{"id":21988472,"url":"https://github.com/lubyruffy/secrss","last_synced_at":"2025-04-30T11:09:18.784Z","repository":{"id":78835088,"uuid":"90949501","full_name":"LubyRuffy/secrss","owner":"LubyRuffy","description":"分析玄武实验室的安全参考来源","archived":false,"fork":false,"pushed_at":"2018-12-25T03:53:19.000Z","size":12,"stargazers_count":57,"open_issues_count":1,"forks_count":13,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-11-19T13:38:31.901Z","etag":null,"topics":["security","xuanwu"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/LubyRuffy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-05-11T07:17:24.000Z","updated_at":"2024-05-25T15:39:13.000Z","dependencies_parsed_at":"2023-04-13T05:49:16.605Z","dependency_job_id":null,"html_url":"https://github.com/LubyRuffy/secrss","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LubyRuffy%2Fsecrss","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LubyRuffy%2Fsecrss/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LubyRuffy%2Fsecrss/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LubyRuffy%2Fsecrss/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/LubyRuffy","download_url":"https://codeload.github.com/LubyRuffy/secrss/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227196114,"owners_count":17746178,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["security","xuanwu"],"created_at":"2024-11-29T19:18:31.495Z","updated_at":"2024-11-29T19:18:32.128Z","avatar_url":"https://github.com/LubyRuffy.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 分析订阅源\n\n## 背景\n腾讯玄武实验室的安全技术动态更新的比较快，而且全面。想要知道他们的订阅了哪些源（是的，我就是这么无聊任性）。好在他们的代码是用github.io管理的，所以，直接分析吧。\n\n## 结论\n通过数据分析，截止2017年5月11日，总文章数9492，总来源数2048。\n\n另外一些很有意思的内容出来了：\n\n### 采用内容来源最多的几个源\n应用数超过20个的来源是\n```\nDinosn:\t1465\nbinitamshah:\t1265\nunpacker:\t176\nSecLists:\t161\n_jsoo_:\t128\nMike_Mimoso:\t98\nTrendLabs:\t96\ncedoxX:\t96\ngN3mes1s:\t92\nthreatpost:\t92\nProjectZeroBugs:\t80\nsubTee:\t72\ncn0Xroot:\t71\naszy:\t62\nrevskills:\t55\nsecurxcess:\t55\nUnit42_Intel:\t54\nFireEye:\t50\nPythonArsenal:\t48\nEnno_Insinuator:\t46\n安全客:\t43\nFreeBuf:\t41\nNCCGroupInfosec:\t38\nvirqdroid:\t38\ndaniel_bilar:\t38\nGitHub:\t37\nSeebug:\t36\nseebug:\t35\nMcAfee_Labs:\t33\nGithub:\t33\ncyb3rops:\t32\ntiraniddo:\t31\nmattifestation:\t31\nWEareTROOPERS:\t31\n0xroot:\t29\njedisct1:\t29\nmwrlabs:\t28\nclaud_xiao:\t27\nvirusbtn:\t27\nMottoIN:\t25\nbenhawkes:\t24\nPhysicalDrive0:\t24\ncapstone_engine:\t22\nhosselot:\t22\n0x6D6172696F:\t22\nPaloAltoNtwks:\t21\ndragosr:\t21\njwgoerlich:\t21\ncynicalsecurity:\t21\nFuzzySec:\t21\nJohnLaTwC:\t20\nIntrusionSkills:\t20\nquequero:\t20\nx0rz:\t20\ntaviso:\t20\n```\n可以看到前两位来源占了总比例的 28%，说明这两个新闻源的质量很高。\n\n### 参考网站\n2541个外链，排序情况如下：\n```\ngithub.com:\t1126\nt.co:\t338\nbit.ly:\t302\ngoo.gl:\t254\nbugs.chromium.org:\t175\nthreatpost.com:\t159\now.ly:\t122\ntwitter.com:\t97\nsecurityaffairs.co:\t91\nwww.slideshare.net:\t90\npaper.seebug.org:\t75\nwww.exploit-db.com:\t70\n:\t68\nwww.blackhat.com:\t66\npacketstormsecurity.com:\t65\nwww.zerodayinitiative.com:\t63\nwww.freebuf.com:\t60\ngist.github.com:\t56\nsecurelist.com:\t54\nmp.weixin.qq.com:\t54\nbobao.360.cn:\t51\n```\n看到没有，github才是学习安全的top1来源；github才是学习安全的top1来源；github才是学习安全的top1来源。重要的事情说三遍。\n\npaper.seebug.org排名比较高，说明大家对heige的工作还是比较认可滴，甚至超过了www.exploit-db.com和安全客播报。里面有一些软连接没有跟进展开，空了再说。\n\n\n### 标签\n共发现59个标签，排序结果如下：\n```\n Others :\t1143\n Tools :\t965\n Windows :\t692\n Android :\t586\n Malware :\t527\n Browser :\t479\n Popular Software :\t410\n Attack :\t400\n Web Security :\t332\n Linux :\t329\n MalwareAnalysis :\t261\n Pentest :\t243\n iOS :\t213\n Hardware :\t198\n Network :\t176\n Vulnerability :\t151\n WirelessSecurity :\t147\n Detect :\t139\n IoTDevice :\t127\n macOS :\t123\n Fuzzing :\t109\n SecurityProduct :\t107\n OpenSourceProject :\t104\n ReverseEngineering :\t102\n Crypto :\t101\n Conference :\t93\n Defend :\t90\n Industry News :\t89\n Mac OS X :\t78\n Exploit :\t76\n Debug :\t69\n Virtualization :\t68\n NetworkDevice :\t62\n Mobile :\t57\n Programming :\t51\n SecurityReport :\t50\n ThirdParty :\t42\n Forensics :\t40\n Operating System :\t40\n Challenges :\t40\n Firmware :\t39\n Protocol :\t38\n Mitigation :\t36\n Obfuscation :\t33\n MachineLearning :\t33\n Sandbox :\t30\n Backdoor :\t23\n Rootkit :\t23\n Cloud :\t22\n ThreatIntelligence :\t21\n Language :\t13\n SCADA :\t13\n Device :\t11\n Attrack :\t11\n Private :\t11\n APT :\t10\n Bug Bounty :\t9\n  :\t6\n Symbolic Execution :\t1\n```\n从这里可以看出来关注点还是比较明确的，偏二进制。相对来说，不太满足各位小白帽的\"求知欲望\"，他们希望偏Web漏洞多一点，所以大家大部分反馈的是看不懂。\n\n## 运行\n```bash\nbundle install\nruby analysis_xuanwu.rb\n```\n\n如果需要跟踪twitter的真实连接（t.co展开），可以通过下面命令完成：\n```bash\nOPEN_TWITTER_URL_PARSE=1 http_proxy=http://127.0.0.1:8123 ruby analysis_xuanwu.rb\n```\n打开OPEN_TWITTER_URL_PARSE，并且指定可以翻墙的http代理地址：http_proxy=http://127.0.0.1:8123\n\n## 查询\n### 查询参考网站排序\n```sql\nselect host,count(*) cnt from articles group by host order by cnt desc\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flubyruffy%2Fsecrss","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flubyruffy%2Fsecrss","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flubyruffy%2Fsecrss/lists"}