This lab covers penetration testing using OWASP ZAP, including installation, scanning a web application for vulnerabilities, and interpreting the results. Key tasks involve setting up the Java Runtime Environment, installing ZAP, and performing automated scans on a test site designed for learning about security flaws.

Hands-On Lab: Penetration Testing with OWASP ZAP | by Lexus Collins | Medium

⭐[教程] 通过CloudFlare+SaaS回源优选IP使国内用户高速访问网站 - Dooo.ng 个人博客

通过CloudFlare SaaS搭建网站 – ACAEO

Office/WPS接入DeepSeek-R1等多种大模型，开启办公新模式！ - 纪元A梦 - 博客园

Azure spot 虚拟机自启 | Saika's Blog

IDM-中文免激活绿色版-牛麦子

hmhm2022/Card-Tab: ✨一个部署在CF的轻量化导航页面，可移动卡片式书签，方便管理

如何不透過 Microsoft Store 安裝 Microsoft Store 的應用程式 | 毛哥EM資訊密技

Wordpress邮件通知解决方案-免费的SMTP发信插件和邮件服务 - 挖站否-挖掘建站的乐趣

chfs (CuteHttpFileServer) - 将文件夹变成网盘网页！免费绿色 HTTP 文件共享工具 | 铁牛

水豚鼠标助手-录课、屏幕演示必备神器 | 铁牛

11 search engines for cybersecurity research you can use right now - Help Net Security

绕过付费墙解锁各种付费会员内容的工具

6 IT risk assessment frameworks compared | CSO Online

6 Types of Applications Security Testing You Must Know About

甲骨文ARM服务器安装Windows - 编程随想

How attackers evade your EDR/XDR system — and what you can do about it | CSO Online

How to configure BGP over IPSEC VPN Fortigate CLI. - Secnetlinux

本教程详细介绍了如何搭建、配置和优化iRedMail企业级邮件服务器，使用自己的域名作为邮箱后缀。内容包括准备工具、系统设置、iRedMail的安装与配置、DNS记录的设置（如A记录、MX记录、SPF记录、DKIM记录和DMARC记录），以及如何添加用户和测试邮件服务器。通过这些步骤，用户可以创建一个可靠的邮件系统，避免邮件丢失和进入垃圾箱的问题。

自建企业级邮件服务器、域名邮箱！iRedMail 企业级邮件系统搭建、配置、优化教程！ – V2RaySSR综合网

How to run a packet capture on a Fortigate (CLI) - Secnetlinux

本文介绍了如何同时使用国内CDN和Cloudflare以实现网站的加速。通过配置Cloudflare和国内域名供应商的DNS记录，可以确保国内用户通过国内CDN访问，而国外用户则通过Cloudflare加速访问。文中详细描述了每一步的设置过程，并强调了测试响应速度的重要性。

同时使用国内CDN和Cloudflare - 夏日冰菓

This guide details the steps to configure an SSL VPN with certificate authentication on a Fortigate device, using OPENSSL to generate the necessary CA and certificates. Key steps include generating a root certificate, creating server and client certificate signing requests (CSRs), signing the CSRs, and importing the certificates into the Fortigate. The guide also covers configuring PKI users, SSL-VPN settings, and troubleshooting commands.

How to configure a SSL-VPN with certificate authentication on a Fortigate

The checklist for Fortigate admin access over SSL-VPN includes ensuring trusted hosts are configured, allowing access on the interface, establishing a firewall policy from the SSL-VPN interface to the LAN, and verifying the routing table for proper connectivity. Specific configuration commands are provided for each step to facilitate the setup process.

Checklist for Fortigate admin access over SSL-VPN

本文详细介绍了在Windows 11上安装和破解NESSUS 10.6.4的步骤，包括下载安装、获取插件包、破解过程、关闭更新以及避坑指南。强调了在破解过程中需要注意的细节和可能遇到的问题，提供了解决方案和官方链接以供参考。

NESSUS 10.6.4在Windows11安装破解全指导+避坑指南-CSDN博客

To configure an Automation Stitch for CPU threshold alerts on a Fortigate, set the CPU usage threshold to 50% and create an Automation Stitch under Security Fabric. Use the GUI to select CPU Usage Statistics as the trigger and specify the email address for alerts. Alternatively, configure it via CLI by setting the SMTP server and email parameters. Test the configuration by generating traffic to exceed the CPU threshold.

