Facebook加入
LINE加入
2021/12/25
GITHUB駭客文章 收集 (Hack with GitHub)
資料來源: https://github.com/Hack-with-Github/Awesome-Hacking
Awesome Repositories
| Repository | Description |
|---|---|
| Android Security | Collection of Android security related resources |
| AppSec | Resources for learning about application security |
| Asset Discovery | List of resources which help during asset discovery phase of a security assessment engagement |
| Bug Bounty | List of Bug Bounty Programs and write-ups from the Bug Bounty hunters |
| CTF | List of CTF frameworks, libraries, resources and softwares |
| Cyber Skills | Curated list of hacking environments where you can train your cyber skills legally and safely |
| DevSecOps | List of awesome DevSecOps tools with the help from community experiments and contributions |
| Embedded and IoT Security | A curated list of awesome resources about embedded and IoT security |
| Exploit Development | Resources for learning about Exploit Development |
| Fuzzing | List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis |
| Hacking | List of awesome Hacking tutorials, tools and resources |
| Hacking Resources | Collection of hacking / penetration testing resources to make you better! |
| Honeypots | List of honeypot resources |
| Incident Response | List of tools for incident response |
| Industrial Control System Security | List of resources related to Industrial Control System (ICS) security |
| InfoSec | List of awesome infosec courses and training resources |
| IoT Hacks | Collection of Hacks in IoT Space |
| Mainframe Hacking | List of Awesome Mainframe Hacking/Pentesting Resources |
| Malware Analysis | List of awesome malware analysis tools and resources |
| OSINT | List of amazingly awesome Open Source Intelligence (OSINT) tools and resources |
| OSX and iOS Security | OSX and iOS related security tools |
| Pcaptools | Collection of tools developed by researchers in the Computer Science area to process network traces |
| Pentest | List of awesome penetration testing resources, tools and other shiny things |
| PHP Security | Libraries for generating secure random numbers, encrypting data and scanning for vulnerabilities |
| Red Teaming | List of Awesome Red Team / Red Teaming Resources |
| Reversing | List of awesome reverse engineering resources |
| Sec Talks | List of awesome security talks |
| SecLists | Collection of multiple types of lists used during security assessments |
| Security | Collection of awesome software, libraries, documents, books, resources and cools stuffs about security |
| Serverless Security | Collection of Serverless security related resources |
| Social Engineering | List of awesome social engineering resources |
| Static Analysis | List of static analysis tools, linters and code quality checkers for various programming languages |
