9.14. 运维¶
9.14.1. 流量¶
Moloch Large scale, open source, indexed packet capture and search
cisco joy A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.
impacket is a collection of Python classes for working with network protocols
NFStream a Flexible Network Data Analysis Framework
BruteShark Network Analysis Tool
9.14.2. 堡垒机¶
9.14.3. 蜜罐¶
Cowrie SSH/Telnet蜜罐
honeything IoT蜜罐
ConPot 工控设施蜜罐
T-Pot The All In One Honeypot Platform
kippo SSH Honeypot
9.14.5. 隧道 / 代理¶
gost GO Simple Tunnel
reDuh Create a TCP circuit through validly formed HTTP requests
reGeorg pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn
Neo-reGeorg Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
ABPTTS TCP tunneling over HTTP/HTTPS for web application servers
frp A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet
lanproxy 内网穿透工具
ligolo Reverse Tunneling made easy for pentesters
EarthWorm 是一款用于开启 SOCKS v5 代理服务的工具,基于标准 C 开发,可提供多平台间的转接通讯,用于复杂网络环境下的数据转发。
Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
nps a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal
9.14.6. 代理链¶
Netch Support Socks5, Shadowsocks, ShadowsocksR, V2Ray, Trojan proxies. UDP NAT FullCone
proxychains a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy
9.14.7. 资产管理¶
BlueKing CMDB 面向资产及应用的企业级配置管理平台
ARL 资产侦察灯塔系统