How to configure an Automation Stitch (email alert) for CPU threshold on a Fortigate. - Secnetlinux

本文介绍了如何使用GotoHTTP远程控制软件绕过杀毒软件进行远控，适用于目标机器为Windows的场景。优点包括无需安装控制端、低带宽运行和支持图形界面等，但需管理员权限并可能被某些杀软拦截。提供了详细的使用方法，包括在拥有完全权限或仅有命令行权限的情况下的操作步骤，并强调了成功连接后的注意事项。

【远程控制】GotoHTTP 无视杀软实现远控 - 极核GetShell

Security teams should run tabletop exercises to prepare for ransomware, third-party risks, insider threats, and distributed denial-of-service (DDoS) attacks. These exercises help identify vulnerabilities, improve response strategies, and ensure compliance with regulatory requirements. Key questions for each scenario include data encryption, partner vetting, insider threat detection, and DDoS mitigation plans. Regularly conducting these exercises with relevant stakeholders, including legal and communications teams, enhances overall cybersecurity readiness.

4 tabletop exercises every security team should run | CSO Online

This tutorial guides readers through building a command-line TO-DO list app in Python using the argparse and os modules. It covers creating a project directory, setting up an argument parser, and defining functions to add, list, and remove tasks. The tutorial also includes steps to parse command-line arguments and run the app. It concludes with suggestions for further improvements, such as error handling and adding task priorities. The tutorial emphasizes learning by building and provides a link to the complete code on GitHub.

Build a Command-Line App with Python in 7 Easy Steps - KDnuggets

This post from KDnuggets outlines a five-step process to containerize Python applications using Docker. It covers installing Docker, coding a Python application, creating a Dockerfile, building the Docker image, and running the Docker container. The tutorial uses a command-line TO-DO list app as an example and emphasizes the benefits of Docker for managing dependencies and creating isolated, reproducible environments.

Containerize Python Apps with Docker in 5 Easy Steps - KDnuggets

本文介绍了在微软Azure订阅中添加超级协助管理账号的步骤。通过添加协管账号可以降低账号订阅被封的概率，提供超管账号被封或者忘记密码的补救方案，并管理某些服务如OpenAI模型。需要一个有效订阅的Azure和一个被邀请的微软账号。步骤包括访问订阅详情，添加角色分配，选择特权管理角色和所有者，选择成员，设置条件，最后确认邀请并使用被邀请账号登录Azure控制面板。

微软Azure订阅如何添加超级协助管理账号 - 如有乐享

这篇文章是关于渗透测试备忘单和红队笔记的。它包含了各种命令和技术，如检查Powershell日志记录、检查WinEvent日志中的SecureString泄露、审计政策、检查LSASS是否在PPL中运行等。此外，还包括了一些利用技术，如二进制利用、破解ZIP密码、设置简单的HTTP服务器等。文章还提供了一些有用的命令和工具，如MySQL用户定义功能提权、Docker权限提升、重置root密码等。最后，还提供了一些网络工具和技术，如端口转发、SSH隧道、文件传输协议等。

ired.team 红队笔记 渗透测试备忘单 

这篇文章介绍了一个名为"Incident-Response-Powershell"的应急响应脚本，可以帮助响应Windows设备上的网络攻击。脚本包括收集Windows事件、安全事件、即插即用设备、本地管理员等信息，并可以将取证文物导出为CSV文件以进行SIEM导入。文章还提供了脚本的下载地址和效果图。

Incident-Response-Powershell 应急响应脚本

Cloudflare Access是一种企业级Zero Trust产品，提供免费的无限期、无流量限制、50台设备支持的零信任解决方案。本文简要记录了团队域的手动加入、客户端设备控制和身份验证策略等内容。

Cloudfalre Access应用问题一二 » 老E的博客

This post provides information on Azure application registrations, enterprise applications, and managed identities. It explains the purpose of application registrations and the trust relationship established between Microsoft's identity platform and custom applications. It also discusses enterprise applications as the application identity within Azure AD and the relationship between app registrations and enterprise applications. Additionally, the post covers managed identities and their role in assigning identities to Azure resources. The author aims to clarify these concepts in the context of authentication in Azure.

