mirror of
https://github.com/euphrat1ca/Security-List.git
synced 2026-06-27 21:01:32 +08:00
1
This commit is contained in:
whoami
parent
71bb4ce0cc
commit
08a4340313
@ -8,12 +8,12 @@
|
||||
|
||||
分类标签:mywiki;教程TechTeach;介绍intro;使用手册;通讯技术;威胁情报;恶意样本;自服务应用;研究技术;漏洞利用;Web安全;移动安全;数字取证;权限拓展;模糊测试;极客学习;万物互联;情报研判;工具插件;安全防护;<br>
|
||||
类型标签:一个人的安全部;Awesome系列;类似于xx架构;对比于;<br>
|
||||
导航标签:模拟测试;Kali系统类;ATT&CK矩阵类;作者拼音;Github:\Web:\Page:\Connect 等常见缩写;<br>
|
||||
状态标签:Simple;NoUpdate;商业版;免费版;社区版;<br>
|
||||
测评标签:testjob(即将测试);welljob(表现良好);goodjob(性能稳定);greatjob(行业标杆);<br>
|
||||
导航标签:模拟测试;Kali系统类;ATT&CK矩阵类;作者拼音;Github:;Web:;Page:;Connect:;等缩写;<br>
|
||||
状态标签:NoUpdate;商业版;免费版;社区版;<br>
|
||||
测评标签:testjob(即将测试);Simple(基础模块);welljob(表现良好);goodjob(性能稳定);greatjob(行业标杆);<br>
|
||||
|
||||
# 解决方案
|
||||
- https://github.com/euphrat1ca/security_w1k1/blob/master/wiki_SecSolution.md //安全建设、安全运营等解决方案。mywiki。
|
||||
- https://github.com/euphrat1ca/security_w1k1/blob/master/wiki_SecSolution.md //安全建设 安全运营 解决方案。mywiki。
|
||||
# 模糊测试
|
||||
- https://github.com/euphrat1ca/security_w1k1/blob/master/wiki_Fuzzer.md //Fuzzer模糊测试漏洞挖掘。mywiki。
|
||||
# 安全防御体系
|
||||
|
||||
@ -1,5 +1,4 @@
|
||||
# 漏洞发掘分析
|
||||
- https://googleprojectzero.blogspot.com //谷歌Google Project Zero博客
|
||||
- https://github.com/ngalongc/bug-bounty-reference //漏洞挖掘write-up
|
||||
- https://github.com/1hack0/bug-bounty-101 //挖洞技术手册
|
||||
- https://github.com/writeups/ios //ios漏洞writeup笔记
|
||||
|
||||
@ -1,4 +1,61 @@
|
||||
# 开源情报数据源分析
|
||||
# 信息源
|
||||
- https://www.wilderssecurity.com/ //国际安全论坛。goodjob。
|
||||
- http://blog.nsfocus.net/ //绿盟博客。安全运营;技术方法论;译文分享。goodjob。
|
||||
- https://www.sans.org/blog/ //红蓝紫、取证、工业网络、审计、开发 博客。goodjob。
|
||||
- https://xz.aliyun.com/ //先知社区。P:freebuf.com;P:t00ls.net;--
|
||||
- https://googleprojectzero.blogspot.com //谷歌博客 Google Project Zero。二进制。
|
||||
## 信息流导航站
|
||||
- https://www.anquanke.com/vul //安全客GitHub安全类目引擎,基于热度、时间,cve漏洞监控。goodjob。
|
||||
- https://i.hacking8.com/ //安全信息流。W:wiki.ioin.in;W:xj.hk;W:buaq.net;W:xssav.com;W:osint-labs.org;--
|
||||
### 信息收藏夹
|
||||
- https://github.com/Hack-with-Github/Awesome-Hacking //GitHub万星推荐:黑客成长技术清单。G:/topics/security;G:/We5ter/Scanners-Box;--
|
||||
- https://github.com/DropsOfZut/awesome-security-weixin-official-accounts //网络安全类公众号推荐。W:wechat.doonsec.com/;--
|
||||
- https://github.com/zhengjim/Chinese-Security-RSS/ //国内安全资讯的RSS地址。W:secrss.com;--
|
||||
