技术博客:
国内:
http://blog.csdn.net/qq_27446553/ (qq_27446553博客)
http://0x007.blog.51cto.com/6330498/1628943 (0x007博客)
http://www.lorexxar.cn/ (lorexxar博客)
http://www.test404.com/ (test404博客)
https://evi1cg.me/ (evilcg博客)
http://ver007.com/ (ver007博客)
http://cciezsm.lofter.com/ (颖奇博客)
http://www.secsky.cn/ (安全天空博客)
https://www.hackfun.org/ (4ido1on博客)
http://helloeveryone.blog.51cto.com/ (牛磊博客)
http://www.7kb.org/ (7kb论坛)
http://lu4n.com/ (lun博客)
http://www.cnbraid.com/ (cnbiraid博客)
http://blog.neargle.com (neargle博客)
https://lightrains.org (lightrains博客)
https://imlonghao.com/ (imlonghao博客)
http://www.zerokeeper.com/ (zerokeeper博客)
http://www.thinkings.org/ (thinkings博客)
https://www.ohlinge.cn/ (ohlinge博客)
https://www.virzz.com (virzz博客)
https://www.jisec.com/ (jisec博客)
http://www.hfhuge.com/ (hfhuge博客)
http://www.91ri.org/ (91ri博客)
http://www.codersec.net (codersec博客)
http://www.venenof.com/ (venenof博客)
http://blog.leanote.com/thorns (leanote博客)
http://www.droidsec.cn/ (安卓中文博客 )
http://linux.im/ (im博客)
https://www.iswin.org/ (飓风博客)
http://www.shentou.org/ (安全渗透军火库博客)
http://joychou.org (joychou博客)
http://0cx.cc/ (0cx博客)
http://hacktech.cn/ (hacketech博客)
http://www.lucien116.com (lucien博客)
http://www.hack1990.com (hack1990博客)
http://www.xmanblog.net/ (xmanblog博客)
http://xia0yu.win/ (xia0yu博客)
http://littlehann.cnblogs.com/ (littlehann博客)
http://lonelyrain.me/ (lonelyrain博客)
http://www.hack-gov.com (hack-gov博客)
http://xdxd.love/ (xdxd博客)
https://www.lynahex.com/ (lynahex博客)
http://www.cnblogs.com/S4b0r/ (S4b0r博客)
http://www.leesec.com/ (leesce博客)
https://bl4ck.in/ (b14ck博客)
http://www.hksafe.cn.com (hksafe博客)
http://www.n0tr00t.com/ (n0tr00t博客)
https://www.92aq.com/ (92工具博客)
https://3gstudent.github.io/ (三好学生博客)
http://www.nxadmin.com/ (nxadmin博客 )
https://www.leavesongs.com/ (p牛代码审计博客 )
http://www.code521.com/ (code521博客)
http://p2j.cn/ (园长博客)
http://le4f.net/ (le4f博客)
http://www.polaris-lab.com/ (polaris-lab实验室)
http://www.programlife.net/ (程序人生博客)
http://evilcos.me/ (余玄博客)
https://www.blackh4t.org/ (blackh4t博客)
http://www.bugsec.org/tools (bugsec博客)
http://ecma.io/ (ecma博客)
http://www.meijj.org/ (meijj博客)
https://ricterz.me/ (ricterz博客)
http://yaseng.org (yaseng博客)
http://avfisher.win/ (安全小飞侠博客)
http://www.0xmh.com/ (0xmh博客)
http://www.lijiejie.com/ (lijiejie博客)
http://secoff.net/ (secoff博客)
http://twi1ight.com/ (twi1ight博客)
https://rinige.com (ringige博客)
http://www.bystudent.com/ (bystudent博客)
http://o0xmuhe.me/page/2/ (o0xmuhe博客)
http://www.blue-lotus.net/ (蓝莲花战队博客)
https://www.webshell.cc/( webshell博客)
http://appleu0.sinaapp.com/ (appleu0博客)
http://www.lshack.cn/ (lshack博客)
https://phpinfo.me/ ( phpinfo博客)
http://f4le.com/ ( f4le博客)
http://www.03sec.com/ (03sec博客)
http://www.cnbraid.com/ (cnbradid博客)
http://www.cnblogs.com/killbit/ (killbit博客)
