ch21~22

6fc816c5 · wizardforcel · ef7ead0e · 6fc816c5 · 6fc816c5
隐藏空白更改
内联并排

Showing with 60 addition and 0 deletion

21.md 21.md +29 -0

22.md 22.md +31 -0

未找到文件。
--- a/21.md
+++ b/21.md
+# 二十一、工具
+
+ [Burp Suite](https://portswigger.net/burp)
+ [Knockpy](https://github.com/guelfoweb/knock)
+ [HostileSubBruteforcer](https://github.com/nahamsec/HostileSubBruteforcer)
+ [sqlmap](http://sqlmap.org)
+ [Nmap](https://nmap.org)
+ [Eyewitness](https://github.com/ChrisTruncer/EyeWitness)
+ [Shodan](https://www.shodan.io)
+ [What CMS](http://www.whatcms.org)
+ [Nikto](https://cirt.net/nikto2)
+ [Recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng)
+ [idb](http://www.idbtool.com)
+ [Wireshark](https://www.wireshark.com)
+ [Bucket Finder](https://digi.ninja/files/bucket_finder_1.1.tar.bz2)
+ [Google Dorks](https://www.exploit-db.com/google-hacking-database)
+ [IPV4info.com](http://ipv4info.com)
+ [JD GUI](https://github.com/java-decompiler/jd-gui)
+ [Mobile Security Framework](https://github.com/ajinabraham/Mobile-Security-Framework-MobSF)
+ Firefox Plugins
+  + FoxyProxy
+  + UserAgentSwitcher
+  + Firebug
+  + Hackbar
+  + Websecurify
+  + CookieManager+
+  + XSS Me
+  + Offsec Exploit-db Search
+  + Wappalyzer
--- a/22.md
+++ b/22.md
+# 二十二、资源
+
+ OnlineTraining
+  + [WebApplication Exploits and Defenses](https://google-gruyere.appspot.com)
+  + [The Exploit Database](https://www.exploit-db.com/)
+  + [Udacity](https://cn.udacity.com/)
+ Bug Bounty Platforms
+  + [Hackerone.com](https://Hackerone.com)
+  + [Bugcrowd.com](https://bugcrowd.com/)
+  + [Synack.com](https://www.synack.com/)
+  + [Cobalt.io](https://cobalt.io/)
+ Video Tutorials
+  + [youtube.com/yaworsk1](https://youtube.com/yaworsk1)
+  + [Seccasts.com](https://www.youtube.com/c/nVisium/)
+  + Twitter#infsec
+  + Twitter@disclosedh1
+  + Web Application Hackers Handbook
+  + [Bug Hunters Methodology](https://github.com/jhaddix/tbhm)
+ Recommended Blogs
+  + [philippeharewood.com](http://philippeharewood.com/)
+  + [Philippe'sFacebookPage](https://www.facebook.com/phwd-113702895386410)
+  + [fin1te.net](https://whitton.io/)
+  + [NahamSec.com](http://nahamsec.com/)
+  + [blog.it-securityguard.com](http://blog.it-securityguard.com/)
+  + [blog.innerht.ml](http://blog.innerht.ml/)
+  + [blog.orange.tw](http://blog.orange.tw/)
+  + Portswigger Blog
+  + Nvisium Blog
+  + [blog.zsec.uk](https://blog.zsec.uk/)
+  + Bug Crowd Blog
+  + HackerOne Blog