- https://start.me //数据聚合平台。P:/p/X20Apn;P:/p/GE7JQb/osint;P:/p/rxRbpo/ti;--
|
||||
- https://www.shentoushi.top/ //安全导航。W:sec.thief.one;--
|
||||
- https://github.com/k4m4/movies-for-hackers //安全相关电影
|
||||
- https://www.youtube.com/c/SamyKamkar/videos //极客Samy Kamkar
|
||||
### Blog社区
|
||||
- https://www.52pojie.cn/ //吾爱破解逆向安全。W:bbs.125.la/ //精易求精;W:520monkey.com;W:scz.617.cn:8/network/;W:malwareanalysis.cn;--
|
||||
- http://blog.leanote.com/snowming //红队博客。W:lcx.cc //NuclearAtk核总;W:blog.orange.tw //橘子出品必属精品;W:cnblogs.com/ssooking;W:3gstudent.github.io;W:wolvez.club/;
|
||||
- www.lshack.cn //工控安全入门基础
|
||||
|
||||
## 安全新闻源
|
||||
- https://www.fireeye.com/blog.html //火眼
|
||||
- https://news.sophos.com/en-us/ //防火墙、EDR厂家
|
||||
- https://cyberx-labs.com/blog/apts-malware-vulns/ //工业安全事件
|
||||
- https://www.dragos.com/events/ //德拉戈斯安全公司ICS资源。P:whitepaper;--
|
||||
- https://thehackernews.com/ //安全新闻源
|
||||
- https://www.wired.com/ //网络新闻源
|
||||
- https://feeds.feedburner.com/TheHackersNews //安全新闻。P:/securityweek/;--
|
||||
- https://www.zdnet.com/rssfeeds/ //安全新闻
|
||||
|
||||
### 漏洞信息预警
|
||||
- https://github.com/CVEProject/cvelist //Json格式的漏洞信息库,cvedetails.com。
|
||||
- https://cve.mitre.org/cve/search_cve_list.html //美国MITRE公司维护的CVE漏洞库。
|
||||
- https://us-cert.cisa.gov/ncas/bulletins //美国漏洞总结报告
|
||||
- https://nvd.nist.gov/vuln/search //美国信息安全漏洞库
|
||||
- https://exchange.xforce.ibmcloud.com //IBM exchange漏洞库
|
||||
- https://us-cert.cisa.gov/ics/alerts //美国工业漏洞预警。RSS:/ics/alerts/alerts.xml;P:/ics/advisories;--
|
||||
- http://cve.scap.org.cn/view/ics //CVE中文工控漏洞库
|
||||
- http://ivd.winicssec.com/ //威努特工控漏洞库
|
||||
- http://www.nsfocus.net/index.php?act=sec_bug //绿盟漏洞库,含工控
|
||||
- https://www.cnvd.org.cn/flaw/list.htm //中国漏洞库,按行业划分'telecom电信,mi移动,ics工控'。
|
||||
- http://www.exphub.org/ //chamd5 ICS安全情报平台
|
||||
|
||||
### 工业事件源
|
||||
- 工业关键词:Industrial Control Systems/ICS/SCADA/PLC/DCS/HMI
|
||||
- https://roboticsandautomationnews.com/ //工业新闻媒体 Robotics&Automation
|
||||
- https://www.securityweek.com/scada-ics //工业安全新闻
|
||||
- https://securityaffairs.co/wordpress/category/ics-scada //工业安全新闻。W:twitter.com/securityaffairs;--
|
||||
### 物联网事件源
|
||||
- 物联网关键词:IOT/Car Can/Drone
|
||||
- https://www.securityweek.com/iot-security //物联网安全
|
||||
### 信息文件库
|
||||
- https://www.techrepublic.com/ //网络安全白皮书
|
||||
- http://www.vipread.com/ //信息安全知识库
|
||||
|
||||
# 开源情报分析
|
||||
