Home

Awesome

Enterprise-Security-Skill

You can use the Enterprise-Security-Skill Github to maintain and preview the content.

1.结构

初步规划是分成企业安全方案,技术,思维,资讯,涉及企业安全规划,建设,运营,但不仅限于此,主要用于企业安全建设运营知识库建设和分享


内容会不定时更新,宁缺毋滥

企业安全方案包含:


![本开源企业安全实践知识库项目初步规划]https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/pic/%E4%BC%81%E4%B8%9A%E5%AE%89%E5%85%A8%E8%BF%90%E8%90%A5%E5%BB%BA%E8%AE%BE%E9%9B%86v0.1.png)

部分企业安全攻防相关内容会直接放于知识星球

2.初衷

建立企业安全技能知识库的原因有以下几点,或许有更多:

3.Changlog更新日志

4.主要内容目录

目录后续只更新到Catalog.md,力求精简

以下简单目录停止增加,后续参见Catalog.md

<!-- ## 01-PLAN - [一个人的安全部之企业信息安全建设规划.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/01-PLAN/%E4%B8%80%E4%B8%AA%E4%BA%BA%E7%9A%84%E5%AE%89%E5%85%A8%E9%83%A8%E4%B9%8B%E4%BC%81%E4%B8%9A%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E5%BB%BA%E8%AE%BE%E8%A7%84%E5%88%92.md) - [企业安全思考集-发布于圈子.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/01-PLAN/%E4%BC%81%E4%B8%9A%E5%AE%89%E5%85%A8%E6%80%9D%E8%80%83%E9%9B%86-%E5%8F%91%E5%B8%83%E4%BA%8E%E5%9C%88%E5%AD%90.md) - [信息安全从运维向运营的进化.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/01-PLAN/%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E4%BB%8E%E8%BF%90%E7%BB%B4%E5%90%91%E8%BF%90%E8%90%A5%E7%9A%84%E8%BF%9B%E5%8C%96.md) - [信息安全规划.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/01-PLAN/%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E8%A7%84%E5%88%92.md) - [如何进行项目策划.pdf](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/01-PLAN/%E5%A6%82%E4%BD%95%E8%BF%9B%E8%A1%8C%E9%A1%B9%E7%9B%AE%E7%AD%96%E5%88%92.pdf) - [捻乱止于河防——浅谈企业入侵防御体系建设](https://security.tencent.com/index.php/blog/msg/68) ## 02-BUILD - [Solutions](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/02-BUILD/Solutions.md) - [甲方企业安全建设开源之路](https://github.com/bloodzer0/ossa) 也可参考《企业安全建设入门:基于开源软件打造企业网络安全》 - [SDLChina](https://github.com/SecurityPaper/SecurityPaper-web) - [端口安全](https://github.com/AnyeDuke/Enterprise-Security-Skill/tree/master/02-BUILD/Port_Security) ### Honeypot (New) - SNARE:https://github.com/mushorg/snare - T-Pot:https://github.com/dtag-dev-sec/tpotce - Shmakov:https://github.com/Shmakov/Honeypot - [dionaea](https://1isten.xyz/2018/06/04/dionaea%E8%9C%9C%E7%BD%90%E6%90%AD%E5%BB%BA/#more?nsukey=yrx2I0DvfB36CtRSolCx4l7AyqPZivLxvRJq4ajNuGcrB3HwAyCNusEFr54FNoy9Pp8VPVdtuN8YqO%2FklzkCsyYe4xu4OL7zIlqkJu7zSAH8ziItt5qn2uaPF6OjoItLhWicnWA8cBr9ALXlM5KfF2nfn89BW2z3ZoOpYnpb144%3D) - opencanary_web:https://github.com/p1r06u3/opencanary_web - 蜜罐与内网安全从0到1系列 - https://sosly.me/index.php/2017/08/23/goldenspark1/ - https://sosly.me/index.php/2017/09/05/jymiguan2/ - https://sosly.me/index.php/2017/10/15/jymiguan3/ - https://sosly.me/index.php/2017/11/15/jymiguan4/ - https://sosly.me/index.php/2018/03/20/jymiguan5/ - https://sosly.me/index.php/2018/03/21/jymiguan6/ - https://sosly.me/index.php/2018/03/22/jymiguan7/ ## 03-Operation - [xx公司网络安全解决方案.doc](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/03-Operation/xx%E5%85%AC%E5%8F%B8%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8%E8%A7%A3%E5%86%B3%E6%96%B9%E6%A1%88.doc) - [威胁情报的层次分析-汪列军.pdf](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/03-Operation/01-SecurityOperation/%E5%A8%81%E8%83%81%E6%83%85%E6%8A%A5%E7%9A%84%E5%B1%82%E6%AC%A1%E5%88%86%E6%9E%90-%E6%B1%AA%E5%88%97%E5%86%9B.pdf) - [安全运营中威胁情报的应用.pdf](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/03-Operation/01-SecurityOperation/%E5%AE%89%E5%85%A8%E8%BF%90%E8%90%A5%E4%B8%AD%E5%A8%81%E8%83%81%E6%83%85%E6%8A%A5%E7%9A%84%E5%BA%94%E7%94%A8.pdf) - [基于主动防御能力,建设安全运营中心的一点思考(New)](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/03-Operation/01-SecurityOperation/%E5%9F%BA%E4%BA%8E%E4%B8%BB%E5%8A%A8%E9%98%B2%E5%BE%A1%E8%83%BD%E5%8A%9B%EF%BC%8C%E5%BB%BA%E8%AE%BE%E5%AE%89%E5%85%A8%E8%BF%90%E8%90%A5%E4%B8%AD%E5%BF%83%E7%9A%84%E4%B8%80%E7%82%B9%E6%80%9D%E8%80%83.md) ## 