API Documentation Browser

DevDocs
DevDocs github

run devdocs in docker

First, build the image

git clone https://github.com/Thibaut/devdocs.git && cd devdocs 
docker build -t thibaut/devdocs . 

Finally, start a DevDocs container (access http://localhost:9292)

docker run --name devdocs -d -p 9292:9292 thibaut/devdocs 

Sinatra:一个优雅地包装了Web开发的DSL

你相信用100行代码可以实现一个博客吗?用Sinatra框架就可以做到。下面就是这样子的一个Web应用:

Reprise - A Minimalistic Blog 

这个应用的代码:点这里查看

一个简单的hello world的web应用要写多少代码?用Sinatra只需5行代码:

require 'rubygems' 
require 'sinatra' 

get '/' do 
'Hello World' 
end 

安装方法:

$ gem install sinatra 
$ ruby -rubygems hi.rb 

Aaron Patterson和Mike Dalessio开发了一个新的Ruby解析HTML/XML的ruby库 - Nokogiri。他的速度比目前应用的最广泛的Hpricot还要快许多。经过Benchmark测试表明,Nokogiri在加载XML文档的速度是Hpricot的7倍,在XPATH搜索的速度是Hpricot的5倍,而在CSS选择器的搜索上面是Hpricot的1.62倍。

因此Nokogiri被认为有可能取代Hpricot的新一代Ruby的解析库,他能够解析HTML/XML文件,能够提供XPATH支持,CSS选择器支持。安装Nokogiri的办法很简单: gem install nokogiri

dash

作为一名死coder,每天最常见的动作就是查看各种API文档,你一定也有过同时打开N个窗口(HTML、PDF、CHM),不停的在编辑器与文档之间切换的感受吧?怎么说呢,其实我很讨厌这种枯燥无味的动作,那么如何才能提高效率,减少无用功呢?下面就给大家介绍一款非常好用的Mac小工具:Dash,相比这个英文名,我跟喜欢叫它“叮当猫”,嘿嘿。

官方用一句话就概括了它的用途:Dash是一个API文档浏览器( API Documentation Browser),以及代码片段管理工具(Code Snippet Manager)。你没看错,它就只有这两个功能,但确实是程序员(至少对于我来说)最为关心的特性,自己之前也用过了不少类似的工具,可以毫不夸张地说,Dash是它们之中做的最好的一个!
强悍的API文档浏览、搜索功能

想必这个功能是大家最常用的了吧,每天要反复查看、搜索那么多的API细节,没有一个好工具,单靠自己的双手如何应付得来?窗口不停的切来切去,很烦啊!Dash采用集成单一窗口的方式,很好的解决了这个问题

DevDocs Build Status

DevDocs combines multiple API documentations in a fast, organized, and searchable interface.

Keep track of development news:

DevDocs is free and open source. If you like it, please consider supporting my work on Gratipay. Thanks!

Table of Contents: Quick Start · Vision · App · Scraper · Commands · Contributing · License · Questions?

Quick Start

Unless you wish to contribute to the project, I recommend using the hosted version at devdocs.io. It’s up-to-date and works offline out-of-the-box.

DevDocs is made of two pieces: a Ruby scraper that generates the documentation and metadata, and a JavaScript app powered by a small Sinatra app.

DevDocs requires Ruby 2.3.0, libcurl, and a JavaScript runtime supported by ExecJS (included in OS X and Windows; Node.js on Linux). Once you have these installed, run the following commands:

1
2
3
4
5
git clone https://github.com/Thibaut/devdocs.git && cd devdocs
gem install bundler
bundle install
thor docs:download --default
rackup

Finally, point your browser at localhost:9292 (the first request will take a few seconds to compile the assets). You’re all set.

The thor docs:download command is used to download pre-generated documentations from DevDocs’s servers (e.g. thor docs:download html css). You can see the list of available documentations and versions by running thor docs:list. To update all downloaded documentations, run thor docs:download --installed.

Note: there is currently no update mechanism other than git pull origin master to update the code and thor docs:download --installed to download the latest version of the docs. To stay informed about new releases, be sure to watch this repository.

