I want to share my collection of useful links. You can add something new in comments.
(multi) http://ping.eu/
(multi) http://serversniff.net/
(multi)http://www.yougetsignal.com/
(dig/nslookup,whois,traceroute) http://networking.ringofsaturn.com/Tools/
(whois,dns_tools,service_scan,traceroute) http://centralops.net/co/DomainDossier.aspx
(whois,dns_tools,domain_search) http://www.whois.ws/
(whois,dns_tools) http://www.robtex.com/
(whois) http://www.ripn.net:8080/nic/whois
(domain_search) http://searchdns.netcraft.com/
(iplookup,BGP AS lookup)http://bgp.he.net/
(ASN search) http://fixedorbit.com/search.htm
(dns,whois, network lookup, ...) www.network-tools.com
(google engine) http://exploitsearch.com/
(nvd,osvdb,metasploit,...) http://www.exploitsearch.net/
(engine) http://shodan.surtri.com/
http://www.shodanhq.com/
http://exploitsdownload.com
http://www.hack0wn.com/advisories.php
http://www.1337day.com/
http://securityvulns.com/
http://www.zerodayinitiative.com/advisories/published/
http://seclists.org/fulldisclosure/
https://web.nvd.nist.gov/view/vuln/search?cid=3
https://www.us-cert.gov/cas/techalerts/
http://www.cvedetails.com/
http://routerpwn.com/
(structure) http://madnet.name/tools/madss/
(SQLi,XSS,..)http://hackvertor.co.uk/public
(structure) http://sucuri.net/index.php?page=scan
(Drupal Vulnerability Scanner) http://raz0r.name/drupalscan/
(Joomla scanner) https://www.joomlascan.com/
(Cross Site Scripting Scanner) http://xss-scanner.com/
(SQLi) http://www.be007.gigfa.com/scanner/scanner.php
(SQLi) http://scanner.drie88.tk/
(SQLi) http://www.localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan/
(SQLi) http://wolfscps.com/gscanner.php
http://c99.gen.tr
http://www.n0where.net/2011/06/wso-25-web-shell-2011.html
http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php
http://www.googlebig.com/forum/xss-cheats-t-18771.html
http://ha.ckers.org/xss.html
http://utf-8.jp/public/jjencode.html
http://0x416d73.name/jstb/
https://www.corelan.be/index.php/category/security/exploit-writing-tutorials/
http://www.manzotti.eu/tutorial-write-an-exploit-part-1-jmp-to-esp/
http://www.greyhathacker.net/?p=585
http://amolnaik4.blogspot.com/2011/06/exploit-development-with-monapy.html
https://gdtr.wordpress.com/2011/07/23/universal-rop-shellcode-for-os-x-x64/
http://www.socketready.com/2012/06/09/stack-overflow-exploitation-guide-dep-bypass/
http://g0tmi1k.blogspot.ca/2011/08/basic-linux-privilege-escalation.html
http://pentestmonkey.net/tools/audit/unix-privesc-check
http://coderstoolbox.net/string/
http://ostermiller.org/calc/encode.html
http://www.showmycode.com/
http://home2.paulschou.net/tools/xlate/
http://passwordforensics.com/online-tools.php
http://packetstormsecurity.org/Crackers/wordlists/
http://www.skullsecurity.org/wiki/index.php/Passwords
http://www.ericheitzman.com/passwd/passwords/
(AV) http://www.virscan.org/
(AV) http://virusscan.jotti.org/
(analysis system)http://mwanalysis.org/?site=1&page=submit
(behavior analysis) http://anubis.iseclab.org/
http://www.netscty.com/malware-tool
(behavior analysis) http://mwanalysis.org/?site=1&page=submit
(javascript,flash) http://wepawet.cs.ucsb.edu/
Enjoy!
Information gathering:
(multi) http://www.subnetonline.com/(multi) http://ping.eu/
(multi) http://serversniff.net/
(multi)http://www.yougetsignal.com/
(dig/nslookup,whois,traceroute) http://networking.ringofsaturn.com/Tools/
(whois,dns_tools,service_scan,traceroute) http://centralops.net/co/DomainDossier.aspx
(whois,dns_tools,domain_search) http://www.whois.ws/
(whois,dns_tools) http://www.robtex.com/
(whois) http://www.ripn.net:8080/nic/whois
(domain_search) http://searchdns.netcraft.com/
(iplookup,BGP AS lookup)http://bgp.he.net/
(ASN search) http://fixedorbit.com/search.htm
(dns,whois, network lookup, ...) www.network-tools.com
Exploit Search:
http://www.exploit-db.com/(google engine) http://exploitsearch.com/
(nvd,osvdb,metasploit,...) http://www.exploitsearch.net/
(engine) http://shodan.surtri.com/
http://www.shodanhq.com/
http://exploitsdownload.com
http://www.hack0wn.com/advisories.php
http://www.1337day.com/
http://securityvulns.com/
http://www.zerodayinitiative.com/advisories/published/
http://seclists.org/fulldisclosure/
https://web.nvd.nist.gov/view/vuln/search?cid=3
https://www.us-cert.gov/cas/techalerts/
http://www.cvedetails.com/
http://routerpwn.com/
Scanning networks,web structures,..
