安全站點導航(感謝backlion整理)
個人技術部落格:
國內:
http://www.blogsir.com.cn/ (江sir)
http://blog.csdn.net/qq_27446553/ (qq_27446553部落格)
http://0x007.blog.51cto.com/6330498/1628943 (0x007部落格)
http://ver007.com/(ver007部落格)
http://www.secsky.cn/(安全天空部落格)
https://www.hackfun.org/(4ido1on部落格)
http://helloeveryone.blog.51cto.com/
http://www.7kb.org/(7kb論壇)
http://www.cnbraid.com/(cnbiraid部落格)
http://blog.neargle.com(neargle部落格)
https://lightrains.org(lightrains部落格)
https://imlonghao.com/(imlonghao部落格)
http://www.zerokeeper.com/(zerokeeper部落格)
http://www.thinkings.org/(thinkings部落格)
https://www.ohlinge.cn/ (ohlinge部落格)
https://www.virzz.com (virzz部落格)
https://www.jisec.com/ (jisec部落格)
http://www.hfhuge.com/(hfhuge部落格)
http://www.91ri.org/(91ri部落格)
http://www.codersec.net (codersec部落格)
http://www.venenof.com/(venenof部落格)
http://blog.leanote.com/thorns(leanote部落格)
http://www.droidsec.cn/(安卓中文部落格 )
https://www.iswin.org/(颶風部落格)
http://www.shentou.org/ (安全滲透軍火庫部落格)
http://joychou.org (joychou部落格)
http://0cx.cc/ (0cx部落格)
http://hacktech.cn/(hacketech部落格)
http://www.lucien116.com(lucien部落格)
http://www.hack1990.com(hack1990部落格)
http://www.xmanblog.net/(xmanblog部落格)
http://xia0yu.win/(xia0yu部落格)
http://littlehann.cnblogs.com/ (littlehann部落格)
http://lonelyrain.me/(lonelyrain部落格)
http://www.hack-gov.com(hack-gov部落格)
http://xdxd.love/(xdxd部落格)
https://www.lynahex.com/(lynahex部落格)
http://www.cnblogs.com/S4b0r/(S4b0r部落格)
http://www.leesec.com/(leesce部落格)
https://bl4ck.in/(b14ck部落格)
http://www.hksafe.cn.com (hksafe部落格)
http://www.n0tr00t.com/(n0tr00t部落格)
https://www.92aq.com/(92工具部落格)
https://3gstudent.github.io/(三好學生部落格)
http://www.nxadmin.com/( nxadmin部落格 )
https://www.leavesongs.com/( p牛程式碼審計部落格 )
http://www.code521.com/(code521部落格)
http://p2j.cn/( 園長部落格)
http://le4f.net/(le4f部落格)
http://www.polaris-lab.com/ (polaris-lab實驗室)
http://www.programlife.net/(程式人生部落格)
http://evilcos.me/(餘玄部落格)
https://www.blackh4t.org/ (blackh4t部落格)
http://www.bugsec.org/tools (bugsec部落格)
http://ecma.io/(ecma部落格)
http://www.meijj.org/ (meijj部落格)
https://ricterz.me/(ricterz部落格)
http://yaseng.org(yaseng部落格)
http://avfisher.win/(安全小飛俠部落格)
http://www.0xmh.com/(0xmh部落格)
http://www.lijiejie.com/(lijiejie部落格)
http://secoff.net/(secoff部落格)
http://twi1ight.com/(twi1ight部落格)
https://rinige.com (ringige部落格)
http://www.bystudent.com/(bystudent部落格)
http://o0xmuhe.me/page/2/ (o0xmuhe部落格)
http://www.blue-lotus.net/ (藍蓮花戰隊部落格)
https://www.webshell.cc/( webshell部落格)
http://appleu0.sinaapp.com/( appleu0部落格)
http://www.lshack.cn/ (lshack部落格)
https://phpinfo.me/ ( phpinfo部落格)
http://f4le.com/ ( f4le部落格)
http://www.03sec.com/ (03sec部落格)
http://www.cnbraid.com/(cnbradid部落格)
http://www.cnblogs.com/killbit/(killbit部落格)
http://blog.nuptzj.cn/ (nuptzj部落格)
