清空自己的浏览器收藏夹,将过去两年内收集到的网址放在这里。
# 地理位置
openGPS 位置服务,推断 ip 具体位置:https://www.opengps.cn/Data/IP/IPSearch.aspx
openGPS 位置服务,高精度 ip 定位:https://www.opengps.cn/Data/IP/LocHighAcc.aspx
ip.tool.chinaz.com, IP 地址查询工具,https://ip.tool.chinaz.com/120.221.218.159
get-site-ip.com, 获取网站 IP 地址,https://get-site-ip.com/
tools.ipip.net, IP 地址查询工具,https://tools.ipip.net/cdn.php
webscan.cc, WebScan 网站安全检测,https://webscan.cc/site_www.sdju.edu.cn/
whois.pconline.com.cn, IP 查询工具,http://whois.pconline.com.cn/?ip=60.8.125.1
mylocation.org/, 我的地理位置,https://mylocation.org/
httpbin.org/ip, IP 信息查询,http://httpbin.org/ip
# 网站渗透
WAFW00F, WAF 产品进行识别和指纹识别:https://github.com/EnableSecurity/wafw00f
Teemo, 域名收集及枚举工具:https://github.com/bit4woo/teemo
securitytrails, 历史 DNS 解析,https://securitytrails.com
subDomainsBrute, 子域名爆破,https://github.com/lijiejie/subDomainsBrute
crt, 证书收集域,https://crt.sh
robertdavidgraham/masscan, masscan 开源扫描器,https://github.com/robertdavidgraham/masscan
zhzyker/vulmap, vulmap 漏洞利用工具集,https://github.com/zhzyker/vulmap
samratashok/nishang, Nishang 渗透测试脚本,https://github.com/samratashok/nishang
H4ckForJob/dirmap, Dirmap 目录扫描工具,https://github.com/H4ckForJob/dirmap
chaitin/xray, xray 漏洞扫描工具,https://github.com/chaitin/xray
knownsec/pocsuite3, Pocsuite3 漏洞测试框架,https://github.com/knownsec/pocsuite3
makoto56/penetration-suite-toolkit, 渗透套件工具,https://github.com/makoto56/penetration-suite-toolkit
# 渗透测试
yhy0/github-cve-monitor, GitHub CVE 监视工具,https://github.com/yhy0/github-cve-monitor
frohoff/ysoserial, Java 反序列化漏洞利用工具,https://github.com/frohoff/ysoserial
NickstaDB/SerializationDumper, Java 序列化对象分析工具,https://github.com/NickstaDB/SerializationDumper
dooccn.com, DoocCN - PHP 中文手册,http://www.dooccn.com/php/
yzddmr6/as_webshell_venom, AS Webshell 生成工具,https://github.com/yzddmr6/as_webshell_venom
tennc/webshell, WebShell 集合,https://github.com/tennc/webshell
do0dl3/xss-labs, XSS 漏洞实验室,https://github.com/do0dl3/xss-labs
s0md3v/XSStrike, XSS 漏洞检测工具,https://github.com/s0md3v/XSStrike
xss8.cc, XSS8 实验室,https://xss8.cc/bdstatic.com/
xssfuzzer.com, XSS 漏洞模糊测试工具,https://xssfuzzer.com/fuzzer.html
c0ny1/upload-labs, 上传漏洞实验室,https://github.com/c0ny1/upload-labs
almandin/fuxploider, Fuxploider 漏洞利用工具,https://github.com/almandin/fuxploider
TheKingOfDuck/fuzzDicts, Fuzz 字典集合,https://github.com/TheKingOfDuck/fuzzDicts#% E5%8F%82% E6%95% B0fuzz% E5% AD%97% E5%85% B8
fuzzdb-project/fuzzdb, FuzzDB 漏洞测试数据库,https://github.com/fuzzdb-project/fuzzdb
xmendez/wfuzz, Web 模糊测试工具,https://github.com/xmendez/wfuzz/
Audi-1/sqli-labs, SQL 注入漏洞实验室,https://github.com/Audi-1/sqli-labs
sqlmapproject/sqlmap, SQL 注入漏洞扫描工具,https://github.com/sqlmapproject/sqlmap
ceye.io, DNS 记录查询工具,http://ceye.io/records/dns
dnslog.cn, DNSLog 服务,http://dnslog.cn/
ADOOO/DnslogSqlinj, DnslogSqlinj 漏洞利用工具,https://github.com/ADOOO/DnslogSqlinj
ping.chinaz.com, 站长之家 Ping 工具,https://ping.chinaz.com/
