sbilly/awesome-security 源码下载与部署教程

项目概述

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

项目地址

https://github.com/sbilly/awesome-security

项目页面预览

关键指标

• Stars：13822
• 主要语言：
• License：MIT License
• 最近更新：2026-01-11T02:00:26Z
• 默认分支：master

本站高速下载（国内可用）

当前未生成本站压缩包（稍后重试）。

安装部署要点（README 精选）

Docker Images for Penetration Testing & Security

• docker pull kalilinux/kali-linux-docker official Kali Linux
• docker pull owasp/zap2docker-stable – official OWASP ZAP
• docker pull wpscanteam/wpscan – official WPScan
• docker pull remnux/metasploit – docker-metasploit
• docker pull citizenstig/dvwa – Damn Vulnerable Web Application (DVWA)
• docker pull wpscanteam/vulnerablewordpress – Vulnerable WordPress Installation
• docker pull hmlio/vaas-cve-2014-6271 – Vulnerability as a service: Shellshock
• docker pull hmlio/vaas-cve-2014-0160 – Vulnerability as a service: Heartbleed
• docker pull opendns/security-ninjas – Security Ninjas
• docker pull diogomonica/docker-bench-security – Docker Bench for Security
• docker pull ismisepaul/securityshepherd – OWASP Security Shepherd
• docker pull danmx/docker-owasp-webgoat – OWASP WebGoat Project docker image
• docker-compose build && docker-compose up – OWASP NodeGoat
• docker pull citizenstig/nowasp – OWASP Mutillidae II Web Pen-Test Practice Application
• docker pull bkimminich/juice-shop – OWASP Juice Shop
• docker pull jeroenwillemsen/wrongsecrets– OWASP WrongSecrets
• docker run -dit --name trd -p 8081:80 cylabs/cy-threat-response – Cyware Threat Response Docker
• docker-compose -d up – cicd-goat

Configuration Management

• Fleet device management – Fleet is the lightweight, programmable telemetry platform for servers and workstations. Get comprehensive, customizable data from all your devices and operating systems.
• Rudder – Rudder is an easy to use, web-driven, role-based solution for IT Infrastructure Automation & Compliance. Automate common system administration tasks (installation, configuration); Enforce configuration over time (configuring once is good, ensuring that configuration is valid and automatically fixing it is better); Inventory of all managed nodes; Web interface to configure and manage nodes and their configuration; Compliance reporting, by configuration and/or by node.

Runtime Application Self-Protection

• Sqreen – Sqreen is a Runtime Application Self-Protection (RASP) solution for software teams. An in-app agent instruments and monitors the app. Suspicious user activities are reported and attacks are blocked at runtime without code modification or traffic redirection.
• OpenRASP – An open source RASP solution actively maintained by Baidu Inc. With context-aware detection algorithm the project achieved nearly no false positives. And less than 3% performance reduction is observed under heavy server load.

Red Team Infrastructure Deployment

• Redcloud – A automated Red Team Infrastructure deployement using Docker.
• Axiom -Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on offensive and defensive security.

常用命令（从 README 提取）

（未提取到命令块）

通用部署说明

1. 下载源码并阅读 README
2. 安装依赖（pip/npm/yarn 等）
3. 配置环境变量（API Key、模型路径、数据库等）
4. 启动服务并测试访问
5. 上线建议：Nginx 反代 + HTTPS + 进程守护（systemd / pm2）

免责声明与版权说明

本文仅做开源项目整理与教程索引，源码版权归原作者所有，请遵循对应 License 合规使用。