├── LICENSE ├── README.md ├── assets └── safeline_logo.svg ├── series_10 ├── api_doc │ ├── .nojekyll │ ├── account.md │ ├── acl.md │ ├── api.json │ ├── api.postman-collection │ ├── conf.md │ ├── conf2.md │ ├── index.html │ ├── management.md │ ├── mario.md │ ├── metrics.md │ ├── node.md │ ├── readme.md │ └── serializer.json ├── plugin_demo │ ├── process_hello_world │ │ ├── README.md │ │ ├── plugin.lua │ │ └── process_hello_world.png │ ├── ticker_hello_world │ │ ├── README.md │ │ ├── plugin.lua │ │ └── ticker_hello_world.png │ ├── 半小时内发现3次高危攻击就封IP │ │ ├── README.md │ │ └── plugin.lua │ ├── 发现可能存在的后门 │ │ ├── README.md │ │ └── backdoor.lua │ ├── 发现大量40X就封IP │ │ ├── README.md │ │ └── plugin.lua │ ├── 发现暴力破解 │ │ ├── README.md │ │ └── brute.lua │ ├── 提取真实外网IP │ │ ├── README.md │ │ └── detect_real_IP.lua │ ├── 统计每个域名的访问量 │ │ ├── README.md │ │ ├── plugin_counter.lua │ │ └── plugin_ticker.lua │ └── 统计用户访问的域名 │ │ ├── README.md │ │ └── plugin.lua └── plugin_sdk.md └── series_20 ├── api_doc ├── account.md ├── acl.md ├── api.json ├── api.postman-collection ├── api_check.json ├── index.html ├── management.md ├── mario.md ├── node.md ├── options.md ├── policy.md ├── readme.md ├── report.md └── website.md ├── plugin_demo ├── 封禁特定地区|基于公开情报进行封禁 │ ├── README.md │ └── plugin.lua ├── 封禁频繁进行攻击的IP │ ├── README.md │ └── plugin.lua ├── 统计域名及其访问量 │ ├── README.md │ └── plugin.lua ├── 耗时请求告警 │ ├── README.md │ └── plugin.lua └── 针对固定路径的Top统计 │ ├── README.md │ └── plugin.lua └── plugin_sdk.md /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/README.md -------------------------------------------------------------------------------- /assets/safeline_logo.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/assets/safeline_logo.svg -------------------------------------------------------------------------------- /series_10/api_doc/.nojekyll: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /series_10/api_doc/account.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/account.md -------------------------------------------------------------------------------- /series_10/api_doc/acl.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/acl.md -------------------------------------------------------------------------------- /series_10/api_doc/api.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/api.json -------------------------------------------------------------------------------- /series_10/api_doc/api.postman-collection: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/api.postman-collection -------------------------------------------------------------------------------- /series_10/api_doc/conf.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/conf.md -------------------------------------------------------------------------------- /series_10/api_doc/conf2.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/conf2.md -------------------------------------------------------------------------------- /series_10/api_doc/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/index.html -------------------------------------------------------------------------------- /series_10/api_doc/management.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/management.md -------------------------------------------------------------------------------- /series_10/api_doc/mario.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/mario.md -------------------------------------------------------------------------------- /series_10/api_doc/metrics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/metrics.md -------------------------------------------------------------------------------- /series_10/api_doc/node.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/node.md -------------------------------------------------------------------------------- /series_10/api_doc/readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/readme.md -------------------------------------------------------------------------------- /series_10/api_doc/serializer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/api_doc/serializer.json -------------------------------------------------------------------------------- /series_10/plugin_demo/process_hello_world/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/process_hello_world/README.md -------------------------------------------------------------------------------- /series_10/plugin_demo/process_hello_world/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/process_hello_world/plugin.lua -------------------------------------------------------------------------------- /series_10/plugin_demo/process_hello_world/process_hello_world.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/process_hello_world/process_hello_world.png -------------------------------------------------------------------------------- /series_10/plugin_demo/ticker_hello_world/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/ticker_hello_world/README.md -------------------------------------------------------------------------------- /series_10/plugin_demo/ticker_hello_world/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/ticker_hello_world/plugin.lua -------------------------------------------------------------------------------- /series_10/plugin_demo/ticker_hello_world/ticker_hello_world.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/ticker_hello_world/ticker_hello_world.png -------------------------------------------------------------------------------- /series_10/plugin_demo/半小时内发现3次高危攻击就封IP/README.md: -------------------------------------------------------------------------------- 1 | # 半小时内发现3次高危攻击就封IP 2 | 3 | 4 | -------------------------------------------------------------------------------- /series_10/plugin_demo/半小时内发现3次高危攻击就封IP/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/半小时内发现3次高危攻击就封IP/plugin.lua -------------------------------------------------------------------------------- /series_10/plugin_demo/发现可能存在的后门/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/发现可能存在的后门/README.md -------------------------------------------------------------------------------- /series_10/plugin_demo/发现可能存在的后门/backdoor.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/发现可能存在的后门/backdoor.lua -------------------------------------------------------------------------------- /series_10/plugin_demo/发现大量40X就封IP/README.md: -------------------------------------------------------------------------------- 1 | # 发现大量40X就封IP 2 | -------------------------------------------------------------------------------- /series_10/plugin_demo/发现大量40X就封IP/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/发现大量40X就封IP/plugin.lua -------------------------------------------------------------------------------- /series_10/plugin_demo/发现暴力破解/README.md: -------------------------------------------------------------------------------- 1 | # 发现暴力破解事件 2 | 3 | 分析是否存在某个 IP 短时间内频繁访问登录接口,分析结果会输出在插件日志里。 