-
-
[推荐]GitHub 万星推荐:黑客成长技术清单
-
发表于: 2019-10-12 14:51
-
最近两天,在reddit安全板块和Twitter上有个GitHub项目很火,叫“Awesome Hacking”。
“Awesome Hacking”在reddit上有超过四百个赞,但管理员后来认为不适合该板块(Awesome类项目没有新的内容),给了“reject”。
这个项目由Twitter账号@HackwithGithub 维护,混Twitter的安全爱好者应该了解,在@HackwithGithub 上能关注到许多最新安全开源项目、黑客技巧。
“Awesome Hacking”是一个黑客技术清单项目,里边索引了数十个不同方向的技能图谱。大家都知道,GitHub上这类项目非常容易集星(Star),“Awesome Hacking”刚刚突破一万星(这一轮推荐里大概涨了两千星),已经进入安全领域最受关注的GitHub项目阵营。
如果你需要一些安全入门引导,“Awesome Hacking”无疑是最佳选择之一。在这里,你能找到Android、iOS、OS X等不同平台,IoT、工控、车辆等行业设施设备,模拟攻击环境、蜜罐、Fuzing、Exploit开发等攻击技能…涉及到黑客技能的方方面面。
下边就来看看吧:
“Awesome Hacking”涉及到黑客技能的各个方面,如果你想要了解安全入门的知识,进阶成为黑客大牛的话,相信“AwesomeHacking”一定可以给你带来很大帮助。
Awesome Hacking 系列
Android安全:Android安全相关资源,包括各种工具、学术/研究/出版物/书籍等资源
741K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6S2M7$3S2A6M7$3S2T1i4K6u0r3j5h3&6V1M7X3!0A6k6q4)9J5k6s2y4W2j5%4g2J5K9i4c8&6i4K6u0V1j5i4N6W2M7$3!0E0k6b7`.`.
应用程序安全 (AppSec) :了解、学习应用程序安全性的资源列表,包含书籍,网站,博客文章等。
48cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6H3j5i4u0S2k6$3!0F1K9h3g2Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1j5i4m8H3M7$3g2U0
bug赏金:漏洞赏金计划列表和漏洞赏金猎人的备案等
ac6K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6V1K9X3q4V1L8h3W2F1i4K6u0r3j5i4N6W2M7$3!0E0k6g2)9J5k6r3u0#2k6#2)9J5k6r3u0G2N6h3&6@1P5b7`.`.
Cheatsheets:渗透测试/安全说明书
bbbK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6B7M7$3S2S2N6K6R3%4i4K6u0r3b7$3S2W2j5i4c8K6K9r3g2W2N6s2x3`.
CTF:CTF框架,类库,资源和软件清单,这份清单旨在帮助初学者以及经验丰富的CTF玩家轻松找到与CTF相关的所有内容。
e1dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6S2M7s2y4V1k6h3S2S2L8q4)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8U0N6r3j5`.
网络攻击环境:黑客环境的集合列表,可以让你合法地,安全地培养提升你的网络技能
12cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6B7L8$3g2Q4x3X3c8K6K9r3g2F1L8%4g2V1j5g2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8U0P5h3u0W2M7W2)9J5k6s2y4C8K9h3I4D9M7H3`.`.
devsecops:一个权威的 devsecops 工具列表,这些基本的构建模块足以帮助你构建自己的DevSecOps程序。
a52K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6V1k6i4k6K6k6h3y4G2M7s2y4Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1k6r3g2$3M7$3g2U0L8%4m8K6
exploit开发:用于学习exploit开发的书籍,教程,工具和易受攻击的应用列表
604K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6r3j5h3u0A6L8@1u0S2M7X3!0F1K9g2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8W2P5s2m8D9L8$3W2@1i4K6u0V1k6r3g2$3k6h3I4G2M7r3#2W2L8Y4b7`.
Fuzzing:各种fuzzing图书、课程、工具、教程等,用于学习漏洞开发的初始阶段,如根本原因分析。
ae3K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6h3y4X3K9h3N6G2i4K6u0r3b7i4N6W2M7$3!0E0k6g2)9J5k6p5k6#2P5Y4A6A6L8X3M7`.
