From d7038f6ea68bcb81a43d2521d8f5f63c5174d800 Mon Sep 17 00:00:00 2001 From: jwbensley Date: Fri, 28 Dec 2018 09:38:59 +0000 Subject: [PATCH 01/13] Adding Etherate to 'Networking' --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a41ac84..eae9ff9 100644 --- a/README.md +++ b/README.md @@ -105,6 +105,7 @@ Before add pull request please see **[this](https://github.com/trimstray/the-boo   :small_orange_diamond: iptraf-ng - is a console-based network monitoring program for Linux that displays information about IP traffic.
  :small_orange_diamond: iPerf3 - is a tool for active measurements of the maximum achievable bandwidth on IP networks.
  :small_orange_diamond: ethr - is a Network Performance Measurement Tool for TCP, UDP & HTTP.
+  :small_orange_diamond: Etherate - is a Linux CLI based Ethernet and MPLS traffic testing tool.
  :small_orange_diamond: Nemesis - packet manipulation CLI tool; craft and inject packets of several protocols.
  :small_orange_diamond: packetfu - a mid-level packet manipulation library for Ruby.
  :small_orange_diamond: Scapy - packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.
From c49454f868678e4a4d26a6eba7333bc61c18c22c Mon Sep 17 00:00:00 2001 From: trimstray Date: Thu, 3 Jan 2019 10:04:56 +0100 Subject: [PATCH 02/13] added HAProxy - signed-off-by: trimstray --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 86d84dd..2ca5700 100644 --- a/README.md +++ b/README.md @@ -514,6 +514,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an

  :small_orange_diamond: Varnish HTTP Cache - HTTP accelerator designed for content-heavy dynamic web sites.
  :small_orange_diamond: Nginx - open source web and reverse proxy server that is similar to Apache, but very light weight.
+  :small_orange_diamond: HAProxy - the reliable, high performance TCP/HTTP load balancer.

##### :black_small_square: Secure WebMail Providers From c08b41fe6ed2229f24067a1bfb1bcaa85f5377a0 Mon Sep 17 00:00:00 2001 From: trimstray Date: Thu, 3 Jan 2019 10:06:02 +0100 Subject: [PATCH 03/13] renamed 'Varnish HTTP Cache' to 'Varnish Cache' - signed-off-by: trimstray --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2ca5700..26e75f2 100644 --- a/README.md +++ b/README.md @@ -512,7 +512,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an ##### :black_small_square: HTTP(s) Services

-  :small_orange_diamond: Varnish HTTP Cache - HTTP accelerator designed for content-heavy dynamic web sites.
+  :small_orange_diamond: Varnish Cache - HTTP accelerator designed for content-heavy dynamic web sites.
  :small_orange_diamond: Nginx - open source web and reverse proxy server that is similar to Apache, but very light weight.
  :small_orange_diamond: HAProxy - the reliable, high performance TCP/HTTP load balancer.

From 0c66c1acb5c354707ac02f1f65870ec0785c5335 Mon Sep 17 00:00:00 2001 From: trimstray Date: Thu, 3 Jan 2019 10:09:52 +0100 Subject: [PATCH 04/13] fixed typos - signed-off-by: trimstray --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 26e75f2..991c83c 100644 --- a/README.md +++ b/README.md @@ -686,7 +686,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Qualys Blog - expert network security guidance and news.
  :small_orange_diamond: DARKReading - connecting the Information Security Community.
  :small_orange_diamond: publiclyDisclosed - public disclosure watcher who keeps you up to date about the recently disclosed bugs.
-  :small_orange_diamond: Packet Storm - information security services, news, files, tools, exploits, aAdvisories and whitepapers.
+  :small_orange_diamond: Packet Storm - information security services, news, files, tools, exploits, advisories and whitepapers.
  :small_orange_diamond: Sekurak - about security, penetration tests, vulnerabilities and many others (PL/EN).
  :small_orange_diamond: nf.sec - basic aspects and mechanisms of Linux operating system security (PL).