offensive-security/exploitdb, Exploit Database 漏洞利用库,https://github.com/offensive-security/exploitdb
# CMS 扫描
yunsee.cn, 云溪社区,https://www.yunsee.cn/
ajinabraham/CMSScan, CMSScan CMS 漏洞扫描器,https://github.com/ajinabraham/CMSScan
wpscanteam/wpscan, WPScan WordPress 漏洞扫描器,https://github.com/wpscanteam/wpscan
OWASP/joomscan, JoomScan Joomla 漏洞扫描器,https://github.com/OWASP/joomscan
Lucifer1993/TPscan, TPscan ThinkPHP 漏洞扫描器,https://github.com/Lucifer1993/TPscan
# windows 漏洞
wesng, WES-NG,Windows 系统漏洞利用框架,https://github.com/bitsadmin/wesng
WindowsVulnScan, Windows 漏洞扫描器,https://github.com/chroblert/WindowsVulnScan
windows-kernel-exploits, SecWiki Windows 内核漏洞利用集合,https://github.com/SecWiki/windows-kernel-exploits
gentilkiwi/mimikatz, Mimikatz 密码工具,https://github.com/gentilkiwi/mimikatz
AlessandroZ/LaZagne, LaZagne 密码恢复工具,https://github.com/AlessandroZ/LaZagne
Ascotbe/KernelHub, KernelHub, https://github.com/Ascotbe/KernelHub
lolbas-project.github.io, Windows Living Off The Land Binaries, https://lolbas-project.github.io/
# linux 漏洞
rebootuser/LinEnum, LinEnum Linux 枚举脚本,https://github.com/rebootuser/LinEnum
sleventyeleven/linuxprivchecker, Linux Privilege Escalation 脚本,https://github.com/sleventyeleven/linuxprivchecker
mzet-/linux-exploit-suggester, Linux Exploit Suggester 脚本,https://github.com/mzet-/linux-exploit-suggester
jondonas/linux-exploit-suggester-2, Linux Exploit Suggester 2 脚本,https://github.com/jondonas/linux-exploit-suggester-2
gtfobins.github.io, Linux 提权技巧合集,https://gtfobins.github.io/
# 测试靶场
mozhe.cn, 墨者信息收集平台,https://www.mozhe.cn/
ichunqiu.com, i 春秋在线训练平台,https://www.ichunqiu.com/battalion?t=1&r=0
CTFTraining/CTFTraining, CTFTraining 平台,https://github.com/CTFTraining/CTFTraining
ctf.bugku.com, Bugku CTF 平台,https://ctf.bugku.com/
ctfhub.com, CTFHub 平台,https://www.ctfhub.com/#/challenge
buuoj.cn, BUUCTF 平台,https://buuoj.cn/
# 密码破解
cmd5.com, CMD5 在线密码解密,https://www.cmd5.com/
tool.chinaz.com/tools/base64.aspx, 在线 Base64 编码解码工具,http://tool.chinaz.com/tools/base64.aspx
107000.com/T-Hex, 十六进制转换工具,https://www.107000.com/T-Hex/
tool.chacuo.net/cryptdes, 在线 DES 加解密工具,http://tool.chacuo.net/cryptdes
shack2/SNETCracker, SNETCracker 密码破解工具,https://github.com/shack2/SNETCracker
vanhauser-thc/thc-hydra, Hydra 密码破解工具,https://github.com/vanhauser-thc/thc-hydra
djunny/enphp, ENPHP 加密工具,https://github.com/djunny/enphp
phpjiami.com, PHP 加密解密工具,https://www.phpjiami.com/phpjiami.html
dcode.fr, 密码学算法识别器,https://www.dcode.fr/cipher-identifier
Mebus/cupp, 用户自定义密码字典生成器,https://github.com/Mebus/cupp
# 操作系统
rjsos.com/win, RJSOS Windows 系统镜像下载,https://www.rjsos.com/win
msdn.itellyou.cn, 微软官方 MSDN 下载,https://msdn.itellyou.cn/
www.linux.org/pages/download/, Linux 官方网站,https://www.linux.org/pages/download/
mirrors.tuna.tsinghua.edu.cn/#, 清华大学开源软件镜像站,https://mirrors.tuna.tsinghua.edu.cn/#
uupdump.net/?lang=zh-cn, UUPDump.NET,Windows 镜像下载工具,https://uupdump.net/?lang=zh-cn