- https://github.com/BuzzFeedNews //网络数据集集合
|
||||
- https://www.start.umd.edu/gtd/ //全球恐怖主义动向数据库官网
|
||||
- https://data.mendeley.com/ //门德利数据集
|
||||
@ -14,57 +71,6 @@
|
||||
- https://fas.org/irp/doddir/army/atp2-22-9.pdf/ //美国陆军开源情报2012版
|
||||
- https://osintframework.com/ //开源情报搜索框架超链接集合
|
||||
- https://start.me/p/ZME8nR/osint //开源情报聚合
|
||||
## 事件信息源
|
||||
- https://www.wilderssecurity.com/ //类t00ls国际安全论坛。goodjob。
|
||||
- https://www.sans.org/blog/ //红蓝紫、取证、工业网络、审计、开发 博客。goodjob。
|
||||
- https://thehackernews.com/ //安全新闻源
|
||||
- https://www.wired.com/ //网络新闻源
|
||||
- https://feeds.feedburner.com/TheHackersNews //安全新闻。P:/securityweek/;--
|
||||
- https://www.zdnet.com/rssfeeds/ //安全新闻
|
||||
### 漏洞信息预警
|
||||
- https://github.com/CVEProject/cvelist //Json格式的漏洞信息库,cvedetails.com。
|
||||
- https://cve.mitre.org/cve/search_cve_list.html //美国MITRE公司维护的CVE漏洞库。
|
||||
- https://us-cert.cisa.gov/ncas/bulletins //美国漏洞总结报告
|
||||
- https://nvd.nist.gov/vuln/search //美国信息安全漏洞库
|
||||
- https://exchange.xforce.ibmcloud.com //IBM exchange漏洞库
|
||||
- https://us-cert.cisa.gov/ics/alerts //美国工业漏洞预警。RSS:/ics/alerts/alerts.xml;P:/ics/advisories;--
|
||||
- http://cve.scap.org.cn/view/ics //CVE中文工控漏洞库
|
||||
- http://ivd.winicssec.com/ //威努特工控漏洞库
|
||||
- http://www.nsfocus.net/index.php?act=sec_bug //绿盟漏洞库,含工控
|
||||
- https://www.cnvd.org.cn/flaw/list.htm //中国漏洞库,按行业划分'telecom电信,mi移动,ics工控'。
|
||||
- http://www.exphub.org/ //chamd5 ICS安全情报平台
|
||||
### 工业事件源
|
||||
- 工业关键词:Industrial Control Systems/ICS/SCADA/PLC/DCS/HMI
|
||||
- https://roboticsandautomationnews.com/ //工业新闻媒体 Robotics&Automation
|
||||
- https://www.securityweek.com/scada-ics //工业安全新闻
|
||||
- https://securityaffairs.co/wordpress/category/ics-scada //工业安全新闻。W:twitter.com/securityaffairs;--
|
||||
### 物联网事件源
|
||||
- 物联网关键词:IOT/Car Can/Drone
|
||||
- https://www.securityweek.com/iot-security //物联网安全
|
||||
### 安全公司新闻源
|
||||
- https://www.fireeye.com/blog.html //火眼
|
||||
- https://news.sophos.com/en-us/ //防火墙、EDR厂家
|
||||
- https://cyberx-labs.com/blog/apts-malware-vulns/ //工业安全事件
|
||||
- https://www.dragos.com/events/ //德拉戈斯安全公司ICS资源。P:whitepaper;--
|
||||
### 信息文件库
|
||||
- https://www.techrepublic.com/ //网络安全白皮书
|
||||
- http://www.vipread.com/ //信息安全知识库
|
||||
## 信息导航站
|
||||
### 信息流
|
||||
- https://www.anquanke.com/vul //安全客GitHub安全类目引擎,基于热度、时间,cve漏洞监控。goodjob。
|
||||