Alternatively, DevDocs may be started as a Docker container:

1
2
3
4
5
6
# First, build the image
git clone https://github.com/Thibaut/devdocs.git && cd devdocs
docker build -t thibaut/devdocs .
# Finally, start a DevDocs container (access http://localhost:9292)
docker run --name devdocs -d -p 9292:9292 thibaut/devdocs

Vision

DevDocs aims to make reading and searching reference documentation fast, easy and enjoyable.

The app’s main goals are to: keep load times as short as possible; improve the quality, speed, and order of search results; maximize the use of caching and other performance optimizations; maintain a clean and readable user interface; be fully functional offline; support full keyboard navigation; reduce “context switch” by using a consistent typography and design across all documentations; reduce clutter by focusing on a specific category of content (API/reference) and indexing only the minimum useful to most developers.

Note: DevDocs is neither a programming guide nor a search engine. All our content is pulled from third-party sources and the project doesn’t intend to compete with full-text search engines. Its backbone is metadata; each piece of content is identified by a unique, “obvious” and short string. Tutorials, guides and other content that don’t meet this requirement are outside the scope of the project.

App

The web app is all client-side JavaScript, written in CoffeeScript, and powered by a small Sinatra/Sprockets application. It relies on files generated by the scraper.

Many of the code’s design decisions were driven by the fact that the app uses XHR to load content directly into the main frame. This includes stripping the original documents of most of their HTML markup (e.g. scripts and stylesheets) to avoid polluting the main frame, and prefixing all CSS class names with an underscore to prevent conflicts.

Another driving factor is performance and the fact that everything happens in the browser. applicationCache (which comes with its own set of constraints) and localStorage are used to speed up the boot time, while memory consumption is kept in check by allowing the user to pick his/her own set of documentations. The search algorithm is kept simple because it needs to be fast even searching through 100,000 strings.

DevDocs being a developer tool, the browser requirements are high:

  1. On the desktop:
    • Recent version of Chrome, Firefox, or Opera
    • Safari 8+
    • IE / Edge 10+
  2. On mobile:
    • iOS 8+
    • Android 4.1+
    • Windows Phone 8+

This allows the code to take advantage of the latest DOM and HTML5 APIs and make developing DevDocs a lot more fun!

Scraper

The scraper is responsible for generating the documentation and index files (metadata) used by the app. It’s written in Ruby under the Docs module.

There are currently two kinds of scrapers: UrlScraper which downloads files via HTTP and FileScraper which reads them from the local filesystem. They both make copies of HTML documents, recursively following links that match a set of rules and applying all sorts of modifications along the way, in addition to building an index of the files and their metadata. Documents are parsed using Nokogiri.

Modifications made to each document include:

  • removing content such as the document structure (<html>, <head>, etc.), comments, empty nodes, etc.
  • fixing links (e.g. to remove duplicates)
  • replacing all external (not scraped) URLs with their fully qualified counterpart
  • replacing all internal (scraped) URLs with their unqualified and relative counterpart
  • adding content, such as a title and link to the original document

These modifications are applied via a set of filters using the HTML::Pipeline library. Each scraper includes filters specific to itself, one of which is tasked with figuring out the pages’ metadata.

The end result is a set of normalized HTML partials and two JSON files (index + offline data). Because the index files are loaded separately by the app following the user’s preferences, the scraper also creates a JSON manifest file containing information about the documentations currently available on the system (such as their name, version, update date, etc.).

More information about scrapers and filters is available on the wiki.