4 | -------------------------------------------------------------------------------- /series_10/plugin_demo/发现暴力破解/brute.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/发现暴力破解/brute.lua -------------------------------------------------------------------------------- /series_10/plugin_demo/提取真实外网IP/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/提取真实外网IP/README.md -------------------------------------------------------------------------------- /series_10/plugin_demo/提取真实外网IP/detect_real_IP.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/提取真实外网IP/detect_real_IP.lua -------------------------------------------------------------------------------- /series_10/plugin_demo/统计每个域名的访问量/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/统计每个域名的访问量/README.md -------------------------------------------------------------------------------- /series_10/plugin_demo/统计每个域名的访问量/plugin_counter.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/统计每个域名的访问量/plugin_counter.lua -------------------------------------------------------------------------------- /series_10/plugin_demo/统计每个域名的访问量/plugin_ticker.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/统计每个域名的访问量/plugin_ticker.lua -------------------------------------------------------------------------------- /series_10/plugin_demo/统计用户访问的域名/README.md: -------------------------------------------------------------------------------- 1 | # 半小时内发现3次高危攻击就封IP 2 | 3 | 访问新的域名以后会记录一条日志 4 | 5 | 6 | -------------------------------------------------------------------------------- /series_10/plugin_demo/统计用户访问的域名/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_demo/统计用户访问的域名/plugin.lua -------------------------------------------------------------------------------- /series_10/plugin_sdk.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_10/plugin_sdk.md -------------------------------------------------------------------------------- /series_20/api_doc/account.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/account.md -------------------------------------------------------------------------------- /series_20/api_doc/acl.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/acl.md -------------------------------------------------------------------------------- /series_20/api_doc/api.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/api.json -------------------------------------------------------------------------------- /series_20/api_doc/api.postman-collection: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/api.postman-collection -------------------------------------------------------------------------------- /series_20/api_doc/api_check.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/api_check.json -------------------------------------------------------------------------------- /series_20/api_doc/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/index.html -------------------------------------------------------------------------------- /series_20/api_doc/management.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/management.md -------------------------------------------------------------------------------- /series_20/api_doc/mario.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/mario.md -------------------------------------------------------------------------------- /series_20/api_doc/node.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/node.md -------------------------------------------------------------------------------- /series_20/api_doc/options.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/options.md -------------------------------------------------------------------------------- /series_20/api_doc/policy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/policy.md -------------------------------------------------------------------------------- /series_20/api_doc/readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/readme.md -------------------------------------------------------------------------------- /series_20/api_doc/report.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/report.md -------------------------------------------------------------------------------- /series_20/api_doc/website.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/api_doc/website.md -------------------------------------------------------------------------------- /series_20/plugin_demo/封禁特定地区|基于公开情报进行封禁/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/封禁特定地区|基于公开情报进行封禁/README.md -------------------------------------------------------------------------------- /series_20/plugin_demo/封禁特定地区|基于公开情报进行封禁/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/封禁特定地区|基于公开情报进行封禁/plugin.lua -------------------------------------------------------------------------------- /series_20/plugin_demo/封禁频繁进行攻击的IP/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/封禁频繁进行攻击的IP/README.md -------------------------------------------------------------------------------- /series_20/plugin_demo/封禁频繁进行攻击的IP/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/封禁频繁进行攻击的IP/plugin.lua -------------------------------------------------------------------------------- /series_20/plugin_demo/统计域名及其访问量/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/统计域名及其访问量/README.md -------------------------------------------------------------------------------- /series_20/plugin_demo/统计域名及其访问量/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/统计域名及其访问量/plugin.lua -------------------------------------------------------------------------------- /series_20/plugin_demo/耗时请求告警/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/耗时请求告警/README.md -------------------------------------------------------------------------------- /series_20/plugin_demo/耗时请求告警/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/耗时请求告警/plugin.lua -------------------------------------------------------------------------------- /series_20/plugin_demo/针对固定路径的Top统计/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/针对固定路径的Top统计/README.md -------------------------------------------------------------------------------- /series_20/plugin_demo/针对固定路径的Top统计/plugin.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_demo/针对固定路径的Top统计/plugin.lua -------------------------------------------------------------------------------- /series_20/plugin_sdk.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chaitin/safeline-open-platform/HEAD/series_20/plugin_sdk.md --------------------------------------------------------------------------------