saramazal/ethical-hacking-study
GitHub: saramazal/ethical-hacking-study
一份聚焦道德黑客学习与实践的精选资源列表,解决系统化提升安全技能路径不清晰的问题。
Stars: 20 | Forks: 5
# 道德黑客🤺 (_项目进行中_)
🏆 [我的 TryHackMe 个人资料](https://tryhackme.com/p/maz4l)
 
## 目录: * [课程与实验](#courseslabs) * [工具](#tools) * [代码示例](#code-examples) * [学习语言](#to-learn-languages) * [认证](#certification) * [CTF](#ctf) * [书籍与博客](#booksblogs) * [YouTube](#youtube) ## 课程与实验: - [TryHackMe](https://tryhackme.com) - [免费 TryHackMe 房间](https://github.com/saramazal/ethical-hacking-study/blob/main/free-thm-rooms.md) - [HackTheBox 学院](https://academy.hackthebox.com/login) - [HackTheBox 实验](https://app.hackthebox.com/starting-point) - [安全蓝队:蓝队初级分析师路线(免费)](https://www.securityblue.team/courses/blue-team-junior-analyst-pathway-bundle) - [安全蓝队:渗透测试入门(免费)](https://www.securityblue.team/courses/introduction-to-penetration-testing#domains) - [PWN College](https://pwn.college/) - [TCM 学院](https://academy.tcm-sec.com/courses) - [免费 TCM 学院路径](https://academy.tcm-sec.com/p/learn-penetration-testing-free) - [Professor Messer](https://www.professormesser.com/) - [OWASP](https://owasp.org/#) - [PortSwigger 学院](https://portswigger.net/web-security) - [OWASP Juice Shop](https://owasp.org/www-project-juice-shop/) - [LinuxLearning](https://learning.lpi.org/en/learning-materials/010-160/) - [CISCO 学院](https://www.netacad.com/courses/cybersecurity) - [FreeCodeCamp](https://www.freecodecamp.org/learn/information-security/) - [Codecademy](https://www.codecademy.com/catalog/subject/cybersecurity) - [hacker101](https://www.hacker101.com/) - [PentesterLab](https://pentesterlab.com/) - [Guru99 免费 EH 教程](https://www.guru99.com/ethical-hacking-tutorials.html) - [rootme](https://www.root-me.org/?lang=en) - [OFFENSIVE security](https://www.offensive-security.com) - [Cybrary](https://www.cybrary.it/) ## 工具: ### :bookmark: 侦察与 OSINT: - [ghostshell](https://github.com/saramazal/ghostshell) - [OSINT](https://osintframework.com/) - [Internet Archive](https://archive.org/web/) - [TweetDuck](https://tweetduck.chylex.com/) - [Tineye](https://tineye.com/) - [urlscan](https://urlscan.io/) - [whois](https://who.is/) - [Cover Your Tracks](https://firstpartysimulator.org/) - [BrowserLeaks](https://browserleaks.com/) - [Email Reputation](https://emailrep.io/ ) - [shodan](https://www.shodan.io/) - [';--have i been pwned?](https://haveibeenpwned.com/) - [BuiltWith](https://builtwith.com/) - [Maltego](https://www.maltego.com/?utm_source=paterva.com&utm_medium=referral&utm_campaign=301) - [Harvester](https://www.kali.org/tools/theharvester/) :label: 网络渗透测试: - [Nmap](https://nmap.org/) - [NetCat](https://nmap.org/ncat/) - [Metasploit](https://www.metasploit.com/get-started) - [Metasploit 免费课程](https://www.offensive-security.com/metasploit-unleashed/) - [Nessus](https://www.tenable.com/downloads/nessus?loginAttempted=true) - [Wireshark](https://www.wireshark.org/) :globe_with_meridians: Web 应用渗透测试: - [Nikto](https://www.kali.org/tools/nikto/) - [Burp Suite Community Edition](https://portswigger.net/burp) - [Postman](https://www.postman.com/) :mag: 隐写术: [Stego Tools](https://github.com/saramazal/ethical-hacking-study/tree/main/Code-examples/Steganography) :technologist: 操作系统、浏览器和虚拟机: - [Linux](https://www.linux.org/pages/download/) - 25 个流行的 Linux 发行版。 - [Kali](https://www.kali.org/get-kali/) - [Parrot](https://www.parrotsec.org/) - [BlackArch](https://www.blackarch.org/) - [Brave](https://brave.com/download/) ```浏览器``` - [Tor](https://www.torproject.org/download/) ```浏览器``` - [vmware](https://www.vmware.com/) ```VM``` - [Vbox](https://www.virtualbox.org/) ```VM``` :alembic: 密码学: - [CyberChef](https://cyberchef.org/) - [Hash-identifier](https://gitlab.com/kalilinux/packages/hash-identifier/-/tree/kali/master) - [Hash.com](https://hashes.com/en/decrypt/hash) - [Haiti](https://noraj.github.io/haiti/#/) - [免费密码哈希破解器](https://crackstation.net/) - [SHA256](https://sha256.web-max.ca/index.php#enter) - [Hash 与 