├── CSRF └── readme.txt ├── Command Injection └── readme.txt ├── DDOS ├── DDOS-TOOlS │ └── README.txt └── README.txt ├── Doc ├── BOOKS │ ├── readme.txt │ ├── 《Kali Linux渗透测试技术实战》.txt │ ├── 《Kali Linux高级渗透测试》.txt │ ├── 《Metasploit渗透测试指南》.txt │ ├── 《Python绝技--运用Python成为顶级黑客》.txt │ ├── 《Python黑帽子 黑客与渗透测试编程之道》.txt │ ├── 《大中型网络入侵要案直击与防御》.txt │ ├── 《漏洞战争:软件漏洞分析精要》.txt │ ├── 《白帽子讲Web安全》.txt │ ├── 《黑客攻防:实战加密与解密》.txt │ ├── 《黑客攻防技术宝典:Web实战篇》.txt │ ├── 《黑客攻防技术宝典:浏览器实战篇》.txt │ └── 《黑客秘籍:渗透测试实用指南》.txt ├── Parameter injection │ └── Parameter_injection_safe_request.txt ├── SecurityCheckList │ ├── API-Security-Checklist.txt │ ├── Readme.txt │ └── checklist1.txt ├── WEB安全网站.txt ├── basic-knowledge │ ├── SSL-TLS │ │ └── readme.txt │ ├── http.txt │ └── https.md ├── readme.txt ├── vulnerabilities-stats.txt ├── 反向连接思路.txt ├── 常见应用漏洞的端口利用.txt ├── 渗透测试流程1.txt └── 渗透测试流程2.txt ├── File Inclusion └── readme.txt ├── File Upload └── readme.txt ├── Password Decrypt ├── CommonPasswordList │ ├── password-10k.txt │ └── readme.txt ├── FTP弱密码破解.py ├── SSH弱密码破解.txt ├── SocialEngineerPasswordList │ └── readme.txt ├── Zip文件的暴力破解.py ├── hydra.sh ├── readme.txt └── 优化批量破解shadow.txt ├── README.txt ├── SQL Injection ├── README.txt └── sqlmap+burpsuite.txt ├── SSRF └── readme.txt ├── WEB-VulnerabilityDB ├── Tomcat.txt ├── readme.txt └── 常见应用漏洞的端口利用.txt ├── XSS ├── README.txt ├── XSS-PAYLOADS │ └── xss-payload-list.html └── XSS-TOOLS │ └── README.txt └── XXE └── readme.txt /CSRF/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/CSRF/readme.txt -------------------------------------------------------------------------------- /Command Injection/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Command Injection/readme.txt -------------------------------------------------------------------------------- /DDOS/DDOS-TOOlS/README.txt: -------------------------------------------------------------------------------- 1 | ddos-tools 2 | -------------------------------------------------------------------------------- /DDOS/README.txt: -------------------------------------------------------------------------------- 1 | DDOS 2 | -------------------------------------------------------------------------------- /Doc/BOOKS/readme.txt: -------------------------------------------------------------------------------- 1 | 整理下对渗透测试特别有帮助的书籍资料: 2 | -------------------------------------------------------------------------------- /Doc/BOOKS/《Kali Linux渗透测试技术实战》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《Kali Linux渗透测试技术实战》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《Kali Linux高级渗透测试》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《Kali Linux高级渗透测试》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《Metasploit渗透测试指南》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《Metasploit渗透测试指南》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《Python绝技--运用Python成为顶级黑客》.txt: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /Doc/BOOKS/《Python黑帽子 黑客与渗透测试编程之道》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《Python黑帽子 黑客与渗透测试编程之道》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《大中型网络入侵要案直击与防御》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《大中型网络入侵要案直击与防御》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《漏洞战争:软件漏洞分析精要》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《漏洞战争:软件漏洞分析精要》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《白帽子讲Web安全》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《白帽子讲Web安全》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《黑客攻防:实战加密与解密》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《黑客攻防:实战加密与解密》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《黑客攻防技术宝典:Web实战篇》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《黑客攻防技术宝典:Web实战篇》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《黑客攻防技术宝典:浏览器实战篇》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《黑客攻防技术宝典:浏览器实战篇》.txt -------------------------------------------------------------------------------- /Doc/BOOKS/《黑客秘籍:渗透测试实用指南》.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/BOOKS/《黑客秘籍:渗透测试实用指南》.txt -------------------------------------------------------------------------------- /Doc/Parameter injection/Parameter_injection_safe_request.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/Parameter injection/Parameter_injection_safe_request.txt -------------------------------------------------------------------------------- /Doc/SecurityCheckList/API-Security-Checklist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/SecurityCheckList/API-Security-Checklist.txt -------------------------------------------------------------------------------- /Doc/SecurityCheckList/Readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/SecurityCheckList/Readme.txt -------------------------------------------------------------------------------- /Doc/SecurityCheckList/checklist1.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/SecurityCheckList/checklist1.txt -------------------------------------------------------------------------------- /Doc/WEB安全网站.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/WEB安全网站.txt -------------------------------------------------------------------------------- /Doc/basic-knowledge/SSL-TLS/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/basic-knowledge/SSL-TLS/readme.txt -------------------------------------------------------------------------------- /Doc/basic-knowledge/http.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/basic-knowledge/http.txt -------------------------------------------------------------------------------- /Doc/basic-knowledge/https.