mirror of
https://github.com/euphrat1ca/Security-List.git
synced 2026-06-27 21:01:32 +08:00
1
This commit is contained in:
whoami
parent
b02cd2645c
commit
8ea3e404cf
@ -152,6 +152,7 @@
|
||||
- https://github.com/n00py/ReadingList/blob/master/gunsafe.txt //安全工具集
|
||||
- https://github.com/Z4nzu/hackingtool //Linux安全工具集合,类似于pentestbox架构
|
||||
### 安全测试辅助
|
||||
- https://github.com/LasCC/Hack-Tools //渗透测试辅助套
|
||||
- http://requestbin.net/ //Inspect HTTP Requests。获取客户端http、dns请求。requestbin.com。
|
||||
- https://github.com/BugScanTeam/DNSLog //py。四叶草基于django监控 DNS 解析记录和 HTTP 访问记录的工具,将 DNSServer 集成进 DNSLog 中。
|
||||
- https://github.com/opensec-cn/vtest //Py。用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
|
||||
|
||||
@ -13,36 +13,34 @@
|
||||
- LLVM工具链,基于编译器插桩的coverage-feedback driven fuzzer
|
||||
- https://mp.weixin.qq.com/s/nREiT1Uj25igCMWu1kta9g //公众号:Fuzzing战争: 从刀剑弓斧到星球大战。 Flanker论安全
|
||||
- https://github.com/HexHive/FuzzGen/ //C++。根据库的接口I/O自动生成fuzzer
|
||||
## 模糊测试数据资料
|
||||
## 模糊测试学习资源
|
||||
- http://www.freebuf.com/articles/rookie/169413.html //一系列用于Fuzzing学习的资源汇总
|
||||
- https://github.com/secfigo/Awesome-Fuzzing //Fuzzing模糊测试相关学习资料
|
||||
- https://github.com/fuzzdb-project/fuzzdb //fuzz资料数据库
|
||||
- https://github.com/raminfp/linux_exploit_development //linux漏洞利用开发手册
|
||||
- https://github.com/mozillasecurity/fuzzdata //模糊测试输入样本资源。
|
||||
- https://www.fuzzysecurity.com/tutorials.html //fuzzysecurity教程。*egghunter
|
||||
- https://www.fuzzysecurity.com/tutorials.html //fuzzysecurity教程。"*egghunter"。
|
||||
## 模糊测试框架工具
|
||||
- https://google.github.io/clusterfuzz/ //谷歌集群模糊测试平台
|
||||
- https://github.com/google/oss-fuzz //C。谷歌对开源项目的进行免费的模糊测试服务
|
||||
- https://github.com/googleprojectzero/winafl //C。Google Project Zero 基于Windows AFL开发的模糊测试框架。原创技术分析-AFL漏洞挖掘技术漫谈.
|
||||
- http://zeroyu.xyz/2019/05/15/how-to-use-afl-fuzz/ //Intro。AFL使用指南.
|
||||
- https://github.com/mxmssh/drAFL //C。Linux模糊测试。G:/atrosinenko/kbdysch;G:/google/oss-fuzz;--
|
||||
- https://www.peach.tech/ //C#。Peach3模板流(通过提前定义好的xml等文件模板对目标单位进行测试)模糊测试,网络协议、API、文件格式模糊测试。G:/TideSec/Peach_Fuzzing;--
|
||||
- https://github.com/MozillaSecurity/peach //Py3。MozPeach是Peach v2.7的一个分支,由Mozilla Security维护。
|
||||
- https://mp.weixin.qq.com/s/yYkbysywQXD5l-SS0jQ3_A //公众号:使用Peach进行模糊测试从入门到放弃。P:/【工控安全】基于Peach的Modbus协议模糊测试;--
|
||||
- https://github.com/bunzen/pySSDeep //Py。一个基于模糊哈希(Fuzzy Hashing)算法的工具。G:/glaslos/ssdeep;G:/ssdeep-project/ssdeep;--
|
||||
### 设备模糊测试
|
||||
- https://github.com/zyw-200/FirmAFL //C。针对iot固件IoT firmware灰盒模糊测试.
