You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. Dismiss alert
タグ
- すべて
- 0xpatrik (22)
- BeautifulSoup (30)
- CGI-Application (25)
- Data-Dumper (31)
- Google-Apps-Script (46)
- OOP (22)
- PostgreSQL (34)
- Web-Service (35)
- account (21)
- actionscript (152)
- active (23)
- activedirectory (59)
- ag (23)
- agile (30)
- ai (136)
- air (25)
- ajax (225)
- algorithm (30)
- alternative (38)
- amass (33)
- amazon (80)
- analysis (48)
- android (82)
- ansible (89)
- apache (29)
- apachespark (27)
- api (872)
- app (110)
- apps (46)
- apt (43)
- archive (24)
- array (39)
- asn (58)
- assist (24)
- async (31)
- athena (25)
- atom (29)
- attack (25)
- auth (39)
- authentication (36)
- auto (26)
- automation (55)
- awesome (349)
- awk (60)
- aws (292)
- azure (35)
- babashka (21)
- backup (23)
- banner (50)
- bash (238)
- bat (27)
- batch (51)
- beautifier (22)
- bgp (34)
- binaryedge (37)
- bing (31)
- blacklist (40)
- blog (89)
- book (181)
- bookmark (71)
- bookmarklet (152)
- bookmarks (61)
- bot (67)
- brew (94)
- browser (84)
- bruteforce (34)
- buffer (23)
- bug-bounty (141)
- build (34)
- bypass (50)
- c (42)
- c++ (42)
- cache (31)
- calendar (31)
- cask (40)
- cdn (40)
- censys (99)
- certificate (96)
- cgi (25)
- channel (30)
- chat (41)
- chatbot (59)
- chatgpt (240)
- cheatsheet (170)
- check (70)
- checker (63)
- checklist (39)
- china (37)
- chinese (131)
- chrome (242)
- chromebook (113)
- chromeos (22)
- ci (64)
- cidr (50)
- circleci (30)
- cisa (36)
- class (23)
- classmethod (44)
- cli (975)
- client (75)
- clipboard (42)
- clisp (95)
- clojure (360)
- clojurescript (29)
- closure (32)
- cloud (52)
- cloud9 (37)
- cloudflare (65)
- cmd (43)
- cms (46)
- cname (27)
- code (68)
- coding (38)
- colaboratory (31)
- command (146)
- common-lisp (94)
- company (76)
- comparison (93)
- compile (22)
- config (46)
- configuration (31)
- container (34)
- continuation (22)
- convert (132)
- converter (22)
- cookbook (72)
- cookie (23)
- copilot (24)
- copy (34)
- coverage (25)
- cpan (474)
- crawler (54)
- credential (92)
- crt.sh (36)
- csirt (37)
- csp (23)
- css (42)
- csv (136)
- ct-log (26)
- cui (107)
- curl (73)
- cve (157)
- cvss (30)
- cybersecurity (243)
- cygwin (40)
- dankogai (26)
- darkweb (65)
- data (33)
- data-science (57)
- database (71)
- dataframe (46)
- date (27)
- db (79)
- ddd (64)
- debug (187)
- decorator (31)
- del.icio.us (48)
- design (121)
- design-pattern (37)
- detect (33)
- detection (72)
- dev (473)
- devops (23)
- di (27)
- dictionary (61)
- diff (23)
- dig (56)
- distribution (24)
- django (203)
- djangorestframework (52)
- dns (368)
- doc (35)
- docker (260)
- dockerfile (79)
- docs (24)
- dom (32)
- domain (306)
- dorks (273)
- dos (24)
- download (43)
- draftpad (24)
- dropbox (23)
- duckduckgo (23)
- dump (62)
- ecs (31)
- editor (81)
- elasticsearch (57)
- elisp (351)
- elixir (58)
- emacs (973)
- email (108)
- encode (26)
- engineer (47)
- english (181)
- enumeration (319)