Available Commands

The command-line interface uses Thor. To see all commands and options, run thor list from the project’s root.

```

Server

rackup # Start the server (ctrl+c to stop)
rackup –help # List server options

Docs

thor docs:list # List available documentations
thor docs:download # Download one or more documentations
thor docs:manifest # Create the manifest file used by the app
thor docs:generate # Generate/scrape a documentation
thor docs:page # Generate/scrape a documentation page
thor docs:package # Package a documentation for use with docs:download
thor docs:clean # Delete documentation packages

Console

thor console # Start a REPL
thor console:docs # Start a REPL in the “Docs” module
Note: tests can be run quickly from within the console using the “test” command. Run “help test”
for usage instructions.

Tests

thor test:all # Run all tests
thor test:docs # Run “Docs” tests
thor test:app # Run “App” tests

Assets

thor assets:compile # Compile assets (not required in development mode)
thor assets:clean # Clean old assets

nginx lua waf

ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙

###用途:

防止sql注入,本地包含,部分溢出,fuzzing测试,xss,SSRF等web攻击
防止svn/备份之类文件泄漏
防止ApacheBench之类压力测试工具的攻击
屏蔽常见的扫描黑客工具,扫描器
屏蔽异常的网络请求
屏蔽图片附件类目录php执行权限
防止webshell上传

###推荐安装:

推荐使用lujit2.1做lua支持

ngx_lua如果是0.9.2以上版本,建议正则过滤函数改为ngx.re.find,匹配效率会提高三倍左右。

###使用说明:

nginx安装路径假设为:/usr/local/nginx/conf/

把ngx_lua_waf下载到conf目录下,解压命名为waf

在nginx.conf的http段添加

lua_package_path "/usr/local/nginx/conf/waf/?.lua";
lua_shared_dict limit 10m;
init_by_lua_file  /usr/local/nginx/conf/waf/init.lua; 
access_by_lua_file /usr/local/nginx/conf/waf/waf.lua;

配置config.lua里的waf规则目录(一般在waf/conf/目录下)

RulePath = "/usr/local/nginx/conf/waf/wafconf/"

绝对路径如有变动,需对应修改

然后重启nginx即可

###配置文件详细说明:

RulePath = "/usr/local/nginx/conf/waf/wafconf/"
--规则存放目录
attacklog = "off"
--是否开启攻击信息记录,需要配置logdir
logdir = "/usr/local/nginx/logs/hack/"
--log存储目录,该目录需要用户自己新建,切需要nginx用户的可写权限
UrlDeny="on"
--是否拦截url访问
Redirect="on"
--是否拦截后重定向
CookieMatch = "on"
--是否拦截cookie攻击
postMatch = "on" 
--是否拦截post攻击
whiteModule = "on" 
--是否开启URL白名单
black_fileExt={"php","jsp"}
--填写不允许上传文件后缀类型
ipWhitelist={"127.0.0.1"}
--ip白名单,多个ip用逗号分隔
ipBlocklist={"1.0.0.1"}
--ip黑名单,多个ip用逗号分隔
CCDeny="on"
--是否开启拦截cc攻击(需要nginx.conf的http段增加lua_shared_dict limit 10m;)
CCrate = "100/60"
--设置cc攻击频率,单位为秒.
--默认1分钟同一个IP只能请求同一个地址100次
html=[[Please go away~~]]
--警告内容,可在中括号内自定义
备注:不要乱动双引号,区分大小写

###检查规则是否生效

部署完毕可以尝试如下命令:

curl http://xxxx/test.php?id=../etc/passwd
返回"Please go away~~"字样,说明规则生效。

注意:默认,本机在白名单不过滤,可自行调整config.lua配置

###效果图如下:

sec

###规则更新:

考虑到正则的缓存问题,动态规则会影响性能,所以暂没用共享内存字典和redis之类东西做动态管理。

规则更新可以把规则文件放置到其他服务器,通过crontab任务定时下载来更新规则,nginx reload即可生效。以保障ngx lua waf的高性能。

只记录过滤日志,不开启过滤,在代码里在check前面加上–注释即可,如果需要过滤,反之

###一些说明:

过滤规则在wafconf下,可根据需求自行调整,每条规则需换行,或者用|分割

    args里面的规则get参数进行过滤的
    url是只在get请求url过滤的规则        
    post是只在post请求过滤的规则        
    whitelist是白名单,里面的url匹配到不做过滤        
    user-agent是对user-agent的过滤规则


默认开启了get和post过滤,需要开启cookie过滤的,编辑waf.lua取消部分--注释即可

日志文件名称格式如下:虚拟主机名_sec.log

gitlab 实战笔记

GitLab 是一个用于仓库管理系统的开源项目。

集代码托管,测试,部署于一体。
New integration! Koding + GitLab: one-click to build every project, issue, and merge request in a complete IDE!
image

GitLab CI Runner

Gitlab 代码持续集成插件

1
2
3
openssl genrsa -des3 -out ca.key 1024
openssl rsa -in ca.key -out ca.key
openssl req -new -x509 -key ca.key -out ca.crt -days 999
https://10.88.1.241:20443/
http://10.88.1.241:20080

建立SSL目录,然后拷贝你的证书到SSL目录:

