mirror of
https://github.com/euphrat1ca/Security-List.git
synced 2026-06-30 21:09:51 +08:00
227
227
This commit is contained in:
parent
f0314ea1d8
commit
a2d3cfe116
47
README.md
47
README.md
@ -26,7 +26,7 @@
|
||||
- https://www.nist.gov/topics/cybersecurity //美国国家标准与技术研究院。NVD漏洞库
|
||||
- https://www.mitre.org/publications/all //mitre安全机构。CVE漏洞库
|
||||
- https://www.alibabacloud.com/blog //阿里安全建设
|
||||
- https://security.tencent.com/index.php/blog //腾讯安全建设
|
||||
- https://security.tencent.com/index.php/blog/msg/139 //腾讯安全建设。网络空间安全时代的红蓝对抗建设
|
||||
- https://github.com/baidu-security //百度安全建设
|
||||
- https://ai.google/research/pubs/?area=SecurityPrivacyandAbusePrevention //谷歌安全建设
|
||||
- https://aws.amazon.com/cn/blogs/security/ //亚马逊安全建设
|
||||
@ -401,7 +401,16 @@
|
||||
- https://github.com/saghul/aiodns/ //PY.请求后无需关闭连接的情况下有效地进行多次调用的DNS解析器
|
||||
## 相关工具拓展插件
|
||||
- https://github.com/AntSword-Store/ //中国蚁剑插件市场
|
||||
#### kali环境拓展插件
|
||||
### burpsuit相关工具拓展插件
|
||||
- https://github.com/euphrat1ca/security_w1k1/blob/master/wiki_burpsuite.md/ //burpsuite插件收集.mywiki
|
||||
- https://github.com/PortSwigger //burpsuite官方插件库。商业版。
|
||||
### CobaltStrike相关工具拓展插件
|
||||
- https://github.com/euphrat1ca/security_w1k1/blob/master/wiki_Cobaltstrike.md/ //cobaltstrike插件收集.mywiki
|
||||
- https://www.cobaltstrike.com/aggressor-script/index.html //脱离MSF之后的Aggressor Script 成为了开源脚本引擎 Cortana 的接班人
|
||||
- https://github.com/verctor/CS_xor64 //JAVA.生成cobaltstrike破解版所需的xor64.bin
|
||||
- https://github.com/Mr-Un1k0d3r/SCT-obfuscator //Cobalt Strike SCT有效载荷混淆器
|
||||
- https://github.com/dcsync/pycobalt //PY3.Python API for Cobalt Strike
|
||||
### kali环境拓展插件
|
||||
- https://github.com/Manisso/fsociety //linux下类似于kali的工具包一键安装工具
|
||||
- https://github.com/LionSec/katoolin //使用linux服务器自动安装kali工具包
|
||||
- https://github.com/TrustedSec/ptf/ //PY.基于Debian/Ubuntu/ArchLinux下的测试工具安装管理工具
|
||||
@ -413,26 +422,13 @@
|
||||
- https://github.com/se55i0n/Awvs_Nessus_Scanner_API //扫描器Awvs 11和Nessus 7 Api利用脚本
|
||||
- https://github.com/DanMcInerney/msf-autoshell //配合nessus扫描结果进行msf攻击
|
||||
- https://github.com/MooseDojo/apt2 //联动nmap、nessus等工具进行安全测试
|
||||
#### awvs相关工具拓展插件
|
||||
### awvs相关工具拓展插件
|
||||
- https://www.52pojie.cn/thread-214819-1-1.html //awvs10.5开发框架破解版。商业版。
|
||||
- https://github.com/fnmsd/awvs_script_decode //awvs10.5规则scripts解密版,SDK,开发手册
|
||||
- https://github.com/NS-Sp4ce/AWVS11.X-Chinese-Version //JS.awvs11汉化包
|
||||
- https://github.com/l3m0n/awvs_190703137 //PY.Linux版awvs
|
||||
- https://github.com/grayddq/PublicSecScan //PY.调用awvsAPI对WEB资产进行分布式WEB安全扫描,发现web环境下常规的一些安全漏洞
|
||||
#### burpsuit相关工具拓展插件
|
||||
- https://github.com/PortSwigger //burpsuite官方插件库。商业版。
|
||||
- https://github.com/snoopysecurity/awesome-burp-extensions //awesome系列之burp拓展
|
||||
- https://github.com/d3vilbug/HackBar //hackbar
|
||||
- https://github.com/bit4woo/knife //burp增强右键菜单
|
||||
- https://github.com/c0ny1/jsEncrypter //一个用于加密传输爆破的Burp Suite插件
