<<大型互联网企业安全架构>>一书的代码和参考资料

[1]https://www.iso.org/isoiec-27001-information-security.html

[2]http://www.djbh.net/webdev/web/PolicyStandardsAction.do?p=getListZcbzJcbz

[3]https://cloudsecurityalliance.org/star/certification/

[4]https://www.pcisecuritystandards.org/document_library?category=pcidss&document=pci

_dss

[5]https://www.eugdpr.org/

[6]http://www.visualcapitalist.com/worlds-biggest-data-breaches/

[7]https://www.nds.rub.de/media/ei/veroeffentlichungen/2017/01/30/printer-security.pdf

[8]http://mtc.baidu.com/site/app

[9]http://dev.360.cn/html/vulscan/scanning.html

[10]https://service.security.tencent.com/kingkong

[11]https://www.owasp.org/index.php/OWASP_Mobile_Security_Testing_Guide

[12]https://github.com/MobSF/Mobile-Security-Framework-MobSF

[13]https://wiki.sei.cmu.edu/confluence/display/android/Android+Secure+Coding+Standard

[14]https://developer.apple.com/library/archive/documentation/Security/Conceptual/Secure

CodingGuide/Introduction.html

[15]https://www.bsimm.com/

[16]https://www.opensamm.org/

[17]http://www.sse-cmm.org/

[18]https://ai.google/research/pubs?area=SecurityPrivacyandAbusePrevention

[19]https://www.google.com/about/appsecurity/tools/

[20]https://ai.google/research/pubs/pub43231

[21]https://cloud.google.com/blog/products/gcp/titan-in-depth-security-in-plaintext

[22]https://github.com/opencomputeproject/Project_Olympus/tree/master/Project_Cerberu

s

[23]https://cloud.google.com/armor/

[24]https://landing.google.com/sre/sre-book/chapters/production-environment/

[25]https://cloud.google.com/security/encryption-in-transit/application-layer-transport

security/

[26]https://cloud.google.com/security/encryption-in-transit/

[27]https://molo.ch/

[28]https://redborder.com/

[29]https://github.com/thinkst/

[30]https://cloud.google.com/shielded-vm/

[31]https://cloud.google.com/container-optimized-os/

[32]https://github.com/google/gvisor

[33]https://osquery.io/

[34]https://cloud.google.com/security-scanner/

[35]https://cloud.google.com/apigee-sense/

[36]https://rasp.baidu.com/

[37]https://cloud.google.com/vision/

[38]https://cloud.google.com/video-intelligence/

[39]https://cloud.google.com/iam/

[40]https://cloud.google.com/iap/[41]https://cloud.google.com/resource-manager/

[42]https://cloud.google.com/security-key/

[43]https://www.gluu.org/

[44]https://cloud.google.com/kms/

[45]https://cloud.google.com/hsm/

[46]https://cloud.google.com/dlp/

[47]http://ranger.apache.org/

[48]http://eagle.apache.org/

[49]https://www.vaultproject.io/

[50]https://cloud.google.com/logging/

[51]https://cloud.google.com/security-command-center/

[52]https://forsetisecurity.org/

[53]https://cloud.google.com/beyondcorp/

[54]https://github.com/mozilla/MozDef

[55]https://abc.xyz/investor/other/google-code-of-conduct.html

[56]https://osintframework.com/

[57]https://www.virustotal.com/

[58]https://developers.facebook.com/programs/threatexchange/

[59]http://nelab-bdst.org.cn/index.php?g=portal&m=list&a=index&id=35

[60]https://x.threatbook.cn/

[61]https://oases.io/

[62]https://osintframework.com/

[63]https://mitre.github.io/attack-navigator/enterprise/

[64]https://github.com/michenriksen/gitrob

[65]https://github.com/MiSecurity/x-patrol

[66]https://github.com/s-rah/onionscan/

[67]https://github.com/CIRCL/AIL-framework

[68]https://github.com/archerysec/archerysec

[69]http://www.openvas.org/

[70]https://github.com/greenbone/

[71]https://github.com/greenbone/openvas-scanner

[72]https://www.greenbone.net/en/install_use_gce/

[73]https://secinfo.greenbone.net/omp?cmd=get_info&info_type=nvt&token=guest

[74]http://dl.greenbone.net/community-nvt-feed-current.tar.bz2

[75]https://www.open-scap.org/

[76]https://github.com/OpenSCAP/scap-workbench

[77]https://github.com/OpenSCAP/openscap-daemon

[78]https://github.com/sjvermeu/cvechecker

[79]https://github.com/clearlinux/cve-check-tool

[80]https://github.com/jeremylong/DependencyCheck

[81]https://github.com/retirejs/retire.js/

[82]https://github.com/coreos/clair

[83]https://github.com/Arachni/arachni

[84]https://htcap.org/[85]https://github.com/fcavallarin/htcap/archive/1.1.0.tar.gz

