GitHub address: github.com/Bypass007/E…
GitBook address: bypass007. Making. IO/Emergency – R…
Project introduction
Facing all kinds of security incidents, how should we deal with them?
This is a project about security incident emergency response, from system intrusion to incident handling, collected and collated some cases for analysis.
I will continue to update this note in the hope that it can help those in need.
If you see a good case, please submit it through issue.
Project directory
-
[Chapter 1: Emergency Response]
-
Chapter 1 :Window intrusion Investigation
- Chapter 2 :Linux Intrusion Detection
-
[Chapter 2: Log Analysis]
- Chapter 1 :Window log Analysis
- Chapter 2 :Linux Log Analysis
- Article 3 :Web Log Analysis
- Article 4 :MSSQL log Analysis
- MySQL log analysis
-
[Chapter 3 :Windows In Action]
- Chapter 1: FTP brute force cracking
- Chapter 2: Worm Viruses
- Article 3: Ransomware
- ARP Virus
- Article 5: Mining Virus (1)
- Article 6: Mining Virus (II)
-
[Chapter 4: Linux In action]
- 1: SSH brute force cracking
- Chapter 2: Catching short links
- Article 3: Mining virus
- Chapter 4: The Gates Trojan horse
- Article 5: DDOS Virus
- Chapter 6: Shell Viruses
-
[Chapter 5: Web Practice]
- Article 1: Web sites are embedded in Webshell
- Chapter 2: Malicious Mining of Menlo coins
- Chapter 3: Batch hanging black pages
- Article 4: News source website hijacking
- 5: Mobile hijacking
- Chapter 6: Search engine hijacking
- Chapter 7: The homepage of the website is tampered with
- Chapter 8: Administrator Account Tampered with
Study and communication
Follow-up updates will be published on the official account Bypass -. Meanwhile, the official account provides a PDF version of the project. You can download it by replying to “Emergency Response”.