Azure Application registrations, Enterprise Apps, and managed identities - adatum

该文档是关于一键重装脚本的介绍。该脚本具有多个功能，包括安装Linux、DD、重启到Alpine救援系统、重启到netboot.xyz和安装Windows ISO。脚本具有多个亮点，如使用官方安装程序、实时获取资源、适配不同规格的服务器、支持多种操作系统和提供多种安装方式。此外，还提供了下载和使用的说明。

bin456789/reinstall: 一键重装 / 一键 dd / One-click Reinstall OS

RedteaGO是一个提供eSim全球漫游上网的平台，针对中国大陆有长期优惠套餐，每天1GB只需0.49美元，注册时使用邀请码"STIL0009"可获得3美元余额。通过实用测试发现，购买套餐后激活即可使用，网速稳定且足够日常使用，适用于备选方案。

RedteaGO - 最划算的大陆漫游 eSim 流量卡，原生境外 IP，注册就送 3 刀。 - 思有云 - IOIOX

This document provides information about SOC2, including objectives related to privacy, controls per TugboatLogic, types of SOC2 reports, SSAE 18, management insights, additional frameworks, and references. SOC2 focuses on controls and policies related to access control, security operations, risk management, business continuity, organization and management, asset management, information and communications, audit and compliance, data security, SDLC security, and continuous compliance. It is important for service organizations to comply with SOC2 requirements to ensure the security and privacy of data.

SOC2 – Index

Stirling PDF是一个开源的PDF文件处理工具，支持合并、拆分、旋转、裁剪、添加水印、解锁、转换格式和OCR识别等功能。它具有开源免费、支持多种操作系统、功能丰富、易于使用和方便搭建等优点。搭建Stirling PDF的步骤包括安装Docker和运行Stirling PDF，以及开放网站并安装Caddy。详细的搭建步骤可以在文档中找到。

自建 Stirling PDF | 一个 PDF 工具集

这篇文章介绍了Nessus+2024插件的安装步骤。提供了下载脚本和安装方法，并附有插件数量和卸载方法。文章还包含了Nessus的启动和停止命令以及注意事项。请注意，本文仅供参考，请遵守软件许可协议和法律法规。

Nessus 特别版+2024插件 10.6.4 For Linux【适用于Debian & Ubuntu系统】

ChatGPT Next Web is a cross-platform ChatGPT/Gemini UI that allows users to deploy a well-designed ChatGPT web UI with support for GPT3, GPT4, and Gemini Pro models. It offers features such as one-click deployment, compact client for Linux/Windows/MacOS, compatibility with self-deployed LLMs, privacy-first data storage, markdown support, responsive design, and support for multiple languages. The roadmap includes features like system prompts, user prompts, prompt templates, image sharing, desktop app with Tauri, self-hosted models, and plugins. The project provides documentation, FAQs, and instructions for development and deployment.

ChatGPTNextWeb/ChatGPT-Next-Web: A cross-platform ChatGPT/Gemini UI (Web / PWA / Linux / Win / MacOS). 一键拥有你自己的跨平台 ChatGPT/Gemini 应用。

AC-Hunter™ Community Edition is a free version of AC-Hunter that provides threat hunting functionality with some limitations. It offers the same powerful threat hunting analytics and network insights as the paid Enterprise Edition. Users can choose between an install script or a VMWare virtual image based on their specific use case. AC-Hunter Enterprise and AC-Hunter Community Edition are compared in a chart, and users are also directed to other threat hunting tools.

AC-Hunter™ Community Edition - Active Countermeasures

本文介绍了11款免费、可用于内网穿透的轻量、简洁的隧道工具和平台，包括Loophole、localhost.run、localtunnel、expose、bore、tabserve、staqlab、jprq、zrok、telebit和ssh-j.com。这些工具提供了将本地服务器暴露到公共网络的功能，支持不同的隧道协议和自定义域名。

11款轻量、简洁、可用于内网穿透的免费隧道工具与平台 » 老E的博客

This article explains how to use Azure Automation and PowerShell to create a daily Microsoft Entra risk report. By automating the process, administrators can monitor risk events, gather data, format it into an HTML report, and send it via email. The report includes information on risk detections, risky users, and risky service principals, providing visibility into identity-based attacks and allowing for timely action. The article provides step-by-step instructions on setting up the Azure Automation account, assigning necessary permissions, installing required Microsoft Graph PowerShell SDK modules, adding the code, reviewing the report, and scheduling the script to run daily.