Hacking:黑客教程、工具和资源的列表
2d6K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6t1j5h3y4C8i4K6u0V1N6$3W2@1K9q4)9J5k6p5N6A6N6r3S2#2j5W2)9J5c8V1q4%4k6i4y4G2L8h3g2Q4x3X3c8t1j5h3y4C8K9h3&6Y4
蜜罐:一个很赞的蜜罐资源列表。重点放在开源项目上。该列表分为Web,服务和其他类别等。
8dfK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6H3j5i4u0S2L8r3q4^5i4K6u0r3j5i4N6W2M7$3!0E0k6g2)9J5k6r3S2G2L8X3g2&6M7r3!0@1M7H3`.`.
事件响应:事件响应工具清单
b77K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6E0k6h3W2J5N6$3q4Z5i4K6u0r3j5i4N6W2M7$3!0E0k6g2)9J5k6r3W2F1j5$3W2V1k6h3&6@1i4K6u0V1M7X3g2K6M7r3!0F1M7$3f1`.
工业控制系统安全:与工业控制系统(ICS)安全相关的资源清单
cefK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Z5M7$3I4S2N6r3#2S2L8W2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8A6L8X3c8#2M7%4c8J5K9h3q4D9i4K6u0V1j5$3!0F1N6s2u0G2L8q4)9J5k6s2y4&6M7%4c8W2L8g2)9J5k6s2y4W2j5%4g2J5K9i4c8&6
信息安全:信息安全资源列表,包含精心设计的信息技术课程和培训资源。
818K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6G2L8X3I4#2M7X3E0A6L8X3N6Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1K9h3&6X3L8%4y4W2j5H3`.`.
IoT安全:包含了大量IoT破解案例,以便研究人员解决物联网产品中的安全漏洞问题
4a4K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6F1k6h3u0Y4L8X3q4Z5P5W2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8A6L8%4c8Q4x3X3c8Z5j5h3y4C8M7H3`.`.
恶意软件分析:涵盖许多恶意软件分析工具和资源等
2caK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6J5M7$3S2A6M7s2m8Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1L8h3q4D9N6$3q4J5k6g2)9J5k6r3q4F1j5h3I4&6M7$3W2K6
开源情报(OSInt):各种开源情报来源
8f4K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6B7K9i4k6G2K9g2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8G2M7$3W2F1N6l9`.`.
OSX和iOS安全:OSX 和 iOS 相关的安全工具
3a1K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6S2M7$3S2A6M7$3S2T1i4K6u0r3L8%4y4^5i4K6u0V1j5h3&6V1i4K6u0V1K9h3!0K6i4K6u0V1M7$3g2U0N6i4u0A6N6s2W2Q4x3X3c8S2N6$3g2K6L8$3#2W2
Pcaptools:该项目不包含任何源代码或文件。包含一些网络流量研究中处理pcap文件的工具(Linux命令、流量捕获、DNS适用程序等)
176K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6U0j5h3g2K6j5i4t1H3x3K6l9I4i4K6u0r3j5i4N6W2M7$3!0E0k6g2)9J5k6s2m8U0j5i4m8@1L8$3!0D9M7H3`.`.
pentest:渗透测试是对计算机系统及其物理基础设施进行授权的模拟攻击,暴露潜在的安全漏洞和漏洞的做法。这里有许多在线渗透测试资源、社会工程资源等
a82K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6W2L8X3q4I4P5q4)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8H3k6h3&6@1k6i4y4@1
PHP安全:用于生成安全随机数,加密数据和漏洞检测的库
1adK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6*7K9h3q4V1L8%4A6Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1M7r3S2H3i4K6t1K6M7$3g2U0N6i4u0A6N6s2V1`.