|
||||
- https://github.com/nccgroup/BurpSuiteHTTPSmuggler //使用几种技巧绕过WAF
|
||||
- https://github.com/nccgroup/argumentinjectionhammer //Burp插件.识别参数注入漏洞
|
||||
- https://github.com/modzero/interestingFileScanner //增强敏感文件扫描
|
||||
- https://github.com/c0ny1/chunked-coding-converter //本插件主要用于分块传输绕WAF
|
||||
- https://github.com/ztosec/secscan-authcheck //java.越权漏洞检测,支持web界面配置。Github:portswigger/authz
|
||||
- https://github.com/m4ll0k/BurpSuite-Secret_Finder //在http请求中扫描apikey/tokens
|
||||
- https://github.com/TheKingOfDuck/burpFakeIP //IP修改伪造
|
||||
#### sqlmap相关工具拓展插件
|
||||
### sqlmap相关工具拓展插件
|
||||
- https://github.com/codewatchorg/sqlipy //burp与sqlmap联动插件
|
||||
- https://github.com/RicterZ/websocket-injection //PY2.WebSocket 中转注入工具
|
||||
- https://github.com/Hood3dRob1n/SQLMAP-Web-GUI //PHP.sqlmap的web gui
|
||||
@ -443,7 +439,7 @@
|
||||
- https://github.com/ysrc/GourdScanV2 //ysrc出品的被动式漏洞扫描工具,基于sqlmapapi
|
||||
- https://github.com/zt2/sqli-hunter //基于sqlmapapi,ruby编写的漏洞代理型检测工具
|
||||
- https://github.com/jesuiscamille/AutoSQLi //利用DorkNet,Googler, Ddgr, WhatWaf 和 sqlmap自动注入
|
||||
#### nmap相关工具拓展插件
|
||||
### nmap相关工具拓展插件
|
||||
- https://github.com/Ullaakut/nmap //GO.Nmap调用库go
|
||||
- https://github.com/savon-noir/python-libnmap //PY.nmap调用库python
|
||||
- https://github.com/johnnyxmas/scancannon //BASH.联动masscan和nmap
|
||||
@ -465,7 +461,7 @@
|
||||
- https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest //集成子域名枚举、nmap、waf指纹识别等模块的web应用扫描器
|
||||
- https://github.com/ring04h/wyportmap //调用nmap目标端口扫描+系统服务指纹识别
|
||||
- https://github.com/cloudflare/flan //PY.cloudflare基于nmap开发的漏洞检测工具
|
||||
#### metasploit相关工具拓展插件
|
||||
### metasploit相关工具拓展插件
|
||||
- https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit //结合机器学习与msf的全自动测试工具
|
||||
- https://github.com/r00t-3xp10it/Meterpreter_Paranoid_Mode-SSL //一个可以创建SSL/TLS shell连接的脚本
|
||||
- https://github.com/DanMcInerney/msf-netpwn //等待msf的session,并自动提为域管理
|
||||
@ -478,13 +474,7 @@
|
||||
- https://github.com/shizzz477/msploitego //将msf数据库与maltego进行图形化展示
|
||||
- https://github.com/scriptjunkie/msfgui //metasploit的GUI界面,强化Windows下支持
|
||||
- https://github.com/Zerx0r/Kage //VueJS.图形化MSF的GUI界面,Session Handler控制。
|
||||
#### CobaltStrike相关工具拓展插件
|
||||
- https://www.cobaltstrike.com/aggressor-script/index.html //脱离MSF之后的Aggressor Script 成为了开源脚本引擎 Cortana 的接班人
|
||||
- https://github.com/verctor/CS_xor64 //JAVA.生成cobaltstrike破解版所需的xor64.bin
|
||||
- https://github.com/Mr-Un1k0d3r/SCT-obfuscator //Cobalt Strike SCT有效载荷混淆器
|
||||
- https://github.com/dcsync/pycobalt //PY3.Python API for Cobalt Strike
|
||||
- https://github.com/euphrat1ca/security_w1k1/blob/master/wiki_Cobaltstrike.md/ //cobaltstrike插件收集.mywiki
|
||||
#### Empire相关工具拓展插件
|
||||
### Empire相关工具拓展插件
|
||||
- https://paper.tuisec.win/detail/f3dce68a0b4baaa //利用Empire获取域控权限
|
||||
- https://github.com/EmpireProject/Empire-GUI //empire的nodejs界面
|
||||