Use Azure Automation and PowerShell to Create a Daily Microsoft Entra Risk Report | Practical365

This article highlights 10 essential cybersecurity frameworks that organizations should be aware of and implement to protect their digital assets. These frameworks include the NIST Cybersecurity Framework, ISO/IEC 27001, CIS Critical Security Controls, COBIT, CSA Cloud Controls Matrix, HITRUST CSF, Katakri, PCI DSS, SOGP, and Secure Controls Framework. Each framework offers a structured and strategic approach to managing cybersecurity risks and enhancing an organization's cybersecurity posture.

10 cybersecurity frameworks you need to know about - Help Net Security

To use PNETLab, download the .ova file and deploy it on virtualization platforms like VirtualBox or VMWare. Make sure to enable virtualization in your BIOS. After deployment, register and login to access the PNETLab box through your browser. You can choose between online and offline mode, with offline mode not requiring registration. In the PNETLab box, you can go to the store to download free labs and practice them. The labs come with lab files, workbooks, and instructions on how to use the console.

PNETLab : Lab is Simple

This article provides various methods to run a program without admin privileges and bypass the UAC prompt in Windows OS. It covers topics such as configuring permissions for non-admin users, allowing standard users to run programs that require admin privileges, bypassing UAC with the RunAsInvoker option in CMD, enabling the RunAsInvoker mode in the EXE file manifest, and creating a shortcut to run a program with a saved administrator password. Each method is explained in detail with step-by-step instructions.

How to Run Program without Admin Privileges and Bypass UAC Prompt | Windows OS Hub

Astra Pro是一款功能齐全、易于使用、具有灵活性的WordPress主题，适用于各种类型的网站。它具有快速加载速度、设计灵活性、广泛的集成、响应式设计和SEO友好等优点。本文提供了关于Astra Pro主题的详细设置图文教程，包括安装、导入预制网站、自定义Header和Footer、配置布局和颜色选项、设置导航菜单、自定义产品页面、自定义首页、关于页面和联系页面、自定义博客页面、制作Mega Menu和将Elementor模板添加到超级菜单等内容。

Astra Pro主题超详细手把手设置图文教程 - 虾皮路

本文介绍了目标web网站信息收集的两种方法（主动收集和被动收集），以及域名信息收集、网站指纹识别、整站分析、主机扫描、端口扫描、敏感目录和文件扫描、旁站和C段扫描、网站漏洞扫描等内容。提供了一些工具和在线查询网站供参考。

目标web网站信息收集内容及一些工具

Defender Control v2.1 is a portable freeware that allows users to disable Microsoft Defender in Windows 10 completely. It provides different blocking methods and can be useful for users experiencing conflicts between Defender and their antivirus application or those who want to disable Defender permanently. The program's interface displays the status of Microsoft Defender and allows users to enable or disable it with one click. It supports multiple languages and operating systems.

Defender Control v2.1

本文介绍了容器镜像扫描的两种工具：docker scan和Trivy。docker scan是docker官方推出的插件，需要登录dockerhub用户才能使用，免费扫描限制为10次/月。Trivy是一个全面且多功能的安全扫描仪，支持多种扫描场景和平台。文章还提到了镜像扫描的几种应用场景，并介绍了ImagePolicyWebhook容器镜像扫描的实现方式。

容器安全之镜像扫描 - 自由早晚乱余生 - 博客园

本文介绍了在服务器入侵过程中发现隐藏字符的原理。通过使用命令如cat -A，可以查看隐藏字符，其中包括转换为\\r的^M字符，它表示回车并可能导致内容覆盖。文章提供了示例和注意事项，并给出了参考文章和作者信息。

服务器入侵之找出隐藏字符的原理 - 自由早晚乱余生 - 博客园

This post discusses the 5 best open-source SIEM tools for organizations looking to mitigate cybersecurity risks and detect threats. The featured SIEM solutions include AlienVault OSSIM, MozDef, Wazuh, Prelude OSS, and Sagan, each with its own unique features and advantages. The post emphasizes the importance of finding a SIEM that suits specific needs and offers effective threat detection capabilities.

