Parcourir la source

updated and added new resources

- signed-off-by: trimstray <>
trimstray il y a 4 ans
1 fichiers modifiés avec 29 ajouts et 1 suppressions
  1. +29

+ 29
- 1 Voir le fichier

@@ -46,6 +46,12 @@
- they miss and cry for **[Slackware](** on production
- they love the old admin nix-world

## What is this list?

This list is a collection of various materials that I use every day in my work. It contain a lot of useful information gathered in one piece. It is intended for everyone and anyone who is or wants to become a Ninja Admin (and not only).

This is not a final and full version - I update it on an ongoing basis.

## :ballot_box_with_check: Todo

- [ ] Add useful shell functions
@@ -88,7 +94,11 @@ for transferring data with URLs.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>tshark</b></a> - dump and analyze network traffic (wireshark cli).<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>fierce</b></a> - a DNS reconnaissance tool for locating non-contiguous IP space.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>sublist3r</b></a> - fast subdomains enumeration tool for penetration testers.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>amass</b></a> - the OWASP tool obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives and more.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Nemesis</b></a> - packet manipulation CLI tool; craft and inject packets of several protocols.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>packetfu</b></a> - a mid-level packet manipulation library for Ruby.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Scapy</b></a> - packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Nipe</b></a> - script to make Tor Network your default gateway.<br>

##### :black_small_square: SSL
@@ -104,6 +114,7 @@ for transferring data with URLs.<br>

&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>lynis</b></a> - battle-tested security tool for systems running Linux, macOS, or Unix-based operating system.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>LinEnum</b></a> - scripted Local Linux Enumeration & Privilege Escalation Checks.<br>

##### :black_small_square: System Diagnostics/Debuggers
@@ -131,6 +142,16 @@ for transferring data with URLs.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>mycli</b></a> - terminal client for MySQL with autocompletion and syntax highlighting.<br>

##### :black_small_square: Pentesting

&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Metasploit</b></a> - tool and framework for pentesting system, web and many more, contains a lot a ready to use exploit.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Burp Suite</b></a> - tool for testing Web application security, intercepting proxy to replay, inject, scan and fuzz HTTP requests.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>OWASP Zed Attack Proxy</b></a> - intercepting proxy to replay, inject, scan and fuzz HTTP requests.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Nikto2</b></a> - web server scanner which performs comprehensive tests against web servers for multiple items.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>sqlmap</b></a> - tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.<br>

#### Web Tools

##### :black_small_square: SSL
@@ -237,11 +258,12 @@ performance of any of your sites from across the globe.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>The Bash Hackers Wiki</b></a> - hold documentation of any kind about GNU Bash.<br>

##### :black_small_square: Unix tutorials
##### :black_small_square: Unix & Network

&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>nixCraft</b></a> - linux and unix tutorials for new and seasoned sysadmin.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>TecMint</b></a> - the ideal Linux blog for Sysadmins & Geeks.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Omnisecu</b></a> - Free Networking, System Administration and Security Tutorials.<br>

##### :black_small_square: Security
@@ -250,6 +272,7 @@ performance of any of your sites from across the globe.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>OWASP</b></a> - worldwide not-for-profit charitable organization focused on improving the security of software.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>OWASP ASVS 3.0.1</b></a> - OWASP Application Security Verification Standard Project.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>OWASP ASVS 3.0.1 Web App</b></a> - simple web app that helps developers understand the ASVS requirements.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Offensive Security</b></a> - true performance-based penetration testing training for over a decade.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Hacking Articles</b></a> - LRaj Chandel's Security & Hacking Blog.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>GTFOBins</b></a> - list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>AWS security tools</b></a> - make your AWS cloud environment more secure.<br>
@@ -257,6 +280,7 @@ performance of any of your sites from across the globe.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>PTES</b></a> - the penetration testing execution standard.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>ctf-tools</b></a> - some setup scripts for security research tools.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Guifre Ruiz Notes</b></a> - collection of secuirty, system, network and pentest cheatsheets.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Rawsec's CyberSecurity Inventory</b></a> - an inventory of tools and resources about CyberSecurity.<br>

##### :black_small_square: Web Apps
@@ -293,6 +317,7 @@ performance of any of your sites from across the globe.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>
Linux Security Expert</b></a> - trainings, howtos, checklists, security tools and more.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>The Grymoire</b></a> - collection of useful incantations for wizards, be you computer wizards, magicians, or whatever.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b></b></a> - linux/unix sysadmin specializing in building high availability cloud environments.<br>

#### Systems/Services
@@ -303,6 +328,8 @@ Linux Security Expert</b></a> - trainings, howtos, checklists, security tools an
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Slackware</b></a> - the most "Unix-like" Linux distribution.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>OpenBSD</b></a> - multi-platform 4.4BSD-based UNIX-like operating system.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>HardenedBSD</b></a> - HardenedBSD aims to implement innovative exploit mitigation and security solutions.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Kali Linux</b></a> - Linux distribution used for Penetration Testing, Ethical Hacking and network security assessments.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Backbox Linux</b></a> - penetration test and security assessment oriented Ubuntu-based Linux distribution.<br>

##### :black_small_square: Network
@@ -315,6 +342,7 @@ Linux Security Expert</b></a> - trainings, howtos, checklists, security tools an

&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Varnish HTTP Cache</b></a> - HTTP accelerator designed for content-heavy dynamic web sites.<br>
&nbsp;&nbsp;:small_orange_diamond: <a href=""><b>Nginx</b></a> - open source web and reverse proxy server that is similar to Apache, but very light weight.<br>

##### :black_small_square: Security/hardening