diff --git a/README.md b/README.md index 49763a4..db3aac2 100644 --- a/README.md +++ b/README.md @@ -85,10 +85,6 @@ This project exists thanks to all the people who contribute.
-## :gift_heart: Support - -If this project is useful and important for you or if you really like _the-book-of-secret-knowledge_, you can bring **positive energy** by giving some **good words** or **supporting this project**. Thank you! - ## :newspaper: RSS Feed & Updates GitHub exposes an [RSS/Atom](https://github.com/trimstray/the-book-of-secret-knowledge/commits.atom) feed of the commits, which may also be useful if you want to be kept informed about all changes. @@ -193,6 +189,7 @@ Only main chapters: :small_orange_diamond: mtr - is a tool that combines the functionality of the 'traceroute' and 'ping' programs in a single tool.
:small_orange_diamond: KeePassXC - store your passwords safely and auto-type them into your everyday websites and apps.
- :small_orange_diamond: Enpass - password manager and secure wallet.
+ :small_orange_diamond: Bitwarden - open source password manager with built-in sync.
:small_orange_diamond: Censys - platform that helps information security practitioners discover, monitor, and analyze devices.
:small_orange_diamond: Shodan - the world's first search engine for Internet-connected devices.
- :small_orange_diamond: Shodan 2000 - do you use Shodan for everyday work? This tool looks for randomly generated data from Shodan.
+ :small_orange_diamond: Shodan 2000 - this tool looks for randomly generated data from Shodan.
:small_orange_diamond: GreyNoise - mass scanner such as Shodan and Censys.
:small_orange_diamond: ZoomEye - search engine for cyberspace that lets the user find specific network components.
:small_orange_diamond: netograph - tools to monitor and understand deep structure of the web.
@@ -605,6 +604,7 @@ performance of any of your sites from across the globe.
:small_orange_diamond: onyphe - is a search engine for open-source and cyber threat intelligence data collected.
:small_orange_diamond: IntelligenceX - is a search engine and data archive.
:small_orange_diamond: binaryedge - it scan the entire internet space and create real-time threat intelligence streams and reports.
+ :small_orange_diamond: Spyse - Internet assets registry: networks, threats, web objects, etc.
:small_orange_diamond: wigle - is a submission-based catalog of wireless networks. All the networks. Found by Everyone.
:small_orange_diamond: PublicWWW - find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code.
:small_orange_diamond: IntelTechniques - this repository contains hundreds of online search utilities.
@@ -640,7 +640,6 @@ performance of any of your sites from across the globe.
:small_orange_diamond: thispersondoesnotexist - generate fake faces in one click - endless possibilities.
:small_orange_diamond: AI Generated Photos - 100.000 AI generated faces.
- :small_orange_diamond: fakeface - fake faces browser.
:small_orange_diamond: fakenamegenerator - your randomly generated identity.
:small_orange_diamond: Intigriti Redirector - open redirect/SSRF payload generator.
- :small_orange_diamond: Emerald Onion - is a 501(c)(3) nonprofit organization and transit internet service provider (ISP) based in Seattle.
+ :small_orange_diamond: Emerald Onion - is a 501(c)(3) nonprofit organization and transit internet service provider (ISP).
:small_orange_diamond: pi-hole - the Pi-hole® is a DNS sinkhole that protects your devices from unwanted content.
:small_orange_diamond: maltrail - malicious traffic detection system.
:small_orange_diamond: security_monkey - monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
@@ -808,7 +807,7 @@ performance of any of your sites from across the globe.
##### :black_small_square: Security
- :small_orange_diamond: docker-bench-security - is a script that checks for dozens of common best-practices around deploying Docker.
+ :small_orange_diamond: docker-bench-security - checks for dozens of common best-practices around deploying Docker.
:small_orange_diamond: trivy - vulnerability scanner for containers, suitable for CI.
:small_orange_diamond: Harbor - cloud native registry project that stores, signs, and scans content.
:small_orange_diamond: Web Developer Roadmap - roadmaps, articles and resources to help you choose your path, learn and improve.
:small_orange_diamond: Front-End-Checklist - the perfect Front-End Checklist for modern websites and meticulous developers.
- :small_orange_diamond: Front-End-Performance-Checklist - the only Front-End Performance Checklist that runs faster than the others.
+ :small_orange_diamond: Front-End-Performance-Checklist - Front-End Performance Checklist that runs faster than the others.
:small_orange_diamond: Python's Magic Methods - what are magic methods? They're everything in object-oriented Python.