http://www.cnblogs.com/Ox9A82/(Ox9A82部落格 )
https://www.lshack.cn/ (lshack部落格)
http://www.cnblogs.com/sevck/ (sevck部落格)
https://tom0li.github.io(tom0li部落格)
http://www.waitalone.cn/(獨自等待部落格)
https://wujunze.com/(wujunze部落格)
https://ht-sec.org(昊天部落格)
http://docs.hackinglab.cn/(hackinglab部落格)
http://www.hackqing.com/(情部落格)
http://www.milw0rm.cn(milw0rm部落格)
https://www.sitedirsec.com/(非安全中國部落格 )
http://www.arvinhk.com/(arivn部落格)
http://hk-xg.lofter.com/(hk-xg部落格 )
http://www.hackblog.cn/( hackblog部落格)
http://piaoyu.org/(piaoyu部落格)
http://defcon.cn/script(defcon部落格)
http://www.jeehsu.com/(幾許部落格)
http://www.52bug.cn/(吾愛漏洞部落格)
http://www.moonsec.com/(暗月部落格)
http://www.cnseay.com/(法師部落格)
http://www.exehack.net/(小殘部落格)
http://blog.knownsec.com/(知道創宇部落格)
http://www.keen8.com/(kee8部落格 )
http://0ke.org/( 0ke部落格 )
http://www.storysec.com/(影風's Blog)
http://www.weixianmanbu.com/(黑客技術部落格)
http://www.x14hack.com/ (14xhack部落格)
http://rcoil.me/(rcoil部落格)
https://perseus.codes/(perseus部落格)
http://www.legendsec.org/ (legendsec部落格)
http://xiao106347.blog.163.com/(小劉kali部落格)
http://blog.sycsec.com/(三葉草部落格)
http://www.cnnetsec.com/(cnnetsec部落格)
http://iscc.gxu.edu.cn/index.php/Index/start (iscc部落格)
http://www.joychou.org/(joychou部落格)
http://rootkiter.com/EarthWorm/(rootkiter部落格)
https://www.lmva.cc/ (lmva部落格)
http://www.evil0x.com/ (十六進位制)
https://ha.cker.in/(cker部落格)
http://3xp10it.cc/(3xp10it部落格)
http://wolvez.club/(lostwolf部落格)
http://thief.one(thief部落格)
http://simeon.blog.51cto.com/(simeon部落格)
http://javaweb.org/(javaweb部落格)
http://qqhack8.blog.163.com/(k8部落格)
http://das.scusec.org/(scusec部落格)
http://www.zcgonvh.com/(草泥馬之家部落格)
http://www.webbaozi.com/(包子部落格)
http://blog.safebuff.com/(x17dev部落格)
http://k1p4ss.sinaapp.com/(k1p4ss部落格)
http://www.daokers.com/(金刀客部落格)
https://www.i0day.com/(小馬部落格)
http://www.cnblogs.com/SEC-fsq/(範世強部落格)
http://www.adan0s.me/(白袍大人)
國外:
http://www.lanmaster53.com/(lanmaster53部落格)
http://pen-testing.sans.org/blog/pen-testing(sans滲透測試部落格)
https://digi.ninja/(digi滲透測試部落格)
http://www.harmj0y.net/blog/(harmj0y滲透測試部落格)
http://nullsecurity.net/tools.html(nullsecurity滲透工具部落格)
http://www.ehacking.net/(ehacking滲透測試部落格)
http://www.kitploit.com/(kitploit.滲透測試部落格)
http://www.commonexploits.com/(commonexploits滲透測試部落格)
https://adsecurity.org/(AD域滲透測試部落格)
http://www.securitytube.net/(securitytube滲透視訊教程部落格)
https://www.dsinternals.com/en/(AD域滲透測試部落格)
https://adsecurity.org/(AD域滲透部落格)
http://blog.gentilkiwi.com/(mimikazhi部落格)
https://blog.0x80.org/(汽車安全部落格)
http://sectools.org/tag/web-scanners/(安全工具下載部落格)
https://blog.netspi.com/(SQL注入技能部落格)
http://www.sqlinjectionwiki.com/Categories/4/postgresql-sql-injection-cheat-sheet/(注入技能表部落格)
http://websec.ca/kb/sql_injection (sql注入大全)
