正文
Hacker 101:https://www.hacker101.com/
漏洞平台
-
Exploit Database:https://www.exploit-db.com/
-
HackerOne:https://www.hackerone.com/
-
Vulhub:https://vulhub.org/
-
乌云镜像:http://wooyun.2xss.cc/
-
知道创宇漏洞平台:https://www.seebug.org/
靶机平台
-
HackTheBox:https://www.hackthebox.com/
-
OWASP Top10:https://owasp.org/www-project-juice-shop/
-
WebGoat:https://github.com/WebGoat/WebGoat
公开知识库
信息收集
指纹识别
-
Wapplyzer:Chrome插件 跨平台网站分析工具 https://github.com/AliasIO/Wappalyzer
-
TideFinger:提取了多个开源指纹识别工具的规则库并进行了规则重组 https://github.com/TideSec/TideFinger
-
御剑web指纹识别程序:https://www.webshell.cc/4697.html
-
云悉指纹识别:http://www.yunsee.cn/
扫描/爆破
-
dirsearch:目录扫描/爆破 https://github.com/maurosoria/dirsearch
-
dirmap:目录扫描/爆破 https://github.com/H4ckForJob/dirmap
-
Arjun:HTTP参数扫描器 https://github.com/s0md3v/Arjun
-
ksubdomain:子域名爆破 https://github.com/knownsec/ksubdomain
-
Gobuster:URI/DNS/WEB爆破 https://github.com/OJ/gobuster
爆破字典
-
Dictionary-Of-Pentesting:渗透测试、SRC漏洞挖掘、爆破、Fuzzing等常用字典 https://github.com/insightglacier/Dictionary-Of-Pentesting
-
fuzzDicts:Web渗透Fuzz字典 https://github.com/TheKingOfDuck/fuzzDicts
-
PentesterSpecialDict:渗透测试工程师精简化字典 https://github.com/ppbibo/PentesterSpecialDict
综合信息收集
-
AlliN:https://github.com/P1-Team/AlliN
-
Kunyu:https://github.com/knownsec/Kunyu
-
OneForAll:https://github.com/shmilylty/OneForAll
-
ShuiZe:https://github.com/0x727/ShuiZe_0x727
-
Fofa Viewer:https://github.com/wgpsec/fofa_viewer
内网信息收集
-
fscan:内网综合扫描工具 https://github.com/shadow1ng/fscan
-
EHole:红队重点攻击系统指纹探测工具 https://github.com/EdgeSecurityTeam/EHole
-
Ladon:用于大型网络渗透的多线程插件化综合扫描工具 https://github.com/k8gege/Ladon
漏洞研究
漏洞综述
漏洞挖掘
开源漏洞库
-
Vulhub:https://vulhub.org/
-
PeiQi文库:http://wiki.peiqi.tech/
-
PoCBox:https://github.com/0verSp4ce/PoCBox
-
Vulnerability:https://github.com/EdgeSecurityTeam/Vulnerability
-
POChouse:https://github.com/DawnFlame/POChouse
POC/EXP
