Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
my-tagmarks
Curated topics (i.e. tags) from my personal bookmarks. All topics are formatted as query links linked to a tag based bookmark manager page made with TagMark.
https://github.com/pwnfan/my-tagmarks
Last synced: 4 days ago
JSON representation
-
2. My TagMark Cheat Sheet
-
2.1. CyberSecurity
- brute force
- dir brute force (URL brute force / URL enumeration)
- password spraying
- bug bounty
- ASMI bypass (Anti-Scraper and Malicious Infrastructure bypass)
- CDN bypass
- GFW bypass
- UAC bypass (User Account Control bypass)
- WAF bypass
- C2 (Command and Control)
- C2 agent
- malleable C2
- cybersecurity
- Chinese
- English
- Japanese
- aggregator site
- article
- Chinese
- English
- Japanese
- Awesome
- basic knowledge
- best practices
- blog
- community site
- conference topic
- ebook
- personal
- team
- organization
- book
- cheat sheet
- checklist
- team cooperation
- college
- enterprise
- course
- forum
- development
- free resources
- how-to
- learning notes
- Methodology
- mind map
- navigation site / page
- news site / page
- online resource / tool
- Open-Source Software (OSS)
- optimization
- outline
- paid resources
- productivity
- resource collection
- resource search
- roadmap
- RSS
- terminology
- thesis
- tips
- tool
- vocabulary
- video
- vulnerability definition
- wiki
- 0day
- Active Directory
- adversary emulation (aka red teaming / purple teaming)
- antivirus
- API
- API key
- APT (Advanced Persistent Threat)
- ASN (Autonomous System Number)
- assessment
- attack surface
- audit
- penetration automation
- automation
- encryption
- risk enumeration
- user enumeration (aka account enumeration)
- ETW (Event Tracing for Windows)
- exploit search
- fake service
- file signature (aka file header / file magic number)
- fingerprint
- FOFA
- frontend
- fuzzing
- AV evasion (AV bypass)
- backdoor
- BitLocker
- BloodHound
- bootkit
- bug hunt
- Burp Suite
- Burp Suite extension
- Burp Suite Intruder
- 40X bypass / 4XX bypass
- Mythic C2 framework
- captcha cracking
- CI/CD
- Cloudflare
- Cobalt Strike
- Cobalt Strike Aggressor
- Cobalt Strike Beacon
- Cobalt Strike BOF (Cobalt Strike Beacon Object File)
- dynamic analysis
- code audit
- code obfuscation
- CodeQL
- container escape
- hash cracking
- EDR evasion (EDR bypass)
- password cracking
- crawler / spider
- credential
- CVE
- cyberspace mapping (aka cyber mapping / digital mapping)
- data exfiltration
- data infiltration
- data set (data collection)
- DCSync
- decompile
- defense evasion
- defence kill (kill protection / disable defence / kill protection)
- deobfuscation
- deserialization
- dictionary generator / wordlist generator
- dictionary / wordlist
- DLP evasion (Data Loss Prevention evasion, aka DLP bypass)
- domain categorization
- domain fronting
- driver
- URL enumeration (aka URL brute force / dir brute force)
- Gmail
- Google Hacking (aka Google Dorking / Google-Fu)
- grey box
- HackerOne
- hiding (in cybersecurity)
- hijacking
- hook
- .hta (HTML Application)
- hvv
- IDA
- IDN Homograph attack
- indicator removal
- infrastructure setup
- reconnaissance
- Red Team
- Windows Registry
- report
- research
- Reverse DNS
- sandbox escape
- SAST (Static Application Security Testing)
- backup file scanning
- port scan
- vulnerability scan
- search dork
- search engine
- screenshot
- sensitive information
- serverless
- session hijacking
- shellcode
- BAS (Breach and Attack Simulation)
- bastion
- benchmark
- best practices
- blacklist
- kernel
- keylogger
- lateral movement
- law
- LDAP (Lightweight Directory Access Protocol)
- LDAP ACL (LDAP Access Control List)
- library / module / package
- Linux
- geographic location
- log
- LSASS (Local Security Authority Subsystem Service)
- malware
- intranet