http://blog.nuptzj.cn/ (nuptzj博客)
http://www.cnblogs.com/Ox9A82/ (Ox9A82博客 )
https://www.lshack.cn/ (lshack博客)
http://www.cnblogs.com/sevck/ (sevck博客)
https://tom0li.github.io (tom0li博客)
http://www.waitalone.cn/ (独自等待博客)
https://wujunze.com/ (wujunze博客)
https://ht-sec.org (昊天博客)
http://docs.hackinglab.cn/ (hackinglab博客)
http://www.hackqing.com/ (情博客)
http://www.milw0rm.cn (milw0rm博客)
https://www.sitedirsec.com/ (非安全中国博客 )
http://www.arvinhk.com/ (arivn博客)
http://hk-xg.lofter.com/ (hk-xg博客 )
http://www.hackblog.cn/ ( hackblog博客)
http://piaoyu.org/ (piaoyu博客)
http://defcon.cn/script (defcon博客)
http://www.jeehsu.com/ (几许博客)
http://www.52bug.cn/ (吾爱漏洞博客)
http://www.moonsec.com/ (暗月博客)
http://www.cnseay.com/ (法师博客)
http://www.exehack.net/ (小残博客)
http://blog.knownsec.com/ (知道创宇博客)
http://www.keen8.com/ (kee8博客 )
http://0ke.org/( 0ke博客 )
http://www.storysec.com/ (影风’s Blog)
http://www.weixianmanbu.com/ (黑客技术博客)
http://www.x14hack.com/ (14xhack博客)
http://rcoil.me/ (rcoil博客)
https://perseus.codes/ (perseus博客)
http://www.legendsec.org/ (legendsec博客)
http://xiao106347.blog.163.com/ (小刘kali博客)
http://blog.sycsec.com/ (三叶草博客)
http://www.cnnetsec.com/ (cnnetsec博客)
http://iscc.gxu.edu.cn/index.php/Index/start (iscc博客)
http://www.joychou.org/ (joychou博客)
http://rootkiter.com/EarthWorm/ (rootkiter博客)
https://www.lmva.cc/ (lmva博客)
http://www.evil0x.com/ (十六进制)
https://ha.cker.in/ (cker博客)
http://3xp10it.cc/ (3xp10it博客)
http://wolvez.club/ (lostwolf博客)
http://simeon.blog.51cto.com/ (simeon博客)
http://javaweb.org/ (javaweb博客)
http://qqhack8.blog.163.com/ (k8博客)
http://das.scusec.org/ (scusec博客)
http://www.zcgonvh.com/ (草泥马之家博客)
http://www.webbaozi.com/ (包子博客)
http://blog.safebuff.com/ (x17dev博客)
http://k1p4ss.sinaapp.com/ (k1p4ss博客)
http://www.daokers.com/ (金刀客博客)
https://www.i0day.com/ (小马博客)
http://www.cnblogs.com/SEC-fsq/ (范世强博客)
国外:
http://www.lanmaster53.com/ (lanmaster53博客)
http://pen-testing.sans.org/blog/pen-testing (sans渗透测试博客)
https://digi.ninja/ (digi渗透测试博客)
http://www.harmj0y.net/blog/ (harmj0y渗透测试博客)
http://nullsecurity.net/tools.html (nullsecurity渗透工具博客)
http://www.ehacking.net/ (ehacking渗透测试博客)
http://www.kitploit.com/ (kitploit.渗透测试博客)
http://www.commonexploits.com/ (commonexploits渗透测试博客)
https://adsecurity.org/ (AD域渗透测试博客)
http://www.securitytube.net/ (securitytube渗透视频教程博客)
https://www.dsinternals.com/en/ (AD域渗透测试博客)
https://adsecurity.org/ (AD域渗透博客)
http://blog.gentilkiwi.com/ (mimikazhi博客)
https://blog.0x80.org/ (汽车安全博客)
http://sectools.org/tag/web-scanners/ (安全工具下载博客)
https://blog.netspi.com/ (SQL注入技能博客)
http://www.sqlinjectionwiki.com/Categories/4/postgresql-sql-injection-cheat-sheet/ (注入技能表博客)
http://websec.ca/kb/sql_injection (sql注入大全)
https://wn.com/httpheaderinjectionds (http头注入博客)
http://www.devttys0.com/blog/ (路由安全博客)