- https://github.com/interference-security/empire-web //empire的web界面
|
||||
@ -1307,6 +1297,8 @@ endpoint 防护软件
|
||||
- https://paper.seebug.org/613/ //工控漏洞挖掘方法之固件逆向分析
|
||||
- https://github.com/unprovable/PentestHardware //硬件渗透测试实用手册
|
||||
- https://github.com/cwerling/psptool //PY.分析和解析AMD安全处理器的固件工具包
|
||||
- https://www.amobbs.com/thread-5703833-1-1.html //【正点原子】XCOM串口调试助手软件
|
||||
- https://github.com/nodemcu/nodemcu-flasher //Pascal.firmware Flash tool for nodemcu,包括“ESP8266Flasher.exe”。
|
||||
### 智能设备安全
|
||||
- https://github.com/yaseng/iot-security-wiki/ //物联网安全百科。伏宸安全实验
|
||||
- https://github.com/vletoux/SpoolerScanner //检测 Windows 远程打印机服务是否开启的工具
|
||||
@ -1399,7 +1391,7 @@ endpoint 防护软件
|
||||
- https://www.pelock.com/articles/reverse-engineering-tools-review //Reverse engineering tools review 逆向工具测评
|
||||
- https://down.52pojie.cn/ //吾爱破解爱盘工具包。
|
||||
- https://www.peerlyst.com/posts/resource-learning-how-to-reverse-malware-a-guide //恶意软件逆向指南和工具的集合
|
||||
- https://github.com/alphaSeclab/awesome-reverse-engineering //Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT)3000+逆向资源合集.收集的所有开源工具: sec-tool-list;网络相关的安全资源: awesome-network-stuff;攻击性网络安全资源: awesome-cyber-security;开源远控和恶意远控分析报告: awesome-rat;Webshell工具和分析/使用文章: awesome-webshell;
|
||||
- https://github.com/alphaSeclab/awesome-reverse-engineering //Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT)3000+逆向资源合集.
|
||||
### PC端逆向二进制文件分析
|
||||
- https://github.com/ReFirmLabs/binwalk //PY.固件、二进制、pwn等文件自动化识别与逆向,支持多插件配置。goodjob,5k。
|
||||
- http://www.sweetscape.com/010editor/ //识别不同文件格式(模板)的16进制编辑器,具有文件修复功能。
|
||||
@ -1720,6 +1712,7 @@ endpoint 防护软件
|
||||
- https://github.com/NytroRST/NetRipper //支持截获像putty,winscp,mssql,chrome,firefox,outlook,https中的明文密码
|
||||
- https://github.com/shramos/polymorph //支持几乎所有现有协议的实时网络数据包操作框架
|
||||
- https://github.com/nospaceships/raw-socket-sniffer //C.PS.无需驱动抓取Windows流量
|
||||
- https://github.com/netsniff-ng/netsniff-ng //C.a fast zero-copy analyzer,pcap捕获和重放工具
|
||||
### 常用报文库开源协议库
|
||||
- https://wiki.wireshark.org/SampleCaptures/ //wireshark维护的报文Captures,包括许多工控协议库等
|
||||
- https://securityonion.readthedocs.io/en/latest/pcaps.html //安全洋葱维护的回溯pcap列表。securityonion-docs
|
||||
|
||||
@ -7,7 +7,7 @@
|
||||
- https://github.com/sym233/core-values-encoder //js.社会主义核心价值观加密,https://sym233.github.io/core-values-encoder/
|
||||
- https://pdos.csail.mit.edu/archive/scigen/ //SCIgen 学术文档虚拟文件生成钓鱼
|
||||
- https://github.com/DIYgod/RSSHub //JS.万物皆可rss
|
||||
- https://lovelive.tools/ //说话的艺术,zn语录
|
||||
- https://lovelive.tools/ //说话的艺术,渣男语录
|
||||
- https://github.com/jxlwqq/id-validator.py //PY3.居住证号码验证工具(Python 版)
|
||||
- https://github.com/sylnsfar/qrcode //PY3.动态二维码
|
||||
- https://github.com/fire-keeper/BlindWatermark //py.数字水印,使用盲水印保护图片。
|
||||
@ -15,17 +15,17 @@
|
||||
- https://archive.org //Internet Archive is a non-profit library of millions of free books, movies, software, music, websites, and more.