From 413c5e973915cde7c17d8d18a3cbd0060b04b370 Mon Sep 17 00:00:00 2001 From: trimstray Date: Fri, 4 Jan 2019 10:09:40 +0100 Subject: [PATCH 05/13] minor updates; added 'webhint.io' - signed-off-by: trimstray --- README.md | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 991c83c..2e33642 100644 --- a/README.md +++ b/README.md @@ -229,6 +229,15 @@ Before add pull request please see **[this](https://github.com/trimstray/the-boo #### Web Tools +##### :black_small_square: Browsers + +

+  :small_orange_diamond: Can I use - provides up-to-date browser support tables for support of front-end web technologies.
+  :small_orange_diamond: Panopticlick 3.0 - is your browser safe against tracking?
+  :small_orange_diamond: Privacy Analyzer - see what data is exposed from your browser.
+  :small_orange_diamond: Web Browser Security - it's all about Web Browser fingerprinting.
+

+ ##### :black_small_square: SSL/Security

@@ -249,28 +258,13 @@ Before add pull request please see **[this](https://github.com/trimstray/the-boo   :small_orange_diamond: crt.sh - discovers certificates by continually monitoring all of the publicly known CT.

-##### :black_small_square: Browsers - -

-  :small_orange_diamond: Can I use - provides up-to-date browser support tables for support of front-end web technologies.
-  :small_orange_diamond: Panopticlick 3.0 - is your browser safe against tracking?
-  :small_orange_diamond: Privacy Analyzer - see what data is exposed from your browser.
-  :small_orange_diamond: Web Browser Security - it's all about Web Browser fingerprinting.
-

- -##### :black_small_square: Privacy - -

-  :small_orange_diamond: privacytools.io - provides knowledge and tools to protect your privacy against global mass surveillance.
-  :small_orange_diamond: DNS Privacy Test Servers - DNS privacy recursive servers list (with a 'no logging' policy).
-

- -##### :black_small_square: HTTP Headers +##### :black_small_square: HTTP Headers & Web Linters

  :small_orange_diamond: Security Headers - analyse the HTTP response headers (with rating system to the results).
  :small_orange_diamond: Observatory by Mozilla - set of tools to analyze your website.
  :small_orange_diamond: Enable CORS - enable cross-origin resource sharing.
+  :small_orange_diamond: webhint - is a linting tool that will help you with your site's accessibility, speed, security and more.

##### :black_small_square: DNS @@ -318,6 +312,13 @@ Before add pull request please see **[this](https://github.com/trimstray/the-boo   :small_orange_diamond: VirusTotal - analyze suspicious files and URLs to detect types of malware.

+##### :black_small_square: Privacy + +

+  :small_orange_diamond: privacytools.io - provides knowledge and tools to protect your privacy against global mass surveillance.
+  :small_orange_diamond: DNS Privacy Test Servers - DNS privacy recursive servers list (with a 'no logging' policy).
+

+ ##### :black_small_square: Code parsers/playgrounds

From 575cd7e43e609e6536c79c6b5ed6ff12879c82fc Mon Sep 17 00:00:00 2001 From: trimstray Date: Fri, 4 Jan 2019 10:18:05 +0100 Subject: [PATCH 06/13] added 'Build your own System/Virtual Machine' chapter - signed-off-by: trimstray --- README.md | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 2e33642..7a9ae5f 100644 --- a/README.md +++ b/README.md @@ -694,17 +694,6 @@ Linux Security Expert - trainings, howtos, checklists, security tools an #### Other Cheat Sheets -###### DNS Servers list (privacy) - -| IP | URL | -| :--- | :--- | -| **`84.200.69.80`** | [dns.watch](https://dns.watch/) | -| **`94.247.43.254`** | [opennic.org](https://www.opennic.org/) | -| **`64.6.64.6`** | [verisign.com](https://www.verisign.com/en_US/security-services/public-dns/index.xhtml) | -| **`89.233.43.71`** | [censurfridns.dk](https://blog.uncensoreddns.org/) | -| **`1.1.1.1`** | [cloudflare.com](https://www.cloudflare.com/dns/) | -| **`94.130.110.185`** | [dnsprivacy.at](https://dnsprivacy.at/) | - ###### Build your own DNS Servers

@@ -721,6 +710,24 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: OpenSSL Certificate Authority - build your own certificate authority (CA) using the OpenSSL command-line tools.

+###### Build your own System/Virtual Machine + +

+   :small_orange_diamond: os-tutorial - how to create an OS from scratch.
+  :small_orange_diamond: Write your Own Virtual Machine - how to write your own virtual machine (VM).
+

