findneo / Newbie Security List
网络安全学习资料,欢迎补充
Stars: ✭ 402
Labels
Projects that are alternatives of or similar to Newbie Security List
Oscp Pentest Methodologies
备考 OSCP 的各种干货资料/渗透测试干货资料
Stars: ✭ 166 (-58.71%)
Mutual labels: ctf, websecurity
Jwtxploiter
A tool to test security of json web token
Stars: ✭ 130 (-67.66%)
Mutual labels: ctf, websecurity
Ctfcracktools
China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
Stars: ✭ 1,118 (+178.11%)
Mutual labels: ctf, websecurity
Resources-for-Application-Security
Some good resources for getting started with application security
Stars: ✭ 97 (-75.87%)
Mutual labels: ctf, websecurity
Vulnhub Ctf Writeups
This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.
Stars: ✭ 368 (-8.46%)
Mutual labels: ctf
Ctf
CTF (Capture The Flag) writeups, code snippets, notes, scripts
Stars: ✭ 336 (-16.42%)
Mutual labels: ctf
Injuredandroid
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (-21.14%)
Mutual labels: ctf
Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-3.23%)
Mutual labels: websecurity
Rta
Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
Stars: ✭ 358 (-10.95%)
Mutual labels: websecurity
Ctf Difficulty
This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
Stars: ✭ 338 (-15.92%)
Mutual labels: ctf
Ctf Writeups Public
Writeups for infosec Capture the Flag events by team Galaxians
Stars: ✭ 331 (-17.66%)
Mutual labels: ctf
Armpwn
Repository to train/learn memory corruption on the ARM platform.
Stars: ✭ 320 (-20.4%)
Mutual labels: ctf
Gef
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢
Stars: ✭ 4,197 (+944.03%)
Mutual labels: ctf
Hyperpwn
A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda
Stars: ✭ 387 (-3.73%)
Mutual labels: ctf
Pentest Lab
Pentest Lab on OpenStack with Heat, Chef provisioning and Docker
Stars: ✭ 353 (-12.19%)
Mutual labels: ctf
Pwndbg
Exploit Development and Reverse Engineering with GDB Made Easy
Stars: ✭ 4,178 (+939.3%)
Mutual labels: ctf
Newbie-Security-List
一桌菜,十几盘,有荤有素,有凉有热,怎么吃呢?你可以找一盘看起来好吃的,也可以找一盘离自己近的,都行。但是,得动筷子。不管怎么吃,最重要的是得动筷子。学技术也是一样。
有的人死活不动筷子,还不断念叨:“我要开始吃了。我马上就要开始吃了。我只要开始吃就能吃饱。我吃饱了就不饿了。你能不能告诉我该先吃哪一盘?先冷盘后热菜再喝汤这样是不是最好?但是我听说广东人都是先喝汤?这盘菜会不会太远了?这盘会不会太油腻?我吃饱了万一想拉屎你们这里有厕所吗?我真的马上就要开始吃了……为什么我现在还是饿?你能不能帮帮我?”
如需配合目录食用请访问这里
乌云
在线漏洞库/知识库
- https://wooyun.shuimugan.com/
- http://cb.drops.wiki/
- http://wooyun.chamd5.org/
- http://wooyun.jozxing.cc/
-
https://web.archive.org/web/20160628133257/http://www.wooyun.org:80/ (
GFW)
在线知识库
- https://superkieran.github.io/WooyunDrops/#!/
- https://wooyun.js.org/
- http://www.vuln.cn/wooyundrops
-
https://web.archive.org/web/20160628084846/http://drops.wooyun.org:80/ (
GFW)
在线漏洞库
- http://bug.p0sec.net/
-
https://web.archive.org/web/20160625075226/http://www.wooyun.org:80/bugs (
GFW)
本地搭建
B/S型
https://github.com/hanc00l/wooyun_public
硬盘搜索型
- 链接: WooYun漏洞、知识库收集(超详细版) 密码: 28gr
- everything : search file by name on disk.