- epub (32)
- erlang (38)
- error (46)
- event (31)
- example (56)
- excel (139)
- exception (29)
- exe (31)
- exploit (51)
- extension (245)
- extensions (37)
- extract (26)
- facebook (31)
- fargate (25)
- favicon (48)
- feed (56)
- file (68)
- filter (32)
- finance (41)
- find (25)
- fingerprint (79)
- firebase (43)
- firefox (233)
- flake8 (29)
- flash (141)
- flask (39)
- flex (45)
- fofa (28)
- font (35)
- forensics (25)
- formatter (40)
- forum (22)
- framework (265)
- free (153)
- french (22)
- ftp (24)
- function (63)
- functional (120)
- game (25)
- gas (63)
- gauche (68)
- gcp (48)
- gem (33)
- generator (79)
- gist (160)
- git (146)
- github (2943)
- github-actions (22)
- gitlab (22)
- gmail (23)
- gnu (29)
- go (347)
- golang (652)
- google (493)
- gov (47)
- graalvm (25)
- gradle (44)
- greasemonkey (102)
- grep (76)
- gui (27)
- guide (32)
- guideline (28)
- hacker (31)
- hash (65)
- haskell (154)
- hatena (188)
- helm (25)
- heroku (49)
- history (76)
- homebrew (92)
- honeypot (32)
- html (184)
- http (97)
- https (30)
- icon (24)
- ics (25)
- ide (43)
- ie (34)
- image (66)
- incident (35)
- incident-response (46)
- indent (24)
- information-gathering (90)
- infosec (189)
- install (141)
- intelligence (54)
- ioc (30)
- ios (98)
- ip (411)
- ipa (24)
- ipad (51)
- iphone (165)
- ipv6 (26)
- japan (123)
- japanese (143)
- java (191)
- javascript (1389)
- jq (109)
- jquery (40)
- js (63)
- json (328)
- jupyter (40)
- kaggle (24)
- keybinding (23)
- kindle (33)
- korean (34)
- kotlin (54)
- kubernetes (33)
- lambda (70)
- language (44)
- ldap (63)
- leak (88)
- learning (78)
- lein (30)
- library (241)
- line (27)
- lint (33)
- linux (195)
- lisp (346)
- list (283)
- local (51)
- log (57)
- login (22)
- lookup (35)
- mac (465)
- malware (118)
- management (373)
- map (94)
- markdown (104)
- masscan (36)
- medium (96)
- meeting (47)
- methodology (25)
- microsoft (37)
- mindmap (24)
- ml (81)
- mobile (57)
- mock (62)
- module (128)
- money (33)
- mongodb (23)
- monitoring (43)
- movie (39)
- music (104)
- mypy (94)
- mysql (69)
- neovim (31)
- network (143)
- news (96)
- nmap (135)
- node.js (69)
- note (41)
- nuclei (26)
- nuxt.js (51)
- object (38)
- ocaml (39)
- oneliner (37)
- online (68)
- openai (27)
- opera (84)
- optimize (106)
- option (63)
- origin-ip (27)
- osint (998)
- pandas (167)
- parallel (62)
- parse (54)
- parser (36)
- password (23)
- path (55)
- pdf (278)
- pentest (322)
- performance (49)
- perl (815)
- phishing (178)
- php (311)
- ping (23)
- pipeline (29)
- playbook (28)
- plugin (154)
- plugins (26)
- pm (302)
- poc (47)
- podcast (79)
- poetry (34)
- port (192)
- portable (36)
- portal (23)
- powershell (43)
- product (100)
- programming (155)
- project (59)
- prompt (87)
- protocol (26)
- prototype.js (22)
- proxy (85)
- public (24)
- pytest (90)
- python (3057)
- qiita (1691)
- query (23)
- r (119)
- rails (150)
- random (25)
- react.js (33)
- recon (377)
- reference (133)
- regex (58)