5 Best Open Source SIEM Tools | Mezmo

该文章描述了作者在一次被入侵和删除木马程序的经历。作者首先发现服务器流量异常增高，经过一系列的分析和操作，最终成功清理了木马程序并加强了服务器的安全性。

一次被入侵和删除木马程序的经历-阿里云开发者社区

这篇博客分享了一次服务器被入侵的处理过程和一些启示。处理措施包括删除恶意文件、解锁文件和目录、还原被篡改的命令、清空异常文件内容等。启示包括加强安全组设置、增加密码复杂性、监控关键文件、限制登录IP、关闭外网、检查异常进程和定时任务等。

一次服务器被入侵的处理过程分享 - 自由早晚乱余生 - 博客园

Learn how to create and host a dev tunnel using Microsoft's devtunnel CLI tool. This article provides step-by-step instructions for installing the CLI on different operating systems, logging in, hosting a dev tunnel, and connecting to it. With dev tunnels, you can securely test and debug web apps and webhooks from anywhere.

Create and host a tunnel - Microsoft dev tunnels | Microsoft Learn

This article provides a guide on using Azure to automate alerts for Azure (Entra ID) application secret expirations. It covers creating a new Azure application, assigning permissions, creating an app secret, connecting to the Microsoft Graph API, retrieving application information, handling pagination, getting application secret expiration, converting time to local time zone, dealing with multiple secrets per application, sending alerts via email and Microsoft Teams, and setting up automatic serverless automation using PowerShell runbooks and schedules.

Automated Alerts on Azure (Entra ID) Application Secret Expirations - The Lazy Administrator

本文介绍了微软免费开发隧道（内网穿透）的使用教程和命令说明。通过该工具，可以在Linux、Windows和macOS上实现内网穿透，并提供了详细的命令示例和高级用法说明。文章还介绍了使用限制和管理开发隧道的方法。

微软免费开发隧道(内网穿透)，支持Linux/Windows/macOS - 如有乐享

This blog post discusses how to build a DMZ (Demilitarized Zone) in Azure Cloud. It explains the concept of a DMZ, the architecture with two or three layers of security, and workload placement. It also provides examples of address spacing and hybrid network workloads placement. The post concludes with best practices for Azure networking, including segmenting networks, controlling traffic with NSGs, and enforcing user-defined rules.

Build DMZ in Azure Cloud | Blog by Raihan Al-Beruni

This document provides best practices for network security in Microsoft Azure. It emphasizes the importance of adopting Zero Trust architectures, implementing conditional access policies, enabling port access only after workflow approval, and granting temporary permissions for privileged tasks. The document also recommends controlling routing behavior, using virtual network appliances, deploying perimeter networks for security zones, avoiding exposure to the internet with dedicated WAN links, optimizing uptime and performance with load balancing, disabling RDP/SSH access to virtual machines, and securing critical Azure service resources with Azure Private Link. Additional information on control routing behavior, virtual network appliances, perimeter networks, WAN links, load balancing, RDP/SSH access, and Azure Private Link is provided. The document concludes with a reference to Azure security best practices and patterns.

Best practices for network security - Microsoft Azure | Microsoft Learn

This document provides instructions for using Greenbone Community Containers 22.4. It includes steps for starting the vulnerability management, setting up and starting the containers, updating the containers, performing a feed synchronization, accessing the web interface remotely, gaining terminal access to a container, using gvm-tools for CLI access, setting up a mail transport agent, performing a manual feed sync, troubleshooting common issues, and more.

Greenbone Community Containers 22.4 - Greenbone Community Documentation

This post explains how to set up a L2TP/SSTP client access RRaS server in Azure. Although RRaS is not officially supported in Azure, it can still be configured by enabling IP forwarding on the VM and adding a routing table to the vnet. The post provides step-by-step instructions on installing the Remote Access role, configuring and enabling RRaS, and setting up NAT for the VPN tunnel. It also mentions the need to assign IP addresses from a static pool and configure SSL certificate and authentication. The post concludes by inviting readers to share their experiences and alternative methods in the comments.