Unhash](https://md5hashing.net/hash) - [Cipher Identifier](https://www.dcode.fr/cipher-identifier) - [Base64](https://www.base64decode.org/) - [HashCat](https://hashcat.net/wiki/doku.php?id=example_hashes) - [Brainfuck](https://www.tutorialspoint.com/execute_brainfk_online.php) - [John The Ripper](https://github.com/openwall/john/blob/bleeding-jumbo/doc/INSTALL) - [MD5](https://md5.gromweb.com/) - [Encode/Decode](https://toolbox.googleapps.com/apps/encode_decode/) - [Hash.com](https://hashes.com/en/decrypt/hash) - [Cryptii](https://cryptii.com/pipes/caesar-cipher) - [密码恢复服务](https://www.onlinehashcrack.com/) - [RSA Tool](https://github.com/ius/rsatool) - [ASCII 表](https://www.asciitable.com/) :wrench: - [NIST](https://nvd.nist.gov/search) - [CVE](https://cve.mitre.org/) - [Exploit Database](https://www.exploit-db.com/) - [Rapid7 - 漏洞与利用数据库](https://www.rapid7.com/db/) - [InquestLab](https://labs.inquest.net/) - [MITRE ATT&CK](https://attack.mitre.org/) - [THE UNIFIED KILL CHAIN](https://unifiedkillchain.com/) - [VirusTotal](https://www.virustotal.com/gui/file/a2a4a8436da64246ade25c702a6677ebbb14fc2bd0c6f02d2d7b8d2046e59ecb?nocache=1) - [DFIR 报告](https://thedfirreport.com/) - [any.run](https://any.run/) ## [代码示例](https://github.com/saramazal/ethical-hacking-study/tree/main/Code-examples): _inprogress_ ## 学习语言: :alien: - [Sololearn](https://www.sololearn.com/) - [W3schools](https://www.w3schools.com/) - [FreeCodeCamp](https://www.freecodecamp.org/) - [MDN](https://developer.mozilla.org/en-US/) - [Codecademy](https://www.codecademy.com/catalog) - [Python Institute](https://pythoninstitute.org/) - [LeetCode](https://leetcode.com/) - [Codewars](https://www.codewars.com/) ## 认证: :money_with_wings: - [成为认证道德黑客(C|EH) ](https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/) - [INE Security](https://security.ine.com/) - [HTB 认证渗透测试专家 & HTB 认证漏洞赏金猎人](https://academy.hackthebox.com/preview/certifications) - [TCM PNPT](https://certifications.tcm-sec.com/pnpt/) - [OSCP 认证](
 
## 目录: * [课程与实验](#courseslabs) * [工具](#tools) * [代码示例](#code-examples) * [学习语言](#to-learn-languages) * [认证](#certification) * [CTF](#ctf) * [书籍与博客](#booksblogs) * [YouTube](#youtube) ## 课程与实验: - [TryHackMe](https://tryhackme.com) - [免费 TryHackMe 房间](https://github.com/saramazal/ethical-hacking-study/blob/main/free-thm-rooms.md) - [HackTheBox 学院](https://academy.hackthebox.com/login) - [HackTheBox 实验](https://app.hackthebox.com/starting-point) - [安全蓝队:蓝队初级分析师路线(免费)](https://www.securityblue.team/courses/blue-team-junior-analyst-pathway-bundle) - [安全蓝队:渗透测试入门(免费)](https://www.securityblue.team/courses/introduction-to-penetration-testing#domains) - [PWN College](https://pwn.college/) - [TCM 学院](https://academy.tcm-sec.com/courses) - [免费 TCM 学院路径](https://academy.tcm-sec.com/p/learn-penetration-testing-free) - [Professor Messer](https://www.professormesser.com/) - [OWASP](https://owasp.org/#) - [PortSwigger 学院](https://portswigger.net/web-security) - [OWASP Juice Shop](https://owasp.org/www-project-juice-shop/) - [LinuxLearning](https://learning.lpi.org/en/learning-materials/010-160/) - [CISCO 学院](https://www.netacad.com/courses/cybersecurity) - [FreeCodeCamp](https://www.freecodecamp.org/learn/information-security/) - [Codecademy](https://www.codecademy.com/catalog/subject/cybersecurity) - [hacker101](https://www.hacker101.com/) - [PentesterLab](https://pentesterlab.com/) - [Guru99 免费 EH 教程](https://www.guru99.com/ethical-hacking-tutorials.html) - [rootme](https://www.root-me.org/?lang=en) - [OFFENSIVE security](https://www.offensive-security.com) - [Cybrary](https://www.cybrary.it/) ## 工具: ### :bookmark: 侦察与 OSINT: - [ghostshell](https://github.com/saramazal/ghostshell) - [OSINT](https://osintframework.com/) - [Internet Archive](https://archive.org/web/) - [TweetDuck](https://tweetduck.chylex.com/) - [Tineye](https://tineye.com/) - [urlscan](https://urlscan.io/) - [whois](https://who.is/) - [Cover Your