1
2
3
4
# mkdir /etc/gitlab/ssl
# chmod 700 /etc/gitlab/ssl
# cp ca.crt ca.key /etc/gitlab/ssl/
编辑 /etc/gitlab/gitlab.rb 文件,修改成:
1
2
3
4
external_url "https://www.abc.com"
nginx['redirect_http_to_https']=true
nginx['ssl_certificate']="/etc/gitlab/ssl/luck.crt"
nginx['ssl_certificate_key']="/etc/gitlab/ssl/luck.key"

之后使用gitlab-ctlreconfigure重建配置,再修改Nginx配置文件/var/opt/gitlab/nginx/conf/gitlab-http.conf里的默认设置:

listen *:443 default_server;
ssl on;
ssl_certificate /etc/gitlab/ssl/ca.crt;
ssl_certificate_key /etc/gitlab/ssl/ca.key;

接着再创建一个 /var/opt/gitlab/nginx/conf/index.conf文件用来HTTP跳转HTTPS:

server{
listen *:80;
server_name www.abc.com;

rewrite ^(.*)$ https://$host$1;
}
最后修改/var/opt/gitlab/nginx/conf/nginx.conf配置文件,在其中加入以下内容,来载入index.conf:

include/var/opt/gitlab/nginx/conf/index.conf;
include/var/opt/gitlab/nginx/conf/gitlab-http.conf;

RAT(远程访问木马)名为 SpyNote ——这是个可对 Android 系统实现远程监听的工具

SpyNote 能做什么?

SpyNote 实际上是用来创建 Android 恶意程序的工具,最近在不少恶意程序论坛传得特别火。它有一些相当吸引人的特性

  • 不需要获取系统的Root权限;
  • 对通话进行监听;
  • 窃取联系人和信息数据;
  • 通过麦克风记录音;
  • 恶意拨打电话;
  • 安装恶意应用;
  • 获取手机的IMEI码、WiFi MAC地址、无线网络运营商细节;
  • 获取设备最新的GPS地理位置信息;
  • 控制摄像头
    听起来真是不错啊,都不需要 Android 系统做 Root 操作,真这么神?当然了,还是需要手机用户自己给予 SpyNote 这些权限才行,包括编辑短信、访问通话记录、联系人,以及修改、删除SD内容的权限——其实绝大部分用户看到这些权限请求都会毫不犹豫的点“下一步”或“允许”。
    spynote v2

    用Cerbero profiler查看Dalvik字节码

todo

security list

Security list for fun and profit

My initial idea came from this list : http://www.nothink.org/utilities.php

I wanted to update it with my sources, I will probably continue to update and reorganize it in the future.

Awesome lists :+1:

Name URL
Malware analysis https://github.com/rshipp/awesome-malware-analysis/
Incident response https://github.com/meirwah/awesome-incident-response/
Honeypots https://github.com/paralax/awesome-honeypots
PCAP https://github.com/caesar0301/awesome-pcaptools
Network https://github.com/Security-Onion-Solutions/security-onion/wiki/Tools
GNU/Linux workstation https://github.com/lfit/itpol/blob/master/linux-workstation-security.md
GNU/Linux post exploitation https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List
GNU/Linux containers https://github.com/Friz-zy/awesome-linux-containers#security
Android https://github.com/ashishb/android-security-awesome
Web https://github.com/infoslack/awesome-web-hacking
Security list https://github.com/sbilly/awesome-security
Lists of lists of lists https://github.com/t3chnoboy/awesome-awesome-awesome
Other lists of lists of lists https://github.com/geekan/awesome-awesome-awesome


Cheat sheets :+1:

Name URL
Owasp cheat sheet series https://www.owasp.org/index.php/OWASP_Cheat_Sheet_Series
Web application cheat sheet https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet
Pentest monkey http://pentestmonkey.net
Packet life http://packetlife.net/library/cheat-sheets/
Reverse http://r00ted.com/cheat%20sheet%20reverse%20v5.png
SANS Forensic https://digital-forensics.sans.org/community/cheat-sheets
Penetration test https://github.com/jshaw87/Cheatsheets
SQL injection http://websec.ca/kb/sql_injection
LFI https://highon.coffee/blog/lfi-cheat-sheet/
Zeltser’s cheat sheets list https://zeltser.com/cheat-sheets/


Penetration testing :wrench:

Name URL
Owasp Check list https://www.owasp.org/index.php/Testing_Checklist
Owasp testing guide https://www.owasp.org/images/5/52/OWASP_Testing_Guide_v4.pdf
Owasp tools https://www.owasp.org/index.php/Category:OWASP_Tool
Reverse engineering http://wiki.yobi.be/wiki/Reverse-Engineering