| Threat Intelligence | List of Awesome Threat Intelligence resources |
| Vehicle Security | List of resources for learning about vehicle security and car hacking |
| Vulnerability Research | List of resources about Vulnerability Research |
| Web Hacking | List of web application security |
| Windows Exploitation – Advanced | List of Awesome Advanced Windows Exploitation References |
| WiFi Arsenal | Pack of various useful/useless tools for 802.11 hacking |
| YARA | List of awesome YARA rules, tools, and people |
| Hacker Roadmap | A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking. |
Other useful repositories
| Repository | Description |
|---|---|
| Adversarial Machine Learning | Curated list of awesome adversarial machine learning resources |
| AI Security | Curated list of AI security resources |
| API Security Checklist | Checklist of the most important security countermeasures when designing, testing, and releasing your API |
| APT Notes | Various public documents, whitepapers and articles about APT campaigns |
| Bug Bounty Reference | List of bug bounty write-up that is categorized by the bug nature |
| Cryptography | Cryptography resources and tools |
| CTF Tool | List of Capture The Flag (CTF) frameworks, libraries, resources and softwares |
| CVE PoC | List of CVE Proof of Concepts (PoCs) |
| Detection Lab | Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices |
| Forensics | List of awesome forensic analysis tools and resources |
| Free Programming Books | Free programming books for developers |
| Gray Hacker Resources | Useful for CTFs, wargames, pentesting |
| Hacker101 | A free class for web security by HackerOne |
| Infosec Getting Started | A collection of resources, documentation, links, etc to help people learn about Infosec |
| Infosec Reference | Information Security Reference That Doesn’t Suck |
| IOC | Collection of sources of indicators of compromise |
| Linux Kernel Exploitation | A bunch of links related to Linux kernel fuzzing and exploitation |
| Lockpicking | Resources relating to the security and compromise of locks, safes, and keys. |
| Machine Learning for Cyber Security | Curated list of tools and resources related to the use of machine learning for cyber security |
| Payloads | Collection of web attack payloads |
| PayloadsAllTheThings | List of useful payloads and bypass for Web Application Security and Pentest/CTF |
| Pentest Cheatsheets | Collection of the cheat sheets useful for pentesting |
| Pentest Wiki | A free online security knowledge library for pentesters / researchers |
| Probable Wordlists | Wordlists sorted by probability originally created for password generation and testing |
| Resource List | Collection of useful GitHub projects loosely categorised |
| Reverse Engineering | List of Reverse Engineering articles, books, and papers |