# 漏洞信息库
cnvd.org.cn, 中国国家信息安全漏洞库,https://www.cnvd.org.cn/
cn.0day.today, 0day.today 中国站,https://cn.0day.today/
exploit-db.com, Exploit Database, https://www.exploit-db.com/
vulhub.org, vulhub 环境搭建教程,https://vulhub.org/#/environments/
# 漏洞提交平台
butian.net, 补天漏洞报告平台,https://www.butian.net/
vulbox.com, VulBox 漏洞平台,https://www.vulbox.com/
src.sjtu.edu.cn, 大学 src, https://src.sjtu.edu.cn/
seebug.org, Seebug 漏洞平台,https://www.seebug.org/
# 搜索引擎
fofa.info, Fofa 搜索引擎,https://fofa.info/
cn.bing.com, 必应搜索引擎,https://cn.bing.com/
shodan.io, Shodan 搜索引擎,https://www.shodan.io/
zoomeye.org, ZoomEye 搜索引擎,https://www.zoomeye.org/
quake.360.cn, 360 搜索中心,https://quake.360.cn/quake/#/index
# 安全社区
websec.readthedocs.io, Web 安全指南,https://websec.readthedocs.io/zh/latest/language/index.html
moonsec.com, MoonSec 安全社区,https://www.moonsec.com/
jishu5.com, 技术小站,http://www.jishu5.com/post/67.html
ddosi.org, 分布式拒绝服务攻击平台,https://www.ddosi.org/
xz.aliyun.com, 阿里云安全中心,https://xz.aliyun.com/
hackernews.cc, 黑客新闻,https://hackernews.cc/page/3
rezaduty/cybersecurity-career-path, 信息安全职业发展指南,https://github.com/rezaduty/cybersecurity-career-path
# CTF 知识
Ignitetechnologies/Vulnhub-CTF-Writeups, Vulnhub CTF 解题报告,https://github.com/Ignitetechnologies/Vulnhub-CTF-Writeups
olist213/Information_Security_Books, 信息安全书籍资源列表,https://github.com/olist213/Information_Security_Books
firmianay.gitbook.io/ctf-all-in-one, CTF 全攻略,https://firmianay.gitbook.io/ctf-all-in-one/1_basic
crackstation.net, 在线密码破解服务,https://crackstation.net/
cnblogs.com/hirak0, hirak0 的博客,https://www.cnblogs.com/hirak0/default.html?page=3
# 临时身份
24mail.chacuo.net, 临时邮箱服务,http://24mail.chacuo.net/enus
guerrillamail.com, Guerrilla Mail 临时邮箱,https://www.guerrillamail.com/inbox
temp-mail.org, Temp Mail 临时邮箱,https://temp-mail.org/en/
temporary-phone-number.com, 临时手机号码服务,https://temporary-phone-number.com/
haoweichi.com, 临时身份生成,http://haoweichi.com/
linshi-email.com, 临时邮箱,https://www.linshi-email.com/
sms-activate.org/cn/freeNumbers, 短信接码平台,https://sms-activate.org/cn/freeNumbers
# 区块链相关
bitgo.com, BitGo 数字资产托管服务,https://www.bitgo.com/
huobi.com, 火币全球站,https://www.huobi.com/zh-cn/
binance.com, 币安交易所,https://www.binance.com/zh-CN
mymonero.com, MyMonero 钱包,https://wallet.mymonero.com/
baksman.org, Baksman 数字货币兑换服务,https://baksman.org/
account.proton.me, ProtonMail 账户登录,https://account.proton.me/login
bitlaunch.io, BitLaunch 云服务器,https://bitlaunch.io/cn/
hostsailor.com, HostSailor 云服务器,https://hostsailor.com/
web.getmonero.org, Monero 加密货币官方网站,https://web.getmonero.org/zh-cn/community/merchants/index.html
OpenVPN/easy-rsa, Easy-RSA 快速入门指南,https://github.com/OpenVPN/easy-rsa/blob/master/README.quickstart.md
# 微信数据库破解
greycodee/wechat-backup, 微信备份工具,https://github.com/greycodee/wechat-backup
lasting-yang/sqlitebrowser, SQLite 数据库浏览器,https://github.com/lasting-yang/sqlitebrowser