- agentransack/FileLocatorPro : search file by content on disk。
CTF
BREAK & WATCH
文档
- https://beginners.re/
- https://leanpub.com/web-hacking-101
- https://ctf-wiki.github.io/ctf-wiki/index.html
- https://www.gitbook.com/read/book/firmianay/ctf-all-in-one
- https://www.pediy.com/kssd/
- https://paper.seebug.org/
- http://evilcos.me/security_skill_tree_basic/index.html
- https://book.nmask.cn/
GitHub
- https://github.com/jekil/awesome-hacking/
- https://github.com/ctfs/
- https://github.com/joe-shenouda/awesome-cyber-skills
- https://github.com/CHYbeta/Web-Security-Learning
- https://github.com/qazbnm456/awesome-web-security
- https://github.com/tom0li/collection-document
- https://github.com/zardus/wargame-nexus
- https://github.com/sbilly/awesome-security
安全导航
- https://navisec.it/
- http://www.itxueke.com/SecNavi/
- http://shentoushi.top/
- https://www.anquanquan.info/
其他优秀资源
- https://speakerdeck.com/search?utf8=%E2%9C%93&q=ctf
- https://gotyour.pw/
- https://skills.bugbank.cn/
- https://hackmethod.com/roadmap/
- https://highon.coffee/
- https://silic.wiki/doku.php
- https://learnxinyminutes.com/
- http://www.opensecuritytraining.info/
- http://www.fuzzysecurity.com/index.html
- https://pentesterlab.com/bootcamp
- http://liveoverflow.com/
- https://rupigcute.wixsite.com/quantiumtown/rssindex
- https://raintrees.net/projects/a-painter-and-a-black-cat/wiki
GET HANDS DIRTY
练习平台
- http://shell-storm.org/repo/CTF/
- https://ctftime.org/
- https://www.vulnhub.com/
- https://exploit-exercises.com/
- http://cryptopals.com/
- http://overthewire.org
- https://pwnhub.cn/index
- https://cmdchallenge.com/
- https://www.hackthissite.org/
- https://microcorruption.com/login
- http://smashthestack.org/
- http://pwnable.kr/
- https://pwnable.tw/
- http://www.underthewire.tech/
- http://www.freebuf.com/sectool/4708.html
- http://www.hetianlab.com/
- https://lab.pentestit.ru/
ONLINE JUDGE
- https://ringzer0team.com/
- https://www.wechall.net/
- https://backdoor.sdslabs.co/challenges
- https://www.jarvisoj.com/
- https://ctf.katsudon.org/ctf4u/
- https://www.onlinectf.com/challenges/
- http://ksnctf.sweetduet.info/
- http://ctf.nuptsast.com/
- https://ctf.hackmethod.com/
- http://oj.xctf.org.cn/
- http://ctf.bugku.com/
- http://ctf.rookiehacker.org/
- http://www.shiyanbar.com/ctf/practice
- http://hackinglab.cn/
- https://hackme.inndy.tw/
- https://ctflearn.com/
- https://ctf.katsudon.org/
FOR FUN
- http://www.heibanke.com/lesson/crawler_ex00/
- http://web.onlinectf.com/cutezombie/web-app/
- http://riddle.arthurluk.net/pocket.php
- http://fun.coolshell.cn/
- http://monyer.com/game/game1/
博客
HACKERS
- https://whereisk0shl.top/
- https://www.leavesongs.com/
- http://www.cnblogs.com/iamstudy
- https://sigterm.ch/
- http://xlab.tencent.com/cn/
- https://strcpy.me/
- https://ricterz.me/
- http://www.blue-lotus.net/
- http://217.logdown.com/
- http://sh3ll.me/
- http://jiangjiawei.pw/blog/
- https://dog.xmu.edu.cn/
- https://chybeta.github.io/
- https://hackfun.org/
- http://www.cnblogs.com/figure9/
- http://blog.csdn.net/v_july_v
- http://mslc.ctf.su/
MIND HACKERS
- https://livid.v2ex.com/
- https://www.byvoid.com/zhs/
- http://mindhacks.cn/
- http://www.matrix67.com/blog/
- http://www.ruanyifeng.com/home.html
- http://www.yinwang.org/
- https://www.scotthyoung.com/blog/
- https://blog.youxu.info/
- https://program-think.blogspot.com/
工具
搜索
- https://google.com/
- https://www.exploit-db.com/google-hacking-database/
- http://search.chongbuluo.com/
- http://www.xilinjie.com/
- http://webcache.googleusercontent.com/search?q=cache:https://findneo.github.io
- https://web.archive.org/web/*/https://findneo.github.io
电子书籍
- http://www.banshujiang.cn/
- http://bestcbooks.com/
- https://salttiger.com/archives/
- https://www.it-ebooks.info/
- http://www.oreilly.com/programming/free/
- http://www.sxyj.net/
- https://www.jiumodiary.com/
安全相关
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].