[不升版的通靈CheatSheet '_>' by Jiazen](/HJemCRdDC)
===
OS Baseline chk
===
- 組態管理
- [OS audit chk](/XILEFyNQQUKWpCT-SDx-WA)
- [網路+設備audit chk](/p4WT8fSMSk28ErPaqteU5Q)
- [組態組態查核項目](/q4mA7CzWRM6z2KIO0908BA)
- macBook
- [mac OS Hardening](/p5D-YRjlS_iDxra0ArPpbQ)
- [pwpolicy MACbook](/8zCpGtBGRI6dXT8w8BCXsQ)
- windows chk
- [windowsHarden](/MmCZu4CeTp-GRQ5XYSzkfg)
- [winget 軟體安全清單](/BauhD27xTkGnJm7hr_DtPw)
- [win11 效能優化安全不打折](https://hackmd.io/@lukEhsec/BJzpxvbckx)
- [OA new labtop setting](/8aea56H8RwCYHYuZZh5ZTw)
- [必關功能環境安全設定](/tTf0B8DoRzqhcvTrrqDXUw)
- [禁用藍牙檔案傳輸](https://hackmd.io/@lukEhsec/SkQ7ShnDkl)
- [winServer NTP時鐘同步](https://hackmd.io/@lukEhsec/B1F1YWSDC)
- [ms cipher TLS](/sb0gZSCeQk2PMpSQnRFV2g)
- [ms server事件日誌完整設定](https://hackmd.io/@lukEhsec/BJKG3bNw0)
- [systeminfo安全收集腳本](/MnY409WLQ-6TM3pdYuxJAQ)
- [winServer SSL/TLS](/7xLw9S36ROy3chmg1rHZvw)
- [CVE-2023-35636 NTLM 流量](/ELt3wuhmT6CgZ5eH7L9IAA)
- [CVE-2011-0657 多點傳送名稱解析](https://hackmd.io/@lukEhsec/SkYJnPHDA)
- [遠端桌面 Guest 帳號完整禁用](https://hackmd.io/@lukEhsec/HyMfIzVDR)
- [disable 139 445 port+ NTLMv2](/PAtZGa_4QT2ihmOZBY982Q)
- [port 3389 TLS強化](https://hackmd.io/@lukEhsec/SykkX7BD0)
- [USB disable](https://hackmd.io/@lukEhsec/rk1c9iXPA)
- [oneDrive的煩惱](https://hackmd.io/@lukEhsec/r14EnYmDC)
- [mail secure(禁用外部圖片)](/XJz-LHKzQ9qLziMsk2Lu7w)
- Linux(Rocky / Ubuntu) chk
- [RockyLinuxBenchmark](/1E7jjxJESJqpZ9zjuR6MYA)
- [Rocky Firewall-cmd](/w2QO9yHNQIW0ScjJaL9tYg)
- [Ubuntu_sysctlConfig](/HysG8azvA)
- [Ubuntu_passwd 密碼政策](/SJKgw6fv0)
- [Ubuntu_NTP chrony時鐘同步](/rklaCO7wC)
- [Ubuntu_log集中化日誌設定](/HkDzEYQvA)
- [linux chk 手動稽核腳本](/GEMEv9AyQimiJWCXcY7ktQ)
- [linux 指令排查設定](/I03oh1P-TPeVp2FvJUCBvw)
- [passwd policy](/lwzgFwAKSDCzJSSuGhgVzA)
- [ssh(d)_config](/65qHXai4TiSB5Vv8kfv4LA)
- [ufw防火牆政策](https://hackmd.io/@lukEhsec/BJPtOQRvR)
- [sysctl Disable ipv6](/c3Wy_vt7TNWJSzcitB4iXA)
- [排查占CPU的套件](https://hackmd.io/@lukEhsec/HJccGXiqC)
Linux kit
===
- redis
- [redis.集群安全配置全攻略](/sWu4VosBR_6u1WIuJ-yziA)
- [Redis chk Hardening](/ruRFCg6kRPeNZvuLuqWIXQ)
- docker
- [dockerrr](/qGCwudUZSqaYmBKADC4-NA)
- [dockerHarden](/frQBWDN2SCyA6pkKCz2kag)
- [docker repo](/XxpV38LoRL6P9dVsnSgdDQ)
- [docker note](/RiMLgoZHSGO8ZO2CjkbntQ)
- [GVM docker](/pnDj0qKlQbKm1P0Be1qNXw)
- DNS 53 port