逆向工程:有关逆向工程的资源,如图书、课程、实践案例等
1f6K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6X3k6r3W2$3M7Y4m8Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1M7X3g2$3k6i4u0K6K9h3&6Y4
安全演讲:2013-2017年各类安全大会演讲视频
590K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6b7j5i4g2D9f1$3g2U0i4K6u0r3j5i4N6W2M7$3!0E0k6g2)9J5k6s2y4W2j5#2)9J5k6s2c8S2L8r3E0K6
SecLists:安全评估期间需要用到的列表集合。列表类型包括用户名,密码,URL,敏感数据grep字符串等等。
f90K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6V1j5h3&6A6k6h3I4E0K9h3g2K6M7$3I4W2M7W2)9J5c8W2y4W2j5@1I4A6M7%4c8K6
security:关于安全性的资源集合。目标旨在建立一个由社区驱动的安全资源集合
adaK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6j5X3W2D9L8s2W2Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1M7$3g2U0N6i4u0A6N6s2V1`.
社会工程学:这些资源和工具仅适用于网络安全专业人员,渗透测试人员和受控环境中的教育用途。
305K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6$3x3W2)9J5k6r3c8W2N6W2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8K6L8$3y4A6j5h3I4Q4x3X3c8W2L8X3N6A6L8X3g2W2M7X3W2F1k6H3`.`.
静态分析:静态分析工具列表,各种编程语言的编码质量检查器
92aK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6E0M7X3g2Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1M7%4c8S2N6r3W2U0i4K6u0V1j5h3&6S2L8s2W2K6K9i4x3`.
威胁情报:包含威胁情报的来源、工具、框架、标准格式等各种资料
d4dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Z5M7$3I4S2N6r3#2S2L8W2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8@1K9s2u0W2j5i4c8Q4x3X3c8A6L8Y4c8W2L8r3I4A6k6$3g2F1j5$3f1`.
车辆安全:关于车辆安全的资源,书籍,硬件,软件,应用程序等人们关注的车辆安全相关内容
409K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6B7j5i4u0W2k6s2c8Z5k6h3y4G2k6r3g2J5i4K6u0r3j5i4N6W2M7$3!0E0k6g2)9J5k6s2k6W2K9r3W2U0L8r3g2Q4x3X3c8K6k6h3y4#2M7X3W2@1P5b7`.`.
漏洞研究:漏洞研究相关的书籍、会议、报告等推荐
8a3K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6J5k6g2)9J5k6s2m8J5L8$3&6A6L8W2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8$3N6h3I4F1k6i4u0S2j5X3W2D9K9i4c8&6i4K6u0V1M7X3g2K6k6h3q4J5j5$3R3`.
Web黑客:Web 黑客相关的图书、工具、文档等
d6dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3k6G2M7$3I4S2j5$3E0Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1N6$3g2T1i4K6u0V1K9r3q4U0K9$3W2F1k6H3`.`.
Windows开发:Windows 堆栈溢出、Windows 内存保护、Windows 内核内存损坏等相关的内容资源
4cdK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6W2L8X3c8V1L8#2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8%4K9h3&6V1L8%4N6K6i4K6u0V1k6i4S2H3L8r3!0A6N6r3q4@1K9h3!0F1
WiFi兵工厂:包含黑客攻击的所有工具(关于802.11协议攻击)
86cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1j5H3P5o6V1H3i4K6u0r3N6$3W2X3K9g2)9J5k6r3q4J5M7$3g2F1j5h3H3`.
其他有用的存储库
API安全性清单:当你设计、测试、发布API时,最重要的安全性清单
abeK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6K9r3W2W2L8r3c8X3P5g2)9J5c8V1q4b7d9g2)9J5k6q4y4W2j5%4g2J5K9i4c8&6i4K6u0V1b7$3S2W2j5$3E0D9K9i4y4@1
APT笔记:这是一个存储库,按年份罗列各种公开的APT相关文档、白皮书和文章等
7ecK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6C8j5X3q4F1k6r3I4S2i4K6u0r3b7g2m8f1L8X3!0@1k6i4x3`.
赏金漏洞披露清单:公开披露的漏洞类型案例集合
179K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6F1k6$3q4D9L8$3&6Y4j5#2)9J5c8X3u0#2k6#2)9J5k6r3u0G2N6h3&6@1P5g2)9J5k6s2u0W2k6X3g2J5k6h3&6U0k6b7`.`.