+ +###### DNS Servers list (privacy) + +| IP | URL | +| :--- | :--- | +| **`84.200.69.80`** | [dns.watch](https://dns.watch/) | +| **`94.247.43.254`** | [opennic.org](https://www.opennic.org/) | +| **`64.6.64.6`** | [verisign.com](https://www.verisign.com/en_US/security-services/public-dns/index.xhtml) | +| **`89.233.43.71`** | [censurfridns.dk](https://blog.uncensoreddns.org/) | +| **`1.1.1.1`** | [cloudflare.com](https://www.cloudflare.com/dns/) | +| **`94.130.110.185`** | [dnsprivacy.at](https://dnsprivacy.at/) | + ###### TOP 10 Browser extensions | Extension name | Description | From 9e66dc4aa0e3c5236232e86718314216b287e8cc Mon Sep 17 00:00:00 2001 From: trimstray Date: Fri, 4 Jan 2019 10:31:42 +0100 Subject: [PATCH 07/13] added 'OWASP Testing Guide v4' - signed-off-by: trimstray --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 7a9ae5f..22cad76 100644 --- a/README.md +++ b/README.md @@ -430,6 +430,7 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: OWASP - worldwide not-for-profit charitable organization focused on improving the security of software.
  :small_orange_diamond: OWASP ASVS 3.0.1 - OWASP Application Security Verification Standard Project.
  :small_orange_diamond: OWASP ASVS 3.0.1 Web App - simple web app that helps developers understand the ASVS requirements.
+  :small_orange_diamond: OWASP Testing Guide v4 - includes a "best practice" penetration testing framework.
  :small_orange_diamond: Hacking Articles - LRaj Chandel's Security & Hacking Blog.
  :small_orange_diamond: AWS security tools - make your AWS cloud environment more secure.
  :small_orange_diamond: Rawsec's CyberSecurity Inventory - an inventory of tools and resources about CyberSecurity.
From 022a2acbcbd6b3dec325b364342f4b660b96ef3f Mon Sep 17 00:00:00 2001 From: trimstray Date: Fri, 4 Jan 2019 10:59:34 +0100 Subject: [PATCH 08/13] added CTFs resources - signed-off-by: trimstray --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 22cad76..f01bfe5 100644 --- a/README.md +++ b/README.md @@ -621,6 +621,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: GTFOBins - list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
  :small_orange_diamond: Guifre Ruiz Notes - collection of security, system, network and pentest cheatsheets.
  :small_orange_diamond: SSRF Tips - a collection of SSRF Tips.
+  :small_orange_diamond: shell-storm repo CTF - great archive of CTFs.

##### :black_small_square: Bounty programs @@ -649,7 +650,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Bodhi - is a playground focused on learning the exploitation of client-side web vulnerabilities.

-##### :black_small_square: Labs (ethical hacking platforms/trainings) +##### :black_small_square: Labs (ethical hacking platforms/trainings/CTFs)