[86]https://github.com/yahoo/gryffin

[87]https://github.com/ring04h/papers/

[88]https://github.com/snort3/snort3

[89]https://github.com/OISF/suricata

[90]https://github.com/bro

[91]http://www.haka-security.org/

[92]https://github.com/haka-security/haka

[93]http://spot.incubator.apache.org/

[94]https://stream4flow.ics.muni.cz/

[95]https://github.com/CSIRT-MU/Stream4Flow/

[96]https://github.com/dreadl0ck/netcap/blob/master/mied18.pdf

[97]https://github.com/dreadl0ck/netcap

[98]https://github.com/dreadl0ck/netcap-tf-dnn

[99]https://github.com/facebookincubator/katran

[100]https://github.com/iqiyi/dpvs

[101]http://www.ossec.net/

[102]https://github.com/ossec/ossec-hids

[103]https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

[104]https://github.com/SwiftOnSecurity/sysmon-config

[105]https://osquery.io/

[106]https://github.com/facebook/osquery

[107]https://github.com/palantir/osquery-configuration

[108]https://github.com/palantir/osquery

configuration/blob/master/Classic/Servers/Linux/osquery.conf

[109]https://github.com/kolide/fleet

[110]https://github.com/airbnb/streamalert

[111]https://www.elastic.co/cn/solutions/security-analytics

[112]https://github.com/elastic/beats

[113]https://sysdig.com/

[114]https://github.com/draios/sysdig

[115]https://capsule8.com/

[116]https://github.com/capsule8/capsule8

[117]https://github.com/droberson/exec-logger

[118]https://github.com/a2o/snoopy

[119]https://github.com/leahneukirchen/extrace

[120]https://lwn.net/Articles/157150/

[121]https://github.com/cloudfoundry/gosigar/blob/master/psnotify/psnotify_linux.go

[122]https://github.com/dbrandt/proc_events

[123]https://github.com/facebook/osquery/tree/experimental/osquery/events/linux

[124]https://github.com/elastic/beats/tree/master/auditbeat

[125]https://github.com/elastic/go-libaudit

[126]https://github.com/slackhq/go-audit

[127]https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sec

defining_audit_rules_and_controls#sec-Defining_Audit_Rules_with_the_auditctl_utility

[128]https://www.kernel.org/doc/Documentation/trace/tracepoints.txt

[129]https://github.com/draios/sysdig/tree/dev/driver

[130]https://github.com/draios/sysdig/blob/dev/driver/main.c

[131]https://lwn.net/Articles/740157/

[132]https://github.com/draios/sysdig/blob/dev/driver/bpf/

[133]https://github.com/draios/sysdig/blob/dev/driver/bpf/probe.c

[134]https://github.com/draios/sysdig/blob/dev/driver/bpf/maps.h

[135]https://github.com/torvalds/linux/blob/master/include/linux/bpf_types.h

[136]https://github.com/iovisor/bpftrace

[137]https://github.com/capsule8/capsule8/blob/master/pkg/sys/perf/monitor.go

[138]https://www.kernel.org/doc/Documentation/trace/kprobetrace.txt

[139]https://github.com/capsule8/capsule8/blob/master/pkg/sys/perf/source_linux.go

[140]https://github.com/capsule8/capsule8/blob/master/pkg/sensor/process.go

[141]https://docs.aws.amazon.com/inspector/latest/userguide/inspector_agents.html

[142]https://s3.amazonaws.com/aws-agent.us-east-

1/linux/support/AwsAgentKernelModule.tar.gz

[143]https://github.com/ysrc/yulong-hids

[144]https://github.com/DianrongSecurity/AgentSmith-HIDS

[145]https://github.com/ysrc/yulong-hids/blob/master/syscall_hook/syscall_hook.c

[146]https://github.com/ysrc/yulong-hids/blob/master/syscall_hook/syscall_stub_hook.S