- [bind9 內網DNS安全稽核](/-uvdGBlaSoK2kpMuTvNk_w)
- [named.conf 範本](/kPyVPtjERRqjCv0dyTtN1A)
- [CVE-2025-40778 BIND 9](/2XuRqnkjQOqamDbY9zNuqg)
- [DNS_Exfiltration(加RPZ bind)](/TwO82541Rgi8jfXGwqaXtg)
- [dns-algorithm sha1 disable](/9naTt0NnR2Kec8BaYOWaQQ)
- [dnstwist 從安裝到設定](/rX4CXEN6SXeXLEw8Qek7Sg)
- DB
- [mysql 安全稽核](/RZV83c9AQXeMzJ7lplFe8w)
- [MongoDB 8.0](/W_MWCdDiSUmiuF4XAJvDxw)
- [ansible chkLinux](/NPVg3dYWSU60EqO1uYcmLA)
- [Ansible](/EZiXT_5eQUiWo2FxEnLcMA)
- [拉取trivy](/zQokfNzqT16Dfw0k8ge1LA)
CVE remediation
===
- [NVD](/kd50NXihRmupk0AMlaS9hA)
- [LEV「可能遭利用漏洞」](/GWWeVsqHTjuek-PshrZmNA)
- [CWE Top 25](/CETFjEiKTu2zpvPWoUmGWg)
- [PHP.ini hardening](/jHfoGKrJRU-GSJaiz_JKXw)
- [Axios](/dKdcMSFxTf-5csltHhWxYg)
- [npm 和 Node.js 常見漏洞](/e17Uk5A0RZK076-ahD4BiQ)
- [CVE-2025-26791 Dompurify mXSS](/US96CKllSEquUDMXZ4iP0A)
- 22 port
- [SSH Weak Encryption Algorithm](/CqpsPABSQ4S7kKL0B0pIAA)
- [SSH LoginGraceTime](https://hackmd.io/@lukEhsec/SJ4JGaDDR)
- [SSH weakCipher chacha20](https://hackmd.io/@lukEhsec/HJhQClG_R)
- [hide openssh ver ](/0xv6PxDKQo2n2dxQGtxMuA)
- [sys tcp_timestamps](https://hackmd.io/@lukEhsec/SkTmHIUwA)
- [CVE apache](/DUfae7xwR6WmoeFjfK_a9w)
- [CVE-2025-32463 sudo](/A_tLDrEwTnOUlmZNbB6DOQ)
linux cli
===
- [grep](/1CWScPrNRf2qrcfGEkmAXw)
- [logrotate ](/oF6uDelsQTaTEhp1azNVdA)
- [ping curl](/T7X6adpHQUmkZviQt6edlA)
- [NSE nmap](/Zk51UfMcSbS0d3D2RcAkBw)
- [openssl cil](/IpNQcPoETWO21alSFKitxg)
- [DNS dig nslookup cli](/qKe4CRwSQxqRFEC4cDztpA)
web config(Nginx / Apache / IIS)
===
- [内容安全策略CSP](/Z__nHhYmQIe0X-T8BNQm6A)
- [IIS Harden](/D9R_UPZOSD6PaPyGr9pa9A)
- [PPP_webConfigHeaders](/eOVO76DPSx2kALFV51KyDg)
- [SSL CA根憑證](/rFXyV_13QFGrjawMMHtrow)
- nginx
- [sslCipherSuite](https://hackmd.io/@lukEhsec/HJgxSnjPA)
- [NGINX HTTPS Harden](/bfcrVD1YQJaMzwXmHyDp7w)
- [NGINX Harden](/wdPiWOfBRlqFz-vGcW61LA)
- [Nginx Headers](/b8KqaGn1SreFwMAnRQmhzQ)
- [強制安全傳輸(HSTS)](/ZC5Qr5L9ScuPQckrEgi5RQ)
- [location用法](/gycMI2wvT6eljXvQPpP1RQ)
- apache
- [Apache2 Harden by cis](/OaQ527TpSKaHeWRY6f0P7g)
- [Apache Sensitive File Disclosure (HTTP)](/lqDp3iPCR0Wi4VhM0g7aOA)
- [apche2 conf 範本](https://hackmd.io/@lukEhsec/S1vIuXYDC)
- [apche mod harden](https://hackmd.io/@lukEhsec/ByHwwPcD0)
