线上版本:
http://evilcos.me/security_skill_tree_basic/index.html
安全技能树简版
HTTP
Burp Suite
https://portswigger.net/burp/
很多时候,免费版本已经满足需求
Fiddler
http://www.telerik.com/fiddler
Firefox
Firebug
NoScript
Chrome
F12
WhatWeb
https://github.com/urbanadventurer/whatweb
w3af
https://github.com/andresriancho/w3af
sqlmap
https://github.com/sqlmapproject/sqlmap
XSS'OR
http://xssor.io/
各种协议
端口扫描
Nmap
https://nmap.org/
https://highon.coffee/blog/nmap-cheat-sheet/
Zmap
https://www.zmap.io/
masscan
https://github.com/robertdavidgraham/masscan
https://github.com/offensive-security/masscan-web-ui
Hydra
https://www.thc.org/thc-hydra/
Metasploit
https://www.metasploit.com/
https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers
流量
参见: 流量
Wireshark
https://www.wireshark.org/
TShark
https://www.wireshark.org/docs/man-pages/tshark.html
Tcpdump
http://www.tcpdump.org/
Snort
https://www.snort.org/
Bro
https://www.bro.org/
Moloch
http://molo.ch/
Suricata
https://suricata-ids.org/
漏洞测试
漏洞环境
Metasploitable3
https://github.com/rapid7/metasploitable3
WebGoat
https://github.com/WebGoat/WebGoat
DVWA
https://github.com/ethicalhack3r/DVWA
XVWA
https://github.com/s4n7h0/xvwa
网络空间搜索引擎
ZoomEye
https://www.zoomeye.org/
Shodan
https://www.shodan.io/
Censys
https://censys.io/
漏洞库
Exploit-DB
https://www.exploit-db.com/
https://www.exploit-db.com/searchsploit/
Seebug
https://www.seebug.org/
0day.today
http://0day.today/
渗透测试
洛马七步杀
参见: 假设自己正被“洛马七步杀”
http://www.lockheedmartin.com/us/what-we-do/aerospace-defense/cyber/cyber-kill-chain.html
Penetration Testing Tools Cheat Sheet
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
端口转发
最基础的SSH隧道
https://www.ibm.com/developerworks/cn/linux/l-cn-sshforward/index.html
iptables -t nat
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Security_Guide/s1-firewall-ipt-fwd.html
rtcp.py
https://github.com/knownsec/rtcp
姿势大全
https://artkond.com/2017/03/23/pivoting-guide/
Reverse Shell Cheat Sheet
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
部分框架
Kali Linux
http://tools.kali.org/tools-listing
Pentest Box
https://pentestbox.org/
Maltego
https://www.paterva.com/web7/
The Social-Engineer Toolkit (SET)
https://github.com/trustedsec/social-engineer-toolkit
Cobalt Strike
https://www.cobaltstrike.com/
Nmap
Metasploit
BeEF
http://beefproject.com/
mitmproxy
https://mitmproxy.org/
防御
暴力美学
不需要必须放线上的服务都下线
默认关闭所有端口,只开需要的
服务器登录只允许公私钥形式
干掉一切明文传输
使用口碑好的第三方服务及组件
备份备份再备份
假设自己正被“洛马七步杀”
参见: 洛马七步杀
部分工具
流量
参见: 流量