[147]http://www.kdvelectronics.eu/ssh-logging/ssh-logging.html

[148]https://www.zhoufengjie.cn/?p=174

[149]https://sourceforge.net/projects/ttyrpld/

[150]https://github.com/cloudposse/sudosh

[151]https://github.com/squash/sudosh2

[152]https://github.com/honeytrap/honeytrap

[153]https://github.com/thinkst/opencanary/

[154]https://github.com/0x4D31/honeybits

[155]http://canarytokens.org/generate

[156]https://github.com/thinkst/canarytokens

[157]https://github.com/libvmi/libvmi

[158]https://github.com/fireeye/rvmi

[159]https://github.com/honeytrap/honeytrap-agent

[160]https://github.com/honeytrap/honeytrap/blob/master/services/ssh/ssh-proxy.go

[161]https://github.com/GoSecure/pyrdp

[162]http://canarytokens.org/generate

[163]https://github.com/thinkst/canarytokens/blob/master/msword.py

[164]https://github.com/tokesr/honeytoken

[165]https://github.com/troydo42/CIA-Hacking-Tools/tree/master/Scribbles/

[166]https://github.com/thinkst/canarytokens/blob/master/ziplib.py

[167]https://github.com/thinkst/canarytokens/blob/master/sign_file.py

[168]http://grsecurity.net/[169]http://grsecurity.net/features.php

[170]https://www.kernel.org/doc/html/latest/security/self-protection.html

[171]https://wiki.ubuntu.com/Security/Features

[172]https://patchwork.kernel.org/patch/9965207/

[173]https://www.openwall.com/lkrg/

[174]https://bitbucket.org/Adam_pi3/lkrg-main/

[175]https://www.kernel.org/doc/Documentation/kprobes.txt

[176]https://openwall.info/wiki/p_lkrg/Main

[177]https://github.com/Safe3/clean-cow

[178]https://github.com/cormander/tpe-lkm

[179]https://github.com/kkamagui/shadow-box-for-x86

[180]https://github.com/SpiderLabs/ModSecurity

[181]https://github.com/SpiderLabs/ModSecurity-nginx

[182]https://github.com/SpiderLabs/owasp-modsecurity-crs

[183]https://github.com/Flameeyes/modsec-flameeyes

[184]https://github.com/client9/libinjection

[185]https://github.com/wallarm/libdetection

[186]https://wallarm.com/

[187]https://github.com/wallarm/wallnet

[188]https://github.com/facebookincubator/katran

[189]https://www.iovisor.org/technology/xdp

[190]https://netdevconf.org/2.1/session.html?zhou

[191]https://github.com/tempesta-tech/tempesta

[192]https://github.com/tempesta-tech/tempesta/wiki/HTTP-cache-performance

[193]http://natsys-lab.blogspot.ru/2014/11/the-fast-finite-state-machine-for[194]http.html

[195]http://natsys-lab.blogspot.ru/2016/10/[196]http-strings-processing-using-csse42.html

[197]https://github.com/tempesta-tech/tempesta/wiki/DDoS-mitigation

[198]https://pan.baidu.com/s/13mowO

[199]https://github.com/kyprizel/testcookie-nginx-module

[200]http://ipset.netfilter.org/

[201]http://getrepsheet.com/

[202]https://github.com/repsheet/repsheet-nginx

[203]http://www.slideshare.net/abedra/knock-knock-24105973

[204]https://github.com/SpiderLabs/ModSecurity-nginx

[205]https://github.com/SpiderLabs/ModSecurity-apache

[206]https://github.com/SpiderLabs/ModSecurity

[207]https://github.com/SpiderLabs/ModSecurity

nginx/blob/master/src/ngx_[208]http_modsecurity_pre_access.c

[209]https://securitytrails.com/

[210]https://0x09al.github.io/waf/bypass/ssl/2018/07/02/web-application-firewall

bypass.html

[211]https://github.com/LandGrey/abuse-ssl-bypass-waf

[212]https://github.com/nccgroup/BurpSuiteHTTPSmuggler

[213]https://www.ietf.org/rfc/rfc2047.txt[214]https://github.com/php/php-src/blob/master/main/rfc1867.c

[215]https://soroush.secproject.com/downloadable/A_Forgotten_HTTP_Invisibility_Cloak_v1.

