余弦 | 安全技能树 – Adamhuan's Data Center

 V1 By @余弦 201709

  联系我：evilcos@gmail.com

  更新动态关注微信公众号：懒人在思考

 工欲善其事必先利其器

  世界之大总有一款利器适合你

  https://github.com/Hack-with-Github/Awesome-Hacking

1

2

3

4

5

6

7

8

9

10

11

V1 By @余弦 201709

联系我：evilcos@gmail.com

更新动态关注微信公众号：懒人在思考

工欲善其事必先利其器

世界之大总有一款利器适合你

https://github.com/Hack-with-Github/Awesome-Hacking

  这份技能树最适合走向安全工程化之路的人

  这份技能树以利器为主要出发点进行梳理

  应该叫“余弦的安全技能树简版”更合适

1

2

3

4

5

这份技能树最适合走向安全工程化之路的人

这份技能树以利器为主要出发点进行梳理

应该叫“余弦的安全技能树简版”更合适

HTTP

 Burp Suite

  https://portswigger.net/burp/

  很多时候，免费版本已经满足需求

 Fiddler

  http://www.telerik.com/fiddler

 Firefox

  Firebug

  NoScript

 Chrome

  F12

 WhatWeb

  https://github.com/urbanadventurer/whatweb

 w3af

  https://github.com/andresriancho/w3af

 sqlmap

  https://github.com/sqlmapproject/sqlmap

 XSS'OR

  http://xssor.io/

各种协议

 端口扫描

  Nmap

   https://nmap.org/

   https://highon.coffee/blog/nmap-cheat-sheet/

  Zmap

   https://www.zmap.io/

  masscan

   https://github.com/robertdavidgraham/masscan

   https://github.com/offensive-security/masscan-web-ui

 Hydra

  https://www.thc.org/thc-hydra/

 Metasploit

  https://www.metasploit.com/

  https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers

 流量

参见: 流量

  Wireshark

   https://www.wireshark.org/

  TShark

   https://www.wireshark.org/docs/man-pages/tshark.html

  Tcpdump

   http://www.tcpdump.org/

  Snort

   https://www.snort.org/

  Bro

   https://www.bro.org/

  Moloch

   http://molo.ch/

  Suricata

   https://suricata-ids.org/

漏洞测试

 漏洞环境

  Metasploitable3

   https://github.com/rapid7/metasploitable3

  WebGoat

   https://github.com/WebGoat/WebGoat

  DVWA

   https://github.com/ethicalhack3r/DVWA

  XVWA

   https://github.com/s4n7h0/xvwa

 网络空间搜索引擎

  Google

  ZoomEye

   https://www.zoomeye.org/

  Shodan

   https://www.shodan.io/

  Censys

   https://censys.io/

 漏洞库

  Exploit-DB

   https://www.exploit-db.com/

   https://www.exploit-db.com/searchsploit/

  Seebug

   https://www.seebug.org/

  0day.today

   http://0day.today/

渗透测试

 洛马七步杀

参见: 假设自己正被“洛马七步杀”

  http://www.lockheedmartin.com/us/what-we-do/aerospace-defense/cyber/cyber-kill-chain.html

 Penetration Testing Tools Cheat Sheet

  https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/

 端口转发

  最基础的SSH隧道

   https://www.ibm.com/developerworks/cn/linux/l-cn-sshforward/index.html

  iptables -t nat

   https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Security_Guide/s1-firewall-ipt-fwd.html

  rtcp.py

   https://github.com/knownsec/rtcp

  姿势大全

   https://artkond.com/2017/03/23/pivoting-guide/

 Reverse Shell Cheat Sheet

  http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

 部分框架

  Kali Linux

   http://tools.kali.org/tools-listing

  Pentest Box

   https://pentestbox.org/

  Maltego

   https://www.paterva.com/web7/

  The Social-Engineer Toolkit (SET)

   https://github.com/trustedsec/social-engineer-toolkit

  Cobalt Strike

   https://www.cobaltstrike.com/

  Nmap

  Metasploit

  BeEF

   http://beefproject.com/

  mitmproxy

   https://mitmproxy.org/

防御

 暴力美学

  不需要必须放线上的服务都下线

  默认关闭所有端口，只开需要的

  服务器登录只允许公私钥形式

  干掉一切明文传输

  使用口碑好的第三方服务及组件

  备份备份再备份

  假设自己正被“洛马七步杀”