Vulnerabilities http://oss-security.openwall.org/wiki/tools
Services enumeration http://www.0daysecurity.com/penetration-testing/enumeration.html - Thx rawger
Informaion gathering http://www.w4rri0r.com/softwares-freeware-shareware-open-source/information-gathering.html
Footprinting http://www.0daysecurity.com/penetration-testing/network-footprinting.html
Web http://www.w4rri0r.com/softwares-freeware-shareware-open-source/web-application-analysis.html
Web vulnerabilities http://www.w4rri0r.com/softwares-freeware-shareware-open-source/vulnerability-assessment.html
SANS Penetration Testing http://pen-testing.sans.org
Great tools list http://wiki.yobi.be/wiki/Table_of_contents#Security
Kali list http://tools.kali.org/tools-listing
BlackArch list https://blackarch.org/tools.html
More tools http://www.cotse.com/tools/
More tools https://github.com/enaqx/awesome-pentest


Exploits and vulnerabilities :door:

Name URL
CVEdetails http://www.cvedetails.com/
CVE.mitre https://cve.mitre.org/
Full disclosure http://seclists.org/fulldisclosure/
CXSecurity https://cxsecurity.com/
Exploit-db http://www.exploit-db.com
Vulnerability-lab http://www.vulnerability-lab.com/
Inj3ct0r http://0day.today/
Backdoor - TCP-32764 https://github.com/elvanderb/TCP-32764
Rapid7 DB https://www.rapid7.com/db/modules/
Intelligent Exploit http://www.intelligentexploit.com
Exploits download http://www.exploitsdownload.com
NIST http://web.nvd.nist.gov/
Security focus http://www.securityfocus.com/vulnerabilities
Country compatibility https://cve.mitre.org/compatible/country.html
Mailing list https://nmap.org/mailman/listinfo/fulldisclosure
Mail received http://lists.openwall.net/full-disclosure/2016/
Mailing list https://lists.debian.org/debian-security-announce/


CTF :triangular_flag_on_post:

Name URL
CTFTIME https://ctftime.org/
Write-ups https://github.com/ctfs
Reddit https://www.reddit.com/r/securityctf
Tools list https://github.com/Laxa/HackingTools
Tools list https://github.com/zardus/ctf-tools
Tools list https://github.com/apsdehal/awesome-ctf
Tinyctf platform https://github.com/balidani/tinyctf-platform
Isislab platform https://github.com/isislab/CTFd
Facebook platform https://github.com/facebook/fbctf
Mellivora platform https://github.com/Nakiami/mellivora


Exercises :mortar_board:

Name URL
Reverse - Malware http://fumalwareanalysis.blogspot.se/p/malware-analysis-tutorials-reverse.html
Network - Malware http://www.malware-traffic-analysis.net/training-exercises.html
Network - Forensic https://www.honeynet.org/node/504
Exploits https://exploit-exercises.com/
Exploits https://thesprawl.org/research/


Security challenges / WarGames :triangular_flag_on_post:

Name URL
Zenk-Security https://www.zenk-security.com/
Root-Me http://www.root-me.org/
Overthewire http://overthewire.org/wargames/
CrackMe.de http://crackmes.de/
Reversing http://reversing.kr/
Pwnable http://pwnable.kr/
Newbiecontest https://www.newbiecontest.org/
OWASP VWAD list https://github.com/OWASP/OWASP-VWAD/blob/master/src/online.tsv
WeChall https://www.wechall.net/
Vulnhub https://www.vulnhub.com/
Net Garage http://io.netgarage.org/
Flare-On http://www.flare-on.com/
SmashTheStack http://smashthestack.org/
Hackthissite http://www.hackthissite.org/
Hack.me https://hack.me
HackThis! http://www.hackthis.co.uk/
PenTestLabs https://lab.thecybershark.com/pentestlabs/5
Backdoor.Sdslabs https://backdoor.sdslabs.co/
Bright-shadows http://www.bright-shadows.net/