How To Setup A L2TP/SSTP Client Access RRaS Server In Azure ~ Bauer-Power Media

This article provides a step-by-step guide on how to configure an Azure site-to-site VPN with RRAS in Azure Resource Manager. It covers configuring the RRAS server's NICs, installing the RRAS roles and features, setting up and configuring the VPN in Azure, and configuring the RRAS server. The article also includes troubleshooting tips.

Let's Configure Azure Site-to-Site VPN with RRAS in Azure Resource Manager! | Microsoft Learn

Building an effective purple team doesn't require a generous budget. From a one-person operation using open-source tools to a dedicated team with specialized tools, organizations of all sizes can create a collaborative security approach. The article outlines four budget-savvy strategies for building a purple team, including the bootstrap approach with open-source tools, the cost-effective duo with one paid tool, the dedicated team with multiple tools, and the comprehensive force with an extensive toolkit. Each strategy offers different levels of capabilities and resources to enhance security posture and resilience.

4 budget-savvy strategies for building an effective purple team | CSO Online

This document provides information about the Sync-CyberArk-Password-Azure-KeyVault-Secret plugin, which allows for pushing, updating, and syncing passwords from CyberArk Vault to Azure Key Vault. It includes prerequisites, configuration steps, and instructions for adding Azure Key Vault usage. The document also explains how to add KeyVaultName and SecretName File Categories in Vault Server and create a new service account platform. Additionally, it covers the process of adding Azure Key Vault usage and testing the push/update operation.

TheMediocreCoder/Sync-CyberArk-Password-Azure-KeyVault-Secret: Push / Update CyberArk Passwords to Azure Key Vault

These guidelines provide recommendations for secure AI system development, covering secure design, development, deployment, and operation. They emphasize the importance of security throughout the system's life cycle and align with established practices from the NCSC, NIST, and CISA. Key priorities include taking ownership of security outcomes, transparency, accountability, and making secure design a top business priority.

Guidelines for secure AI system development - NCSC.GOV.UK

This document discusses incident response frameworks and steps, specifically focusing on the frameworks developed by NIST and SANS. It compares the two frameworks and highlights the importance of preparation in incident response. The document also emphasizes the need for defining the CSIRT, developing and updating a plan, acquiring and maintaining the proper infrastructure and tools, improving skills and supporting training, and possessing up-to-date threat intelligence capabilities. It further explains the steps of detection and analysis, containment, eradication, and recovery, as well as post-incident activities. The document concludes by mentioning CrowdStrike's incident response services and providing information about the author.

Incident Response Plan: Frameworks and Steps - CrowdStrike

Invoke-AtomicRedTeam is a PowerShell module that allows you to execute tests defined in the atomics folder of Red Canary's Atomic Red Team project. It is important to understand the tests before executing them and ensure you have permission to test. It is recommended to set up a test machine similar to your environment and have your collection/EDR solution in place. Complete installation and usage instructions can be found in the Wiki.

redcanaryco/invoke-atomicredteam: Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder] of Red Canary's Atomic Red Team project.

Wazuh is an open-source security platform that provides unified XDR and SIEM protection for endpoints and cloud workloads. It consists of a universal agent and three central components: the Wazuh server, indexer, and dashboard. The hardware requirements for a quickstart deployment depend on the number of protected endpoints, and the supported operating systems are 64-bit Linux distributions. The installation process involves running the Wazuh installation assistant and accessing the web interface with the provided credentials. After installation, the next step is to deploy the Wazuh agent to protect various devices and environments.

Quickstart · Wazuh :The Open Source Security Platform Unified XDR and SIEM

CISA's Cybersecurity Performance Goals (CPGs) are a set of voluntary practices aimed at reducing risks to critical infrastructure and the American people. These goals serve as a benchmark for measuring and improving cybersecurity maturity, provide recommended practices for IT and OT owners, and align with NIST's Cybersecurity Framework functions.

