From edfc9ca785aade6bdf60c4602432bd273532631a Mon Sep 17 00:00:00 2001 From: trimstray Date: Wed, 16 Jan 2019 13:40:39 +0100 Subject: [PATCH] added new resources (several parts) - signed-off-by: trimstray --- README.md | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index d8c3c8e..163d046 100644 --- a/README.md +++ b/README.md @@ -140,9 +140,9 @@ Only main chapters:   :small_orange_diamond: sublist3r - fast subdomains enumeration tool for penetration testers.
  :small_orange_diamond: amass - tool obtains subdomain names by scraping data sources, crawling web archives and more.
  :small_orange_diamond: namebench - provides personalized DNS server recommendations based on your browsing history.
+  :small_orange_diamond: dnscrypt-proxy 2 - a flexible DNS proxy, with support for encrypted DNS protocols.

- ##### :black_small_square: Network (HTTP)

@@ -170,6 +170,7 @@ Only main chapters:   :small_orange_diamond: sslscan - tests SSL/TLS enabled services to discover supported cipher suites.
  :small_orange_diamond: testssl.sh - testing TLS/SSL encryption anywhere on any port.
  :small_orange_diamond: spiped - is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.
+  :small_orange_diamond: Certbot - is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server.
  :small_orange_diamond: mkcert - simple zero-config tool to make locally trusted development certificates with any names you'd like.

@@ -226,6 +227,7 @@ Only main chapters:

  :small_orange_diamond: incron - is an inode-based filesystem notification technology.
+  :small_orange_diamond: GRV - is a terminal based interface for viewing Git repositories.
  :small_orange_diamond: tldr - simplified and community-driven man pages.

@@ -475,6 +477,8 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: HardenedBSD - HardenedBSD aims to implement innovative exploit mitigation and security solutions.
  :small_orange_diamond: Kali Linux - Linux distribution used for Penetration Testing, Ethical Hacking and network security assessments.
  :small_orange_diamond: Backbox Linux - penetration test and security assessment oriented Ubuntu-based Linux distribution.
+  :small_orange_diamond: Security Onion - Linux distro for intrusion detection, enterprise security monitoring, and log management.
+  :small_orange_diamond: Tails - is a live system that aims to preserve your privacy and anonymity.

##### :black_small_square: HTTP(s) Services @@ -493,6 +497,7 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: Knot Resolver - caching full resolver implementation, including both a resolver library and a daemon.
  :small_orange_diamond: pi-hole - the Pi-hole® is a DNS sinkhole that protects your devices from unwanted content.
  :small_orange_diamond: maltrail - malicious traffic detection system.
+  :small_orange_diamond: security_monkey - monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

#### Networks  [[TOC]](#anger-table-of-contents) @@ -511,12 +516,13 @@ performance of any of your sites from across the globe.
#### Manuals/Howtos/Tutorials  [[TOC]](#anger-table-of-contents) -##### :black_small_square: Bash +##### :black_small_square: Shells/Command line

  :small_orange_diamond: pure-bash-bible - a collection of pure bash alternatives to external processes.
  :small_orange_diamond: The Bash Hackers Wiki - hold documentation of any kind about GNU Bash.
  :small_orange_diamond: Shell & Utilities - describes the commands and utilities offered to application programs by POSIX-conformant systems.
+  :small_orange_diamond: the-art-of-command-line - master the command line, in one page.

##### :black_small_square: Python @@ -543,6 +549,13 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: http3-explained - a document describing the HTTP/3 and QUIC protocols.

+##### :black_small_square: Large-scale systems + +

+  :small_orange_diamond: The System Design Primer - learn how to design large-scale systems.
+  :small_orange_diamond: Awesome Scalability - best practices in building High Scalability, High Availability, High Stability and more.
+

+ ##### :black_small_square: System hardening

@@ -580,7 +593,8 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: CTF Series : Vulnerable Machines - the steps below could be followed to find vulnerabilities and exploits.
  :small_orange_diamond: How to start RE/malware analysis? - collection of some hints and useful links for the beginners.
  :small_orange_diamond: LZone Cheat Sheets - all cheat sheets.
-  :small_orange_diamond: Dan’s Cheat Sheets’s - massive cheat sheets documentation.
+  :small_orange_diamond: Dan’s Cheat Sheets’s - massive cheat sheets documentation.
+  :small_orange_diamond: Rico's cheatsheets - this is a modest collection of cheatsheets.
  :small_orange_diamond: The C10K problem - it's time for web servers to handle ten thousand clients simultaneously, don't you think?
  :small_orange_diamond: Bank Grade Security - when companies say they have "Bank Grade Security" they imply that it is a good thing.*
  :small_orange_diamond: HTTPS on Stack Overflow - this is the story of a long journey regarding the implementation of SSL.
@@ -603,7 +617,6 @@ performance of any of your sites from across the globe.
  :small_orange_diamond: Command-line-text-processing - from finding text to search and replace, from sorting to beautifying text and more.
  :small_orange_diamond: Awesome Pcaptools - collection of tools developed by other researchers to process network traces.
  :small_orange_diamond: Linux Network Performance - learn where some of the network sysctl variables fit into the Linux/Kernel network flow.
-  :small_orange_diamond: Awesome Scalability - best practices in building High Scalability, High Availability, High Stability and more.
  :small_orange_diamond: Awesome Postgres - list of awesome PostgreSQL software, libraries, tools and resources.
  :small_orange_diamond: Awesome-Selfhosted - list of Free Software network services and web applications which can be hosted locally.

@@ -668,6 +681,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: Burp Suite - tool for testing Web application security, intercepting proxy to replay, inject, scan and fuzz HTTP requests.
  :small_orange_diamond: OWASP Zed Attack Proxy - intercepting proxy to replay, inject, scan and fuzz HTTP requests.
  :small_orange_diamond: w3af - is a Web Application Attack and Audit Framework.
+  :small_orange_diamond: mitmproxy - an interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
  :small_orange_diamond: Nikto2 - web server scanner which performs comprehensive tests against web servers for multiple items.
  :small_orange_diamond: sqlmap - tool that automates the process of detecting and exploiting SQL injection flaws.
  :small_orange_diamond: Faraday - an Integrated Multiuser Pentest Environment.
@@ -711,6 +725,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an   :small_orange_diamond: SSRF Tips - a collection of SSRF Tips.
  :small_orange_diamond: shell-storm repo CTF - great archive of CTFs.
  :small_orange_diamond: ctf - CTF (Capture The Flag) writeups, code snippets, notes, scripts.
+  :small_orange_diamond: MSTG - The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing.

##### :black_small_square: Bounty programs @@ -769,6 +784,7 @@ Linux Security Expert - trainings, howtos, checklists, security tools an

  :small_orange_diamond: Bugcrowd University - open source education content for the researcher community.
+  :small_orange_diamond: OSCPRepo - a list of resources and scripts that I have been gathering (and continuing to gather) in preparation for the OSCP.

#### Your daily knowledge and news  [[TOC]](#anger-table-of-contents)