csdn.net, CSDN 博客文章,https://blog.csdn.net/sinat_25926481/article/details/122326313
zhihu.com, 如何导出微信聊天记录,https://www.zhihu.com/question/20443317/answer/1127118621
zhuanlan.zhihu.com, SQLite 数据库入门教程,https://zhuanlan.zhihu.com/p/111802776
yspreen/sqlcipher, SQLCipher Docker 镜像,https://hub.docker.com/r/yspreen/sqlcipher/dockerfile
leapcode/pysqlcipher, Python 连接和操作 SQLCipher 的库,https://github.com/leapcode/pysqlcipher
# Linux 命令
linux.51yip.com, Linux 命令大全,http://linux.51yip.com/
wangchujiang.com, Linux 命令手册,https://wangchujiang.com/linux-command/
bootschool.net, ASCII 艺术字符集,https://www.bootschool.net/ascii
liaoxuefeng.com, 学习 git, https://www.liaoxuefeng.com
# 机场地址
mojie.me, 魔戒云平台,https://www.mojie.me/#/login
caihongyun.one, 彩虹云在线工具,https://caihongyun.one/index.php#/dashboard
juziyun888.net, 聚资源云平台,https://juziyun888.net/auth/login
# 电影或电视剧
xkys.tv, 在线电影和电视剧,https://xkys.tv/
coub.com, 俄罗斯 Coub 频道,https://coub.com/community/celebrity
# mac 软件或插件
appstorrent.ru, 应用程序和游戏种子下载,https://appstorrent.ru/
jaywcjlove/awesome-mac, Mac 应用程序资源列表,https://github.com/jaywcjlove/awesome-mac
zhaoolee/ChromeAppHeroes, Chrome 应用英雄榜,https://github.com/zhaoolee/ChromeAppHeroes
# 红队知识学习
redcanaryco/atomic-red-team, 原子红队测试框架,https://github.com/redcanaryco/atomic-red-team
we1h0/redteam-tips, 红队技巧和建议,https://github.com/we1h0/redteam-tips
infosecn1nja/Red-Teaming-Toolkit, 红队工具集,https://github.com/infosecn1nja/Red-Teaming-Toolkit
yeyintminthuhtut/Awesome-Red-Teaming, 红队资源列表,https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
mantvydasb/RedTeaming-Tactics-and-Techniques, 红队战术和技术,https://github.com/mantvydasb/RedTeaming-Tactics-and-Techniques
carlospolop/hacktricks, hacktricks 工具和技术,https://github.com/carlospolop/hacktricks
book.hacktricks.xyz, hacktricks 在线书籍,https://book.hacktricks.xyz/welcome/readme
swisskyrepo/PayloadsAllTheThingsWeb, PayloadsAllTheThingsWeb 在线版本,https://swisskyrepo.github.io/PayloadsAllTheThingsWeb/
swisskyrepo/PayloadsAllTheThings, PayloadsAllTheThings 资源库,https://github.com/swisskyrepo/PayloadsAllTheThings
# ATT&CK
angryip/ipscan, IP 扫描工具,https://github.com/angryip/ipscan
Bypass007/Emergency-Response-Notes, 应急响应笔记,https://github.com/Bypass007/Emergency-Response-Notes
ycdxsb/PocOrExp_in_Github, PocOrExp_in_Github, https://github.com/ycdxsb/PocOrExp_in_Github
nomi-sec/PoC-in-GitHub, PoC-in-GitHub, https://github.com/nomi-sec/PoC-in-GitHub
zan8in/afrog, afrog, https://github.com/zan8in/afrog
greycode.top/posts/android-wechat-bak/, Android 微信备份解密工具,https://greycode.top/posts/android-wechat-bak/
app.slack.com/client/T20LT7NJX/CSNC6FFU0, Slack, https://app.slack.com/client/T20LT7NJX/CSNC6FFU0
BloodHoundAD/BloodHound, BloodHound, https://github.com/BloodHoundAD/BloodHound
trustedsec/social-engineer-toolkit/, 社会工程学工具包,https://github.com/trustedsec/social-engineer-toolkit/
ihebski/DefaultCreds-cheat-sheet, 默认凭证速查表,https://github.com/ihebski/DefaultCreds-cheat-sheet