- Java
- javascript
- Kerberos
- Kerberos TGS (Ticket Granting Service)
- memory
- mapping
- massive-scale scan
- Apache Maven
- memory injection
- memory trojan
- Mimikatz
- miscellaneous tool (aka comprehensive tool)
- MITM (Man-in-the-Middle)
- MITRE ATT&CK
- Windows Search Protocol
- MSF (Metasploit Framework)
- MSF Meterpreter
- Shodan
- sidejacking (aka session sidejacking / session hijacking)
- sniffer
- social engineering
- social network
- source code
- SQLMap
- SQLMap Tamper
- SSPI (Security Support Provider Interface)
- static analysis
- subdomain
- software supplier
- supply chain (IT)
- Git
- infrastructure
- OA (office automation)
- Seeyon OA (致远OA)
- Tongda OA (通达OA)
- GitHub Actions
- Github
- GitLab
- Weaver OA (泛微OA)
- Yonyou OA (用友OA)
- 泛微OA (Weaver OA)
- misconfiguration
- process hollowing
- proxy pool
- proxy
- Quake
- RAT (Remote Access Trojan)
- OAST (Out-of-band application security testing)
- original IP
- operating system process
- OSINT (Open Source Intelligence)
- passive
- payload
- penetration
- persistence
- phishing
- phone number
- 用友OA (Yonyou OA)
- 致远OA (Seeyon OA)
- 通达OA (Tongda OA)
- PIC (Position-Independent Code)
- physical hacking (aka physical penetration testing / physical security testing)
- poison
- post-exploitation
- PowerShell
- PowerView
- PPL (Protected Process Light)
- horizontal privilege escalation
- privilege escalation
- ASM (Attack Surface Management)
- attack analysis
- ModSecurity
- monitoring
- NIDS (Network Intrusion Detection System)
- operations
- Osquery
- rootkit
- reverse engineering
- reverse proxy
- reverse shell
- ROP (Return-oriented programming)
- ROP gadgets
- database
- defence
- account deletion (aka account termination / account cancellation / account closure)
- backdoor detection
- malware detection
- rootkit detection
- detection
- DevSecOps
- digital forensics (aka computer forensics / cyber forensics)
- DLP (Data Loss Prevention)
- DoD SRG (Department of Defense Security Requirements Guide)
- DoD STIG (Department of Defense Security Technical Implementation Guide)
- DRPS (Digital Risk Protection Service)
- dynamic analysis
- network
- Nim (programming language)
- MSFvenom
- NAT
- Net-NTLM hash
- Nmap
- NSE (Nmap Scripting Engine)
- Node.js
- NTDS (Windows NT Directory Services)
- Nuclei
- surveillance (red team)
- syscall
- TCP over HTTPS (ToH)
- threat intelligence
- token
- traffic analysis
- traffic capture
- traffic replay
- trojan
- TTP (Techniques, Tactics, and Procedures)
- tunnel
- UAC (User Account Control)
- User Agent
- username
- VIN (Vehicle Identification Number)
- virtual machine escape
- VSCode
- VSCode extension
- Winlogon
- WMI (Windows Management Instrumentation)
- xray
- vulnerability
- vulnerability alert
- vulnerability analysis
- vulnerability exploit
- vulnerability PoC
- vulnerability reproduction
- vulnerability search
- Vulners
- web
- Wayback Machine
- weak credentials
- web cache (aka browser cache / HTTP cache)
- webshell
- whitelist
- WHOIS
- YARA
- ZoomEye
- Active Directory
- SIEM (Security Information and Event Management)
- Sigma
- Snort
- SOAR (Security Orchestration, Automation, and Response)
- SOC (Security Operation Center)
- CNNVD
- CNVD
- code analysis
- coding guidelines / coding standards / programming style guides
- compliance
- Blue Team
- BOM (Bill of Materials)
- botnet
- CIS (Center for Internet Security)
- CSPM (Cloud Security Posture Management)
- DAST (Dynamic Application Security Testing)
- Security Errors
- event (in operating system)
- firewall
- guidance
- HIDS (Host-based Intrusion Detection System)
- honeypot
- honeytoken
- IAM (Identity and Access Management)
- IAST (Interactive Application Security Testing)
- IDS (Intrusion Detection System)
- incident response
- incident (in cybersecurity)