|
||||
- http://web.archive.org //网站时光机
|
||||
- https://wn.run //万能命令.自动加载网站脚本,视频解析/文档下载/翻译/快照等。
|
||||
- http://www.bingdian001.com/ //冰点文库下载
|
||||
- http://www.bingdian001.com/ //百度文库冰点下载
|
||||
- https://2tool.top/ //域名前面加上his.sh,网页快照
|
||||
- https://www.freenom.com //注册免费域名,dns解析
|
||||
- https://github.com/luolongfei/freenom //php.freenom域名自动续期。
|
||||
- https://www.onlinedoctranslator.com/ //在线文档翻译
|
||||
- https://zh.wikihow.com //生活百科
|
||||
- https://pandownload.com/ //下载
|
||||
- https://pandownload.com/ //百度下载
|
||||
- https://www.baiduwp.com/ //网盘下载
|
||||
- https://github.com/b3log/baidu-netdisk-downloaderx //GO/JS.BND是基于G:BaiduPCS-Go图形界面的百度网盘不限速下载器
|
||||
- https://github.com/wu-dada/baidupankey //JS.基于云盘万能钥匙api查询百度网盘提取密码
|
||||
- http://www.speedpan.com/ //下载
|
||||
- http://www.speedpan.com/ //百度下载
|
||||
- https://github.com/peterq/pan-light //GO.网盘不限速客户端, golang + qt5, 跨平台图形界面。9k。
|
||||
- https://github.com/devzwy/Crack-Edition-software-for-Mac //各类破解版Mac软件
|
||||
- http://tool.oschina.net/commons/ //常用对照表,HTTP Content-type、TCP/UDP常见端口参考、字体、颜色等。
|
||||
@ -47,12 +47,12 @@
|
||||
- https://www.pdfpai.com/ //在线pdf转换
|
||||
- http://www.alltoall.net/ //在线格式转换
|
||||
### 搜索引擎
|
||||
- https://www.wolframalpha.com //问题答案搜索
|
||||
- https://www.dogedoge.com/ //多吉搜索
|
||||
- https://weixin.sogou.com/weixin?type=2&query= //微信文章搜索
|
||||
- http://ac.scmor.com/ //谷歌搜索镜像
|
||||
- https://github.com/asciimoo/searx //PY.搭建一个自己的搜索引擎,DEMO网址 https://searx.me/
|
||||
- https://www.gobaidugle.com //联合搜索
|
||||
- https://lookao.com/ //匿名搜索
|
||||
- https://mijisou.com/ //匿名搜索
|
||||
- https://www.gobaidugle.com //聚合搜索
|
||||
- https://www.wolframalpha.com //问题答案搜索
|
||||
- https://github.com/asciimoo/searx //PY.搭建一个自己的搜索引擎,DEMO网址 searx.me.
|
||||
### 网盘服务
|
||||
- https://send.firefox.com //火狐网盘
|
||||
- https://www.upload.ee/ //文件共享平台
|
||||
@ -84,6 +84,11 @@
|
||||
- https://bbs.pediy.com/thread-223178.htm //intro.[原创] 对控制PC端微信发送信息的研究
|
||||
- https://github.com/TonyChen56/WeChatRobot //C++.微信pc机器人。
|
||||
- https://github.com/anhkgg/SuperWeChatPC //超级微信电脑客户端,支持多开、防消息撤销、语音消息备份...开放WeChatSDK
|
||||
## 注册机keygen
|
||||
- https://github.com/DoubleLabyrinth/MobaXterm-keygen //PY.putty远程服务管理工具,MobaXterm注册机。G:github.com/HyperSine/
|
||||
- https://github.com/DoubleLabyrinth/navicat-keygen //C.数据库管理工具navicat注册机。G:github.com/HyperSine/
|
||||
- https://github.com/DoubleLabyrinth/winrar-keygen //C++.A keygen for WinRAR注册机。G:github.com/HyperSine/
|
||||
- https://github.com/zsdlove/fortify-license-crack //fortify去除证书校验
|
||||
## 办公套件
|
||||
- https://cmder.net //Windows命令行加强版。通过*user_aliases*配置文件配置快捷键
|
||||
- https://sadd.io/ //在线操作系统
|
||||
@ -97,9 +102,6 @@
|
||||
- http://ohshitgit.com/ //intro.git操作手册
|
||||
- https://www.mythicsoft.com //全文检索工具。FileLocatorPro,类似如SearchMyFiles
|
||||
- https://www.voidtools.com //文件和文件夹快速定位。Everything
|
||||
- https://github.com/DoubleLabyrinth/MobaXterm-keygen //PY.putty远程服务管理工具,MobaXterm注册机。G:github.com/HyperSine/