- [apache hide headers](https://hackmd.io/@lukEhsec/B1QmTXM_C)
- [SSLOpenSSLConfCmd Curves](/cOMv7N4zSEuDzQU1Wc3mVA)
- [apache weak chiper TLS](https://hackmd.io/@lukEhsec/By3xwv5PR)
- [Apache: http trace/track enable](https://hackmd.io/@lukEhsec/r1w8gR_P0)
- [mod-security2 Syntax error](https://hackmd.io/@lukEhsec/HkfIvlGuA)
- [Apache -v trace headers](/DyIDWW0YTaelOzv14zNo7w)
mail chk
===
- [SMTPS TLS enable ?](/lPCufoUNQn-HR33ZRTPC1A)
- [check.spamhaus](/w_N2eTSgQxezoxDbEyI7Yg)
- postfix
- [postfix+dovecot SASL ](/xUaLg0OlScCv0vtzfGu9cg)
- [postfix weak TLS cipher](https://hackmd.io/@lukEhsec/S16_4hPPC)
- [postfix: SMTP smuggling](https://hackmd.io/@lukEhsec/ryuWeawv0)
- [postfix VRFY/EXPN 防止列舉](https://hackmd.io/@lukEhsec/HyuokavP0)
coreReview
===
- [cwe CodeReview](/g8fURkmURyepW9fJyvMG_A)
- [chkmarx 中風險](/6YcXoLJcTmeJTzBrp78SdQ)
- [chkmax](/-AzprHdlSOKV4oqlntLzsw)
- [ASP.NET Core HEADERs](/faK19lgPRs6xXNh36yTF2w)
phish scamWeb
===
- Phish mail
- [仿真的redis釣魚信,](/y6QgJbG9SueXYuz5OIWgtw)
- [釣魚郵件圖片範例庫](/SfSpxjELQYWfW0OE4eOOBQ)
- [社交工程攻擊 Lxkzcss xyz Virus](/3VFg0TzwTSm1hEwMtT-GMg)
- [AiTM和BEC詐騙的腳本](/5wuogTPbR42zzJTAJnPBJA)
- deepWeb scamWeb
- [deTCT](/MS0dUYxWTJCc8Bt4XJ_H5A)
- [WebMonitor](https://hackmd.io/@lukEhsec/r1KHbCnybl)
- [impresonation domain](/fCcYWioYRUOd0fnExAAuFQ)
- [EASM](/Zjb-t2l0TVKd5NQsnDK60Q)
- [dnstwist 從安裝到設定](https://hackmd.io/@lukEhsec/SJXPulkeZx)
- [web monitor 腳本](/_zXklhZdS7-4yJ5p9hiRag)
- [subdomain](/4DmeoBFQT6yRlS2-dgEx8Q)
- [sublist3r Enumerating subdomains](/ytT_ZG2KQ0e9_4rNKoIMGA)
- [Puppeteer ur web monitor](/o0ynL88_Taa-gQLuNk-vyg)
- [web monitor by nodejs Puppeteer](/5apdgnwLRf-qs7jO6agg5g)
- [bash ur monitor script](/7M4aUpdoR0KUay2CytJiUw)
- [rpz.local.db](/Gad5rCWmQ42c90AmD9FD3w)
- [rpz.abusech.db](/sNb10DQpSV-lwI_NQg0E0w)
- [subfinderv2.9.0](/qSRw_MruQ3SSf_RmeUsX7Q)
- [subdomain](/4DmeoBFQT6yRlS2-dgEx8Q)
- [dirb](/IYIHDdWdSFyiZwDwioRIxQ)
- [Nmap_http-enum](/T8igrx2sSdGjDOmPQiasTA)
- [twpolice act20251105](/dSGJUzLcQrSmXaD57KqQyQ)
Drill
===
- [Drill PreParation](/6lXIKZagRjyq8sdODC29oQ)
- [drill_First Save 3600 sec](/fEF86B3UQJ2Ft7Cx3XHuBQ)
- [Data Breach Drill](/ZZiDhLldTTu_IZ79GxyShQ)
- [mail spooling drill](/gloo-X9pTvSdLfbFJEbVBw)
- [Scam Site Drill](/3mObLRuKSai7n-do4bV04Q)
-
Training
===