- IoC (Indicator of Compromise)
- EASM (External Attack Surface Management)
- environment variable
- EDR (Endpoint Detection and Response)
- XSS
- XXE
- Apache HTTP Server
- encoding
- endpoint
- enterprise
- Apache Velocity
- CakePHP
- CMS
- Debian
- gist
- Google Analytics
- Google Chrome
- Google Chrome Extension
- management (in DevOps)
- mapping (in computer vision and data visualization)
- memory
- Microsoft Sentinel
- midware
- IPS (Intrusion Prevention System)
- malware analysis
- NoSQL
- NPM (Node Package Manager)
- OWASP MASVS (OWASP Mobile Application Security Verification Standard)
- OWASP (Open Web Application Security Project)
- .pcap (Packet Capture file)
- privacy
- PWA (Progressive Web App)
- RASP (Runtime Application Self-Protection)
- rule (of softwares, e.g. WAF)
- sandbox
- SBOM (Software Bill of Materials)
- SCA (Software Composition Analysis)
- GraphQL
- GraphQL introspection
- Apollo GraphQL platform suggestions feature
- Apache Hadoop
- IIS short filename vulnerability
- IIS
- J2EE (Java EE)
- Jenkins
- JNDI (Java Naming and Directory Interface)
- Joomla (PHP)
- Laravel (PHP)
- Log4j
- logrotate
- MacOS
- Markdown
- midware
- MongoDB
- Microsoft Excel
- Microsoft Office macro
- Microsoft Word
- Microsoft Office
- MSSQL (Microsoft SQL Server)
- MySQL
- SSPI (Security Support Provider Interface)
- STIX (Structured Threat Information eXpression)
- Sysmon
- system construction (IT system of an enterprise, mainly security systems)
- test automation
- test
- threat hunting
- vulnerability management
- WAF
- webshell (detection)
- Windows Timeline
- Zero Trust
- Alibaba Cloud (Aliyun)
- AWS
- AWS S3
- Azure
- Cloud Native
- Cloud (Computing)
- container escape
- container
- Docker
- Dockerfile
- GCP (Google Cloud Platform)
- GCP buckets
- Huawei Cloud
- K8s (Kubernetes)
- kubectl
- Oracle Cloud
- Tencent Cloud
- Terraform
- web site admin panel (admin dashboard / admin control panel)
- BOF (buffer overflow)
- cache poison
- open redirect
- param-pollution
- prototype pollution
- RCE
- RFI (Remote File Inclusion)
- Blind SQL injection
- SQL injection
- SSRF (Server-Side Request Forgery)
- SSTI (Server-Side Template Injection)
- LFI (Local File Inclusion)
- logical vulnerability
- unauthorized access
- upload
- Django (Python)
- Drupal (PHP)
- Electron
- ERP
- Microsoft Exchange
- Fastjson
- Flask (Python)
- 通达OA (Tongda OA)
- Microsoft Office 365
- OneDrive
- ONLYOFFICE
- OpenVPN
- Oracle Database
- Microsoft Outlook
- OWA (Microsoft Outlook Web Access)
- Padrino (Ruby)
- pastebin
- Phoenix (Elixir)
- PHP
- Polkit
- PostgreSQL
- PyPI (Python Package Index)
- HTML smuggling (HTML injection)
- Clickjacking
- Code injection
- command injection
- CORS (Cross-Origin Resource Sharing)
- CRLF injection (HTTP response splitting)
- Client-Side Prototype Pollution (CSPP)
- CSRF
- default credential
- default settings
- directory traversal (aka path traversal / directory climbing)
- dangling DNS record (aka orphaned DNS record)
- DNS rebinding attack
- DNS takeover (aka DNS hijacking / DNS poisoning)
- DNS zone transfer (aka AXFR (Authoritative Transfer) / IXFR (Incremental Transfer))
- DOM XSS
- header-injection
- HTTP request smuggling
- NTP (Network Time Protocol)
- OA (office automation)
- Seeyon OA (致远OA)
- Tongda OA (通达OA)
- Weaver OA (泛微OA)
- Yonyou OA (用友OA)
- 泛微OA (Weaver OA)
- 用友OA (Yonyou OA)
- 致远OA (Seeyon OA)
- Redis
- Ruby on Rails
- Ruby
- Skype
- Apache Spark
- Spring Boot
- Spring Framework
- SQL
- Apache Struts
- Apache Tomcat
- UEFI (Unified Extensible Firmware Interface)
- Unix
- vBulletin
- VMware vCenter
- VMware
- VMware vRealize
- web server
- Oracle WebLogic Server
- Webpack
- WeChat Mini Program
- WebRTC (Web Real-Time Communication)
- Windows
- WordPress
- DNS (Domain Name System)
- domain