| RFSec-ToolKit | Collection of Radio Frequency Communication Protocol Hacktools |
| Security Cheatsheets | Collection of cheatsheets for various infosec tools and topics |
| Security List | Great security list for fun and profit |
| Shell | List of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell |
| ThreatHunter-Playbook | A Threat hunter’s playbook to aid the development of techniques and hypothesis for hunting campaigns |
| Web Security | Curated list of Web Security materials and resources |
很棒的倉庫
| 資料庫 | 描述 |
|---|---|
| Android安全性 | Android安全相關資源的集合 |
| AppSec | 學習應用程序安全性的資源 |
| 資產發現 | 在安全評估參與的資產發現階段提供幫助的資源列表 |
| 錯誤賞金 | Bug Bounty獵人的Bug Bounty程序和編寫清單 |
| 周大福 | CTF框架,庫,資源和軟件的列表 |
| 網絡技能 | 精選的駭客環境清單,可讓您合法而安全地訓練網絡技能 |
| 開發安全 | 在社區實驗和貢獻的幫助下,很棒的DevSecOps工具列表 |
| 嵌入式和物聯網安全 | 精選的有關嵌入式和IoT安全的優秀資源列表 |
| 開發利用 | 學習利用漏洞開發的資源 |
| 模糊測試 | 用於學習模糊測試和漏洞利用開發初始階段(如根本原因分析)的模糊測試資源列表 |
| 駭客 | 很棒的Hacking教程,工具和資源列表 |
| 黑客資源 | 收集黑客/滲透測試資源,使您變得更好! |
| 蜜罐 | 蜜罐資源列表 |
| 事件響應 | 事故響應工具清單 |
| 工業控制系統安全 | 與工業控制系統(ICS)安全性相關的資源列表 |
| 信息安全 | 很棒的信息安全課程和培訓資源列表 |
| 物聯網黑客 | 物聯網空間中的黑客集合 |
| 大型機黑客 | 令人敬畏的大型機黑客/沉迷資源列表 |
| 惡意軟件分析 | 很棒的惡意軟件分析工具和資源列表 |
| OSINT | 令人敬畏的開源智能(OSINT)工具和資源列表 |
| OSX和iOS安全性 | OSX和iOS相關的安全工具 |
| Pcaptools | 由計算機科學領域的研究人員開發的用於處理網絡跟踪的工具的集合 |
| 滲透測試 | 很棒的滲透測試資源,工具和其他閃亮清單 |
| PHP安全性 | 用於生成安全隨機數,加密數據和掃描漏洞的庫 |
| 紅隊 | 優秀的紅隊/紅隊資源列表 |
| 倒車 | 很棒的逆向工程資源列表 |
| 講座 | 很棒的安全講座清單 |
| 安全列表 | 收集安全評估期間使用的多種類型的列表 |
| 安全 | 收集了很棒的軟件,庫,文檔,書籍,資源,並為有關安全性的內容增光添彩 |
| 無服務器安全 | 無服務器安全性相關資源的集合 |
| 社會工程學 | 很棒的社會工程資源列表 |
| 靜態分析 | 各種編程語言的靜態分析工具,短絨和代碼質量檢查器的列表 |
| 威脅情報 | 令人敬畏的威脅情報資源列表 |
| 車輛安全 | 用於學習有關車輛安全和汽車黑客的資源列表 |
| 漏洞研究 | 有關漏洞研究的資源列表 |
| 網絡黑客 | Web應用程序安全性列表 |
| Windows開發-高級 | 很棒的高級Windows開發參考列表 |
| WiFi阿森納 | 各種有用/無用的802.11黑客工具包 |
| 亞拉 | 令人敬畏的YARA規則,工具和人員列表 |
| 黑客路線圖 | 面向業餘筆測試人員的指南,以及一系列黑客工具,資源和實踐道德黑客的參考。 |
其他有用的存儲庫
| 資料庫 | 描述 |
|---|---|
| 對抗機器學習 | 精選的出色對抗機器學習資源清單 |
| 人工智能安全 | 精選的AI安全資源清單 |
| API安全清單 | 設計,測試和發布API時最重要的安全對策清單 |
| APT注意事項 | 有關APT活動的各種公共文檔,白皮書和文章 |
| 錯誤賞金參考 | 按漏洞性質分類的漏洞賞金記錄列表 |
| 密碼學 | 密碼學資源和工具 |
| CTF工具 | Capture Flag(CTF)框架,庫,資源和軟件列表 |
| CVE PoC | CVE概念證明(PoC)清單 |
| 檢測實驗室 | Vagrant&Packer腳本可構建帶有安全工具和日誌記錄最佳實踐的完整實驗室環境 |
| 法證 | 很棒的法醫分析工具和資源清單 |
| 免費編程書籍 | 面向開發人員的免費編程書籍 |
| 灰色黑客資源 | 適用於CTF,戰爭遊戲,滲透測試 |
| 黑客101 | HackerOne的免費網絡安全課程 |
| Infosec入門 | 資源,文檔,鏈接等的集合,以幫助人們了解Infosec |
| Infosec參考 | 不會吸的信息安全參考 |
| 國際奧委會 | 收集折衷指標的來源 |
| Linux內核開發 | 一堆與Linux內核模糊和開發有關的鏈接 |
| 開鎖 | 與鎖,保險箱和鑰匙的安全性和破壞有關的資源。 |
| 用於網絡安全的機器學習 | 與將機器學習用於網絡安全的工具和資源的精選清單 |
| 有效載荷 | Web攻擊有效載荷的集合 |
| 有效載荷萬物 | Web應用程序安全性和Pentest / CTF的有用負載和繞過列表 |
| Pentest備忘單 | 備有備忘的備忘單 |
| Pentest維基 | 面向測試人員/研究人員的免費在線安全知識庫 |
| 可能的詞表 | 按最初為密碼生成和測試創建的概率對單詞列表進行排序 |
| 資源清單 | 有用的GitHub項目的集合粗略地分類 |
| 逆向工程 | 逆向工程文章,書籍和論文清單 |
| RFSec工具包 | 射頻通信協議黑客工具集合 |
| 安全備忘單 | 各種信息安全工具和主題的備忘單集合 |
| 安全清單 | 偉大的安全清單,帶來樂趣和收益 |
| 貝殼 | 完善使用Shell的出色命令行框架,工具包,指南和Gizmos列表 |
| 威脅獵人劇本 | 威脅獵人的劇本,有助於發展狩獵活動的技術和假設 |
| 網絡安全 | 網絡安全材料和資源的精選清單 |
熱門推薦
留言回覆