Cross-Sector Cybersecurity Performance Goals | CISA

在谷歌云上创建4核16G固定IP的RDP桌面的方法：登录谷歌云，激活cloud shell，执行指定的代码，然后在网页预览中查看RDP桌面。注意事项包括有效时间、IP位置的不确定性和可用性测试。

巧用谷歌云，免费创建4核16G固定IP的RDP桌面 - 考拉kk-考拉kk

This article outlines a six-step framework for accelerating cybersecurity incident response. The steps include preparation, identification, containment, eradication, recovery, and lessons learned. The importance of training, establishing a response strategy, and leveraging technology such as endpoint detection and response (EDR) platforms are highlighted. The article also emphasizes the need for continuous improvement and the role of investigation in the incident response process.

6 Steps to Accelerate Cybersecurity Incident Response

本文介绍了如何使用fly.io部署next-terminal和宝塔远程mysql。文章提供了注册和使用fly.io的步骤，以及自定义域名和一些fly.io的技巧。

[新服务]fly.io使用部署next-terminal+ 宝塔远程mysql – 1024.ee

Zero Trust vs Defense in Depth: Which is right for your org? - One Identity - Blogs - One Identity Community

在 PaaS 平台持久化地部署您的 Ghost 博客 - 独立世界

XRDP: Linux RDP server with Active Directory integration – 4sysops

OpenVAS docker container setup (Working 2022, all NVTs) | by dh0ck | System Weakness

使用Docker构建PyCharm开发环境_pycharm create a new docker target-CSDN博客

自建 Gotosocial | 一个 ActivityPub 联邦社交网络程序 - 独立世界

Azure Well-Architected Framework - Microsoft Azure Well-Architected Framework | Microsoft Learn

A zero trust approach to security architecture - ITSM.10.008 - Canadian Centre for Cyber Security

How I use the MITRE D3FEND Matrix to defend against ATT&CK(s) | by Lennart Erikson | Sep, 2023 | Medium

Create security baselines - Training | Microsoft Lea

Downloads | Steampipe

Try out SonarQube

How to automate opening and login to websites with Python | by Hristina Gulabovska | Medium

Moving to a Zero Trust Security Model - SentinelOne

【好玩儿的 Docker 项目】80、90 回忆杀，10 分钟搭建复古中文 DOS 游戏，最多畅玩 1898 款！ | 我不是咕咕鸽

分享一下自己在 VPS/NAS/ 本地电脑上是怎么备份数据的 | 我不是咕咕鸽

【好玩儿的 Docker 项目】10 分钟搭建一个高颜值的在线工具箱，用户体验很棒！ | 我不是咕咕鸽

【好玩儿的 Docker 项目】10 分钟搭建一个简单图床 ——Easyimage | 我不是咕咕鸽

DCToolbox – An Easy Approach to Deploy Conditional Access Policies

Raven: Open-source CI/CD pipeline security scanner - Help Net Security

HA for FortiGate-VM on Azure | FortiGate Public Cloud 7.4.0 | Fortinet Document Library

The Top Cyber Security Blogs and Websites of 2023

GitLab CI CD Pipelines for Home Lab: A Step-by-Step Guide - Virtualization Howto

网络剪贴板 - 极简的数据暂存和传送工具

gjyoung1974/soc2-policy-templates: Template SOC2 Policy Authority - documentation pipeline

在Docker下一键安装部署免费开源的问答社区！

Graylog Docker Compose Setup: An Open Source Syslog Server for Home Labs - Virtualization Howto

Installing CALDERA — caldera documentation

Learning

Thinkings

Technologies

Collections

Notes

Home

Links

Sites

Blog

SubMenu是子菜单，挂在上一个Menu中

Navigation

YouTube

ITPROSEC

菜单slug留空即可，用户展开子菜单

About Me

Search

Text

Guestbook

更多帮助请访问手册 → https://tangly1024.com/article/notion-next-secondary-menu

Others

Comments

Github

Hacking

Cyber

Cloud

Tools

password

icon

date

type

slug

status

title

summary

Database Form

类型为Notice的文章将被显示为公告，仅 hexo和next支持；仅限一个公告

Netsec

交流频道

加入我们的社群讨论分享