https://fail0verflow.com/ (硬件大牛博客)
http://www.blackhat.com/ (黑帽大赛官方博客)
http://www.social-engineer.org/ (社会工程学博客)
http://www.windowsecurity.com/ (window安全博客)
https://www.blackmoreops.com/ (linux安全博客)
http://http-tunnel.sourceforge.net/ (http-tunnel反向代理博客)
https://zmap.io/ (zmap博客)
https://www.thc.org/ (thc博客)
http://mydowndown.com/y2down (youtuble视频下载)
http://securityxploded.com/download.php (国外密码工具大全)
https://pentest.blog/ (渗透测试博客)
http://www.rekings.com/blog/ (rekings博客)
http://www.hackingarticles.in (黑客文章知识库)
http://fuzzysecurity.com/tutorials/16.html (fuzzysecurity博客)
https://artkond.com/2017/03/23/pivoting-guide/ (artkond博客)
http://www.hacking-tutorial.com (haking博客)
https://legalhackers.com/ (legalhackers博客)
https://blog.quarkslab.com/ (quarkslab博客)
https://foxglovesecurity.com/ (foxglovesecurity博客)
http://carnal0wnage.attackresearch.com/ (attackresearch博客)
https://room362.com/ (room362博客)
http://blog.portswigger.net/ (burpsuit博客)
https://blog.skullsecurity.org/ (关于CTF)
https://community.rapid7.com/community/metasploit/blog (MSF官方博客)
http://www.tssci-security.com/ (tssci博客)
http://blog.gdssecurity.com/ (gdssecurity博客)
https://websec.wordpress.com (websec博客)
http://bernardodamele.blogspot.com/ (blogspot博客)
http://laramies.blogspot.com/ (blogspot博客)
https://clymb3r.wordpress.com/ (clymb3r博客)
https://www.cyberciti.biz (博客)
http://www.spylogic.net/ (spylogic博客)
http://pentestmonkey.net/blog (pentestmonkey博客)
https://www.commonexploits.com/ (commonexploits博客)
https://sensepost.com/blog/ (sensepost博客)
http://exploit.co.il/blog/ (exploit博客)
http://sirdarckcat.blogspot.com/ (sirdarckcat博客)
http://reusablesec.blogspot.com/ (reusablesec博客)
https://www.trustwave.com/ (trustwave博客)
https://www.corelan.be/ (corelan博客)
https://www.notsosecure.com/blog/ (notsosecure博客)
https://securityreliks.wordpress.com/ (securityreliks博客)
http://ihazomgsecurityskillz.blogspot.com/ (linux内核)
https://memset.wordpress.com/ (memset博客)
http://gynvael.coldwind.pl/?blog=1&lang=en (gynvael博客)
https://blog.g0tmi1k.com/ (g0tmi1k博客)
https://digi.ninja/ (digi博客)
http://pentestit.com/ (pentestit博客)
https://www.shellntel.com/ (shellntel博客)
http://www.irongeek.com/ (irongeek博客)
https://bitvijays.github.io/ (bitvijays博客)
https://pentestlab.blog (渗透检测实验室博客)
https://www.hackthissite.org/forums/index.php (国外黑客论坛)
在线知识:
http://wiki.ioin.in/ (安全文库)
http://bobao.360.cn/learning/index (安全客知识库)
https://www.hackfun.org/kali-tools/kali-tools-zh.html( KALI工具使用说明)
https://www.gitbook.com/book/t0data/burpsuite/details (burpsuit中文指南)
http://www.w3school.com.cn/ (w3school在线学习 )
http://www.runoob.com/ (it脚本学习)
http://www.ziqiangxuetang.com/django (djiango之python学习)
http://www.sec-wiki.com/ (安全技能库)
http://www.oschina.net/ (源代码)
http://paper.seebug.org/ (seebug安全知识库)
https://bowen.navisec.it/ (安全文库)