- https://i.hacking8.com/ //安全信息流。W:wiki.ioin.in;W:xj.hk;W:buaq.net;W:xssav.com;W:osint-labs.org;--
|
||||
### 收藏夹
|
||||
- https://github.com/Hack-with-Github/Awesome-Hacking //GitHub万星推荐:黑客成长技术清单。G:/topics/security;G:/We5ter/Scanners-Box;--
|
||||
- https://github.com/DropsOfZut/awesome-security-weixin-official-accounts //网络安全类公众号推荐。W:wechat.doonsec.com/;--
|
||||
- https://github.com/zhengjim/Chinese-Security-RSS/ //国内安全资讯的RSS地址。W:secrss.com;--
|
||||
- https://start.me //数据聚合平台。P:/p/X20Apn;P:/p/GE7JQb/osint;P:/p/rxRbpo/ti;--
|
||||
- https://www.shentoushi.top/ //安全导航。W:sec.thief.one;--
|
||||
- https://github.com/k4m4/movies-for-hackers //安全相关电影
|
||||
- https://www.youtube.com/c/SamyKamkar/videos //极客Samy Kamkar
|
||||
### Blog社区
|
||||
- https://www.52pojie.cn/ //吾爱破解逆向安全。W:bbs.125.la/ //精易求精;W:520monkey.com;W:scz.617.cn:8/network/;W:malwareanalysis.cn;--
|
||||
- http://blog.leanote.com/snowming //红队博客。W:lcx.cc //NuclearAtk核总;W:blog.orange.tw //橘子出品必属精品;W:cnblogs.com/ssooking;W:3gstudent.github.io;W:wolvez.club/;--
|
||||
- https://www.lshack.cn //工控安全入门
|
||||
## 数据情报分析
|
||||
- http://pandas.pydata.org //数据分析
|
||||
- https://github.com/r0f1/datascience //大数据分析功能库推荐
|
||||
|
||||
@ -56,10 +56,10 @@
|
||||
- https://github.com/AliasIO/Wappalyzer //JS。网站指纹识别。资产库,Chrome扩展。5k。G:/l3m0n/whatweb;G:/Lucifer1993/cmsprint;G:/boy-hack/gwhatweb;G:/zerokeeper/WebEye;n4xh4ck5/CMSsc4n;G:/Ms0x0/Dayu;G:/0xbug/Howl;G:/jekyc/wig;G:/tanjiti/FingerPrint;G:/ywolf/F-MiddlewareScan;G:/1N3/Sn1per;--
|
||||
- https://github.com/ShiHuang-ESec/EHole //EHole(棱洞)-红队重点攻击系统指纹探测工具
|
||||
- https://github.com/HA71/WhatCMS //Bash。CMS检测和漏洞利用脚本,基于Whatcms.org API。
|
||||
- https://github.com/urbanadventurer/whatweb //Ruby。web指纹识别。2k,goodjob。G:/Rvn0xsy/FastWhatWebSearch;G:/ggusoft/inforfinder;--
|
||||
- https://github.com/urbanadventurer/whatweb //Ruby。web指纹识别。goodjob。G:/Rvn0xsy/FastWhatWebSearch;G:/ggusoft/inforfinder;--
|
||||
- https://github.com/s0md3v/Arjun //Py3。HTTP参数信息挖掘工具。simple。
|
||||
- https://github.com/mozilla/ssh_scan //服务器ssh配置信息扫描。
|
||||
- https://github.com/salesforce/jarm //Python。传输层安全性(TLS)服务器指纹识别工具。G:/rbsec/sslscan;--
|
||||
- https://github.com/salesforce/jarm //Python。识别传输层安全性(TLS)指纹,对具有相同TLS配置服务标记,集成于空间测绘资产标签。goodjob。G:/rbsec/sslscan;--
|
||||
- https://github.com/mozilla/cipherscan //目标主机服务ssl类型识别。
|
||||
- https://github.com/EnableSecurity/wafw00f //WAF产品指纹识别
|
||||
### 资产风险测试
|
||||
|
||||
Loading…
Reference in New Issue
Block a user