|
||||
- https://github.com/DoubleLabyrinth/navicat-keygen //C.数据库管理工具navicat注册机。G:github.com/HyperSine/
|
||||
- https://github.com/DoubleLabyrinth/winrar-keygen //C++.A keygen for WinRAR注册机。G:github.com/HyperSine/
|
||||
- https://github.com/stascorp/rdpwrap //Pascal.开启异步并发rdp请求服务
|
||||
- http://sc.ftqq.com/3.version //server酱微信通知
|
||||
- http://www.vuln.cn/tools/ftp //在线FTP登录
|
||||
@ -131,10 +133,13 @@
|
||||
- https://audionautix.com/ //由Jason Shaw创作和制作的免费用于商业。需提供转载声明
|
||||
- https://www.tosound.com/ //免费
|
||||
### 视频素材
|
||||
- https://github.com/obsproject/obs-studio //C.用于实时流媒体和屏幕录制.官网obsproject.com。
|
||||
- https://www.videezy.com/ //免费使用,商用受保护
|
||||
- https://www.pexels.com/ //图像、视频免费使用
|
||||
- https://mixkit.co/ //在线视频素材
|
||||
### 图片素材
|
||||
- https://github.com/nagadomi/waifu2x //lua.无损放大图片.官网“waifu2x.udp.jp/”。P:bigjpg.com;
|
||||
- https://www.remove.bg/ //图片背景消除
|
||||
- https://wallhaven.cc/ //大片既视感
|
||||
- https://www.cleanpng.com/ //矢量png图
|
||||
- https://www.flaticon.com //免费图标网站
|
||||
@ -142,7 +147,7 @@
|
||||
### 字体素材
|
||||
- https://www.hellofont.cn/ //
|
||||
### 文档素材下载
|
||||
- https://www.cn-ki.net/ //知网、论文期刊检索下载
|
||||
- https://www.cn-ki.net/ //知网/论文期刊检索下载
|
||||
- http://sci-hub.tw/ //文献、专利、书籍下载
|
||||
- https://github.com/gedoor/MyBookshelf //JAVA.安卓app小说阅读器
|
||||
- http://wenku.baiduvvv.com/doc/ //文库下载
|
||||
|
||||
@ -37,6 +37,7 @@
|
||||
- https://github.com/lancopku/PKUSeg-python //PY3.北大中文分词
|
||||
- https://github.com//chinese-poetry/chinese-poetry //PY.中华最全诗词库数据
|
||||
### 机器学习
|
||||
- https://visualgo.net/ //算法库
|
||||
- https://github.com/google-research/bert //PY.谷歌研究院最强NLP运算模型
|
||||
- https://paperswithcode.com/sota //机器学习具体项目、演示、代码
|
||||
- https://www.reddit.com/r/Python/comments/a81mg3/the_entire_mit_intro_computer_science_class_using/ //麻省理工机器学习视频
|
||||
|
||||
13
wiki_burpsuite.md
Normal file
13
wiki_burpsuite.md
Normal file
@ -0,0 +1,13 @@
|
||||
### burpsuit相关工具拓展插件
|
||||
- https://github.com/snoopysecurity/awesome-burp-extensions //awesome系列之burp拓展
|
||||
- https://github.com/alphaSeclab/awesome-burp-suite //Awesome Burp Suite Resources. 400+ open source Burp plugins, 500+ posts and videos.
|
||||
- https://github.com/d3vilbug/HackBar //hackbar
|
||||
- https://github.com/bit4woo/knife //burp增强右键菜单
|
||||
- https://github.com/c0ny1/jsEncrypter //一个用于加密传输爆破的Burp Suite插件
|
||||
- https://github.com/nccgroup/BurpSuiteHTTPSmuggler //使用几种技巧绕过WAF
|
||||
- https://github.com/nccgroup/argumentinjectionhammer //Burp插件.识别参数注入漏洞
|
||||
- https://github.com/modzero/interestingFileScanner //增强敏感文件扫描
|
||||
- https://github.com/c0ny1/chunked-coding-converter //本插件主要用于分块传输绕WAF
|
||||
- https://github.com/ztosec/secscan-authcheck //java.越权漏洞检测,支持web界面配置。Github:portswigger/authz
|
||||
- https://github.com/m4ll0k/BurpSuite-Secret_Finder //在http请求中扫描 api key/tokens
|
||||
- https://github.com/TheKingOfDuck/burpFakeIP //PY.IP修改伪造
|
||||
Loading…
Reference in New Issue
Block a user