http://expku.com/ (国内exp搜索大全)
http://www.exploitsearch.net (exp搜索)
论坛与导航:
http://www.hegouvip.com/ (合购资源网)
http://www.anquanquan.info/ (安全圈导航)
http://navisec.it/ (navisec导航)
http://cmcc.ml/ (cmcc网址安全导航)
http://www.pediy.com/ (看雪论坛 )
http://www.52pojie.cn/ (吾爱破解 )
http://www.metasploit.cn/ (metasploit论坛)
https://xianzhi.aliyun.com/forum/read/723.html (先知社区)
http://www.pd521.com/ (安卓逆向论坛)
http://bbs.ichunqiu.com/ (爱春秋论坛)
http://hackinglab.cn/ (hack实验室)
https://www.t00ls.net/ (t00ls论坛 )
https://forum.90sec.org/ (90sec论坛)
https://www.70sec.com/ (70sec论坛)
https://forum.exploit.in/ (exploit论坛)
http://forum.exetools.com/index.php (explotools论坛)
https://www.v2ex.com/ (v2ex程序员社区)
安全资讯:
http://www.freebuf.com/ (freebuf安全媒体)
http://www.0daybank.org/( 漏洞银行安全资讯)
https://www.secpulse.com/ (安全脉搏安全资讯)
http://www.secbox.cn/ (安全盒子资讯)
http://www.secist.com/ (即刻安全资讯)
https://www.sec-wiki.com/ (wiki安全资讯)
http://www.mottoin.com/ (猫眼安全媒体)
http://www.4hou.com/ (嘶吼安全媒体)
漏洞预警和exp查询:
http://wy.hx99.net/ (乌云搜索)
https://loudong.sjtu.edu.cn/ (教育行业安全漏洞)
http://webscan.360.cn/vul (网站常见漏洞)
https://cxsecurity.com/wlb/ (国外漏洞)
http://blogs.360.cn/ (360漏洞技术博客)
http://xteam.baidu.com/ (百度实验室 )
http://blog.nsfocus.net/ (绿盟漏洞预警博客)
https://www.seebug.org/ (seebug漏洞预警)
http://www.cnvd.org.cn/ (cnvd漏洞平台)
https://www.vulnhub.com/ (漏洞测试平台)
https://www.exploit-db.com/papers/ (exploit-db漏洞库)
https://technet.microsoft.com/en-us/library/security/mt637763.aspx (微软exp版本号列表)
https://bugs.chromium.org/p/project-zero/issues/list (微软漏洞下载搜索)
https://www.kernel-exploits.com/ (linxu内核exp查询)
http://exploit.linuxnote.org/ (国内linux内核EXP查询)
https://packetstormsecurity.com/ (packetstormsecurity 的exp查询)
http://cve.mitre.org/ (漏洞编号查询)
http://www.securiteam.com/ (安全团队)
http://www.securityfocus.com/ (安全焦点)
http://www.securitytracker.com (securitytracker)
http://www.guninski.com/ (guninski的exp查询)
http://cxsecurity.com/ (漏洞库)
http://www.routerpwn.com/ (路由漏洞查询)
http://www.sebug.net/vuldb/vulnerabilities (WEB漏洞库查询)
http://0day5.com/ (WEB漏洞时代)
http://www.ussrback.com/ (ussrback的exp查询)
http://cn.0day.today/ (oday)
http://xssor.io/ (xss poc大全)
在线web扫描器:
http://webscan.360.cn/
http://site.safedog.cn/index.html
CTF训练:
http://www.shiyanbar.com/ctf/practice (CTF训练营)
https://xss.haozi.me/#/ (xss闯关)
http://oj.xctf.org.cn/web/login/?next=/ (xctf)
http://bobao.360.cn/ctf/index (360CTF训练营 )
http://hackinglab.cn/ (网络安全对抗平台 )
https://pwnhub.cn/ (CTF比赛)
https://www.xctf.org.cn/ (xctf社区)
http://bobao.360.cn/ctf/ (360CTF社区)
https://ctftime.org/ (ctftime社区)
github项目:
https://github.com/ctfs/ (CTFwrite )
https://github.com/powershellempire/empire (powershllempire项目)
https://github.com/adaptivethreat/EmPyre (EmPyre项目)
https://github.com/HarmJ0y/Malleable-C2-Profiles (Malleable-C2-Profiles项目)
