Add fingerprinting section.

This commit is contained in:
fabacab 2022-05-09 13:09:41 -04:00
parent 3ef25ee2ad
commit 3c1c024ab2
No known key found for this signature in database
GPG Key ID: B0303BF6BA36A560

View File

@ -52,6 +52,7 @@ Many cybersecurity professionals enable racist state violence, wittingly or unwi
- [Service and performance monitoring](#service-and-performance-monitoring)
- [Threat hunting](#threat-hunting)
- [Threat intelligence](#threat-intelligence)
- [Fingerprinting](#fingerprinting)
- [Threat signature packages and collections](#threat-signature-packages-and-collections)
- [Tor Onion service defenses](#tor-onion-service-defenses)
- [Transport-layer defenses](#transport-layer-defenses)
@ -180,7 +181,7 @@ See also [§ Supply chain security](#supply-chain-security).
- [Dependency Combobulator](https://github.com/apiiro/combobulator) - Open source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.
- [Confusion checker](https://github.com/sonatype-nexus-community/repo-diff) - Script to check if you have artifacts containing the same name between your repositories.
- [snync](https://github.com/snyk-labs/snync) - Prevent and detect if you're vulnerable to Dependency Confusion supply chain security attacks.
- [snync](https://github.com/snyk-labs/snync) - Prevent and detect if you're vulnerable to dependency confusion supply chain security attacks.
### Fuzzing
@ -397,6 +398,11 @@ See also [awesome-threat-intelligence](https://github.com/hslatman/awesome-threa
- [Viper](https://github.com/viper-framework/viper) - Binary analysis and management framework enabling easy organization of malware and exploit samples.
- [YARA](https://github.com/VirusTotal/yara) - Tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples, described as "the pattern matching swiss army knife" for file patterns and signatures.
### Fingerprinting
- [HASSH](https://github.com/salesforce/hassh) - Network fingerprinting standard which can be used to identify specific client and server SSH implementations.
- [JA3](https://ja3er.com/) - Extracts SSL/TLS handshake settings for fingerprinting and communicating about a given TLS implementation.
### Threat signature packages and collections
- [ESET's Malware IoCs](https://github.com/eset/malware-ioc) - Indicators of Compromises (IOCs) derived from ESET's various investigations.