10.13. Defense¶
10.13.1. Log Inspection¶
teler Real-time HTTP Intrusion Detection
10.13.2. Terminal Monitoring¶
attack monitor Endpoint detection & Malware analysis software
artillery The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.
yurita Anomaly detection framework @ PayPal
crowdsec An open-source, lightweight agent to detect and respond to bad behaviours
tracee Linux Runtime Security and Forensics using eBPF
10.13.3. XSS Protection¶
10.13.4. Configuration Checks¶
Attack Surface Analyzer analyze operating system’s security configuration for changes during software installation.
gixy Nginx Configuration check
dockerscan Docker security analysis & hacking tools
10.13.5. Security Check¶
lynis Security auditing tool for Linux, macOS, and UNIX-based systems
10.13.6. IDS¶
ByteDance HIDS Cloud-Native Host-Based Intrusion Detection
10.13.7. RASP¶
10.13.8. SIEM¶
panther Detect threats with log data and improve cloud security posture
10.13.9. Threat Intelligence¶
10.13.10. APT¶
APT Hunter Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
10.13.11. Intrusion Check¶
10.13.12. Process check¶
10.13.13. Waf¶
10.13.14. Online virus detection¶
10.13.15. WebShell killing¶
10.13.16. Rules/ IoC¶
capa rules standard collection of rules for capa
AttackDetection Suricata PT Open Ruleset
DailyIOC IOC from articles, tweets for archives
10.13.17. Threat detection¶
ARTIF An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data
10.13.18. Security Advisories¶
10.13.19. Security Tracker¶
10.13.20. Match Tool¶
10.13.21. DoS Protection¶
Gatekeeper <https://github.com/AltraMayor/gatekeeper>`_ open-source DDoS protection system
10.13.22. Adversary Simulation¶
sliver Adversary Simulation Framework