• Cryptography
• Firewall
• ALG
• IDS/IPS
• Snort(NIPS/NIDS)
• OSSEC(HIDS)
• Suricata(NIDS/NIPS/MSM)
• Compare
• Web Vulnerability Scanner
• Tools list
• Tools
• How to hack
• WAF
• ModSecurity
  • Application Supported
  • pfsense
  • Open Web Application Security Project
• Nginx
• OpenResty
• Cloud
• Hardware

Cryptography¶

Please visit web/SSL page.

Firewall¶

https://github.com/sonertari/UTMFW

Ports: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

ALG¶

China Telecom Modem - Application-layer Gateway

Service	TCP	UDP	Memo
H.323	1720	1719	VoIP
RTSP	554	554	real-time media streams
L2TP		1701
PPTP	1723
IPSEC		4500	L3:50/51
SIP	5060/5061	5060	VoIP
FTP	21

IDS/IPS¶

Network Intrusion Detection System (NIDS) engine
Network Intrusion Prevention System (NIPS) engine
Network Security Monitoring (NSM) engine

Snort(NIPS/NIDS)¶

https://doc.pfsense.org/index.php/Setup_Snort_Package

OSSEC(HIDS)¶

https://en.wikipedia.org/wiki/OSSEC
log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response.

https://ossec.github.io/docs/manual/supported-systems.html

Suricata(NIDS/NIPS/MSM)¶

Suricata is a network IDS, IPS and NSM engine.
https://github.com/OISF/suricata
https://suricata-ids.org/features/all-features/
w/ pfSense: http://elatov.github.io/2016/11/setup-suricata-on-pfsense/
w/ Mikrotik: https://forum.mikrotik.com/viewtopic.php?t=111727

Compare¶

https://www.aldeid.com/wiki/Suricata-vs-snort

Web Vulnerability Scanner¶

Tools list¶

https://github.com/infoslack/awesome-web-hacking
http://www.toolswatch.org/2017/02/2016-top-security-tools-as-voted-by-toolswatch-org-readers/
https://www.owasp.org/index.php/Category:Vulnerability_Scanning_Tools

Tools¶

OWASP Zed Attack Proxy:
https://github.com/zaproxy/zaproxy/wiki/Introduction
https://null-byte.wonderhowto.com/how-to/hack-like-pro-hack-web-apps-part-6-using-owasp-zap-find-vulnerabilities-0168129/ OWASP Web Testing Framework: https://owtf.github.io/
OWASP Web Testing Environment Project: https://www.owasp.org/index.php/OWASP_Web_Testing_Environment_Project

https://github.com/sullo/nikto
https://github.com/subgraph/Vega/wiki
https://github.com/anilbaranyelken/tulpar
https://github.com/dpnishant/raptor

How to hack¶

https://github.com/ethicalhack3r/DVWA
a PHP/MySQL web application that is damn vulnerable.

https://www.youtube.com/playlist?list=PL0-xwzAwzllx4w5OYdRoVTqlNvQ7xALNM

WAF¶

ModSecurity¶

https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual
support Apache, IIS7 or Nginx
Nginx: must be compiled with the source code of the main server

Application Supported¶

https://modsecurity.org/application_coverage.html

pfsense¶

http://pfsensesetup.com/wp-content/uploads/2014/10/pfsense_modsecurity01.png

Open Web Application Security Project¶

https://coreruleset.org/ https://hub.docker.com/r/owasp/modsecurity/

Nginx¶

https://hub.docker.com/r/nodeintegration/nginx-modsecurity/
https://github.com/alexazhou/VeryNginx
https://www.nginx.com/products/nginx-waf/#free-trial
https://github.com/nbs-system/naxsi (Nginx Anti XSS & SQL Injection)

OpenResty¶

https://github.com/p0pr0ck5/lua-resty-waf
High-performance WAF built on the OpenResty stack

Cloud¶

https://www.cloudflare.com/waf/
https://aws.amazon.com/waf/
https://www.aliyun.com/product/waf

Hardware¶

http://help.sonicwall.com/help/sw/eng/8112/8/0/0/content/Chapter2_Overview.03.28.html
https://www.cisco.com/c/en/us/products/collateral/application-networking-services/ace-web-application-firewall/data_sheet_c78-458627.html