(nmap,openvas,sqlix,sqlmap,nikto,sub_domain) http://hackertarget.com/free-security-vulnerability-scans/(structure) http://madnet.name/tools/madss/
(SQLi,XSS,..)http://hackvertor.co.uk/public
(structure) http://sucuri.net/index.php?page=scan
(Drupal Vulnerability Scanner) http://raz0r.name/drupalscan/
(Joomla scanner) https://www.joomlascan.com/
(Cross Site Scripting Scanner) http://xss-scanner.com/
(SQLi) http://www.be007.gigfa.com/scanner/scanner.php
(SQLi) http://scanner.drie88.tk/
(SQLi) http://www.localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan/
(SQLi) http://wolfscps.com/gscanner.php
Hack tools store:
http://hackarmoury.com/toolsWeb shells:
http://forum.artofhack.kz/index.php?showtopic=1846wqhttp://c99.gen.tr
http://www.n0where.net/2011/06/wso-25-web-shell-2011.html
XSS Guide:
http://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php
http://www.googlebig.com/forum/xss-cheats-t-18771.html
http://ha.ckers.org/xss.html
http://utf-8.jp/public/jjencode.html
http://0x416d73.name/jstb/
SQL Injection Guide
http://ha.ckers.org/sqlinjection/
http://pentestmonkey.net/cheat-sheets/
http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
http://sqlzoo.net/
http://www.ndig.com.br/nucleus/xmlrpc/server.php
http://michaeldaw.org/sql-injection-cheat-sheet
http://pentestmonkey.net/cheat-sheets/
http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
http://sqlzoo.net/
http://www.ndig.com.br/nucleus/xmlrpc/server.php
http://michaeldaw.org/sql-injection-cheat-sheet
netcat cheat sheet:
http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdfReverse shell cheat sheet:
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheethping3 cheatsheet:
http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdfNmap5 cheat sheet:
http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdfMetasplot meterpreter cheat sheet:
http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.htmlOracle Security:
http://www.red-database-security.com/wp/oracle_cheat.pdfWindows cmd:
http://www.sans.org/resources/sec560/windows_command_line_sheet_v1.pdfUseful Attack Tools, Metasploit commands, HPing, FGDump:
http://www.sans.org/resources/sec560/misc_tools_sheet_v1.pdfReverse Engineering Malware Cheat Sheet:
http://zeltser.com/reverse-malware/reverse-malware-cheat-sheet.htmlSecurity Archiecture Cheat Sheet for Internet Applications:
http://zeltser.com/security-management/security-architecture-cheat-sheet.htmlTutorials:
http://greyhat-security.com/tutorialsNetwork protocols:
http://packetlife.net/library/cheat-sheets/BoF and Exploit writing Tutorials:
http://www.tenouk.com/Bufferoverflowc/https://www.corelan.be/index.php/category/security/exploit-writing-tutorials/
http://www.manzotti.eu/tutorial-write-an-exploit-part-1-jmp-to-esp/
http://www.greyhathacker.net/?p=585
http://amolnaik4.blogspot.com/2011/06/exploit-development-with-monapy.html
https://gdtr.wordpress.com/2011/07/23/universal-rop-shellcode-for-os-x-x64/
http://www.socketready.com/2012/06/09/stack-overflow-exploitation-guide-dep-bypass/
Privelege escalation:
http://www.coresec.org/2011/04/18/guide-to-linux-privilege-escalation/http://g0tmi1k.blogspot.ca/2011/08/basic-linux-privilege-escalation.html
http://pentestmonkey.net/tools/audit/unix-privesc-check
CEH cheatsheets from Mindcert
http://www.mindcert.com/resources/MindCert_Nmap_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_Enumeration_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_Ethical_Hacking_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_Footprinting_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_Scanning_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_System_Hacking_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_Trojans_MindMap.pdf
http://www.mindcert.com/resources/CCNA_Cisco_IP_Routing.pdf
http://www.mindcert.com/resources/MindCert_CEH_Enumeration_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_Ethical_Hacking_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_Footprinting_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_Scanning_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_System_Hacking_MindMap.pdf