https://wn.com/httpheaderinjectionds(http頭注入部落格)
http://www.devttys0.com/blog/(路由安全部落格)
https://fail0verflow.com/(硬體大牛部落格)
http://www.blackhat.com/(黑帽大賽官方部落格)
http://www.social-engineer.org/(社會工程學部落格)
http://www.windowsecurity.com/(window安全部落格)
https://www.blackmoreops.com/(linux安全部落格)
http://http-tunnel.sourceforge.net/ (http-tunnel反向代理部落格)
https://zmap.io/(zmap部落格)
https://www.thc.org/(thc部落格)
http://mydowndown.com/y2down (youtuble視訊下載)
http://securityxploded.com/download.php(國外密碼工具大全)
https://pentest.blog/(滲透測試部落格)
http://www.rekings.com/blog/(rekings部落格)
http://www.hackingarticles.in(黑客文章知識庫)
http://fuzzysecurity.com/tutorials/16.html(fuzzysecurity部落格)
https://artkond.com/2017/03/23/pivoting-guide/(artkond部落格)
http://www.hacking-tutorial.com(haking部落格)
https://legalhackers.com/(legalhackers部落格)
https://blog.quarkslab.com/(quarkslab部落格)
https://foxglovesecurity.com/ (foxglovesecurity部落格)
http://carnal0wnage.attackresearch.com/(attackresearch部落格)
https://room362.com/(room362部落格)
http://blog.portswigger.net/(burpsuit部落格)
https://blog.skullsecurity.org/(關於CTF)
https://community.rapid7.com/community/metasploit/blog(MSF官方部落格)
http://www.tssci-security.com/(tssci部落格)
http://blog.gdssecurity.com/(gdssecurity部落格)
https://websec.wordpress.com(websec部落格)
http://bernardodamele.blogspot.com/(blogspot部落格)
http://laramies.blogspot.com/(blogspot部落格)
https://clymb3r.wordpress.com/ (clymb3r部落格)
https://www.cyberciti.biz(部落格)
http://www.spylogic.net/(spylogic部落格)
http://pentestmonkey.net/blog(pentestmonkey部落格)
https://www.commonexploits.com/(commonexploits部落格)
https://sensepost.com/blog/(sensepost部落格)
http://exploit.co.il/blog/(exploit部落格)
http://sirdarckcat.blogspot.com/(sirdarckcat部落格)
http://reusablesec.blogspot.com/(reusablesec部落格)
https://www.trustwave.com/(trustwave部落格)
https://www.corelan.be/(corelan部落格)
https://www.notsosecure.com/blog/(notsosecure部落格)
https://securityreliks.wordpress.com/(securityreliks部落格)
http://ihazomgsecurityskillz.blogspot.com/(linux核心)
https://memset.wordpress.com/(memset部落格)
http://gynvael.coldwind.pl/?blog=1&lang=en(gynvael部落格)
https://blog.g0tmi1k.com/(g0tmi1k部落格)
https://digi.ninja/(digi部落格)
http://pentestit.com/(pentestit部落格)
https://www.shellntel.com/(shellntel部落格)
http://www.irongeek.com/(irongeek部落格)
https://bitvijays.github.io/(bitvijays部落格)
https://pentestlab.blog(滲透檢測實驗室部落格)
https://www.hackthissite.org/forums/index.php(國外黑客論壇)
線上知識:
http://wiki.ioin.in/(安全文庫)
http://bobao.360.cn/learning/index(安全客知識庫)
https://www.hackfun.org/kali-tools/kali-tools-zh.html( KALI工具使用說明)
https://www.gitbook.com/book/t0data/burpsuite/details (burpsuit中文指南)
http://www.w3school.com.cn/( w3school線上學習 )
http://www.runoob.com/ (it指令碼學習)