密码学:密码学相关的资源和工具的集合列表。
94aK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6L8$3u0G2L8r3g2$3L8W2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8U0M7Y4W2H3N6r3!0Y4M7X3q4H3K9s2V1`.
CTF工具:CTF相关的框架,类库,资源和软件等
6c5K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6e0j5h3&6V1P5g2y4W2K9$3S2S2M7X3q4F1i4K6u0r3b7#2c8r3i4K6u0V1N6r3!0G2L8l9`.`.
CVEPOC库:数十个CVE 漏洞的PoC
109K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6I4j5i4A6T1L8X3@1@1y4e0k6Q4x3V1k6S2N6$3g2K6L8$3#2W2i4K6u0V1j5%4k6W2i4K6u0V1M7r3!0U0
取证:大部分是开源的取证分析工具及资源等
078K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6o6N6h3N6#2i4K6u0r3j5i4N6W2M7$3!0E0k6g2)9J5k6r3k6G2M7X3g2F1M7$3W2U0M7H3`.`.
免费编程书籍:Github最受欢迎的存储库之一,交互式、JavaScript框架等编程相关的免费书籍
c30K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6q4j5X3!0G2K9@1k6G2N6h3&6V1j5i4c8A6L8$3&6Q4x3V1k6X3M7X3g2W2i4K6u0V1M7s2u0G2k6%4u0S2L8h3#2A6L8X3N6Q4x3X3c8T1L8$3!0C8M7H3`.`.
灰帽黑客资源:CTF、Linux Hacking以及相关的参考书籍等
111K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6T1N6o6y4Y4L8q4)9J5c8V1#2&6i4K6u0V1c8%4u0S2P5g2)9J5k6p5S2S2j5$3E0W2M7W2)9J5k6q4u0W2M7$3!0#2M7X3y4W2M7H3`.`.
信息系统安全(INFOSEC)入门指南:包括信息安全的相关文件、课程、etc等,帮助人们入门INFOSEC
d09K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Y4M7X3q4V1K9i4g2K6j5%4W2H3K9r3g2J5i4K6u0r3K9h3&6X3L8%4y4W2j5#2)9#2k6X3N6W2N6s2c8A6L8X3N6Q4y4h3k6K6N6r3q4J5N6r3g2V1
安全性参考:一个类似MITRE ATT&CK框架的东西
c12K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6J5L8i4g2K6M7$3g2J5x3o6q4Q4x3V1k6u0L8X3k6G2M7$3g2U0i4K6g2X3f1X3g2X3k6i4u0W2L8X3y4W2
iocs:常见IOC资源、工具
acbK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6M7X3!0T1k6i4u0@1M7#2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8A6L8$3y4K6
Linux内核开发:一系列与Linux内核相关的技术演讲、工具等
dffK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6^5j5h3W2J5P5g2)9J5c8X3I4A6L8Y4g2^5i4K6u0V1K9$3g2J5L8X3g2D9i4K6u0V1k6i4S2H3L8r3!0A6N6r3q4@1K9h3!0F1
网络安全方向的机器学习:相关研究的数据集、论文、书籍、演讲等
563K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6B7K9i4k6G2K9g2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8E0L8q4)9J5k6r3k6G2M7W2)9J5k6r3y4&6j5X3g2J5M7$3g2U0N6i4u0A6N6s2V1`.
恶意软件脚本:与恶意软件相关的实用脚本
20dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6h3W2X3M7X3g2W2k6q4)9J5c8X3#2S2L8s2N6S2M7X3g2Q4x3X3c8K6j5%4u0A6M7s2c8K6
Payloads:Git上所有的Payloads,Web攻击中所有Payloads的集合
803K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6X3L8$3!0K6M7r3W2V1P5g2)9J5c8Y4m8S2P5h3I4G2j5h3c8K6
Payloads集合:全面有用的和Web攻击Payloads和Pentest/ CTF
aecK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6N6$3W2K6M7$3E0&6M7X3g2H3L8#2)9J5c8W2m8S2P5h3I4G2j5h3c8K6b7h3I4D9g2r3S2W2g2r3S2A6L8X3N6K6
pentest-cheatsheets:包含OSX命令行作弊表、PowerShell命令行、exploit开发、Java反序列化等
d40K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6U0L8%4u0W2j5U0q4@1i4K6u0r3j5i4N6W2M7$3!0E0k6g2)9J5k6s2m8W2L8Y4c8W2M7%4c8Q4x3X3c8U0K9r3g2S2N6q4)9J5k6s2y4Z5k6h3g2@1M7H3`.`.
