藏址阁

安全焦点

http://cxsecurity.com/
http://seclists.org/pen-test/
http://www.freebuf.com
http://www.reddit.com/r/netsec/
http://www.intelligentexploit.com/
http://seclists.org/fulldisclosure/


网络空间搜索引擎

https://censys.io/
https://shodan.io
https://viz.greynoise.io/
https://www.zoomeye.org
https://buckets.grayhatwarfare.com/


推荐的框架(辅助工具/漏洞利用)

浏览器

1.OWASP Mantra

https://sourceforge.net/projects/getmantra/

2. Hcon Security Testing Framework

https://sourceforge.net/projects/hconframework/

3.Nmap

https://nmap.org/

漏洞利用

1.Metasploit

www.metasploit.com
https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers # 快速安装

2.beef

http://beefproject.com/

3.Pentestbox(渗透测试工具包)

https://www.pentestbox.com/


Pentest OS

1.Kali

https://www.kali.org/

2.dracos

https://www.dracos-linux.org/


备忘单

1. OWASP移动安全测试指南 (andorid/iOS)

    https://github.com/OWASP/owasp-mstg

2.iOS / macOS渗透测试备忘单

   https://github.com/ansjdnakjdnajkd/iOS

 

 


安全问题解决

1.微软补丁搜索

http://www.catalog.update.microsoft.com/Search.aspx?q=