1.pdf

[216]https://github.com/sqlmapproject/sqlmap/tree/master/tamper

[217]https://websec.ca/kb/sql_injection

[218]https://pcre.org/pcre.txt

[219]https://github.com/client9/libinjection/issues/56

[220]https://waf.ninja/libinjection-fuzz-to-bypass/

[221]https://waf.ninja/libinjection-different-databases-fuzzing/

[222]https://waf.ninja/review-wafninja/

[223]https://dev.mysql.com/doc/refman/5.5/en/expressions.html

[224]https://www.prevoty.com/

[225]https://github.com/UpstandingHackers/hammer

[226]http://langsec.org/

[227]https://github.com/Geal/nom

[228]https://rasp.baidu.com/

[229]https://github.com/baidu/openrasp

[230]https://docs.oracle.com/javase/8/docs/platform/jvmti/jvmti.html

[231]https://docs.oracle.com/javase/7/docs/api/java/lang/instrument/Instrumentation.html

[232]https://docs.oracle.com/javase/specs/jvms/se7/html/jvms-4.html

[233]https://asm.ow2.io/javadoc/org/objectweb/asm/MethodVisitor.html

[234]https://blogs.oracle.com/poonam/jvm-hang-with-cms-collector

[235]http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/rev/b955bd18e8fe

[236]http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/rev/2c4cecfa5ce5

[237]http://hg.openjdk.java.net/jdk9/jdk9/hotspot/rev/031d1463ed4c

[238]http://www.phpinternalsbook.com/

[239]https://github.com/nim4/DBShield

[240]https://github.com/cossacklabs/acra

[241]https://github.com/uptimejp/sql_firewall

[242]https://github.com/mcafee/mysql-audit

[243]https://github.com/alibaba/druid/wiki/%E9%85%8D%E7%BD%AE-wallfilter

[244]https://github.com/Qihoo360/mysql-sniffer

[245]http://nbviewer.jupyter.org/github/ClickSecurity/data_hacking/blob/master/sql_injectio

n/sql_injection.ipynb

[246]https://github.com/cloudsec/brootkit/

[247]https://github.com/ewust/ulrk

[248]https://github.com/Safe3/godpock/blob/master/Rootkit/mafix.tar.gz

[249]https://packetstormsecurity.com/files/download/10533/lrk5.src.tar.gz

[250]https://github.com/unix-thrust/beurk

[251]https://github.com/mempodippy/vlany

[252]https://github.com/m0nad/Diamorphine

[253]https://github.com/yaoyumeng/adore-ng/

[254]https://github.com/jiayy/lkm-rootkit

[255]https://github.com/f0rb1dd3n/Reptile[256]https://github.com/falk3n/subversive

[257]https://github.com/elfmaster/kprobe_rootkit

[258]http://phrack.org/issues/58/7.html

[259]http://www.phrack.org/issues/68/6.html

[260]http://phrack.org/issues/68/11.html

[261]https://github.com/google/rekall/tree/master/tools/linux/lmap/lmap

[262]https://github.com/quarkslab/dreamboot

[263]https://github.com/ajkhoury/UEFI-Bootkit

[264]https://github.com/NextSecurity/Gozi-MBR-rootkit

[265]https://github.com/m0n0ph1/Win64-Rovnix-VBR-Bootkit

[266]https://github.com/chesteroni/kitgen

[267]https://github.com/sgxrop/sgxrop

[268]https://arxiv.org/pdf/1902.03256.pdf

[269]https://lwn.net/Articles/682302/

[270]https://www.volatilityfoundation.org/

[271]https://github.com/monnappa22/linux_mem_diff_tool

[272]https://cysinfo.com/linux-memory-diff-analysis-using-volatility-2/

[273]https://gitlab.com/nowayout/prochunter

[274]https://github.com/nbulischeck/tyton

[275]https://nbulischeck.github.io/tyton/

[276]https://github.com/dgoulet/kjackal

[277]http://rkhunter.sourceforge.net/

[278]http://www.chkrootkit.org/download/

[279]http://www.blackhat.com/presentations/bh-europe-01/shaun-clowes/bh-europe-01-