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/basic-knowledge/https.md -------------------------------------------------------------------------------- /Doc/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/readme.txt -------------------------------------------------------------------------------- /Doc/vulnerabilities-stats.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/vulnerabilities-stats.txt -------------------------------------------------------------------------------- /Doc/反向连接思路.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/反向连接思路.txt -------------------------------------------------------------------------------- /Doc/常见应用漏洞的端口利用.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/常见应用漏洞的端口利用.txt -------------------------------------------------------------------------------- /Doc/渗透测试流程1.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/渗透测试流程1.txt -------------------------------------------------------------------------------- /Doc/渗透测试流程2.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Doc/渗透测试流程2.txt -------------------------------------------------------------------------------- /File Inclusion/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/File Inclusion/readme.txt -------------------------------------------------------------------------------- /File Upload/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/File Upload/readme.txt -------------------------------------------------------------------------------- /Password Decrypt/CommonPasswordList/password-10k.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Password Decrypt/CommonPasswordList/password-10k.txt -------------------------------------------------------------------------------- /Password Decrypt/CommonPasswordList/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Password Decrypt/CommonPasswordList/readme.txt -------------------------------------------------------------------------------- /Password Decrypt/FTP弱密码破解.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Password Decrypt/FTP弱密码破解.py -------------------------------------------------------------------------------- /Password Decrypt/SSH弱密码破解.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Password Decrypt/SSH弱密码破解.txt -------------------------------------------------------------------------------- /Password Decrypt/SocialEngineerPasswordList/readme.txt: -------------------------------------------------------------------------------- 1 | 利用社会工程学生成弱密码字典 2 | 3 | -------------------------------------------------------------------------------- /Password Decrypt/Zip文件的暴力破解.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Password Decrypt/Zip文件的暴力破解.py -------------------------------------------------------------------------------- /Password Decrypt/hydra.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Password Decrypt/hydra.sh -------------------------------------------------------------------------------- /Password Decrypt/readme.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Password Decrypt/readme.txt -------------------------------------------------------------------------------- /Password Decrypt/优化批量破解shadow.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/Password Decrypt/优化批量破解shadow.txt -------------------------------------------------------------------------------- /README.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/README.txt -------------------------------------------------------------------------------- /SQL Injection/README.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/SQL Injection/README.txt -------------------------------------------------------------------------------- /SQL Injection/sqlmap+burpsuite.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/SQL Injection/sqlmap+burpsuite.txt -------------------------------------------------------------------------------- /SSRF/readme.txt: -------------------------------------------------------------------------------- 1 | SSRF 2 | 简介:服务器端请求伪造 3 | -------------------------------------------------------------------------------- /WEB-VulnerabilityDB/Tomcat.txt: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /WEB-VulnerabilityDB/readme.txt: -------------------------------------------------------------------------------- 1 | WEB安全框架漏洞整理 2 | -------------------------------------------------------------------------------- /WEB-VulnerabilityDB/常见应用漏洞的端口利用.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/WEB-VulnerabilityDB/常见应用漏洞的端口利用.txt -------------------------------------------------------------------------------- /XSS/README.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/XSS/README.txt -------------------------------------------------------------------------------- /XSS/XSS-PAYLOADS/xss-payload-list.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jidongdeatao/WebSecurity/HEAD/XSS/XSS-PAYLOADS/xss-payload-list.html -------------------------------------------------------------------------------- /XSS/XSS-TOOLS/README.txt: -------------------------------------------------------------------------------- 1 | 检测XSS的工具 2 | -------------------------------------------------------------------------------- /XXE/readme.txt: -------------------------------------------------------------------------------- 1 | XXE 2 | 最近爆出影响广泛的漏洞也就是微信支付漏洞了 3 | --------------------------------------------------------------------------------