Tracks](https://firstpartysimulator.org/) - [BrowserLeaks](https://browserleaks.com/) - [Email Reputation](https://emailrep.io/ ) - [shodan](https://www.shodan.io/) - [';--have i been pwned?](https://haveibeenpwned.com/) - [BuiltWith](https://builtwith.com/) - [Maltego](https://www.maltego.com/?utm_source=paterva.com&utm_medium=referral&utm_campaign=301) - [Harvester](https://www.kali.org/tools/theharvester/) :label: 网络渗透测试: - [Nmap](https://nmap.org/) - [NetCat](https://nmap.org/ncat/) - [Metasploit](https://www.metasploit.com/get-started) - [Metasploit 免费课程](https://www.offensive-security.com/metasploit-unleashed/) - [Nessus](https://www.tenable.com/downloads/nessus?loginAttempted=true) - [Wireshark](https://www.wireshark.org/) :globe_with_meridians: Web 应用渗透测试: - [Nikto](https://www.kali.org/tools/nikto/) - [Burp Suite Community Edition](https://portswigger.net/burp) - [Postman](https://www.postman.com/) :mag: 隐写术: [Stego Tools](https://github.com/saramazal/ethical-hacking-study/tree/main/Code-examples/Steganography) :technologist: 操作系统、浏览器和虚拟机: - [Linux](https://www.linux.org/pages/download/) - 25 个流行的 Linux 发行版。 - [Kali](https://www.kali.org/get-kali/) - [Parrot](https://www.parrotsec.org/) - [BlackArch](https://www.blackarch.org/) - [Brave](https://brave.com/download/) ```浏览器``` - [Tor](https://www.torproject.org/download/) ```浏览器``` - [vmware](https://www.vmware.com/) ```VM``` - [Vbox](https://www.virtualbox.org/) ```VM``` :alembic: 密码学: - [CyberChef](https://cyberchef.org/) - [Hash-identifier](https://gitlab.com/kalilinux/packages/hash-identifier/-/tree/kali/master) - [Hash.com](https://hashes.com/en/decrypt/hash) - [Haiti](https://noraj.github.io/haiti/#/) - [免费密码哈希破解器](https://crackstation.net/) - [SHA256](https://sha256.web-max.ca/index.php#enter) - [Hash 与 Unhash](https://md5hashing.net/hash) - [Cipher Identifier](https://www.dcode.fr/cipher-identifier) - [Base64](https://www.base64decode.org/) - [HashCat](https://hashcat.net/wiki/doku.php?id=example_hashes) - [Brainfuck](https://www.tutorialspoint.com/execute_brainfk_online.php) - [John The Ripper](https://github.com/openwall/john/blob/bleeding-jumbo/doc/INSTALL) - [MD5](https://md5.gromweb.com/) - [Encode/Decode](https://toolbox.googleapps.com/apps/encode_decode/) - [Hash.com](https://hashes.com/en/decrypt/hash) - [Cryptii](https://cryptii.com/pipes/caesar-cipher) - [密码恢复服务](https://www.onlinehashcrack.com/) - [RSA Tool](https://github.com/ius/rsatool) - [ASCII 表](https://www.asciitable.com/) :wrench: - [NIST](https://nvd.nist.gov/search) - [CVE](https://cve.mitre.org/) - [Exploit Database](https://www.exploit-db.com/) - [Rapid7 - 漏洞与利用数据库](https://www.rapid7.com/db/) - [InquestLab](https://labs.inquest.net/) - [MITRE ATT&CK](https://attack.mitre.org/) - [THE UNIFIED KILL CHAIN](https://unifiedkillchain.com/) - [VirusTotal](https://www.virustotal.com/gui/file/a2a4a8436da64246ade25c702a6677ebbb14fc2bd0c6f02d2d7b8d2046e59ecb?nocache=1) - [DFIR 报告](https://thedfirreport.com/) - [any.run](https://any.run/) ## [代码示例](https://github.com/saramazal/ethical-hacking-study/tree/main/Code-examples): _inprogress_ ## 学习语言: :alien: - [Sololearn](https://www.sololearn.com/) - [W3schools](https://www.w3schools.com/) - [FreeCodeCamp](https://www.freecodecamp.org/) - [MDN](https://developer.mozilla.org/en-US/) - [Codecademy](https://www.codecademy.com/catalog) - [Python Institute](https://pythoninstitute.org/) - [LeetCode](https://leetcode.com/) - [Codewars](https://www.codewars.com/) ## 认证: :money_with_wings: - [成为认证道德黑客(C|EH) ](https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/) - [INE Security](https://security.ine.com/) - [HTB 认证渗透测试专家 & HTB 认证漏洞赏金猎人](https://academy.hackthebox.com/preview/certifications) - [TCM PNPT](https://certifications.tcm-sec.com/pnpt/) - [OSCP 认证](
标签:HackTheBox, Linux 安全, meg, PortSwigger, PWN, Python3.6, TGT, TryHackMe, Web 安全, 二进制发布, 信息安全, 在线课程, 学习资源, 安全培训, 安全认证, 实验环境, 密码学, 应用安全, 开源工具, 手动系统调用, 攻防演练, 数据可视化, 数据展示, 日志审计, 社会工程, 红队, 网络安全, 逆向工具, 隐私保护