- FTP (File Transfer Protocol)
- Gopher
- HTTP (Hypertext Transfer Protocol)
- HTTP header
- HTTP parameter
- HTTPS (Hypertext Transfer Protocol Secure)
- REST (Representational State Transfer)
- RMI (Remote Method Invocation)
- JDWP (Java Debug Wire Protocol)
- JWT (JSON Web Token)
- Kerberos
- Net-NTLM hash
- NTLM (NT LAN Manager)
- protocol
- RDP (Remote Desktop Protocol)
- RPC (Remote Procedure Call)
- SMB (Server Message Block)
- SNMP ( Simple Network Management Protocol)
- SSH (Secure Shell)
- sshd (SSH daemon)
- SSL (Secure Sockets Layer)
- TCP (Transmission Control Protocol)
- TLS (Transport Layer Security)
- UDP (User Datagram Protocol)
- UPnP (Universal Plug and Play)
- VNC (Virtual Network Computing)
- WebDAV (Web Distributed Authoring and Versioning)
- WebSocket
- WinRM (Windows Remote Management)
- WMI (Windows Management Instrumentation)
- CTF
- DVR (Digital Video Recorder)
- firmware analysis
- firmware emulation (hardware emulation)
- CTF challenge
- Hack The Box
- OffSec Proving Grounds
- TryHackMe
- vulnerability lab (testbed / playground / simulation)
- online
- walk through / write up
- Android
- APK
- firmware
- app
- App lockers
- ARM
- Bluetooth
- Cisco
- Fortinet
- HackRF
- hardware / device
- HID (Human Interface Devices)
- ICS (Industrial Control System)
- iOS
- IoT (Internet of Things)
- MIPS
- MITM (Man-in-the-Middle)
- mobile
- physical hacking (aka physical penetration testing / physical security testing,)
- PLC (Programmable Logic Controller)
- printer
- ROM
- router
- RTOS (Real-Time Operating System)
- SCADA (Supervisory Control and Data Acquisition)
- wiki
- Wireless HID (Wireless Human Interface Devices)
- SMM (System Management Mode)
- USB
- USRP (Universal Software Radio Peripheral)
- webcam
- WIDS (Wireless Intrusion Detection System)
- Wi-Fi hotspot
- Wi-Fi
- Bitcoin
- Blockchain
- DeFi
- digital currency
- smart contracts
- Solidity
- Web3
- AI
- chatbot
- GPT
- BSCP (Burp Suite Certified Practitioner)
- certification
- career development
- health
- job interview
- leadership
- market (analysis)
- OSCE³ (OffSec Certified Expert³)
- OSCP (Offsec Certified Professional)
- OSED (OffSec Exploit Developer)
- OSEE (OffSec Exploitation Expert)
- OSEP (OffSec Experienced Penetration Tester)
- OSWE (OffSec Web Expert)
- skill tree
- Certificate Transparency (CT)
- startups
- aggregator
- anonymous email
- API provided
- ASP.NET
- ASP
- aspx
- AST (Abstract Syntax Tree)
- browser extension (aka browser add-on / browser plugin)
- browser
- SSL pinning (certificate pinning)
- certificate
- CGI (Common Gateway Interface)
- CIDR (Classless Inter-Domain Routing)
- shell command
- concurrency
- software configuration (file)
- core dump
- cryptography
- custom 404 page
- debug
- decryption
- diagram
- Discord
- distributed
- document
- efficiency
- favicon
- .bin (binary file)
- .dll (Dynamic Link Library)
- framework
- GDB
- GUI
- .elf (Executable and Linkable Format)
- Hashcat
- .exe (Executable file)
- HTML5
- ICP Filing (ICP备案 / ICP beian)
- PE (Portable Executable)
- IP range (aka IP address range / IP subnet)
- IP
- IPv4
- IPv6
- JA3 fingerprints
- .jar (Java Archive)
- JSP (JavaServer Pages)
- Kali Linux
- Microsoft
- MMDB (MaxMind DB)
- one-liner
- Public Opinion Analysis
- Public Opinion Monitoring
- URL parsing
- performance
- plugin / add-on / extension
- port forwarding
- port
- QR code
- robots.txt
- shell
- SMS
- SOCKS5
- Tencent
- thick client (aka fat client)
- UI
- URL
- virtual machine image
- VPS
- Wireshark
- WooYun
-
2.2. Development
- DNS server
- flowchart
- Mermaid
- UML (Unified Modeling Language)
- diagram
- document
- Docker Compose
- docstring
- document database (aka document-oriented database)
- ECMAScript
- environment (setup)
- file system
- file transfer
- Git
- Github
- GitHub Pages
