From 768f3fe6eee17f84b9cfba097f1beeed0a2973e9 Mon Sep 17 00:00:00 2001 From: euphrat1ca Date: Thu, 15 Oct 2020 23:26:37 +0800 Subject: [PATCH] 1 --- README.md | 6 +++--- wiki_SecReverse.md | 6 ++++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 409e3df..648d08a 100644 --- a/README.md +++ b/README.md @@ -100,11 +100,11 @@ - https://github.com/0xRadi/OWASP-Web-Checklist //owasp网站检查条目 - https://mp.weixin.qq.com/s/O36e0gl4cs0ErQPsb5L68Q //公众号:区块链、以太坊智能合约审计 CheckList - https://github.com/slowmist/eos-bp-nodes-security-checklist //区块链,EOS bp nodes security checklist(EOS超级节点安全执行指南) -- https://github.com/GitGuardian/APISecurityBestPractices //api接口测试checklist -- https://www.cnblogs.com/jurendage/p/12653865.html //Java生鲜电商平台-API接口设计之token、timestamp、sign 具体架构与实现(APP/小程序,传输安全) +- https://www.cnblogs.com/jurendage/p/12653865.html //TecTeach。Java生鲜电商平台-API接口设计之token、timestamp、sign 具体架构与实现(APP/小程序,传输安全) +- https://blog.csdn.net/qq_39541626/article/details/104891590 //TecTeach。小程序、公众号安全测试list - https://github.com/shieldfy/API-Security-Checklist //api开发核对清单。12k。 +- https://github.com/GitGuardian/APISecurityBestPractices //api接口测试checklist - https://xz.aliyun.com/t/2089 //金融科技SDL安全设计checklist -- https://blog.csdn.net/qq_39541626/article/details/104891590 //小程序、公众号安全测试list - https://www.butian.net/School/content?id=307/ //移动通信网络渗透测试科普 ### 安全知识库 - https://book.hacktricks.xyz/ //端口漏洞对应,渗透命令,提权技巧。goodjob。W:ired.team;G:/EvilAnne/Violation_Pnetest;-- diff --git a/wiki_SecReverse.md b/wiki_SecReverse.md index 9bb066a..8075a9f 100644 --- a/wiki_SecReverse.md +++ b/wiki_SecReverse.md @@ -3,14 +3,16 @@ - https://down.52pojie.cn/ //吾爱破解爱盘工具包。W:tool.pediy.com/;-- - https://www.peerlyst.com/posts/resource-learning-how-to-reverse-malware-a-guide //恶意软件逆向指南和工具的集合 - https://github.com/alphaSeclab/awesome-reverse-engineering //Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT)3000+逆向资源合集. -- https://github.com/sjatsh/unwxapkg //Go。微信小程序反编译。G:/oujunke/UnWechatApp;G:/xuedingmiaojun/wxappUnpacker;G:/leo9960/wechat-app-unpack; -- https://developers.weixin.qq.com/miniprogram/dev/devtools/download.html /微信小程序开发工具 ### 程序调试管理 - https://www.cheatengine.org //CE(Cheat Engine)是一款内存修改编辑工具,程序函数监控,配合Ultimap功能食用游戏魔改更佳。 - http://www.angusj.com/resourcehacker //Windows二进制文件浏览编辑 (*.exe; *.dll; *.scr; etc) 和资源文件修改 (*.res, *.mui)图标属性等。Resource Hacker类似于于Restorator文件资源修改软件。 - https://github.com/euphrat1ca/PeDoll //C++。基于inlineHook技术的软件分析工具,C/S架构(PeDollc/PeDolls)。 - https://bbs.ichunqiu.com/thread-16846-1-1.html //intro。PeDoll 调戏木马病毒的正确姿势-正式篇 - https://github.com/everdox/InfinityHook //C++。挂钩系统调用,上下文切换,页面错误等。 +## 小程序安全 +- https://github.com/sjatsh/unwxapkg //Go。微信小程序反编译。G:/oujunke/UnWechatApp;G:/xuedingmiaojun/wxappUnpacker;G:/leo9960/wechat-app-unpack; +- https://developers.weixin.qq.com/miniprogram/dev/devtools/download.html /微信小程序开发工具 +- https://github.com/Cherrison/CrackMinApp //C#,Node.js。(反编译微信小程序)一键获取微信小程序源码(傻瓜式操作)。goodjob。 ## 客户端安全 - http://www.rohitab.com/apimonitor //客户端C/S架构API监控工具 - https://github.com/theLSA/hack-cs-tools //客户端测试工具检查条目checklist。G:/theLSA/CS-checklist;--