工欲善其事,必先利其器
最近收集到的一些src挖掘奇技淫巧,然后还有一些国外新技术的学习网站分享给大家。
2021.10.20: 时隔两年更新下文章。
Bug Bounty trick website
https://www.bugbountynotes.com/training
https://pentester.land/newsletter/2019/02/12/the-5-hacking-newsletter-40.html
https://www.openbugbounty.org/
hackerone-reports
bug-bounty-reference 按漏洞性质分类的漏洞赏金记录列表
https://github.com/ngalongc/bug-bounty-reference
https://github.com/w181496/Web-CTF-Cheatsheet
collection-of-bug-bounty-tip-will-be-updated-daily
Web-CTF-Cheatsheet
https://github.com/w181496/Web-CTF-Cheatsheet
https://github.com/harsh-bothra/learn365/
https://github.com/carlospolop/hacktricksPenetration
BugBountyHunting Search Engine
https://www.bugbountyhunting.com/
Bug Bounty Collection
https://github.com/ngalongc/bug-bounty-reference
https://github.com/djadmin/awesome-bug-bounty
https://github.com/Muhammd/awesome-bug-bounty
https://github.com/djadmin/awesome-bug-bounty
https://github.com/dwisiswant0/awesome-oneliner-bugbounty
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
https://github.com/m4ll0k/Bug-Bounty-Toolz
https://github.com/EdOverflow/bugbounty-cheatsheet
https://github.com/KingOfBugbounty/KingOfBugBountyTips
https://github.com/EdOverflow/bugbountyguide
https://github.com/AlexisAhmed/BugBountyToolkit
https://github.com/e11i0t4lders0n/Bugbounty-Resources
https://github.com/sushiwushi/bug-bounty-dorks
https://github.com/devanshbatham/Awesome-Bugbounty-Writeups
https://github.com/1ndianl33t/Bug-Bounty-Roadmaps
https://github.com/1ndianl33t/Bugbounty-Resources
https://github.com/1ndianl33t/BugBounty_Profile
https://github.com/KathanP19/HowToHunt
https://github.com/vaib25vicky/awesome-mobile-security
https://github.com/Voorivex/pentest-guide
https://github.com/Hack-with-Github/Awesome-Hacking
https://github.com/1hack0/Facebook-Bug-Bounty-Write-ups
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
https://github.com/0xedward/awesome-infosec
https://github.com/victoni/Bug-Bounty-Scripts
https://github.com/ujjwal96/arsenal
https://github.com/Sambal0x/Recon-tools
https://github.com/bobby-lin/bug-bounty-guide
https://github.com/vavkamil/awesome-bugbounty-tools
https://book.hacktricks.xyz
https://github.com/1hack0/Facebook-Bug-Bounty-Write-ups
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
https://github.com/0xedward/awesome-infosec
https://github.com/victoni/Bug-Bounty-Scripts
https://github.com/ujjwal96/arsenal
https://github.com/Sambal0x/Recon-tools
https://github.com/bobby-lin/bug-bounty-guide
https://github.com/vavkamil/awesome-bugbounty-tools
https://book.hacktricks.xyz
https://github.com/infoslack/awesome-web-hacking
https://github.com/jaredthecoder/awesome-vehicle-security
https://github.com/trimstray/the-book-of-secret-knowledge
https://github.com/CompassSecurity/Hacking_Tools_Cheat_Sheet
https://github.com/The404Hacking/AndroRAT
https://github.com/sundaysec/Android-Exploits
https://github.com/AzimsTech/Android_Hacking
https://github.com/hahwul/MobileHackersWeapons
Cheat Sheet collection
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
https://github.com/OlivierLaflamme/Cheatsheet-God
https://github.com/baumanab/cheat_sheets
https://github.com/detailyang/awesome-cheatsheet
https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets
https://github.com/coreb1t/awesome-pentest-cheat-sheets
https://gist.github.com/jeremypruitt/c435aefa2c2abaec02985d77fb370ec5
https://github.com/PeterSufliarsky/pentesting-cheat-sheet
Penetration Testing Checklist collection
https://github.com/oxr463/pentesting-checklist
https://github.com/netbiosX/Checklists
https://github.com/harsh-kk/web-pentesting-checklist
https://github.com/chennylmf/OWASP-Web-App-Pentesting-checklists
https://github.com/MahdiMashrur/Awesome-Application-Security-Checklist
https://github.com/Probely/security_checklist
https://github.com/sderosiaux/checklists
Pentesters Roadmap collection
https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
https://github.com/GrandGarcon/Complete_Cybersecurity_Path
https://github.com/CSIRT-MU/edu-resources
https://github.com/argowang/cyber-security-roadmap
https://github.com/Kennyslaboratory/Ultimate-Hacker-Roadmap
https://github.com/nairuzabulhul/RoadMap
https://github.com/nairuzabulhul/RoadMap/blob/master/PTS/Pentesting.md
https://github.com/sundowndev/hacker-roadmapPayloads Collection
Payloads Collection
https://github.com/omurugur/SQL_Injection_Payload
https://github.com/omurugur/XSS_Payload_List
https://github.com/omurugur/OS_Command_Payload_List
https://github.com/omurugur/Open_Redirect_Payload_List
https://github.com/cujanovic/SSRF-Testing
https://github.com/swisskyrepo/PayloadsAllTheThings
https://github.com/akalankauk/XSS-SQL-Master-Payloads
https://github.com/austinsonger/payloadsandlists
https://github.com/BrodieInfoSec/BIG_XSS
https://github.com/pgaijin66/XSS-Payloads
https://github.com/sh377c0d3/Payloads
https://github.com/omurugur/SQL_Injection_Payload
https://github.com/RedVirus0/LFI-Payloads
https://github.com/emadshanab/LFI-Payload-List
https://github.com/secf00tprint/payloadtester_lfi_rfi
https://github.com/foospidy/payloads
https://github.com/payloadbox/command-injection-payload-list
https://github.com/payloadbox/sql-injection-payload-list
https://github.com/payloadbox/open-redirect-payload-list
https://github.com/payloadbox/xxe-injection-payload-list
https://github.com/payloadbox/rfi-lfi-payload-list
https://github.com/payloadbox/csv-injection-payloads
https://github.com/terjanq/Tiny-XSS-Payloads
https://github.com/hahwul/XSS-Payload-without-AnythingAwesome Electron.js hacking
https://github.com/doyensec/awesome-electronjs-hacking从别的地方扒来一些案例和知识点
收藏的 src 工具
ApkAnalyser-一键提取安卓应用中可能存在的敏感信息
新的一年祝大家挖洞必高危。