clowes.ppt

[280]https://github.com/gaffe23/linux-inject/

[281]https://www.clamav.net/

[282]https://github.com/malscan/malscan

[283]https://virustotal.github.io/yara/

[284]https://binaryalert.io/

[285]https://github.com/airbnb/binaryalert

[286]https://github.com/KasperskyLab/klara

[287]https://github.com/rastrea2r/rastrea2r

[288]https://github.com/Yara-Rules/rules

[289]https://github.com/InQuest/awesome-yara

[290]https://cuckoosandbox.org/

[291]https://github.com/mxmssh/drltrace

[292]https://github.com/AFAgarap/malware-classification

[293]https://github.com/ALFA-group/robust-adv-malware-detection

[294]https://github.com/surajr/Machine-Learning-approach-for-Malware-Detection

[295]https://github.com/mprhode/malware-prediction-rnn

[296]https://github.com/PUNCH-Cyber/stoq

[297]https://github.com/search?q=webshell

[298]https://github.com/tennc/webshell/tree/master/fuzzdb-webshell/servlet[299]https://security.tencent.com/index.php/blog/msg/104

[300]https://4hou.win/wordpress/?p=20456

[301]https://github.com/rebeyond/memShell

[302]https://github.com/nbs-system/php-malware-finder

[303]https://github.com/sfaci/masc

[304]https://github.com/hi-WenR0/MLCheckWebshell

[305]https://paper.seebug.org/526/

[306]https://scanner.baidu.com/

[307]https://www.cisecurity.org/

[308]https://www.cisecurity.org/cybersecurity-tools/cis-cat-pro/

[309]https://www.cisecurity.org/cis-benchmarks/

[310]https://www.cisecurity.org/controls/

[311]https://cisofy.com/lynis/

[312]https://github.com/CISOfy/Lynis

[313]https://www.inspec.io/docs/reference/resources/

[314]https://github.com/slimm609/checksec.sh

[315]https://www.rudder.io/en/

[316]https://aws.amazon.com/cn/guardduty/

[317]https://www.secviz.org/

[318]https://d3js.org/

[319]http://visjs.org/

[320]https://threejs.org/

[321]https://www.babylonjs.com/

[322]https://playcanvas.com/

[323]https://clickhouse.yandex/

[324]http://doris.incubator.apache.org/

[325]https://www.graylog.org/

[326]https://github.com/Neo23x0/sigma

[327]https://www.elastic.co/cn/products/stack

[328]https://github.com/elastic/beats

[329]https://www.elastic.co/cn/products/stack/machine-learning

[330]https://www.splunk.com/zh-hans_cn/software/user-behavior-analytics.html

[331]http://metron.apache.org/

[332]https://github.com/rob-med/awesome-TS-anomaly-detection

[333]https://github.com/yzhao062/anomaly-detection-resources

[334]https://github.com/hugegraph

[335]https://github.com/deepmind/graph_nets

[336]https://arxiv.org/pdf/1806.01261.pdf

[337]https://github.com/phantomcyber/playbooks

[338]https://github.com/StackStorm/st2

[339]https://github.com/Patrowl/

[340]https://github.com/mozilla/MozDef

[341]https://www.csa.gov.sg/legislation/supplementary-references

[342]https://continuumsecurity.net/[343]https://github.com/continuumsecurity/bdd-security