  :small_orange_diamond: Offensive Security - true performance-based penetration testing training for over a decade.
@@ -657,6 +658,8 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Hacking-Lab - online ethical hacking, computer network and security challenge platform.
  :small_orange_diamond: pwnable.kr - non-commercial wargame site which provides various pwn challenges regarding system exploitation.
  :small_orange_diamond: Pwnable.tw - is a wargame site for hackers to test and expand their binary exploiting skills.
+  :small_orange_diamond: picoCTF - is a free computer security game targeted at middle and high school students.
+  :small_orange_diamond: CTFlearn - is an online platform built to help ethical hackers learn and practice their cybersecurity knowledge and skills.
  :small_orange_diamond: Silesia Security Lab - high quality security testing services.
  :small_orange_diamond: Practical Pentest Labs - pentest lab, take your Hacking skills to the next level.
  :small_orange_diamond: Root Me - the fast, easy, and affordable way to train your hacking skills.
From 97afa900d2c40a721a8cd2ac3161378836c3b47d Mon Sep 17 00:00:00 2001 From: trimstray Date: Fri, 4 Jan 2019 11:08:57 +0100 Subject: [PATCH 09/13] removed gitignore - signed-off-by: trimstray --- .gitignore | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 .gitignore diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 10ee1b0..0000000 --- a/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -# This is where the result of the script output. -log/ From 3d138cba8a43226eff60a4621b5fbd2cf578ec23 Mon Sep 17 00:00:00 2001 From: trimstray Date: Fri, 4 Jan 2019 11:12:58 +0100 Subject: [PATCH 10/13] added 'Awesome Malware Analysis' - signed-off-by: trimstray --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index f01bfe5..237d738 100644 --- a/README.md +++ b/README.md @@ -614,6 +614,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Pentest Bookmarks - there are a LOT of pentesting blogs.
  :small_orange_diamond: PayloadsAllTheThings - a list of useful payloads and bypass for Web Application Security and Pentest/CTF.
  :small_orange_diamond: Pentesting Tools Cheat Sheet - a quick reference high level overview for typical penetration testing engagements.
+  :small_orange_diamond: Awesome Malware Analysis - a curated list of awesome malware analysis tools and resources..
  :small_orange_diamond: SQL Injection Cheat Sheet - detailed technical information about the many different variants of the SQL Injection.
  :small_orange_diamond: Entersoft Knowledge Base - great and detailed reference about vulnerabilities.
  :small_orange_diamond: HTML5 Security Cheatsheet - a collection of HTML5 related XSS attack vectors.
From 49868e5c977721ddf238e9b15e7df2789ceb15c9 Mon Sep 17 00:00:00 2001 From: trimstray Date: Fri, 4 Jan 2019 11:34:38 +0100 Subject: [PATCH 11/13] minor fix; added hackxor.net - signed-off-by: trimstray --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 237d738..360ba13 100644 --- a/README.md +++ b/README.md @@ -614,7 +614,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Pentest Bookmarks - there are a LOT of pentesting blogs.
  :small_orange_diamond: PayloadsAllTheThings - a list of useful payloads and bypass for Web Application Security and Pentest/CTF.
  :small_orange_diamond: Pentesting Tools Cheat Sheet - a quick reference high level overview for typical penetration testing engagements.
-  :small_orange_diamond: Awesome Malware Analysis - a curated list of awesome malware analysis tools and resources..
+  :small_orange_diamond: Awesome Malware Analysis - a curated list of awesome malware analysis tools and resources.
  :small_orange_diamond: SQL Injection Cheat Sheet - detailed technical information about the many different variants of the SQL Injection.
  :small_orange_diamond: Entersoft Knowledge Base - great and detailed reference about vulnerabilities.
  :small_orange_diamond: HTML5 Security Cheatsheet - a collection of HTML5 related XSS attack vectors.
@@ -666,6 +666,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Root Me - the fast, easy, and affordable way to train your hacking skills.
  :small_orange_diamond: rozwal.to - a great platform to train your pentesting skills.
  :small_orange_diamond: TryHackMe - learning Cyber Security made easy.
+  :small_orange_diamond: hackxor - is a realistic web application hacking game, designed to help players of all abilities develop their skills.
  :small_orange_diamond: OverTheWire - can help you to learn and practice security concepts in the form of fun-filled games.
  :small_orange_diamond: Wizard Labs - is an online Penetration Testing Lab.
  :small_orange_diamond: PentesterLab - provides vulnerable systems that can be used to test and understand vulnerabilities.
From 0d9cacddfa843ad62f8c16096c8d57db97d20253 Mon Sep 17 00:00:00 2001 From: trimstray Date: Fri, 4 Jan 2019 12:50:23 +0100 Subject: [PATCH 12/13] moved 'enable-cors.org' - signed-off-by: trimstray --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 46690c9..d9ef8e7 100644 --- a/README.md +++ b/README.md @@ -264,7 +264,6 @@ Before add pull request please see **[this](https://github.com/trimstray/the-boo

  :small_orange_diamond: Security Headers - analyse the HTTP response headers (with rating system to the results).
  :small_orange_diamond: Observatory by Mozilla - set of tools to analyze your website.
-  :small_orange_diamond: Enable CORS - enable cross-origin resource sharing.
  :small_orange_diamond: webhint - is a linting tool that will help you with your site's accessibility, speed, security and more.

@@ -445,6 +444,7 @@ performance of any of your sites from across the globe.

  :small_orange_diamond: Mozilla Web Security - help operational teams with creating secure web applications.
+  :small_orange_diamond: Enable CORS - enable cross-origin resource sharing.

##### :black_small_square: Other From a8d6bdb367d2ad628c7913eed75f1958bb18ba58 Mon Sep 17 00:00:00 2001 From: trimstray Date: Fri, 4 Jan 2019 13:12:55 +0100 Subject: [PATCH 13/13] added 'Awesome Web Security' - signed-off-by: trimstray --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index d9ef8e7..dcd30b1 100644 --- a/README.md +++ b/README.md @@ -570,6 +570,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Awesome Shell - awesome command-line frameworks, toolkits, guides and gizmos.
  :small_orange_diamond: Movies for Hackers - list of movies every hacker & cyberpunk must watch.
  :small_orange_diamond: Awesome-Selfhosted - list of Free Software network services and web applications which can be hosted locally.
+  :small_orange_diamond: Awesome Web Security - curated list of Web Security materials and resources.
  :small_orange_diamond: Awesome Pcaptools - collection of tools developed by other researchers to process network traces.
  :small_orange_diamond: Linux Network Performance - learn where some of the network sysctl variables fit into the Linux/Kernel network flow.
  :small_orange_diamond: Awesome Scalability - best practices in building High Scalability, High Availability, High Stability and more.