给渗透测试人员的优秀GitHub项目黑客学习资源汇总

安全导航(网站/博客/论坛), 技能树, 黑客书籍, 黑客技术

给渗透测试人员的优秀GitHub项目黑客学习资源汇总

今天给大家带来的是一套优秀的GitHub项目学习资源(Awesome Hacking),无论你是小白还是渗透测试人员,无论你是白帽子亦或是黑帽黑客,你都可以从中学到很多新的东西。

漏洞利用开发的学习资源 习模糊测试的资源 蜜罐相关的资源 逆向工程资源 社会工程学资源 漏洞研究 威胁情报资源 优秀软件、代码库、文档、书籍、资源和工具 WiFi破解资源 Windows漏洞利用 黑客教程

五星推荐项目

GitHub项目简介
Android Security提供了一套与Android安全相关的资源
AppSec提供了大量关于应用程序安全方面的学习资源
Bug Bounty汇总了目前热门的漏洞奖励计划,并且还有很多Bug Hunter大神提供的Write-Up
Cheatsheets提供了渗透测试和安全检测可用的Cheatsheet
CTF提供了一套CTF框架、代码库、资源以及软件列表
Cyber Skills提供了一套黑客学习环境,你可以在这里合法地练习自己的黑客技术
DevSecOps一套实用的安全开发工具,得到了多名安全研究人员的测试和贡献
Exploit Development关于漏洞利用开发的学习资源
Fuzzing提供了一套学习模糊测试的资源,你还可以在这里学习漏洞利用开发的初始阶段知识,例如针对漏洞的成因进行分析等等
Hacking提供了优秀的黑客教程、工具以及资源
Honeypots蜜罐相关的资源
Incident Response提供了大量关于事件响应的工具
Industrial Control System Security一套关于工业控制系统(ICS)安全的资源
InfoSec优秀的信息安全课程以及培训资源
IoT Hacks关于物联网安全的相关资源
Malware Analysis优秀的恶意软件分析工具以及资源
OSINT优秀的开源情报(OSINT)工具及资源
OSX and iOS SecuritymacOS和iOS相关的安全工具
Pcaptools一系列用于进行网络追踪的工具,均由计算机科学领域的专家负责开发
Pentest优秀的渗透测试工具以及相关资源
PHP Security生成安全随机数、加密数据和扫描漏洞的代码库
Reversing提供了丰富的逆向工程资源
Sec Talks提供了大量优秀的安全演讲内容
SecLists安全评估测试过程中需要用到的多种类型资源
Security提供了各种关于信息安全的优秀软件、代码库、文档、书籍、资源和工具
Social Engineering提供了丰富的社会工程学资源
Static Analysis提供了针对多种编程语言的静态分析及检测工具
Threat Intelligence集合了丰富的威胁情报资源
Vehicle Security关于学习汽车安全和汽车入侵的资源
Vulnerability Research关于漏洞研究方面的资源
Web Hacking关于Web应用安全的资源
Windows Exploitation关于Windows漏洞利用相关的资源
WiFi Arsenal针对802.11的WiFi破解资源

其他同样优秀的项目

Repository简介
API Security Checklist当你在设计、测试和发布你的API时,可以参考这份清单来进行重要的安全测试
APT Notes各种关于APT活动的公开文档、白皮书以及研究报告
Bug Bounty Reference根据漏洞类型分类的漏洞Write-Up(来自各大漏洞奖励计划)
Cryptography密码学资源及工具
CTF Tool提供了CTF框架、代码库、资源及软件
CVE PoC提供了各种漏洞的PoC(按CVE划分)
Forensics一系列优秀的取证分析工具及资源
Free Programming Books为开发人员准备的免费编程书籍
Gray Hacker Resources实用的CTF和渗透测试资源
Infosec Getting Started一系列能够帮助人们了解信息安全行业的资源
Infosec Reference各种信息安全行业的参考资料
IOC一系列入侵威胁指标(IoC)合集
Linux Kernel Exploitation一系列与Linux内核Fuzzing以及漏洞利用相关的资源
Machine Learning for Cyber Security将机器学习应用到网络安全领域的相关资源
Malware Scripts与恶意软件有关的实用脚本
PayloadsWeb攻击Payload汇总
PayloadsAllTheThings实用的Payload以及绕过Web应用安全防护机制的资源
Pentest Cheatsheets可用于渗透测试的Cheatsheet资源
Pentest Wiki为渗透测试和安全研究人员准备的在线安全知识(免费)
Probable Wordlists用于密码生成和测试的字典
Reverse Engineering关于逆向工程的文章、书籍和论文
RFSec-ToolKit与射频通信协议相关的攻击工具及资源
Security Cheatsheets针对各种信息安全工具和主题的Cheatsheet
Shell一系列优秀的命令行框架、工具集、以及实用的shell脚本

Awesome Hacking

如果各位同学还有更好的GitHub学习项目可以推荐给我们的话,欢迎大家在我们的GitHub主页上踊跃提交【传送门】。

联系方式:

Twitter:@HackwithGithub

Facebook:HackwithGithub

原文 Awesome-Hacking

黑客学习资源汇总

Awesome Hacking

A collection of awesome lists for hackers, pentesters & security researchers.