参见: 洛马七步杀

 部分工具

  流量

参见: 流量

  Security Onion

   https://securityonion.net/

  OSSEC

   https://ossec.github.io/

  Splunk

   https://www.splunk.com/

  ELK

  Lynis

   https://cisofy.com/lynis/

  iptables/防火墙

  JWT

   https://jwt.io/

 资料

  程序员与黑客系列

   http://www.infoq.com/cn/presentations/programmers-and-hackers

   http://www.infoq.com/cn/presentations/programmers-and-hackers-part02

  实用性开发人员安全须知

   https://github.com/FallibleInc/security-guide-for-developers

  SaaS型初创企业安全101

   https://github.com/forter/security-101-for-saas-startups

从脚本到大并发

 JavaScript

  jQuery

  Bootstrap

   前端框架，不仅JavaScript

  Node.js

   https://nodejs.org/

  npm

   https://www.npmjs.com/

 Python

  PEP 8编程习惯

   https://www.python.org/dev/peps/pep-0008/

  urllib2

  socket

  requests

  框架

   Scrapy

    爬虫框架

   Django

    Web开发框架

  并发

   thread/threading

   multiprocessing

   gevent

  pip

   https://pypi.python.org/pypi

 Go

  https://tour.go-zh.org/list

数据相关

 bsddb

 SQLite

 MySQL

 MongoDB

 Cassandra

 ELK

  Elasticsearch

  Logstash

  Kibana

 Neo4j

 Redis

 Memcached

 Hadoop

 JSON

 XML

 cPickle

 protobuf

正则表达式

 调试工具

  Kodos

  RegexBuddy

  https://regexper.com/

 正则表达式30分钟入门教程

  https://deerchao.net/tutorials/regex/regex.htm

 Python

  http://wiki.ubuntu.org.cn/Python正则表达式操作指南

高效习惯

 VIM

  简明 VIM 练级攻略

   http://coolshell.cn/articles/5426.html

 Markdown

 Git

  https://try.github.io/

 FreeMind/XMind

 yEd

 Evernote

 Windows

  Putty

   https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

  WinSCP

  SysinternalsSuite

 Mac

  iTerm2

   http://www.iterm2.com/

  Homebrew

   https://brew.sh/

 Linux

  Bash

   https://github.com/jlevy/the-art-of-command-line

   https://github.com/Idnan/bash-guide

  tmux/screen/grep/zgrep/awk/sed/cut/find/du/df/dd/ls/cat/cd/pwd/id/free/ps/netstat/vmstat/top/crontab/tree/tail/head/vi/ifconfig/lsof/dig/mount/strings/uname/echo/history/tar/unzip/gzip/zip/diff/md5sum/file/base64/rm/mv/gcc/kill/chown/chmod/last/whoami/strace/ltrace/iptables/nohup/nc/scp/ssh/telnet

 隔离

  VMware

  VirtualBox

  Parallels Desktop

  Docker

 翻墙

  https://github.com/shadowsocks

  proxychains

 暗网

  https://alphabaymarket.com/

 硬件

  iPhone+iPad+Mac

  ThinkPad

 云服务

  VPS

   AWS

   Linode

   Vultr

   DigitalOcean

  Dropbox

  OneDrive

  Google Docs

  Email

   Gmail

   Outlook

   ProtonMail

 安全

  GPG

   https://gnupg.org/download/index.html

  TrueCrypt

 情报跟进

  Inoreader

  Twitter

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

HTTP

Burp Suite

https://portswigger.net/burp/

很多时候，免费版本已经满足需求

Fiddler

http://www.telerik.com/fiddler

Firefox

Firebug

NoScript

Chrome

F12

WhatWeb

https://github.com/urbanadventurer/whatweb

w3af

https://github.com/andresriancho/w3af

sqlmap

https://github.com/sqlmapproject/sqlmap

XSS'OR

http://xssor.io/

各种协议

端口扫描

Nmap

https://nmap.org/

https://highon.coffee/blog/nmap-cheat-sheet/

Zmap

https://www.zmap.io/

masscan

https://github.com/robertdavidgraham/masscan

https://github.com/offensive-security/masscan-web-ui

Hydra

https://www.thc.org/thc-hydra/

Metasploit

https://www.metasploit.com/

https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers

流量

参见: 流量

Wireshark

https://www.wireshark.org/

TShark

https://www.wireshark.org/docs/man-pages/tshark.html

Tcpdump

http://www.tcpdump.org/

Snort

https://www.snort.org/

Bro

https://www.bro.org/

Moloch

http://molo.ch/

Suricata

https://suricata-ids.org/

漏洞测试

漏洞环境

Metasploitable3

https://github.com/rapid7/metasploitable3

WebGoat

https://github.com/WebGoat/WebGoat

DVWA

https://github.com/ethicalhack3r/DVWA

XVWA

https://github.com/s4n7h0/xvwa

网络空间搜索引擎

Google

ZoomEye

https://www.zoomeye.org/

Shodan

https://www.shodan.io/

Censys

https://censys.io/

漏洞库

Exploit-DB

https://www.exploit-db.com/

https://www.exploit-db.com/searchsploit/

Seebug

https://www.seebug.org/

0day.today

http://0day.today/

渗透测试

洛马七步杀

参见: 假设自己正被“洛马七步杀”

http://www.lockheedmartin.com/us/what-we-do/aerospace-defense/cyber/cyber-kill-chain.html