www.bugku.com/mima/, 密码查询,https://www.bugku.com/mima/
haveibeenpwned.com/, Have I Been Pwned, https://haveibeenpwned.com/
monitor.firefox.com/, Firefox Monitor, https://monitor.firefox.com/
sandbox.ti.qianxin.com/sandbox/page, 腾讯威胁情报沙箱,https://sandbox.ti.qianxin.com/sandbox/page
habo.qq.com/, HABO 沙箱,https://habo.qq.com/
fabacab/awesome-cybersecurity-blueteam, Awesome Cybersecurity Blue Team, https://github.com/fabacab/awesome-cybersecurity-blueteam
helloexp/0day, 0day 漏洞,https://github.com/helloexp/0day
www.cloudvulndb.org/, Cloud Vulnerabilities Database, https://www.cloudvulndb.org/
www.team-cymru.com/ip-asn-mapping, IP 和 ASN 映射查询,https://www.team-cymru.com/ip-asn-mapping
yun.cloudbility.com/login.html, Cloudbility 云安全,https://yun.cloudbility.com/login.html
kelvinBen/AppInfoScanner, App 信息扫描工具,https://github.com/kelvinBen/AppInfoScanner
MobSF, 移动安全框架 MobSF, https://github.com/MobSF/Mobile-Security-Framework-MobSF
r0ysue/r0capture, r0capture, https://github.com/r0ysue/r0capture
# 云安全
ustayready/fireprox, AWS FireProx, https://github.com/ustayready/fireprox
dafthack/MFASweep, MFA 扫描工具,https://github.com/dafthack/MFASweep
hausec/PowerZure, Azure 权限提升工具,https://github.com/hausec/PowerZure
NetSPI/MicroBurst, Azure 云安全评估工具,https://github.com/NetSPI/MicroBurst
0xsha/CloudBrute, 云存储暴力破解工具,https://github.com/0xsha/CloudBrute
aquasecurity/cloudsploit, CloudSploit, https://github.com/aquasecurity/cloudsploit
derailed/popeye, Popeye, https://github.com/derailed/popeye
cyberark/KubiScan, KubiScan, https://github.com/cyberark/KubiScan
aquasecurity/trivy, Trivy, https://github.com/aquasecurity/trivy
brompwnie/botb, Botb, https://github.com/brompwnie/botb
RhinoSecurityLabs/ccat, Ccat, https://github.com/RhinoSecurityLabs/ccat
cdk-team/CDK, AWS CDK, https://github.com/cdk-team/CDK
aquasecurity/kube-hunter, Kube-Hunter, https://github.com/aquasecurity/kube-hunter
cyberark/kubeletctl, Kubeletctl, https://github.com/cyberark/kubeletctl
kubescape/kubescape, Kubescape, https://github.com/kubescape/kubescape
RhinoSecurityLabs/pacu, Pacu, https://github.com/RhinoSecurityLabs/pacu
inguardians/peirates, Peirates, https://github.com/inguardians/peirates
S3 Bucket Bruteforcer, https://github.com/RhinoSecurityLab
jordanpotti/CloudScraper, CloudScraper, https://github.com/jordanpotti/CloudScraper
wagoodman/dive, Dive, https://github.com/wagoodman/dive
kabachook/k8s-security/tree/master/k8numerate, K8numerate, https://github.com/kabachook/k8s-security/tree/master/k8numerate
derailed/k9s, K9s, https://github.com/derailed/k9s
quarkslab/kdigger, Kdigger, https://github.com/quarkslab/kdigger
Shopify/kubeaudit, Kubeaudit, https://github.com/Shopify/kubeaudit
aquasecurity/kube-bench, Kube-bench, https://github.com/aquasecurity/kube-bench
controlplaneio/kubesec, Kubesec, https://github.com/controlplaneio/kubesec
vchinnipilli/kubestriker, Kubestriker, https://github.com/vchinnipilli/kubestriker