https://github.com/Veil-Framework/Veil-Evasion (Veil-Evasion免杀项目)
https://github.com/offensive-security (offensive-security项目)
https://github.com/secretsquirrel/the-backdoor-factory/ (the-backdoor-factory项目)
https://github.com/Veil-Framework/Veil-Evasion/ (Veil-Evasion免杀项目)
https://github.com/x3omdax/PenBox (安全测试框架)
https://github.com/SecWiki (安全文库)
在线常用工具:
http://ip.fbisb.com/ (真实IP地址查询地址)
https://phpinfo.me/domain/ (子域名在线爆破)
http://www.bugbank.cn/dscan/index.html (在线子域名爆破)
https://phpinfo.me/bing.php (在线c段查询)
https://dnsdb.io/zh-cn/ (在线C段查询2)
http://www.yopmail.com/zh/ (一次性使用邮箱)
http://objectif-securite.ch/ (LM破解)
https://www.mailinator.com/ (一次性使用邮箱)
http://tools88.com/safe/vnc.php (在线VNC破解)
https://www.hashkiller.co.uk/ (在线hash破解)
http://tool.chacuo.net/cryptdes (在线解密加密)
http://www.xssed.com/ (xssed平台)
http://xss.cnit.pro/ (cnitxss平台)
http://www.objectif-securite.ch/ (在线LMHASH破解)
http://toolbar.netcraft.com (很好的域名搜索引擎)
http://who.is ( 域名解析记录很好使)
https://cirt.net/passwords (常用设备密码字典)
http://www.webscantest.com/datastore/ (web在线测试练习)
http://www.pinchins.cn/Tools.aspx?ch=Tools (勒索病毒解密工具)
国内社工裤:
http://cha.hx99.net/ (华西社工库)
http://s.70sec.com/ (70sec社工库)
http://so.moonsec.com/index.php (暗月社工库)
http://qq.findmima.com/ (qq密码)
http://www.ckaifang.com/ (查开房数据库)
https://boy.findmima.com/ (查找密码社工库)
http://163.donothackme.club/ (163邮箱社工库)
国外社工裤:
https://www.instantcheckmate.com/
联合账号查询:
http://reg007.com (查询邮箱已注册过的网址)
http://www.zhaohuini.com/ (找回密码)
http://qun.findmima.com/ (群关系)
http://toolsapp.duapp.com/randpw.html (反社工随机密码)
https://www.trustasia.com/tools/ccs-checker/ (css漏洞检查)
http://www.bejson.com/ (json在线验证)
大数据以及端口服务查询:
https://www.zoomeye.org/ (钟道之眼)
https://www.shodan.io/ (shodan查询)
https://www.oshadan.com/ (osshadan查询)
https://www.censys.io/ (censys查询)
http://cn.bing.com/ (必应查询)
https://searchcode.com/ (代码泄露)
CDN查找真实的多ping:
https://asm.ca.com/en/ping.php
http://www.cdnplanet.com/tools/cdnfinder/
http://toolbar.netcraft.com/site_report
http://viewdns.info/iphistory/?domain=
http://www.hosterstats.com/historicaldns.php
http://whoisrequest.com/history/
http://crimeflare.com (查cloudflare真实ip百试不爽)
常用web在线工具:
http://tool.chinaz.com/ (站长工具)
http://whatweb.net/ (网站指纹查询)
https://www.t00ls.net/domain.html (t00ls工具)
MD5在线检查:
http://www.cmd5.com/
http://hashchecker.de/find.html
http://www.objectif-securite.ch/ophcrack.php
http://www.md5this.com/latest.html
http://cracker.offensive-security.com/index.php
http://freerainbowtables.mirror.garr.it/mirrors/freerainbowtables/md5/ (彩虹表)
https://hashkiller.co.uk/md5-decrypter.aspx
http://neeao.com/tools/decode/index_eval.php (gzinflate解密)
在线病毒检测:
http://appscan.360.cn/ (安卓检测)
https://b-chao.com/ (安卓检测)
https://malwr.com/submission/ (病毒分析)
https://www.virustotal.com/ (病毒分析2)
http://virusview.net/search/inde (病毒查询 )