:small_orange_diamond: wtfpython - a collection of surprising Python snippets and lesser-known features.
:small_orange_diamond: js-dev-reads - a list of books and articles for the discerning web developer to read.
@@ -1096,7 +1095,7 @@ performance of any of your sites from across the globe.
:small_orange_diamond: Varnish for PHP developers - very interesting presentation of Varnish by Mattias Geniar.
- :small_orange_diamond: A Netflix Guide to Microservices - alks about the chaotic and vibrant world of microservices at Netflix.
+ :small_orange_diamond: A Netflix Guide to Microservices - talks about the chaotic and vibrant world of microservices at Netflix.
:small_orange_diamond: Sandcat Browser - a penetration-oriented browser with plenty of advanced functionality already built in.
:small_orange_diamond: Metasploit - tool and framework for pentesting system, web and many more, contains a lot a ready to use exploit.
- :small_orange_diamond: Burp Suite - tool for testing web app security, intercepting proxy to replay, inject, scan and fuzz HTTP requests.
+ :small_orange_diamond: Burp Suite - tool for testing web app security, intercepting proxy to replay, inject, scan and fuzz.
:small_orange_diamond: OWASP Zed Attack Proxy - intercepting proxy to replay, inject, scan and fuzz HTTP requests.
:small_orange_diamond: w3af - is a Web Application Attack and Audit Framework.
- :small_orange_diamond: mitmproxy - an interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
+ :small_orange_diamond: mitmproxy - an interactive TLS-capable intercepting HTTP proxy for penetration testers.
:small_orange_diamond: Nikto2 - web server scanner which performs comprehensive tests against web servers for multiple items.
:small_orange_diamond: sqlmap - tool that automates the process of detecting and exploiting SQL injection flaws.
:small_orange_diamond: Recon-ng - is a full-featured Web Reconnaissance framework written in Python.
@@ -1274,6 +1273,7 @@ CyberTalks - talks, interviews, and article about cybersecurity.
:small_orange_diamond: radare2 - framework for reverse-engineering and analyzing binaries.
:small_orange_diamond: routersploit - exploitation framework for embedded devices.
:small_orange_diamond: Ghidra - is a software reverse engineering (SRE) framework.
+ :small_orange_diamond: Cutter - is an SRE platform integrating Ghidra's decompiler.
:small_orange_diamond: Vulnreport - open-source pentesting management and automation platform by Salesforce Product Security.
:small_orange_diamond: Mentalist - is a graphical tool for custom wordlist generation.
:small_orange_diamond: archerysec - vulnerability assessment and management helps to perform scans and manage vulnerabilities.
@@ -1321,11 +1321,11 @@ CyberTalks - talks, interviews, and article about cybersecurity.
:small_orange_diamond: OWASP Cheat Sheet Series - is a collection of high value information on specific application security topics.
:small_orange_diamond: OWASP dependency-check - is an open source solution the OWASP Top 10 2013 entry.
:small_orange_diamond: OWASP ProActive Controls - OWASP Top 10 Proactive Controls 2018.
- :small_orange_diamond: PENTESTING-BIBLE - hacking & penetration testing & red team & cyber security & computer science resources.
+ :small_orange_diamond: PENTESTING-BIBLE - hacking & penetration testing & red team & cyber security resources.
:small_orange_diamond: pentest-wiki - is a free online security knowledge library for pentesters/researchers.
:small_orange_diamond: DEF CON Media Server - great stuff from DEFCON.
:small_orange_diamond: Awesome Malware Analysis - a curated list of awesome malware analysis tools and resources.
- :small_orange_diamond: SQL Injection Cheat Sheet - detailed technical information about the many different variants of the SQL Injection.
+ :small_orange_diamond: SQL Injection Cheat Sheet - detailed technical stuff about the many different variants of the SQL Injection.
:small_orange_diamond: Entersoft Knowledge Base - great and detailed reference about vulnerabilities.
:small_orange_diamond: HTML5 Security Cheatsheet - a collection of HTML5 related XSS attack vectors.
:small_orange_diamond: XSS String Encoder - for generating XSS code to check your input validation filters against XSS.
@@ -1403,6 +1403,7 @@ AWS deployment tool.
:small_orange_diamond: secDevLabs - is a laboratory for learning secure web development in a practical manner.
:small_orange_diamond: CORS-vulnerable-Lab - sample vulnerable code and its exploit code.
:small_orange_diamond: RootTheBox - a Game of Hackers (CTF Scoreboard & Game Manager).
+ :small_orange_diamond: KONTRA - application security training (OWASP Top Web & Api).