nccgroup/ScoutSuite, ScoutSuite, https://github.com/nccgroup/ScoutSuite
heroku/terrier, Terrier, https://github.com/heroku/terrier
# Azure 安全
Azure/azure-powershell, Azure PowerShell, https://github.com/Azure/azure-powershell
AZ500 Azure Security Technologies, https://github.com/MicrosoftLearning
Azure/Azure-Sentinel, Azure Sentinel, https://github.com/Azure/Azure-Sentinel
rootsecdev/Azure-Red-Team, Azure Red Team, https://github.com/rootsecdev/Azure-Red-Team
Azure/Azure-Network-Security, Azure Network Security, https://github.com/Azure/Azure-Network-Security
idaholab/Malcolm, Malcolm, https://github.com/idaholab/Malcolm
dreadl0ck/netcap, Netcap, https://github.com/dreadl0ck/netcap
activecm/rita, Rita, https://github.com/activecm/rita
odedshimon/BruteShark, BruteShark, https://github.com/odedshimon/BruteShark
# 其他工具
program-think.blogspot.com, program-thinking, https://program-think.blogspot.com/
459.org, 459 导航,http://459.org/
tldraw.com, TLDR 绘图工具,https://www.tldraw.com/
i.hacking8.com/tiquan, 哈希提取,https://i.hacking8.com/tiquan
curl.iculture.cc, Curl 在线工具,https://curl.iculture.cc/
forthespada/CampusShame, 被记录的公司,https://github.com/forthespada/CampusShame
foxirj.com/download-2?post=1372, 福瑞文章下载,https://foxirj.com/download-2?post=1372
f0rb1dd3n/Reptile, Reptile 爬虫框架,https://github.com/f0rb1dd3n/Reptile
jweny/MemShellDemo, MemShell 演示,https://github.com/jweny/MemShellDemo
Google Cloud 实例详情,https://console.cloud.google.com
ph4ntonn/Stowaway, Stowaway 隧道工具,https://github.com/ph4ntonn/Stowaway
dcc.godaddy.com, GoDaddy DNS 控制面板,https://dcc.godaddy.com
c.runoob.com, 随机密码生成,https://c.runoob.com/
# 招聘链接
all.aqniu.com, 安全全景,https://all.aqniu.com/#/safetyPanorama
freebuf.com, FreeBuf 安全社区,https://www.freebuf.com/
zhipin.com, Boss 直聘 - 网络安全岗位,https://www.zhipin.com
c.liepin.com, 猎聘 - 网络安全职位,https://c.liepin.com
xiaoyuan.zhaopin.com, 智联招聘校园版,https://xiaoyuan.zhaopin.com/
campus.51job.com, 中国电信校园招聘,https://campus.51job.com
campus.qianxin.com, 360 校园招聘,https://campus.qianxin.com
topsec.zhiye.com, 天融信校园招聘,https://topsec.zhiye.com/
app.mokahr.com, 中兴通讯校园招聘,https://app.mokahr.com
app.mokahr.com, 赛宁网安校园招聘,https://app.mokahr.com
app.mokahr.com, 知乎校园招聘,https://app.mokahr.com
hr.163.com, 网易校园招聘,https://hr.163.com/j
campus.xiaohongshu.com, 小红书校园招聘,https://campus.xiaohongshu.com/
dptech.zhiye.com, 东软校园招聘,https://dptech.zhiye.com/campus/jobs
jobs.bilibili.com, 哔哩哔哩校园招聘,https://jobs.bilibili.com
hr.sangfor.comt, 深信服校园招聘,https://hr.sangfor.com
# 硕士论文
[文献部落]:(http://459.org/)
[大木虫]:(http://www.4243.net/)
[文献小镇]:(www.sci-hub.ac.cn/)
[文献神器 V8.0 下载]:(https://lanzoui.com/i4u2Qselgva)
[百川文献翻译下载网址]:(http://www.bcwxfy.com/)
[柠檬文献]:(http://sci-hub.fan/)
[文献下载导航]:(http://489.org/)
[龙猫学术导航]:(http://www.6453.net/)
[格桑花学术导航]:(http://20009.net/)
[scidown]: (https://www.scidown.cn/)
[英文文献 doi 搜索]:(https://www.crossref.org/)
