Awesome security hardening.
• مجموعه ای حجیم از مواد مختلف با موضوع افزایش امنیت. از راهنمایی های دقیق تا ابزارها و معیارهای اساسی:
• Security Hardening Guides and Best Practices;
— Hardening Guide Collections;
— GNU/Linux;
- Red Hat Enterprise Linux - RHEL;
- CentOS;
- SUSE;
- Ubuntu;
— Windows;
— macOS;
— Network Devices;
- Switches;
- Routers;
- IPv6;
- Firewalls;
— Virtualization - VMware;
— Containers - Docker - Kubernetes;
— Services;
- SSH;
- TLS/SSL;
- Web Servers;
- Mail Servers;
- FTP Servers;
- Database Servers;
- Active Directory;
- ADFS;
- Kerberos;
- LDAP;
- DNS;
- NTP;
- NFS;
- CUPS;
— Authentication - Passwords;
— Hardware - CPU - BIOS - UEFI;
— Cloud;
• Tools;
— Tools to check security hardening;
- GNU/Linux;
- Windows;
- Network Devices;
- TLS/SSL;
- SSH;
- Hardware - CPU - BIOS - UEFI;
- Docker;
- Cloud;
— Tools to apply security hardening;
- GNU/Linux;
- Windows;
- TLS/SSL;
- Cloud;
— Password Generators;
• Books;
• Other Awesome Lists;
— Other Awesome Security Lists.
#Security #hardening
@Engineer_Computer
• مجموعه ای حجیم از مواد مختلف با موضوع افزایش امنیت. از راهنمایی های دقیق تا ابزارها و معیارهای اساسی:
• Security Hardening Guides and Best Practices;
— Hardening Guide Collections;
— GNU/Linux;
- Red Hat Enterprise Linux - RHEL;
- CentOS;
- SUSE;
- Ubuntu;
— Windows;
— macOS;
— Network Devices;
- Switches;
- Routers;
- IPv6;
- Firewalls;
— Virtualization - VMware;
— Containers - Docker - Kubernetes;
— Services;
- SSH;
- TLS/SSL;
- Web Servers;
- Mail Servers;
- FTP Servers;
- Database Servers;
- Active Directory;
- ADFS;
- Kerberos;
- LDAP;
- DNS;
- NTP;
- NFS;
- CUPS;
— Authentication - Passwords;
— Hardware - CPU - BIOS - UEFI;
— Cloud;
• Tools;
— Tools to check security hardening;
- GNU/Linux;
- Windows;
- Network Devices;
- TLS/SSL;
- SSH;
- Hardware - CPU - BIOS - UEFI;
- Docker;
- Cloud;
— Tools to apply security hardening;
- GNU/Linux;
- Windows;
- TLS/SSL;
- Cloud;
— Password Generators;
• Books;
• Other Awesome Lists;
— Other Awesome Security Lists.
#Security #hardening
@Engineer_Computer
GitHub
GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other resources
A collection of awesome security hardening guides, tools and other resources - decalage2/awesome-security-hardening
بعضیها رسماً به مرحلهای رسیدن که دارن «چیزهای رایگان» رو هم میفروشن!
این روزها نسخه آماده #Nessus از طریق #Docker رایگان و در دسترس همهست… ولی دیدم بعضیها همین رو بستهبندی کردن و با قیمت بالا میدن به ملت 🤦♂️
هیچ جادوی خاصی پشتش نیست، فقط یک docker pull سادهست!
واقعاً حیفه که وقت و پول مردم صرف چیزی بشه که با یک خط دستور میشه آورد بالا.
📂 لینک نسخه آماده روی Docker Hub:
https://hub.docker.com/r/sakurashiro/nessus
#nessus #docker #vulnerability_assessment #cybersecurity #infosec #soc #securitytools #redteam #blueteam #hide01
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
این روزها نسخه آماده #Nessus از طریق #Docker رایگان و در دسترس همهست… ولی دیدم بعضیها همین رو بستهبندی کردن و با قیمت بالا میدن به ملت 🤦♂️
هیچ جادوی خاصی پشتش نیست، فقط یک docker pull سادهست!
واقعاً حیفه که وقت و پول مردم صرف چیزی بشه که با یک خط دستور میشه آورد بالا.
📂 لینک نسخه آماده روی Docker Hub:
https://hub.docker.com/r/sakurashiro/nessus
#nessus #docker #vulnerability_assessment #cybersecurity #infosec #soc #securitytools #redteam #blueteam #hide01
Please open Telegram to view this post
VIEW IN TELEGRAM
❤3👍3👏1🕊1
🛡 Wazuh Mastery Pack · 13 of 15 — Docker & Kubernetes
Containers don't have a /var/log to watch. They have an event stream and an audit log. Wazuh handles both.
This cheat sheet is the working config:
🐳 Docker — the docker-listener wodle pulls container lifecycle events (create, start, exec, kill, network-connect) straight from the daemon socket
☸️ Kubernetes — Wazuh agent as a DaemonSet (one per node) plus parsing /var/log/kubernetes/audit/audit.log
The single most important event to alert on in any container environment:
👉 docker exec into a production container.
If a human (or attacker) is shelling into a running prod container, you want to know about it within seconds. That's a tier-1 alert in any mature container security program.
#Wazuh #Kubernetes #Docker #ContainerSecurity #CloudNative #DevSecOps #SOC #InfoSec
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
Containers don't have a /var/log to watch. They have an event stream and an audit log. Wazuh handles both.
This cheat sheet is the working config:
🐳 Docker — the docker-listener wodle pulls container lifecycle events (create, start, exec, kill, network-connect) straight from the daemon socket
☸️ Kubernetes — Wazuh agent as a DaemonSet (one per node) plus parsing /var/log/kubernetes/audit/audit.log
The single most important event to alert on in any container environment:
👉 docker exec into a production container.
If a human (or attacker) is shelling into a running prod container, you want to know about it within seconds. That's a tier-1 alert in any mature container security program.
#Wazuh #Kubernetes #Docker #ContainerSecurity #CloudNative #DevSecOps #SOC #InfoSec
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
❤1