运维
========================================

流量
----------------------------------------
- `Bro <https://www.bro.org/>`_
- `Moloch <https://github.com/aol/moloch>`_  Large scale, open source, indexed packet capture and search
- `TCPFlow <https://github.com/simsong/tcpflow>`_
- `TCPDump <http://www.tcpdump.org/>`_
- `WireShark <https://www.wireshark.org>`_
- `Argus <https://github.com/salesforce/Argus>`_
- `PcapPlusPlus <https://github.com/seladb/PcapPlusPlus>`_
- `ngrep <https://github.com/jpr5/ngrep>`_
- `cisco joy <https://github.com/cisco/joy>`_  A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.
- `impacket <https://github.com/SecureAuthCorp/impacket>`_ is a collection of Python classes for working with network protocols
- `NFStream <https://github.com/nfstream/nfstream>`_ a Flexible Network Data Analysis Framework
- `BruteShark <https://github.com/odedshimon/BruteShark>`_ Network Analysis Tool

堡垒机
----------------------------------------
- `jumpserver <https://github.com/jumpserver/jumpserver>`_
- `CrazyEye <https://github.com/triaquae/CrazyEye>`_
- `GateOne <https://github.com/liftoff/GateOne>`_

蜜罐
----------------------------------------
- `Dionaea <https://github.com/DinoTools/dionaea>`_
- `Modern Honey Network  <https://github.com/threatstream/mhn>`_
- `Cowrie <https://github.com/micheloosterhof/cowrie>`_ SSH/Telnet蜜罐
- `honeything <https://github.com/omererdem/honeything>`_ IoT蜜罐
- `ConPot <http://conpot.org/>`_ 工控设施蜜罐
- `MongoDB HoneyProxy <https://github.com/Plazmaz/MongoDB-HoneyProxy>`_
- `ElasticHoney <https://github.com/jordan-wright/elastichoney>`_
- `DCEPT <https://github.com/secureworks/dcept>`_
- `Canarytokens <https://github.com/thinkst/canarytokens>`_
- `Honeydrive <http://bruteforcelab.com/honeydrive>`_
- `T-Pot <https://github.com/dtag-dev-sec/tpotce/>`_ The All In One Honeypot Platform
- `opencanary <https://github.com/p1r06u3/opencanary_web>`_
- `HFish <https://github.com/hacklcx/HFish>`_
- `kippo <https://github.com/desaster/kippo>`_ SSH Honeypot
- `Ehoney <https://github.com/seccome/Ehoney>`_ 欺骗防御系统

VPN Install
----------------------------------------
- `pptp <https://github.com/viljoviitanen/setup-simple-pptp-vpn>`_
- `ipsec <https://github.com/hwdsl2/setup-ipsec-vpn>`_
- `openvpn <https://github.com/Nyr/openvpn-install>`_

隧道 / 代理
----------------------------------------
- `ngrok <https://github.com/inconshreveable/ngrok>`_
- `rtcp <https://github.com/knownsec/rtcp>`_
- `Tunna <https://github.com/SECFORCE/Tunna>`_
- `reDuh <https://github.com/sensepost/reDuh>`_ Create a TCP circuit through validly formed HTTP requests
- `reGeorg <https://github.com/sensepost/reGeorg>`_ pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn
- `Neo-reGeorg <https://github.com/L-codes/Neo-reGeorg>`_ Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
- `ABPTTS <https://github.com/nccgroup/ABPTTS>`_ TCP tunneling over HTTP/HTTPS for web application servers
- `frp <https://github.com/fatedier/frp>`_ A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet
- `lanproxy <https://github.com/ffay/lanproxy>`_ 内网穿透工具
- `ligolo <https://github.com/sysdream/ligolo>`_ Reverse Tunneling made easy for pentesters
- `EarthWorm <https://github.com/idlefire/ew>`_ 是一款用于开启 SOCKS v5 代理服务的工具，基于标准 C 开发，可提供多平台间的转接通讯，用于复杂网络环境下的数据转发。
- `Tunna <https://github.com/SECFORCE/Tunna>`_  is a set of tools which will wrap and tunnel any TCP communication over HTTP
- `mssqlproxy <https://github.com/blackarrowsec/mssqlproxy>`_ is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
- `nps <https://github.com/ehang-io/nps>`_ a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal

代理链
----------------------------------------
- `Netch <https://github.com/NetchX/Netch>`_ Support Socks5, Shadowsocks, ShadowsocksR, V2Ray, Trojan proxies. UDP NAT FullCone
- `proxychains <https://github.com/haad/proxychains>`_ a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy
- `gost <https://github.com/ginuerzh/gost>`_ GO Simple Tunnel

资产管理
----------------------------------------
- `BlueKing CMDB <https://github.com/Tencent/bk-cmdb>`_ 面向资产及应用的企业级配置管理平台
- `ARL <https://github.com/TophantTechnology/ARL>`_ 资产侦察灯塔系统

合规
----------------------------------------
- `bombus <https://github.com/momosecurity/bombus>`_ 合规审计平台

风控
----------------------------------------
- `nebula <https://github.com/threathunterX/nebula>`_
- `Liudao <https://github.com/ysrc/Liudao>`_ “六道”实时业务风控系统
- `aswan <https://github.com/momosecurity/aswan>`_ 陌陌风控系统静态规则引擎

SIEM
----------------------------------------
- `metron <https://github.com/apache/metron>`_
- `MozDef <https://github.com/mozilla/MozDef>`_

安全运维
----------------------------------------
- `Scout <https://github.com/HandsomeOne/Scout>`_ URL 监控系统
- `OpenDnsdb <https://github.com/qunarcorp/open_dnsdb>`_ 基于Python的DNS管理系统

系统监控
----------------------------------------
- `netdata <https://github.com/netdata/netdata>`_ Real-time performance monitoring
- `bcc <https://github.com/iovisor/bcc>`_ Tools for BPF-based Linux IO analysis, networking, monitoring, and more

Windows
----------------------------------------
- `Windows Sysinternals <https://docs.microsoft.com/zh-cn/sysinternals>`_

网络测试
----------------------------------------
- `Toxiproxy <https://github.com/Shopify/toxiproxy>`_ A TCP proxy to simulate network and system conditions for chaos and resiliency testing

红队模拟
----------------------------------------
- `CALDERA <https://github.com/mitre/caldera>`_ Scalable Automated Adversary Emulation Platform

网络模拟
----------------------------------------
- `Internet Emulator <https://github.com/seed-labs/seed-emulator>`_ A Python framework for creating emulation of the Internet