PentestWiki:一个免费的在线安全知识库,涵盖网络开发、数据库开发、操作系统开发等领域
3afK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6F1K9i4S2S2N6$3E0Q4x3V1k6H3k6h3&6@1k6i4y4@1i4K6u0V1N6$3W2C8K9b7`.`.
Wordlists:最初为密码生成和测试创建的概率排序的字典
dd5K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6T1k6i4u0*7k6i4u0C8x3q4)9J5c8W2m8J5L8$3u0S2j5X3I4W2i4K6u0V1g2$3!0J5k6r3I4A6M7%4c8K6
ResourceList:收集一些零散的但却有用的GitHub项目
c9cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6r3N6i4A6*7P5g2y4W2j5%4g2J5K9i4c8&6i4K6u0r3f1X3g2K6L8%4g2J5j5$3g2Q4x3X3c8x3K9i4y4@1
逆向工程:逆向工程相关的文章,书籍和论文列表
e52K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6G2L8X3g2@1K9r3q4%4N6q4)9J5c8Y4u0W2N6X3g2J5M7$3g2W2L8X3N6A6L8X3g2W2M7X3W2F1k6#2)9J5k6s2u0W2j5h3c8A6L8X3N6Q4x3X3c8D9K9i4y4@1
RFSec-ToolKit:射频通信协议Hacktools的集合
096K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6U0L8U0m8^5M7X3!0G2N6q4)9J5c8W2u0r3f1$3g2U0i4K6u0V1g2r3!0G2L8p5E0A6N6l9`.`.
安全手册:收集各种信息工具和信息安全主题的手册
cddK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6S2L8X3c8J5k6i4N6B7K9$3g2J5M7W2)9J5c8Y4y4W2j5%4g2J5K9i4c8&6i4K6u0V1j5$3S2W2j5i4c8K6K9r3g2W2N6s2x3`.
安全清单:一系列安全资源
0cbK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6*7j5X3g2@1j5$3S2W2j5$3E0A6L8W2)9J5c8W2y4W2j5%4g2J5K9i4c8&6i4K6g2X3L8r3W2K6N6l9`.`.
Shell:一系列Shell命令行、工具、指南、框架等
e0eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6S2L8r3g2T1j5$3q4&6i4K6u0r3j5i4N6W2M7$3!0E0k6g2)9J5k6s2y4Z5k6h3I4D9
威胁猎人攻略:通过利用Sysmon和Windows Events日志来进行事件分析,以首选工具或格式(如Splunk,ELK,Sigma,GrayLog等)部署查询。
c6eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6o6P5h3t1K6M7W2N6S2M7X3b7H3k6#2)9J5c8W2c8Z5M7X3g2S2N6p5S2#2L8Y4c8W2M7W2)9J5k6q4m8D9j5i4W2T1L8$3!0C8
看完是不是觉得 “Awesome Hacking”十分强大呢,接下来就靠你们自己消化里面的知识点啦。(项目地址:6a0K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6t1j5h3y4C8i4K6u0V1N6$3W2@1K9q4)9J5k6p5N6A6N6r3S2#2j5W2)9J5c8V1q4%4k6i4y4G2L8h3g2Q4x3X3c8t1j5h3y4C8K9h3&6Y4i4@1g2r3i4@1u0o6i4K6R3&6
需要提醒,Awesome项目只是引导,关键还需要大家自己有执行力,热爱钻研。红宝书已经给到,后边就看你们了!
来源:嘶吼
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
看到好的东西,和大家分享一下。有问题吗 
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
you can you up,no can no BB! |
|
|
|
|
|
|
|
|
这不山总么 
|
|
|
|
|
|
|
|
|
|
|
|
|