[344]http://capec.mitre.org/data/definitions/3000.html

[345]https://github.com/mozilla/seasponge

[346]http://mozilla.github.io/seasponge/

[347]https://threatdragon.org/

[348]https://www.microsoft.com/en-us/download/details.aspx?id=49168

[349]https://github.com/google/vsaq

[350]https://github.com/OWASP/CheatSheetSeries/blob/master/Index.md

[351]https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-

_Quick_Reference_Guide

[352]https://www.owasp.org/images/7/73/OWASP_SCP_Quick_Reference_Guide_%28Chines

e%29.pdf

[353]http://google.github.io/styleguide/

[354]https://github.com/alibaba/p3c

[355]https://github.com/spotbugs/spotbugs

[356]https://github.com/pumasecurity/puma-scan

[357]http://cppcheck.sourceforge.net/

[358]https://github.com/fossology/fossology

[359]https://github.com/jeremylong/DependencyCheck

[360]https://github.com/snyk/snyk

[361]https://github.com/srcclr/efda

[362]https://github.com/ESAPI/

[363]https://github.com/eggjs/egg-security

[364]https://eggjs.org/zh-cn/core/security.html

[365]https://docs.spring.io/spring-security/site/docs/5.0.x/reference/html/

[366]https://github.com/cure53/DOMPurify

[367]http://rips-scanner.sourceforge.net/

[368]https://github.com/designsecurity/progpilot

[369]https://github.com/globocom/huskyci

[370]http://fb-contrib.sourceforge.net/

[371]http://find-sec-bugs.github.io/

[372]https://dwheeler.com/flawfinder/

[373]https://github.com/facebook/infer

[374]https://docs.sonarqube.org/display/PLUG

[375]https://www.sonarlint.org/

[376]https://www.sonarqube.org/

[377]https://github.com/SonarSource/sonarqube

[378]https://rules.sonarsource.com/

[379]https://github.com/michenriksen/gitrob

[380]https://github.com/flipkart-incubator/Astra

[381]https://github.com/YalcinYolalan/WSSAT

[382]https://github.com/zaproxy/zaproxy

[383]https://github.com/fuzzdb-project/fuzzdb

[384]https://github.com/linkedin/qark[385]https://appcritique.boozallen.com/

[386]https://github.com/laruence/taint

[387]https://researcher.watson.ibm.com/researcher/files/us-msteiner/php.nyphp.ppt

[388]https://www.usenix.org/legacy/event/webapps11/tech/final_files/webapps11_proceedi

ngs.pdf

[389]https://github.com/jpapayan/aspis

[390]https://github.com/cdaller/security_taint_propagation

[391]https://www.blackhat.com/presentations/bh-dc-08/Chess-West/Presentation/bh-dc-

08-chess-west.pdf

[392]https://www.owasp.org/images/2/2e/OWASP_Code_Review_Guide-V1_1.pdf

[393]https://www.peach.tech/products/peach-fuzzer/

[394]https://llvm.org/devmtg/2015-10/slides/SerebryanyCollingbourne

BeyondSanitizers.pdf

[395]https://github.com/google/oss-fuzz

[396]https://github.com/secfigo/Awesome-Fuzzing

[397]https://github.com/octopus-platform/joern

[398]http://www.mlsec.org/joern/docs.shtml

[399]https://github.com/MobSF/Mobile-Security-Framework-MobSF

[400]https://labs.mwrinfosecurity.com/tools/drozer/

[401]https://github.com/mwrlabs/needle

[402]https://github.com/alibaba/iOSSecAudit

[403]https://github.com/secmobi/wiki.secmobi.com

[404]https://appsecwiki.com/#/mobilesecurity

[405]https://github.com/OWASP/owasp-mstg

[406]https://klee.github.io/

[407]https://angr.io/

[408]https://github.com/angr/angr

[409]https://github.com/radare/radare2

[410]https://github.com/Gallopsled/pwntools

[411]https://github.com/apsdehal/awesome-ctf

[412]https://github.com/malicious0x01/Awesome-Vulnerability-Research

[413]https://github.com/nebgnahz/awesome-iot-hacks

[414]https://www.owasp.org/index.php/OWASP_Testing_Project

[415]https://www.owasp.org/images/1/19/OTGv4.pdf

[416]https://github.com/hashicorp/vault

[417]https://www.vaultproject.io/

[418]https://cn.aliyun.com/product/dms

[419]https://help.aliyun.com/document_detail/47550.html

[420]https://github.com/cookieY/Yearning

[421]https://github.com/jumpserver/jumpserver

[422]https://guacamole.apache.org/

[423]https://www.kali.org/

[424]https://linux.backbox.org/

[425]https://www.parrotsec.org/[426]http://www.deftlinux.net/

[427]https://www.metasploit.com/

[428]https://github.com/n1nj4sec/pupy

[429]https://github.com/stevenaldinger/decker

[430]https://github.com/gyoisamurai/GyoiThon

[431]https://github.com/enaqx/awesome-pentest

[432]https://github.com/mozilla/mig

[433]https://github.com/TheHive-Project/TheHive

[434]https://github.com/flyve-mdm

[435]https://github.com/bryanpkc/corkscrew

[436]https://cloud.google.com/beyondcorp/?hl=zh-cn

[437]https://github.com/Valve/fingerprintjs2

[438]https://github.com/jackspirou/clientjs

[439]https://github.com/ay-kay/unique

[440]https://github.com/salesforce/pixel-captcha-project

[441]https://github.com/ecthros/uncaptcha2

[442]https://www.drools.org/

[443]https://github.com/jdereg/n-cube

[444]https://www.h2o.ai/solutions/usecases/

[445]https://www.slideshare.net/0xdata/paypal-fraud-detection-with-deep-learning-in

