献给黑客,渗透人员 & 安全研究人员的一份绝佳清单
始终欢迎你的贡献 !
| 仓库名 | 描述- |
|---|---|
| Android Security | 安卓安全相关资源的整理 |
| AppSec | 安卓安全相关的资源 |
| Bug Bounty | 来自漏洞赏金猎人的漏洞赏金程序与write-up整理 |
| Cheatsheets | 渗透测试/安全便签 |
| CTF | CTF框架、资料库、资源和软件的整理 |
| Cyber Skills | 供技术训练的安全合法黑客环境整理 |
| DevSecOps | 受社区实验和贡献帮助,极好的DevSecOps工具整理 |
| Exploit Development | 学习利用开发的资 |
| Fuzzing | 用于模糊测试学习与初级利用开发(如根本原因分析法)的模糊测试资源整理 |
| Hacking | 极好的黑客指南、工具与资源整理 |
| Honeypots | 蜜罐资源整理 |
| Incident Response | 应急响应工具整理 |
| Industrial Control System Security | 与工控系统安全相关的资源整理 |
| InfoSec | 极好的信息安全课程和训练资源整理 |
| IoT Hacks | 物联网空间黑客资源整理 |
| Malware Analysis | 极好的恶意软件分析攻击与资源整理 |
| OSINT | 极好的开源情报(OSINT)工具与资源整理 |
| OSX and iOS Security | OSX与iOS相关安全工具 |
| Pcaptools | 计算机科学领域研究者开发的进行网络跟踪的工具整理 |
| Pentest | 极好渗透测试资源,工具及其他整理 |
| PHP Security | 安全随机数生成、加密数据与漏洞扫描 |
| Reversing | 极好的逆向工程资源整理 |
| Sec Talks | 极好的安全演讲整理 |
| SecLists | 各种类型的在安全评估中用到的整理的收集 |
| Security | 极好的关于安全的软件、资料库、文档、书籍、资源和酷酷的小玩意的收集 |
| Social Engineering | 极好对的社会工程学资源整理 |
| Static Analysis | 静态分析工具、各种语言的格式和代码质量检查器的整理 |
| Threat Intelligence | 极好的威胁情报资源收集 |
| Vehicle Security | 学习物联网安全和汽车攻击的资源整理 |
| Vulnerability Research | 漏洞研究资源整理 |
| Web Hacking | web应用安全相关整理 |
| Windows Exploitation | 极好的Windows的漏洞利用资源与有亮点的东西的整理 |
| WiFi Arsenal | 802.11无线攻击中的各种有用/无用的工具整理 |
| Repository | Description |
|---|---|
| API Security Checklist | Checklist of the most important security countermeasures when designing, testing, and releasing your API |
| APT Notes | Various public documents, whitepapers and articles about APT campaigns |
| Bug Bounty Reference | List of bug bounty write-up that is categorized by the bug nature |
| Cryptography | Cryptography resources and tools |
| CTF Tool | List of Capture The Flag (CTF) frameworks, libraries, resources and softwares |
| CVE PoC | List of CVE Proof of Concepts (PoCs) |
| Forensics | List of awesome forensic analysis tools and resources |
| Free Programming Books | Free programming books for developers |
| Gray Hacker Resources | Useful for CTFs, wargames, pentesting |
| Infosec Getting Started | A collection of resources, documentation, links, etc to help people learn about Infosec |
| Infosec Reference | Information Security Reference That Doesn't Suck |
| IOC | Collection of sources of indicators of compromise |
| Linux Kernel Exploitation | A bunch of links related to Linux kernel fuzzing and exploitation |
| Lockpicking | Resources relating to the security and compromise of locks, safes, and keys. |
| Machine Learning for Cyber Security | Curated list of tools and resources related to the use of machine learning for cyber security |
| Malware Scripts | Useful scripts related with malware |
| Payloads | Collection of web attack payloads |
| PayloadsAllTheThings | List of useful payloads and bypass for Web Application Security and Pentest/CTF |
| Pentest Cheatsheets | Collection of the cheat sheets useful for pentesting |
| Pentest Wiki | A free online security knowledge library for pentesters / researchers |
| Probable Wordlists | Wordlists sorted by probability originally created for password generation and testing |
| Resource List | Collection of useful GitHub projects loosely categorised |
| Reverse Engineering | List of Reverse Engineering articles, books, and papers |
| RFSec-ToolKit | Collection of Radio Frequency Communication Protocol Hacktools |
| Security Cheatsheets | Collection of cheatsheets for various infosec tools and topics |
| Security List | Great security list for fun and profit |
| Shell | List of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell |
| ThreatHunter-Playbook | A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns |
Follow Hack with GitHub on your favorite social media to get daily updates on interesting GitHub repositories related to Security.
- Twitter : @HackwithGithub
- Facebook : HackwithGithub
Please have a look at contributing.md