04-Books - [书单](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/04-Books/BookLists.md) - [信息安全从业者书单](https://github.com/riusksk/secbook) ## 05-Minds - [信息安全架构建设能力集v0.5.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/05-Mind/%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E6%9E%B6%E6%9E%84%E5%BB%BA%E8%AE%BE%E8%83%BD%E5%8A%9B%E9%9B%86v0.5.md) - [信息安全架构能力集v0.5.pdf](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/05-Mind/%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E6%9E%B6%E6%9E%84%E8%83%BD%E5%8A%9B%E9%9B%86v0.5.pdf) - [企业安全建设技能树v1.0](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/05-Mind/%E4%BC%81%E4%B8%9A%E5%AE%89%E5%85%A8%E5%BB%BA%E8%AE%BE%E6%8A%80%E8%83%BD%E6%A0%91v1.0%20%E5%90%8E%E7%BB%AD%E6%9B%B4%E6%96%B0%E8%AF%B7%E5%85%B3%E6%B3%A8%E5%BE%AE%E4%BF%A1%E5%85%AC%E4%BC%97%E5%8F%B7%EF%BC%9Ajungedetili%EF%BC%88%E5%90%9B%E5%93%A5%E7%9A%84%E4%BD%93%E5%8E%86%EF%BC%89.png) - [CSO的生存艺术By ayazero](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/05-Mind/CSO%E7%9A%84%E7%94%9F%E5%AD%98%E8%89%BA%E6%9C%AFBy%20ayazero.md) - [IBM 企业信息安全框架V5.0白皮书.pdf](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/05-Mind/IBM%20%E4%BC%81%E4%B8%9A%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E6%A1%86%E6%9E%B6V5.0%E7%99%BD%E7%9A%AE%E4%B9%A6.pdf) - [安全研究者的自我修养byriusksk.md(New)](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/05-Mind/%E5%AE%89%E5%85%A8%E7%A0%94%E7%A9%B6%E8%80%85%E7%9A%84%E8%87%AA%E6%88%91%E4%BF%AE%E5%85%BBbyriusksk.md) ## 06-News - [Enterprise-Security-News-Detail.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/06-News/Enterprise-Security-News-Detail.md) - [Enterprise-Security-News-Short.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/06-News/Enterprise-Security-News-Short.md) - [Paper.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/06-News/Paper.md) - [玄武实验室资讯](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/06-News/xuanwulab-securitynews.md) ## 07-Tools - [Draw.io用于威胁建模.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/07-Tools/Draw.io%E7%94%A8%E4%BA%8E%E5%A8%81%E8%83%81%E5%BB%BA%E6%A8%A1.md) ## 08-Attack ### OSINT - [从 Virus Total 中寻找敏感信息泄漏](https://medium.com/@YumiSec/virus-total-the-best-way-to-disclose-your-company-secrets-92988396f36a) - [OSINT 公开资源情报收集工具及资源整理]( https://medium.com/@micallst/osint-resources-for-2019-b15d55187c3f) - [渗透测试前期信息收集技巧](https://bugbountytuts.files.wordpress.com/2018/02/dirty-recon.pdf) - [2019 版 OSINT 开源情报收集指南](https://www.randhome.io/blog/2019/01/05/2019-osint-guide/) - [LeakLooker - 使用 Shodan 快速寻找可公开访问数据库的工具](https://hackernoon.com/leaklooker-find-open-databases-in-a-second-9da4249c8472) ## 09-Other ### OWASP - [OWASP_EVENTS-2018.md](https://github.com/AnyeDuke/Enterprise-Security-Skill/blob/master/08-Other/01-OWASP/OWASP_EVENTS-2018.md) -->

5.支持和联系

你可以直接在issue或者通过邮箱联系我,进行更新上传,欢迎一起构建企业安全学习知识库

资源来源于互联网和原创文章,如有版权问题,请联系删除,本专栏请遵循GPL-3.0