- GUI
- Halstead metrics
- Hexo
- management (in DevOps)
- language migration
- monitoring
- multiple processes
- NAT (Network Address Translation)
- network
- Nginx
- notification
- operations
- ORM (Object-Relational Mapping)
- PaaS (Platform as a Service)
- packaging (in Python)
- parallel computing
- URL parsing
- PEP 8
- performance analysis
- performance
- Plotly.js
- plugin / add-on / extension
- port forwarding
- port
- development
- development (without "cybersecurity")
- development (with "cybersecurity")
- article
- Chinese
- English
- Japanese
- basic knowledge
- best practices
- blog
- book
- cheat sheet
- checklist
- community site
- career development
- course
- how-to
- ebook
- efficiency
- free resources
- issue
- leadership
- learning notes
- Methodology
- mind map
- navigation site / page
- news site / page
- online resource / tool
- Open-Source Software (OSS)
- productivity
- resource collection
- resource search
- roadmap
- RSS
- skill tree
- startups
- terminology
- tool
- vocabulary
- thesis
- tips
- wiki
- window resize
- app
- architecture
- automation
- big data
- browser
- browser extension (aka browser add-on / browser plugin)
- chatbot
- CI/CD
- Cloud Native
- Cloud (Computing)
- code analysis
- code assistant
- code complexity
- code example (code snippet)
- code formatting
- code generator
- code optimization
- code playground (aka online code editor / coding sandbox)
- code quality
- code review
- code style
- shell command
- compiler
- concurrency
- software configuration (file)
- team cooperation
- coroutine
- Cyclomatic complexity
- database
- debug
- desktop APP (aka desktop software / PC software / PC APP)
- devcontainer
- DevOps
- DevSecOps
- ASCII art diagram
- ER diagram (Entity-Relationship diagram)
- HTML
- IaaS (Infrastructure as a Service)
- journalctl
- Jupyter
- kernel
- knowledge sharing
- kubectl
- library / module / package
- license
- linter
- protocol
- progress bar (aka progress indicator)
- profiler
- prototyping
- Pytest
- typing (in Python)
- Python
- README
- Redis
- version control (aka source control / revision control)
- version manager
- Vim
- VPS
- VSCode extension
- rich text
- RPA (Robotic Process Automation)
- SaaS (Software as a Service)
- sampling profiler
- scaffolding
- screen sharing
- shell
- shortcut key
- skill challenge
- spinner (in command-line interface (CLI) applications)
- SQL
- systemd
- TCP
- test
- test automation
- coverage test
- unit test
- tmux
- UI design,
- UI
- Unicode
- Unix
- variable name
- VSCode
- WSL (Windows Subsystem for Linux)
- Apache ZooKeeper
-
2.6. Other Topics
-
2.3. AI, Machine Learning, Math, Data Science, NLP, Computer Vision
- AI
- Google Bard
- chatbot
- computer vision
- corpus
- name corpus
- data analysis
- data mining
- data science
- data visualization
- deep learning
- diagram
- ASCII art diagram
- ER diagram (Entity-Relationship diagram)
- flowchart
- Mermaid
- UML (Unified Modeling Language)
- Apache ECharts
- facial recognition / face recognition
- face swap
- formula
- free resources
- geofencing
- geospatial
- GIS (Geographic Information System)
- GPT
- Linear algebra
- machine learning
- map
- math
- GPT-4
- ChatGPT private version
- prompt for GPT
- how-to
- LaTeX
- Matplotlib
- CNN (Convolutional Neural Network)
- NLP (Natural Language Processing.)
- OCR (Optical Character Recognition)
- Pandas (Python)
- PyTorch
- RPA (Robotic Process Automation)
- scikit-learn
- TensorFlow
- wiki
- word segmentation (aka tokenization)
-
2.4. Digital Media Processing
-
2.5. Finance, Economics, Commerce
-
-
3. About TagMark
-
2.6. Other Topics
-
-
4. Credits
-
2.6. Other Topics
- HackGit (@hack_git) - source security tools
- sec-wiki weekly - related news, technology, and open-source tools
-
Programming Languages
Sub Categories