网安学习资料
|
316
|
0
|
Philtmy

1、渗透工具

鉴于有的工具分享都是有条件的,比如关注获得、私信获取解压密码的,我觉得开源精神略有不足,授人予鱼不如授人以渔,所以今天分享一批可以直接下载的链接,不用关注、不用解压、不用订阅,直接用就完事了,更新了还能随时更换……

提前说明一下:本文章涉及分享的网页链接均为开源项目地址,所有涉及工具、教程只可安全测试自用,请勿对任何网站进行入侵攻击!!!被抓与本站无任何关系就说自学成才。

XRAY高级版:https://github.com/NHPT/Xray_Cracked
SuperXray-Xray图形化工具:https://github.com/4ra1n/super-xray
XSS自动化扫描器:https://github.com/hahwul/dalfox
超级弱口令检查工具:https://github.com/shack2/SNETCracker
javafx编写的poc管理和漏洞扫描小工具:https://github.com/Janhsu/oday
网络资产收集与漏洞扫描工具:https://github.com/perlh/hscan
ThinkPHP渗透工具:https://github.com/Lotus6/ThinkphpGUI
ysoserial反序列化图形利用工具:https://github.com/Lotus6/ysoserial
批量网站备份文件扫描器:https://github.com/VMsec/ihoneyBakFileScan_Modify
基于CasaOS容器云构建的渗透测试平台:https://github.com/arch3rPro/Pentest-Docker?tab=readme-ov-file
红队资产收集工具:https://github.com/MKID1412/MoonLight
各种OA系统的高危漏洞利用:https://github.com/White-hua/Apt_t00ls/releases
Webshell自动解密流量分析工具:https://github.com/intbjw/webshell-decryptor
SQL注入漏洞批量检查工具:https://github.com/malvads/sqlmc
Rust免杀马快速生成工具:https://github.com/lv183037/MaLoader
API越权漏洞检测工具:https://github.com/y1nglamore/IDOR_detect_tool
单兵作战渗透测试工具:https://github.com/x364e3ab6/DudeSuite
外部打点-资产测绘工具:https://github.com/dark-kingA/arsenalTools
好用的解密工具:https://github.com/Ciphey/Ciphey
js逆向之远程调用(rpc)免去抠代码补环境:https://github.com/jxhczhl/JsRpc
windows提权EXP搜索辅助工具:https://github.com/neargle/win-powerup-exp-index
冰蝎【t00ls专版】:https://github.com/rebeyond/Behinder
Fofa平台采集工具:https://github.com/tangxiaofeng7/Fofa-collect
AniYa-GUI免杀框架:https://github.com/piiperxyz/AniYa
宏病毒免杀脚本:https://github.com/outflanknl/EvilClippy
JBOSS工具:https://github.com/yunxu1/jboss-_CVE-2017-12149
高危漏洞利用工具:https://github.com/White-hua/Apt_t00ls
Burpsuite皮肤:https://github.com/CoreyD97/BurpCustomizer
开源DDOS:
https://github.com/GinjaChris/pentmenu.git
https://github.com/649/Memcrashed-DDoS-Exploit
BurpSuite插件-FastJson检测插件:https://github.com/pmiaowu/BurpFastJsonScan
BurpSuite插件-权限绕过自动化bypass:https://github.com/0x727/BypassPro
BurpSuite插件-Log4j2扫描:https://github.com/mostwantedduck/BurpLog4j2Scan
BurpSuite插件-OA识别、爆破:https://github.com/shuanx/BurpFingerPrint?tab=readme-ov-file
快速挖掘目标指纹和关键信息的Burp插件:https://github.com/gh0stkey/HaE

2、安全产品

漏洞提交平台:https://github.com/creditease-sec/insight
企业内网安全管理平台:https://github.com/xiongjungit/SecurityManageFramwork-SeMF
Java静态代码分析工具:https://github.com/wh1t3p1g/tabby
云原生安全平台:https://github.com/chaitin/HummerRisk
SCA工具:https://github.com/jeremylong/DependencyCheck
企业API工具:https://github.com/Aur0ra-m/APIKiller
APP安全工具-dex文件整体加密:https://github.com/guanchao/apk_auto_enforce
WAF防护效果测试工具:https://github.com/chaitin/blazehttp
漏洞预警(钉钉、飞书通知):https://github.com/zema1/watchvuln
开源漏洞管理平台:https://github.com/infobyte/faraday
githab泄露监控平台:https://github.com/VKSRC/Github-Monitor
APP渗透漏洞安全扫描:https://github.com/MobSF/Mobile-Security-Framework-MobSF
100Gbps的网络性能与压力测试软件:https://github.com/baidu/dperf
云原生的主机安全:https://github.com/bytedance/Elkeid
甲方资产巡航扫描系统:https://github.com/awake1t/linglong
软件供应链安全识别(墨菲开源):https://github.com/murphysecurity/murphysec
长亭开源-容器安全工具集(支持镜像恶意文件/后门/敏感信息/弱口令扫描):https://github.com/chaitin/veinmind-tools
APP隐私合规项目:https://github.com/zhengjim/camille
安卓静态分析工具:https://github.com/bytedance/appshark
Web应用防火墙:https://github.com/starjun/openstar
GitHub, GitLab监控:https://github.com/madneal/gshark
免费的企业级自动化App隐私合规检测工具:https://github.com/TongchengOpenSource/AppScan
蜜罐:https://github.com/C4o/Juggler
云原生容器沙箱系统:https://github.com/bytedance/vArmor
主机入侵检测系统:https://github.com/theSecHunter/Hades
企业API工具:https://github.com/wgpsec/ENScan_GO

3、技术文库

渗透笔记:https://github.com/aplyc1a/blogs
安全公开演讲PPT:https://github.com/knownsec/KCon
安全面试题:https://github.com/tangxiaofeng7/Security_Q-A/tree/main
数据安全方法论与实践:https://github.com/tuhaolam/awesome-data-security-cn
威胁情报知识库:https://github.com/dongfangyuxiao/py-study/blob/97c35409ae3bac4353f9519ef0fc784cdb29ec28/py-study/%E5%A8%81%E8%83%81%E6%83%85%E6%8A%A5/readme.txt
安全沙龙演讲PPT:https://github.com/awake1t/HackReport/tree/main
PeiQi文库:https://github.com/PeiQi0/PeiQi-WIKI-Book
网络安全基础思维导图:https://github.com/MiYogurt/network-security-mind-map网安笔记(PDF文档):https://github.com/Ghost2097221/security_study_notes
剁椒鱼头没剁椒文库:https://github.com/djytmdj/Network-security-study-notes
网安笔记:https://github.com/eastmountyxz/NetworkSecuritySelf-study