http://www.ziqiangxuetang.com/django (djiango之python學習)
http://www.sec-wiki.com/(安全技能庫)
http://paper.seebug.org/ (seebug安全知識庫)
https://bowen.navisec.it/(安全文庫)
http://expku.com/(國內exp搜尋大全)
http://www.exploitsearch.net(exp搜尋)
論壇與導航:
http://www.hegouvip.com/(合購資源網)
http://www.anquanquan.info/(安全圈導航)
http://navisec.it/ (navisec導航)
http://cmcc.ml/(cmcc網址安全導航)
http://www.pediy.com/(看雪論壇 )
http://www.52pojie.cn/(吾愛破解 )
http://www.metasploit.cn/(metasploit論壇)
https://xianzhi.aliyun.com/forum/read/723.html (先知社群)
http://www.pd521.com/(安卓逆向論壇)
http://bbs.ichunqiu.com/(愛春秋論壇)
http://hackinglab.cn/(hack實驗室)
https://www.t00ls.net/(t00ls論壇 )
https://forum.90sec.org/(90sec論壇)
https://www.70sec.com/(70sec論壇)
https://forum.exploit.in/(exploit論壇)
http://forum.exetools.com/index.php(explotools論壇)
https://www.v2ex.com/(v2ex程式設計師社群)
安全資訊:
http://www.freebuf.com/(freebuf安全媒體)
http://www.0daybank.org/( 漏洞銀行安全資訊)
https://www.secpulse.com/(安全脈搏安全資訊)
http://www.secbox.cn/(安全盒子資訊)
http://www.secist.com/(即刻安全資訊)
https://www.sec-wiki.com/(wiki安全資訊)
http://www.mottoin.com/(貓眼安全媒體)
http://www.4hou.com/(嘶吼安全媒體)
漏洞預警和exp查詢:
http://wy.hx99.net/(烏雲搜尋)
https://loudong.sjtu.edu.cn/(教育行業安全漏洞)
http://webscan.360.cn/vul(網站常見漏洞)
https://cxsecurity.com/wlb/(國外漏洞)
http://blogs.360.cn/(360漏洞技術部落格)
http://xteam.baidu.com/(百度實驗室 )
http://blog.nsfocus.net/(綠盟漏洞預警部落格)
https://www.seebug.org/(seebug漏洞預警)
http://www.cnvd.org.cn/(cnvd漏洞平臺)
https://www.vulnhub.com/(漏洞測試平臺)
https://www.exploit-db.com/papers/(exploit-db漏洞庫)
https://technet.microsoft.com/en-us/library/security/mt637763.aspx(微軟exp版本號列表)
https://bugs.chromium.org/p/project-zero/issues/list(微軟漏洞下載搜尋)
https://www.kernel-exploits.com/(linxu核心exp查詢)
http://exploit.linuxnote.org/(國內linux核心EXP查詢)
https://packetstormsecurity.com/(packetstormsecurity 的exp查詢)
http://cve.mitre.org/(漏洞編號查詢)
http://www.securiteam.com/(安全團隊)
http://www.securityfocus.com/(安全焦點)
http://www.securitytracker.com(securitytracker)
http://www.guninski.com/(guninski的exp查詢)
http://www.routerpwn.com/(路由漏洞查詢)
http://www.sebug.net/vuldb/vulnerabilities(WEB漏洞庫查詢)
http://0day5.com/(WEB漏洞時代)
http://www.ussrback.com/(ussrback的exp查詢)
http://cn.0day.today/(oday)
http://xssor.io/ (xss poc大全)
線上web掃描器:
http://site.safedog.cn/index.html
CTF訓練:
http://www.shiyanbar.com/ctf/practice(CTF訓練營)
https://xss.haozi.me/#/(xss闖關)
http://oj.xctf.org.cn/web/login/?next=/(xctf)
http://bobao.360.cn/ctf/index(360CTF訓練營 )
http://hackinglab.cn/(網路安全對抗平臺 )
https://pwnhub.cn/(CTF比賽)
https://www.xctf.org.cn/(xctf社群)
http://bobao.360.cn/ctf/(360CTF社群)
https://ctftime.org/(ctftime社群)
github專案:
https://github.com/ctfs/(CTFwrite )
https://github.com/powershellempire/empire(powershllempire專案)
https://github.com/adaptivethreat/EmPyre(EmPyre專案)