- replace (33)
- report (78)
- reputation (126)
- requests (33)
- rlang (67)
- rspec (22)
- rss (103)
- ruby (814)
- rust (163)
- rustlang (94)
- s3 (57)
- safari (30)
- sample (59)
- sbt (45)
- scala (247)
- scan (280)
- scanner (145)
- scheme (210)
- scraping (212)
- scrapy (142)
- script (91)
- search (496)
- security (1315)
- securitytrails (44)
- sed (24)
- selenium (103)
- seo (39)
- server (121)
- settings (78)
- shell (182)
- shodan (233)
- shortcut (63)
- slack (82)
- slide (140)
- software (94)
- softwares (102)
- source (44)
- spacemacs (166)
- spam (39)
- speakerdeck (48)
- spreadsheet (32)
- sql (111)
- sqli (22)
- ssh (60)
- ssl (133)
- stackoverflow (202)
- subdomain (343)
- tab (26)
- takeover (75)
- task (57)
- tdd (26)
- tech (24)
- telegram (23)
- template (113)
- terminal (25)
- test (483)
- text (99)
- threat (465)
- tips (530)
- tls (160)
- tool (160)
- tools (222)
- tor (54)
- translate (23)
- travel (64)
- trello (32)
- tuning (30)
- tutorial (51)
- tv (27)
- twitter (113)
- type (86)
- typescript (81)
- typing (103)
- ubuntu (68)
- unittest (130)
- unix (84)
- url (193)
- usb (23)
- userjs (30)
- utf-8 (27)
- version (22)
- video (32)
- vim (595)
- vimscript (80)
- virustotal (35)
- vue.js (78)
- vulnerability (1261)
- waf (29)
- web (208)
- web2.0 (43)
- webapi (210)
- webapp (26)
- webdev (81)
- webservice (896)
- whois (171)
- wiki (40)
- window (23)
- windows (599)
- wordpress (48)
- workflow (23)
- xargs (30)
- xml (109)
- xpath (34)
- xss (78)
- xyzzy (25)
- yahoo (31)
- youtube (182)
- zenn (76)
- zsh (54)
- python (3057)
- github (2943)
- qiita (1691)
- javascript (1389)
- security (1315)
- vulnerability (1261)
- osint (998)
- cli (975)
- emacs (973)
- webservice (896)
securityとslackに関するishideoのブックマーク (7)
-
ishideo 2020/07/27
- dns
- golang
- slack
- security
- vulnerability
- nschecker
- github
- registrar
- domain-hijacking
- name-server
リンク -
DNS改竄検知ツールをgolangで作った(Slack通知付き) - Code Day's Night
DNSのNSレコード、MXレコードの改竄を検知(変更検知)し、オプションでSlack通知もできるツールを公開しました。 https://github.com/ichikaway/nschecker Go言語で開発し、LinuxとMacのバイナリもダウンロードできます。 すぐに実行できるため、cron指定しておけば意図しないレコードの変更がわかります。 作った経緯 最近、ドメインハイジャックの事件を目にするよになりました。 DNS設定の改ざんによるドメイン名ハイジャックに注意喚起(JPRS) | ScanNetSecurity 2020年6月にコインチェックのドメインハイジャック事件が起きています。 コインチェックのドメインハイジャックの手法を調査した - Shooting!!! この記事を読むと、改竄されたレコードは、ns-1515.awsdns-"0"61.orgのような一見正しそうだが
-
脆弱性情報の収集→slack通知→backlog登録を自動化してみた - Qiita
前提 実行環境: CentOS6.X, ruby, slack-incoming-webhooks, backlog_kit アラート通知先: slack チケット登録先: backlog 今回はnginxの脆弱性情報をサンプルに取得してみます。 (参考)Vulsなんていうすばらしいツールがあるのをあとから知りました・・・ http://qiita.com/sadayuki-matsuno/items/0bb8bb1689425bb9a21c 脆弱性情報をどこから収集するか IPAが提供している「MyJVN API」を利用します。LACさんが脆弱性情報を提供していると、どこかで聞いたような気がするので、提供される情報は信じていいとおもいます。 http://jvndb.jvn.jp/apis/ API経由で脆弱性情報を取得するには製品ID(productId)が必要になりますので、事前に調
-
-
-
-
-
1
公式Twitter
- @HatenaBookmark
リリース、障害情報などのサービスのお知らせ
- @hatebu
最新の人気エントリーの配信
処理を実行中です
キーボードショートカット一覧
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
設定を変更しましたx