h2o-presentationh2oworld2014

[446]https://shiring.github.io/machine_learning/2017/05/01/fraud

[447]https://ieeexplore.ieee.org/abstract/document/7838276

[448]https://zhuanlan.zhihu.com/p/36530032

[449]http://ramok.tech/2017/09/08/fraud-detection-with-java-and-spark-mlib/

[450]https://github.com/klevis/frauddetection

[451]https://github.com/GitiHubi/deepAI

[452]https://github.com/yazanobeidi/fraud-detection

[453]https://github.com/entrepreneur-interet-general/graph-explorer

[454]https://neo4j.com/use-cases/fraud-detection/

[455]https://www.dataguise.com/

[456]https://www.ibm.com/security/data-security/guardium

[457]https://www.microfocus.com/en-us/products/voltage-data-encryption

security/overview

[458]http://sentry.apache.org/

[459]http://knox.apache.org/

[460]http://ranger.apache.org/

[461]http://eagle.apache.org/

[462]https://github.com/troydo42/CIA-Hacking-Tools/tree/master/Scribbles/

[463]https://github.com/arx-deidentifier/arx

[464]https://github.com/uber/sql-differential-privacy

[465]https://github.com/google/rappor

[466]https://github.com/rdragos/awesome-mpc

[467]https://github.com/shaih/HElib[468]http://di.baidu.com/product/calc

[469]https://github.com/hugegraph/hugegraph

[470]http://www.trustedcomputinggroup.org/

[471]https://github.com/PeterHuewe/tpm-emulator

[472]http://sourceforge.net/projects/trousers

[473]http://ibmswtpm.sourceforge.net/

[474]https://sourceforge.net/p/linux-ima/wiki/Home/

[475]https://github.com/pwnall/sanctum

[476]https://keystone-enclave.org/

[477]https://github.com/opencomputeproject/Project_Olympus/tree/master/Project_Cerber

us

[478]https://cloud.google.com/blog/products/gcp/titan-in-depth-security-in-plaintext

[479]https://github.com/opencomputeproject/Project_Olympus/tree/master/Project_Cerber

us

[480]https://github.com/keystone-enclave/

[481]https://github.com/jirislaby/ksplice

[482]https://ksplice.oracle.com/

[483]https://github.com/useidel/kgraft-tools

[484]https://git.kernel.org/pub/scm/linux/kernel/git/jirislaby/kgraft.git/

[485]https://www.suse.com/media/presentation/kGraft.pdf

[486]https://github.com/dynup/kpatch

[487]https://github.com/torvalds/linux/tree/master/kernel/livepatch

[488]https://www.kernel.org/doc/Documentation/livepatch/livepatch.txt

[489]https://www.kernelcare.com/

[490]http://patches.kernelcare.com/kmod_kcare.tar.gz

[491]https://github.com/cloudlinux/libcare

[492]http://firecracker-microvm.io/

[493]https://github.com/firecracker-microvm/firecracker

[494]https://chromium.googlesource.com/chromiumos/platform/crosvm/

[495]https://android.googlesource.com/platform/external/minijail/

[496]https://www.twistlock.com/

[497]https://github.com/coreos/clair

[498]https://github.com/eliasgranderubio/dagda

[499]https://github.com/anchore/anchore-engine

[500]https://github.com/goharbor/harbor

[501]https://katacontainers.io/

[502]https://github.com/kata-containers/runtime

[503]https://github.com/firecracker-microvm/firecracker-containerd

[504]https://github.com/google/gvisor

[505]https://www.projectcalico.org/

[506]https://github.com/projectcalico

[507]https://cilium.io/

[508]https://github.com/cilium/cilium

[509]https://www.aporeto.com/opensource/[510]https://github.com/aporeto-inc/trireme-lib