https://github.com/HarmJ0y/Malleable-C2-Profiles(Malleable-C2-Profiles專案)
https://github.com/Veil-Framework/Veil-Evasion(Veil-Evasion免殺專案)
https://github.com/offensive-security(offensive-security專案)
https://github.com/secretsquirrel/the-backdoor-factory/(the-backdoor-factory專案)
https://github.com/Veil-Framework/Veil-Evasion/(Veil-Evasion免殺專案)
https://github.com/x3omdax/PenBox(安全測試框架)
https://github.com/SecWiki(安全文庫)
線上常用工具:
http://ip.fbisb.com/(真實IP地址查詢地址)
https://phpinfo.me/domain/(子域名線上爆破)
http://www.bugbank.cn/dscan/index.html(線上子域名爆破)
https://phpinfo.me/bing.php(線上c段查詢)
https://dnsdb.io/zh-cn/(線上C段查詢2)
http://www.yopmail.com/zh/(一次性使用郵箱)
http://objectif-securite.ch/(LM破解)
https://www.mailinator.com/(一次性使用郵箱)
http://tools88.com/safe/vnc.php(線上VNC破解)
https://www.hashkiller.co.uk/(線上hash破解)
http://tool.chacuo.net/cryptdes(線上解密加密)
http://www.xssed.com/(xssed平臺)
http://xss.cnit.pro/(cnitxss平臺)
http://www.objectif-securite.ch/(線上LMHASH破解)
http://toolbar.netcraft.com(很好的域名搜尋引擎)
http://who.is ( 域名解析記錄很好使)
https://cirt.net/passwords(常用裝置密碼字典)
http://www.webscantest.com/datastore/(web線上測試練習)
http://www.pinchins.cn/Tools.aspx?ch=Tools(勒索病毒解密工具)
國內社工褲:
http://cha.hx99.net/(華西社工庫)
http://s.70sec.com/(70sec社工庫)
http://so.moonsec.com/index.php(暗月社工庫)
http://qq.findmima.com/(qq密碼)
http://www.ckaifang.com/(查開房資料庫)
https://boy.findmima.com/ (查詢密碼社工庫)
http://163.donothackme.club/(163郵箱社工庫)
國外社工褲:
https://www.instantcheckmate.com/
聯合賬號查詢:
http://reg007.com (查詢郵箱已註冊過的網址)
http://www.zhaohuini.com/(找回密碼)
http://toolsapp.duapp.com/randpw.html(反社工隨機密碼)
https://www.trustasia.com/tools/ccs-checker/ (css漏洞檢查)
http://www.bejson.com/ (json線上驗證)
大資料以及埠服務查詢:
https://www.zoomeye.org/(鍾道之眼)
https://www.shodan.io/(shodan查詢)
https://www.oshadan.com/(osshadan查詢)
https://www.censys.io/(censys查詢)
http://cn.bing.com/ (必應查詢)
https://searchcode.com/(程式碼洩露)
CDN查詢真實的多ping:
https://asm.ca.com/en/ping.php
http://www.cdnplanet.com/tools/cdnfinder/
http://toolbar.netcraft.com/site_report
http://viewdns.info/iphistory/?domain=
http://www.hosterstats.com/historicaldns.php
http://whoisrequest.com/history/
http://crimeflare.com(查cloudflare真實ip百試不爽)
常用web線上工具:
http://tool.chinaz.com/(站長工具)
http://whatweb.net/(網站指紋查詢)
https://www.t00ls.net/domain.html(t00ls工具)
MD5線上檢查:
http://hashchecker.de/find.html
http://www.objectif-securite.ch/ophcrack.php
http://www.md5this.com/latest.html
http://cracker.offensive-security.com/index.php
http://freerainbowtables.mirror.garr.it/mirrors/freerainbowtables/md5/(彩虹表)
https://hashkiller.co.uk/md5-decrypter.aspx
http://neeao.com/tools/decode/index_eval.php(gzinflate解密)
線上病毒檢測:
http://appscan.360.cn/ (安卓檢測)
https://b-chao.com/ (安卓檢測)
https://malwr.com/submission/ (病毒分析)
https://www.virustotal.com/ (病毒分析2)