- [Policy as Code](/XDlBr1kyTMuIG2A6BCRbsg)
- [K8s安全實作與建議](/XD4HRRfTTkuBdri4bVx0NQ)
- [Security Champions](/iSK3WguqR4C5NuzdHTD7ew)
- [VPC VPN](/_4SykbkaSXWN9R7vwZNnrw)
- encrypt
- [量子運算對稱加密影響](/eYoSWgRIT7SGP7Nt5gI8iA)
- [TLS/HTTPS CA 信任移除](/Hd0SNE7xTgSXpuFtXpsKBQ)
- [IAM EncryptionKey](/n9yOt3AhQ8asE1ewWzAYmg)
- [SHA-1 和 AES-128 被認為不安全](/KvZG7uOHRbCGw4yqdNdbLA)
- FAIR風險量化
- [SBOM 版本管理](/fw6iopoXRvSiWWLy1SEy1A)
- [SBOM 與漏洞管理](/nZ6Dw1rMSe2I1CR39cWLow)
- [FAIR SBOm 風險量化](/5PayFFfYTQuRzh1i3NvHrA)
- [FAIR LEF 估算可信度](/XMweTYAjQ5C4VWneqztDSg)
- [漏洞管理與合規篇](/oAnU817kRUOdROd4AGrDqw)
- [ithomeSDLC](/q6JkEyNFT7a7zS9yVB7irg)
- zero turst
- [零信任進度進度](/bzXYCwQUTH6Fn8yGtaRgAw)
- [零信任成熟度模型(ZTMM)](/rFLZpi6yRRGYn0TrmWb94g)
- [零信任架構分級檢核表](/5uyh8v1cQUaTp4ho18arOQ)
- [零信任架構(ZTA)](/TBJzKQZzSCOepTEkgf0aow)
- 安全題目
- [網絡安全題目](/ej5Z8GP5R-i0rtqp1Iu-lg)
- [字節跳動考題](/o-l5RZB6Rk6K92R-Sii41A)
- [阿里考題](/buyGRelyTWGBl0841pHSiw)
- [awareQuiz](/E4Jjdiw_SpKudM3JcBXNAw)
- [awareQuiz 2](https://hackmd.io/@lukEhsec/B1hd5fJuee)
- Drill
- [PII Scenario 情境](/lbu5UWrYT7C1etsvUv0_yg)
- [PII Drill](/x6BaLh7mSHGbRYaTS9QB8Q)
- [RecoveryDrill](/g7Fa4nv4SR2z5bw6kTEy_Q)
- case Study
- [如何驗證辦公室周邊設備的安全風險](/PcFg34nIT5qIhy4aJAtoDw)
- [20250905 全電商 pay by pxplus](/-B71Eq5lRviR8M5yfjHGvQ)
- [電子支付ppfairFine](https://hackmd.io/@lukEhsec/rJO0eZzwJl)
- [pppCyberSecurityReport](/sjyWQCy3R7OYfHZBR9Z3YA)
- [資訊安全策略與成熟度綜合分析報告](/C0nEM0UzSAC1Eu4e1QcgGA)
- [4件說明](/ewOLOoflSBaoQf0zYlourw)
- [內控制度CA 3.2(9) 使用電腦化資訊處理作業](https://hackmd.io/@lukEhsec/ryvNj3cr1x)
- [AUP可接受使用政策](/rAEyaZXWSu2xkcfohFyP6g)
- [**信息安全事件案例分析报告**](https://hackmd.io/@lukEhsec/Byo2QEAa1e)
- [Line 減肥](/HjfD-YeEQdaVUdaaUTphiQ)
- [sltva](/jg9AyJ2MRwyYOdS6HKEFOw)
- [pppOAsiteFinding](/Lwsw1YTJS_6MBmIwpAghpQ)
- NEWS case Study
- [Line未經批准的通訊軟體](/wR1jR6wjTkahppsHIcUMnw)
- [BPFDoor (SK SIMcard MFA bypass)](/Pk6caQueRNCWfUZk_Ykk9g)
- [IBM X - Force 威胁情报](/94s8s1b7TeO5PKj9_jfLsA)
- [xz-utils](/tajZL_KbQVeuOkR8ZPEx3Q)
- [台G電供應商有個約](/rk_A6cmDC)
- [engNEWS vv](/8nisvtNYTw2jJAFzj9Ik-A)
[web link](https://hackmd.io/@lukEhsec/rJ_g7g1gWe)
===
{"title":"Hardening and config chk","description":"redis.集群安全配置全攻略","contributors":"[{\"id\":\"90cbf508-671f-4d45-9108-87f57aae661e\",\"add\":15779,\"del\":6396,\"latestUpdatedAt\":1766546785894}]"}