security-study-tutorial
Summary of online learning materials
https://github.com/mykings/security-study-tutorial
Last synced: 9 days ago
JSON representation
-
Pentest
- Security Research from the Microsoft Security Response Center (MSRC)
- Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.
- RedTeam资料收集整理
- Great security list for fun and profit
- Penetration tests cases, resources and guidelines.
- Attack and defend active directory using modern post exploitation adversary tradecraft activity
- HTA encryption tool for RedTeams
- Red Team Field Manual
- Decrypted content of eqgrp-auction-file.tar.xz
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
- 渗透测试、红队攻击、网络安全资源大集合
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Webkit Exploitation Tutorial
- Awesome Cybersecurity Blue Team - 蓝队防御相关的工具、文章资料收集
- Whitepaper: HTTP Security Headers and How They Work
- 1 – INTRODUCTION TO CYBER SECURITY
- Webkit Exploitation Tutorial
- 1 – INTRODUCTION TO CYBER SECURITY
- 2 – PASSIVE INFORMATION GATHERING(OSINT)
- 3 – ACTIVE INFORMATION GATHERING
- 4 – VULNERABILITY DETECTION
- 5 – EXPLOITATION
-
Security conference
- 2019 Pass the SALT 会议的大部分议题 PPT 公开了
- RuhrSec 2019 会议的视频公开了
- 学术届 ACM ASIACCS 2019 会议的议题 PPT 都公开了
- 即将举办的 Black Hat USA 2019 大会值得关注的七大热点网络安全趋势
- lack Hat USA 2019 会议上,微软宣布对于可以成功利用的 Azure 平台的 Exploit,微软最多可以奖励 30 万美金
- Nicolas Joly 在 BlackHat USA 2019 对 Outlook/Exchange 漏洞及利用的总结
- 研究员 Maor Shwartz 在 BlackHat USA 2019 会议上对 0Day 市场买卖交易双方的介绍
- 5G 通信网络的新漏洞,来自 BlackHat USA 2019
- 腾讯安全Blade Team在blackhat usa 2019 上关于利用WiFi漏洞RCE的细节公开了。 – freener0
- 来自 DEF CON 27 会议上针对 MikroTik RouterOS 系统的漏洞利用研究
- BSides Canberra 2019 会议议题 “iOS 越狱需要什么?Hacking the iPhone: 2014 - 2019” 的视频
- 来自 Kcon 2019 360 安全研究员的议题《如何去挖掘物联网环境中的高级恶意软件威胁》
- KCon 2019 安全会议的议题 PPT 可以下载了
- HITB GSEC 2019 会议议题的 PPT 都公开了
- DerbyCon 会议 NCC Group 研究员关于 COM Hijacking 的议题
- Derbycon 2019 会议的视频上线了
- Black Hat Europe 2019 会议议题列表(部分)公开了
- R2CON 2019 会议的议题 PPT 公开了
- Derbycon 2019 会议的视频上线了
- Black Hat Europe 2019 会议议题列表(部分)公开了
- OSDFCon19 会议关于 Linux 操作系统取证分析的议题 PPT
- Derbycon 2019 会议的视频上线了
- DerbyCon 会议 NCC Group 研究员关于 COM Hijacking 的议题
- Black Hat Europe 2019 会议议题列表(部分)公开了
-
Tools
-
DNS
-
Exploiter
- This contains common local exploits and enumeration scripts
- Automated Mass Exploiter
- Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
- A bunch of links related to VMware escape exploits
- Windows Exploits
- windows-kernel-exploits Windows平台提权漏洞集合
- MS17-010
- A Course on Intermediate Level Linux Exploitation
-
Git
-
Honey
-
Hunter
-
IoT
-
OSINT
-
Other
- A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
- Official Black Hat Arsenal Security Tools Repository
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
- Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
- Open-Source Security Architecture
- PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
- Find open databases with Shodan
- An advanced memory forensics framework
- Golang安全资源合集
-
Phisher
-
RAT
-
Scanner
- DeepSearch - Advanced Web Dir Scanner
- Web Application Security Scanner Framework
- Web path scanner
- Fast and powerful SSL/TLS server scanning library.
- Next generation web scanner
- A high performance offensive security tool for reconnaissance and vulnerability scanning
- Docker security analysis & hacking tools
- AIL framework - Analysis Information Leak framework
- A fast and modular scanner for Tor exit relays.
- OpenVAS remote network security scanner
- Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
- Use ExpiredDomains.net and BlueCoat to find useful domains for red team.
- 分布式web漏洞扫描
- Golang编写的开源POC检测框架
- Weak password blasting of weak ports and integrated detection tools for unauthorized access.
- Fast CORS misconfiguration vulnerabilities scanner
- Web App Monitor
- Automated pentest framework for offensive security experts
-
Traffic
-
-
Vulnerability
-
Other
-
SSRF
-
XSS
- ws-na.amazon-adsystem.com(Amazon) 反射型 XSS 漏洞披露
- 浏览器 XSS Filter 绕过速查表
- CentOS Web Panel 0.9.8.763 存储型 XSS 漏洞披露(CVE-2019-7646
- Microsoft Office 365 Outlook 的两个 XSS 漏洞披露
- 漏洞赏金私人项目中的 XSS 及 RCE 漏洞实例
- Video Downloader and Video Downloader Plus Chrome Extension Hijack Exploit - UXSS via CSP Bypass (~15.5 Million Affected)
- Gitlab Markdown 存储型 XSS 漏洞详情披露:
- 实用的DOM XSS入门手册
- Browser's XSS Filter Bypass Cheat Sheet
-
Categories
Sub Categories
Keywords
security
39
hacking
17
python
15
security-tools
12
fuzzing
12
penetration-testing
9
pentesting
8
linux
8
scanner
8
pentest
7
vulnerability
7
vulnerability-scanners
6
osint
6
security-scanner
6
infosec
5
vulnerabilities
5
hacking-tool
5
pentest-tool
5
afl
4
security-vulnerability
4
vulnerability-detection
4
payload
4
bugbounty
4
security-audit
3
penetration-testing-tools
3
golang
3
malware
3
javascript
3
vulnerability-assessment
3
api
3
xss
3
vulnerability-management
3
cybersecurity
3
redteam
3
enumeration
3
windows
3
awesome
3
awesome-list
3
threat-hunting
3
fuzzer
3
cheatsheet
3
recon
2
stability
2
incident-response
2
pentesting-tools
2
osint-framework
2
hacking-tools
2
forensics
2
appsec
2
webapp
2