[511]https://falco.org/

[512]https://github.com/falcosecurity/falco

[513]https://github.com/falcosecurity/falco/tree/dev/rules

[514]https://github.com/capsule8/capsule8

[515]https://github.com/docker/docker-bench-security

[516]https://github.com/kost/dockscan

[517]https://www.open-scap.org/resources/documentation/security-compliance-of-rhel7-

docker-containers/

[518]https://docs.docker.com/compliance/

[519]https://github.com/chromium/chromium/blob/master/docs/design/sandbox.md

[520]https://github.com/chromium/chromium/tree/master/sandbox/win

[521]https://github.com/chromium/chromium/blob/master/docs/linux_sandboxing.md

[522]https://github.com/chromium/chromium/tree/master/sandbox/linux

[523]https://github.com/alibaba/JVM-Sandbox

[524]https://cuckoosandbox.org/

[525]https://github.com/cuckoosandbox

[526]https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Sandboxing

[527]https://android.googlesource.com/platform/external/minijail/

[528]https://chromium.googlesource.com/chromiumos/docs/+/master/sandboxing.md

[529]https://github.com/projectatomic/bubblewrap

[530]https://github.com/google/sandboxed-api

[531]https://www.coursera.org/learn/machine-learning

[532]https://github.com/ZuzooVn/machine-learning-for-software-engineers

[533]https://github.com/imhuay/Algorithm_Interview_Notes-Chinese

[534]https://github.com/kk7nc/Text_Classification

[535]https://www.featuretools.com/

[536]https://github.com/scikit-learn-contrib/boruta_py

[537]https://github.com/hyperopt/hyperopt-sklearn

[538]https://github.com/AxeldeRomblay/MLBox

[539]https://github.com/ClimbsRocks/auto_ml

[540]https://github.com/h2oai/h2o-3

[541]https://github.com/endgameinc/dga_predict

[542]https://github.com/chwress/salad

[543]https://github.com/PositiveTechnologies/seq2seq-web-attack-detection

[544]https://github.com/makemytrip/dataShark

[545]https://github.com/georgymh/ml-fraud-detection

[546]https://github.com/klevis/frauddetection

[547]https://github.com/AFAgarap/malware-classification

[548]https://github.com/honeynet/cuckooml

[549]https://github.com/hgascon/adagio

[550]https://github.com/hgascon/pulsar

[551]https://code.fb.com/developer-tools/getafix-how-facebook-tools-learn-to-fix-bugs

automatically/[552]https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit

[553]http://web.stanford.edu/class/cs259d/

[554]https://github.com/PacktPublishing/Mastering-Machine-Learning-for-Penetration

Testing

[555]https://github.com/SuperCowPowers/data_hacking

[556]https://github.com/13o-bbr-bbq/machine_learning_security

[557]http://www.covert.io/

[558]https://github.com/jivoi/awesome-ml-for-cybersecurity

[559]https://arxiv.org/abs/1412.6572

[560]https://github.com/tensorflow/cleverhans

[561]https://github.com/baidu/AdvBox

[562]https://github.com/liftoff/pyminifier

[563]https://github.com/QQuick/Opy

[564]https://github.com/dashingsoft/pyarmor

[565]https://arxiv.org/abs/1610.05755v3

[566]https://github.com/tensorflow/privacy

[567]https://github.com/google/nsjail

[568]https://security.googleblog.com/2016/07/experimenting-with-post-quantum.html

[569]https://pqcrypto.org/

[570]https://microsoft.github.io/Picnic/

[571]https://openquantumsafe.org/

[572]https://github.com/open-quantum-safe/liboqs

[573]https://github.com/cloudflare/circl

附：

IPDRR 模型参考：https://www.nist.gov/cyberframework

IATF 框架参考：http://www.dtic.mil/dtic/tr/fulltext/u2/a606355.pdf

CGS 框架参考：https://apps.nsa.gov/iaarchive/library/ia-guidance/ia-standards/cgs/

自 适 应 安 全 架 构 参 考 ： https://www.gartner.com/smarterwithgartner/build-adaptive

security-architecture-into-your-organization/

IACD 框架参考：https://www.iacdautomate.org/

网络韧性架构参考：https://csrc.nist.gov/publications/detail/sp/800-160/vol-2/draft