http://www.mindcert.com/resources/MindCert_CEH_Trojans_MindMap.pdf
http://www.mindcert.com/resources/CCNA_Cisco_IP_Routing.pdf
Browser testing:
http://www.browserscope.org/Encode/Decode:
http://www.crypo.com/http://coderstoolbox.net/string/
http://ostermiller.org/calc/encode.html
http://www.showmycode.com/
http://home2.paulschou.net/tools/xlate/
http://passwordforensics.com/online-tools.php
Shellcode to exe:
http://tools88.com/safe/shellcode_2_exe.php
http://freechina.org.ru/shellcode_2_exe.php
http://sandsprite.com/shellcode_2_exe.php
http://freechina.org.ru/shellcode_2_exe.php
http://sandsprite.com/shellcode_2_exe.php
Wordlists:
http://contest-2010.korelogic.com/wordlists.htmlhttp://packetstormsecurity.org/Crackers/wordlists/
http://www.skullsecurity.org/wiki/index.php/Passwords
http://www.ericheitzman.com/passwd/passwords/
Hashcrack:
(lm,ntlm,md5,mysql/3/4) http://hashcrack.com/
http://www.md5decrypter.co.uk/
(md5,sha1) http://md5.rednoize.com/
(md5,sha1) http://isc.sans.org/tools/reversehash.html
(md5) http://www.tmto.org/pages/passwordtools/hashcracker/
(md5,lm) http://www.c0llision.net/webcrack.php
(md5) http://www.hashchecker.de/
(md5) http://askcheck.com/
(md5) http://www.kinginfet.net/md5_cracker/
(lm) http://lmcrack.com/
(lm) http://cracker.offensive-security.com/
(md5) http://gdataonline.com/seekhash.php
(md5) http://opencrack.hashkiller.com/
(md5) http://cracker.fox21.at/
(md5) http://md5crack.com/
(md5) http://md5decryption.com/
(md5) http://authsecu.com/decrypter-dechiffrer-cracker-hash-md5/decrypter-dechiffrer-cracker-hash-md5.php
(md5) http://hash.insidepro.com/
(md5) http://md5decrypter.com/
(md5) http://md5pass.info/
(md5) http://crackfor.me/
(md5) http://www.xmd5.org/
(md5) http://socialware.ru/md5_crack.php
(md5) http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php
(md5) http://www.md5cracker.com/
(md5) http://www.md5decrypter.co.uk/
(md5) http://md5.noisette.ch/
(md5) http://md5.igrkio.info/md5-hash-database.html
(md5) http://www.hashhack.com
(WebSphere) http://www.sysman.nl/wasdecoder/
(SHA1/MD5 hash cracker on ATI and NVIDIA GPUs) http://www.golubev.com/hashgpu.htm
(Default Password List) http://www.phenoelit-us.org/dpl/dpl.html
http://www.md5decrypter.co.uk/
(md5,sha1) http://md5.rednoize.com/
(md5,sha1) http://isc.sans.org/tools/reversehash.html
(md5) http://www.tmto.org/pages/passwordtools/hashcracker/
(md5,lm) http://www.c0llision.net/webcrack.php
(md5) http://www.hashchecker.de/
(md5) http://askcheck.com/
(md5) http://www.kinginfet.net/md5_cracker/
(lm) http://lmcrack.com/
(lm) http://cracker.offensive-security.com/
(md5) http://gdataonline.com/seekhash.php
(md5) http://opencrack.hashkiller.com/
(md5) http://cracker.fox21.at/
(md5) http://md5crack.com/
(md5) http://md5decryption.com/
(md5) http://authsecu.com/decrypter-dechiffrer-cracker-hash-md5/decrypter-dechiffrer-cracker-hash-md5.php
(md5) http://hash.insidepro.com/
(md5) http://md5decrypter.com/
(md5) http://md5pass.info/
(md5) http://crackfor.me/
(md5) http://www.xmd5.org/
(md5) http://socialware.ru/md5_crack.php
(md5) http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php
(md5) http://www.md5cracker.com/
(md5) http://www.md5decrypter.co.uk/
(md5) http://md5.noisette.ch/
(md5) http://md5.igrkio.info/md5-hash-database.html
(md5) http://www.hashhack.com
(WebSphere) http://www.sysman.nl/wasdecoder/
(SHA1/MD5 hash cracker on ATI and NVIDIA GPUs) http://www.golubev.com/hashgpu.htm
(Default Password List) http://www.phenoelit-us.org/dpl/dpl.html
Analysis Malware:
(AV) http://www.virustotal.com/(AV) http://www.virscan.org/
(AV) http://virusscan.jotti.org/
(analysis system)http://mwanalysis.org/?site=1&page=submit
(behavior analysis) http://anubis.iseclab.org/
http://www.netscty.com/malware-tool
(behavior analysis) http://mwanalysis.org/?site=1&page=submit
(javascript,flash) http://wepawet.cs.ucsb.edu/
Google BookmarksList:
https://code.google.com/p/pentest-bookmarks/wiki/BookmarksListLectures of Computer and Network security:
https://engineering.purdue.edu/kak/compsec/NewLectures/Enjoy!
54
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