Penetration Testing Tools Cheat Sheet

https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/

端口转发

最基础的SSH隧道

https://www.ibm.com/developerworks/cn/linux/l-cn-sshforward/index.html

iptables -t nat

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Security_Guide/s1-firewall-ipt-fwd.html

rtcp.py

https://github.com/knownsec/rtcp

姿势大全

https://artkond.com/2017/03/23/pivoting-guide/

Reverse Shell Cheat Sheet

http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

部分框架

Kali Linux

http://tools.kali.org/tools-listing

Pentest Box

https://pentestbox.org/

Maltego

https://www.paterva.com/web7/

The Social-Engineer Toolkit (SET)

https://github.com/trustedsec/social-engineer-toolkit

Cobalt Strike

https://www.cobaltstrike.com/

Nmap

Metasploit

BeEF

http://beefproject.com/

mitmproxy

https://mitmproxy.org/

防御

暴力美学

不需要必须放线上的服务都下线

默认关闭所有端口，只开需要的

服务器登录只允许公私钥形式

干掉一切明文传输

使用口碑好的第三方服务及组件

备份备份再备份

假设自己正被“洛马七步杀”

参见: 洛马七步杀

部分工具

流量

参见: 流量

Security Onion

https://securityonion.net/

OSSEC

https://ossec.github.io/

Splunk

https://www.splunk.com/

ELK

Lynis

https://cisofy.com/lynis/

iptables/防火墙

JWT

https://jwt.io/

资料

程序员与黑客系列

http://www.infoq.com/cn/presentations/programmers-and-hackers

http://www.infoq.com/cn/presentations/programmers-and-hackers-part02

实用性开发人员安全须知

https://github.com/FallibleInc/security-guide-for-developers

SaaS型初创企业安全101

https://github.com/forter/security-101-for-saas-startups

从脚本到大并发

JavaScript

jQuery

Bootstrap

前端框架，不仅JavaScript

Node.js

https://nodejs.org/

npm

https://www.npmjs.com/

Python

PEP 8编程习惯

https://www.python.org/dev/peps/pep-0008/

urllib2

socket

requests

框架

Scrapy

爬虫框架

Django

Web开发框架

并发

thread/threading

multiprocessing

gevent

pip

https://pypi.python.org/pypi

Go

https://tour.go-zh.org/list

数据相关

bsddb

SQLite

MySQL

MongoDB

Cassandra

ELK

Elasticsearch

Logstash

Kibana

Neo4j

Redis

Memcached

Hadoop

JSON

XML

cPickle

protobuf

正则表达式

调试工具

Kodos

RegexBuddy

https://regexper.com/

正则表达式30分钟入门教程

https://deerchao.net/tutorials/regex/regex.htm

Python

http://wiki.ubuntu.org.cn/Python正则表达式操作指南

高效习惯

VIM

简明 VIM 练级攻略

http://coolshell.cn/articles/5426.html

Markdown

Git

https://try.github.io/

FreeMind/XMind

yEd

Evernote

Windows

Putty

https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

WinSCP

SysinternalsSuite

Mac

iTerm2

http://www.iterm2.com/

Homebrew

https://brew.sh/

Linux

Bash

https://github.com/jlevy/the-art-of-command-line

https://github.com/Idnan/bash-guide

tmux/screen/grep/zgrep/awk/sed/cut/find/du/df/dd/ls/cat/cd/pwd/id/free/ps/netstat/vmstat/top/crontab/tree/tail/head/vi/ifconfig/lsof/dig/mount/strings/uname/echo/history/tar/unzip/gzip/zip/diff/md5sum/file/base64/rm/mv/gcc/kill/chown/chmod/last/whoami/strace/ltrace/iptables/nohup/nc/scp/ssh/telnet

隔离

VMware

VirtualBox

Parallels Desktop

Docker

翻墙

https://github.com/shadowsocks

proxychains

暗网

https://alphabaymarket.com/

硬件

iPhone+iPad+Mac

ThinkPad

云服务

VPS

AWS

Linode

Vultr

DigitalOcean

Dropbox

OneDrive

Google Docs

Email

Gmail

Outlook

ProtonMail

安全

GPG

https://gnupg.org/download/index.html

TrueCrypt

情报跟进

Inoreader

Twitter