Your contributions are always welcome !

Awesome Repositories

RepositoryDescription
Android SecurityCollection of Android security related resources
AppSecResources for learning about application security
Bug BountyList of Bug Bounty Programs and write-ups from the Bug Bounty hunters
CheatsheetsPenetration Testing / Security Cheatsheets
CTFList of CTF frameworks, libraries, resources and softwares
Cyber SkillsCurated list of hacking environments where you can train your cyber skills legally and safely
DevSecOpsList of awesome DevSecOps tools with the help from community experiments and contributions
Exploit DevelopmentResources for learning about Exploit Development
FuzzingList of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis
HackingList of awesome Hacking tutorials, tools and resources
HoneypotsList of honeypot resources
Incident ResponseList of tools for incident response
Industrial Control System SecurityList of resources related to Industrial Control System (ICS) security
InfoSecList of awesome infosec courses and training resources
IoT HacksCollection of Hacks in IoT Space
Malware AnalysisList of awesome malware analysis tools and resources
OSINTList of amazingly awesome Open Source Intelligence (OSINT) tools and resources
OSX and iOS SecurityOSX and iOS related security tools
PcaptoolsCollection of tools developed by researchers in the Computer Science area to process network traces
PentestList of awesome penetration testing resources, tools and other shiny things
PHP SecurityLibraries for generating secure random numbers, encrypting data and scanning for vulnerabilities
Red TeamingList of Awesome Red Team / Red Teaming Resources
ReversingList of awesome reverse engineering resources
Sec TalksList of awesome security talks
SecListsCollection of multiple types of lists used during security assessments
SecurityCollection of awesome software, libraries, documents, books, resources and cools stuffs about security
Social EngineeringList of awesome social engineering resources
Static AnalysisList of static analysis tools, linters and code quality checkers for various programming languages
Threat IntelligenceList of Awesome Threat Intelligence resources
Vehicle SecurityList of resources for learning about vehicle security and car hacking
Vulnerability ResearchList of resources about Vulnerability Research
Web HackingList of web application security
Windows ExploitationList of awesome Windows Exploitation resources and shiny things
WiFi ArsenalPack of various useful/useless tools for 802.11 hacking

Other useful repositories

RepositoryDescription
API Security ChecklistChecklist of the most important security countermeasures when designing, testing, and releasing your API
APT NotesVarious public documents, whitepapers and articles about APT campaigns
Bug Bounty ReferenceList of bug bounty write-up that is categorized by the bug nature
CryptographyCryptography resources and tools
CTF ToolList of Capture The Flag (CTF) frameworks, libraries, resources and softwares
CVE PoCList of CVE Proof of Concepts (PoCs)
ForensicsList of awesome forensic analysis tools and resources
Free Programming BooksFree programming books for developers
Gray Hacker ResourcesUseful for CTFs, wargames, pentesting
Infosec Getting StartedA collection of resources, documentation, links, etc to help people learn about Infosec
Infosec ReferenceInformation Security Reference That Doesn’t Suck
IOCCollection of sources of indicators of compromise
Linux Kernel ExploitationA bunch of links related to Linux kernel fuzzing and exploitation
LockpickingResources relating to the security and compromise of locks, safes, and keys.
Machine Learning for Cyber SecurityCurated list of tools and resources related to the use of machine learning for cyber security
Malware ScriptsUseful scripts related with malware
PayloadsCollection of web attack payloads
PayloadsAllTheThingsList of useful payloads and bypass for Web Application Security and Pentest/CTF
Pentest CheatsheetsCollection of the cheat sheets useful for pentesting
Pentest WikiA free online security knowledge library for pentesters / researchers
Probable WordlistsWordlists sorted by probability originally created for password generation and testing
Resource ListCollection of useful GitHub projects loosely categorised
Reverse EngineeringList of Reverse Engineering articles, books, and papers
RFSec-ToolKitCollection of Radio Frequency Communication Protocol Hacktools
Security CheatsheetsCollection of cheatsheets for various infosec tools and topics
Security ListGreat security list for fun and profit
ShellList of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell
ThreatHunter-PlaybookA Threat hunter’s playbook to aid the development of techniques and hypothesis for hunting campaigns

Need more ?

Follow Hack with GitHub on your favorite social media to get daily updates on interesting GitHub repositories related to Security.

Contributions

Please have a look at contributing.md

此文章来源于
http://www.ddosi.org/2017/10/07/learning_resource/
2018年以前网站服务器的备份,当时决定不要了,删了所有东西,现在还原一下(有些图片挂了,永远找不回来了,sorry) from

2018年数据泄露汇总 何谈隐私保护?谁来保护?

暗网网址2019 更新131条暗网网址 暗网地址

Leave a Reply

您的邮箱地址不会被公开。 必填项已用 * 标注