|
||||
### 固件模糊测试
|
||||
- https://github.com/mxmssh/drAFL //C。Linux系统模糊测试。G:/atrosinenko/kbdysch;G:/google/oss-fuzz;--
|
||||
- https://github.com/googleprojectzero/winafl //C。Google Project Zero 基于Windows AFL开发的模糊测试框架。P:阿尔法实验室-AFL漏洞挖掘技术漫谈;--
|
||||
- http://zeroyu.xyz/2019/05/15/how-to-use-afl-fuzz/ //Intro。AFL使用指南。
|
||||
- https://github.com/zyw-200/FirmAFL //C。针对iot固件IoT firmware灰盒模糊测试。
|
||||
- https://github.com/k0keoyo/kDriver-Fuzzer //C。基于ioctlbf框架编写的驱动漏洞挖掘工具kDriver Fuzzer。
|
||||
### 软件模糊测试
|
||||
- https://github.com/google/honggfuzz //C。具有反馈驱动(Feedback-Driven)的持续性软件代码测试。2k。
|
||||
### 文件模糊测试
|
||||
- http://blog.topsec.com.cn/alphafuzzer/ //启明星辰阿尔法实验室以文件格式为主的漏洞挖掘工具。
|
||||
- https://github.com/dzzie/COMRaider //客户端溢出风险测试
|
||||
- http://blog.topsec.com.cn/alphafuzzer/ //阿尔法实验室文件模糊测试工具。
|
||||
### 协议模糊测试
|
||||
- https://www.peach.tech/ //C#。Peach3模板流(通过提前定义好的xml等文件模板对目标单位进行测试)模糊测试,网络协议、API、文件格式模糊测试。G:/TideSec/Peach_Fuzzing;--
|
||||
- https://github.com/MozillaSecurity/peach //Py3。MozPeach是Peach v2.7的一个分支,由Mozilla Security维护。
|
||||
- https://mp.weixin.qq.com/s/yYkbysywQXD5l-SS0jQ3_A //公众号:使用Peach进行模糊测试从入门到放弃。P:/【工控安全】基于Peach的Modbus协议模糊测试;--
|
||||
- https://github.com/cisco-sas/kitty //Py。针对TCP/IP的模糊测试框架。goodjob。
|
||||
- https://kitty.readthedocs.io/en/latest/ //Intro。kitty使用手册
|
||||
- https://github.com/cisco-sas/katnip //Py。kitty框架的拓展库
|
||||
- https://github.com/cisco-sas/katnip //Py。kitty框架拓展库
|
||||
- https://paper.seebug.org/772/ //Intro。如何使用 KittyFuzzer 结合 ISF 中的工控协议组件对工控协议进行 Fuzz。
|
||||
- https://github.com/cisco-sas/kitty //Py。针对TCP/IP的模糊测试框架。goodjob
|
||||
- https://github.com/jtpereyda/boofuzz //Py。基于OpenRCE/sulley框架二次开发的网络协议fuzz测试。G:/OpenRCE/sulley;--
|
||||
- https://github.com/Cisco-Talos/mutiny-fuzzer //Py。MikroTik基于pcap包解析的网络协议模糊测试。
|
||||
### 客户端模糊测试
|
||||
- https://github.com/dzzie/COMRaider //客户端溢出风险测试
|
||||
- https://github.com/Cisco-Talos/mutiny-fuzzer //Py。MikroTik基于pcap包解析的网络协议模糊测试。
|
||||
@ -47,7 +47,7 @@
|
||||
- https://github.com/RustyShackleford221/OSCP-Prep //OSCP-EXAM
|
||||
- https://github.com/lsh4ck/oscp //oscp历程。lshack.cn备战
|
||||
- https://0xdarkvortex.dev/index.php/2018/04/17/31-days-of-oscp-experience/ //31 days of OSCP Experience
|
||||
#### OSCE漏洞挖掘
|
||||
#### OSCE二进制漏洞
|
||||
- https://www.freebuf.com/news/206041.html //中文首发丨OSCE(Offensive Security Certified Expert)考证全攻略
|
||||
- https://github.com/ihack4falafel/OSCE //
|
||||
- https://github.com/dhn/OSCE //
|
||||
|
||||
Loading…
Reference in New Issue
Block a user