](#practice-training-and-drills)
- [Security Information and Event Management (SIEM)](#security-information-and-event-management-siem)
- [Service and performance monitoring](#service-and-performance-monitoring)
- [Threat intelligence, analytics, and reporting](#threat-intelligence-analytics-and-reporting)
- [Tor Onion service defenses](#tor-onion-service-defenses)
- [Transport-layer defense](#transport-layer-defenses)
- [Windows-based defenses](#windows-based-defenses)
## Firewalling distributions
@ -48,6 +50,10 @@ See also [awesome-honeypots](https://github.com/paralax/awesome-honeypots).
- [fwknop](https://www.cipherdyne.org/fwknop/) - Protects ports via Single Packet Authorization in your firewall.
## Practice, training, and drills
- [DumpsterFire](https://github.com/TryCatchHCF/DumpsterFire) - Modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events for Blue Team drills and sensor/alert mapping.
## Security Information and Event Management (SIEM)
- [AlienVault OSSIM](https://www.alienvault.com/open-threat-exchange/projects) - Single-server open source SIEM platform featuring asset discovery, asset inventorying, behavioral monitoring, and event correlation, driven by AlienVault Open Threat Exchange (OTX).
@ -74,6 +80,10 @@ See also [awesome-honeypots](https://github.com/paralax/awesome-honeypots).
- [OpenVPN](https://openvpn.net/) - Open source, SSL/TLS-based virtual private network (VPN).
## Windows-based defenses
- [NotRuler](https://github.com/sensepost/notruler) - Detect both client-side rules and VBScript enabled forms used by the [Ruler](https://github.com/sensepost/ruler) attack tool when attempting to compromise a Microsoft Exchange server.
# License
[![CC-BY](https://mirrors.creativecommons.org/presskit/buttons/88x31/svg/by.svg)](https://creativecommons.org/licenses/by/4.0/)