SmashTheStack http://smashthestack.org/
Ringzer0team https://ringzer0team.com/challenges
Forensic contest http://forensicscontest.com/puzzles
Dareyourmind http://www.dareyourmind.net
Lost chall http://www.lost-chall.org/
Rankk http://www.rankk.org/
Happy Security http://www.happy-security.de/
Net force https://www.net-force.nl/challenges/
CanYouHack.it http://canyouhack.it/
Hellboundhackers https://www.hellboundhackers.org/
Microcorruption https://microcorruption.com/
More challenges http://captf.com/practice-ctf/


Vulnerable environments :unlock:

Name URL
Owasp list https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project/Pages/Offline
Owasp BWA https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
DVWA http://www.dvwa.co.uk/
WebGoat http://code.google.com/p/webgoat
Metasploitable http://information.rapid7.com
VulnHub http://vulnhub.com/
LampSecurity http://sourceforge.net/projects/lampsecurity/
Dragon https://www.dragonresearchgroup.org/challenges/
Hackademic-RTB1 http://www.aldeid.com/wiki/Hackademic-RTB1
Moth http://www.bonsai-sec.com
Peruggia http://sourceforge.net/projects/peruggia/
XSS play ground http://xssplayground.net23.net/


Books :books:

Name URL
Books list https://github.com/JpGallegos/CySecBooks/


Bug bounty :chocolate_bar:

Name URL
BugCrowd.com https://bugcrowd.com/programs
HackerOne https://hackerone.com
BountyFactory https://bountyfactory.io
Firebounty https://firebounty.com
Bugsheet http://www.bugsheet.com/
BountySource https://www.bountysource.com/
NewsLetter about bug bounty http://bugbountyweekly.com
More bug bounty https://bugcrowd.com/list-of-bug-bounty-programs#


Port scanners :dart:

Name URL
Masscan https://github.com/robertdavidgraham/masscan
Nmap https://nmap.org/7/
Zmap https://zmap.io/
Zgrab https://github.com/zmap/zgrab (Banner Grabber)
Nscan https://github.com/OffensivePython/Nscan
Scanrand https://www.sans.org/security-resources/idfaq/scanrand.php
PFRing https://github.com/ntop/PF_RING - High-speed packet processing framework


Search engines :satellite:

Name URL
ZoomEye https://zoomeye.org/
Shodan https://www.shodan.io/
Censys https://censys.io/
Gegereka http://gegereka.com/ (not always up)


Malicious traffic detection :vertical_traffic_light:

Name URL
Maltrail https://github.com/stamparm/maltrail
Tsusen https://github.com/stamparm/tsusen
Packetbeat https://www.elastic.co/products/beats/packetbeat
p0f http://lcamtuf.coredump.cx/p0f3/


Wide Scans :earth_americas:

Name URL
Scans.io https://scans.io/
Rapid7 Sonar Labs https://sonar.labs.rapid7.com/
Similar projects https://github.com/rapid7/sonar/wiki/Similar-Projects
Defcon conference https://defcon.org/
Blackhat conference https://www.blackhat.com/


Honeypots :honey_pot:

Name URL
Awesome list - All of them ! https://github.com/paralax/awesome-honeypots#honeypots
Live nothink http://www.nothink.org/honeypots.php
Live sshpot http://sshpot.com/


Malware / Botnet sources :angel:

Name URL
Malc0de http://malc0de.com/database/
Malekal http://malwaredb.malekal.com/
Botnet.fr https://www.botnets.fr/wiki/Main_Page
Cybercrime tracker http://cybercrime-tracker.net/
Malshare http://malshare.com
Tracker http://tracker.h3x.eu/
Exposed Botnets http://www.exposedbotnets.com/
VX Vault http://vxvault.siri-urz.net
Open Malware http://openmalware.org/
Total hash https://totalhash.cymru.com/
Contagio http://contagiodump.blogspot.se/
VirusShare http://virusshare.com/
Virusign http://www.virusign.com/
Malware domain list http://www.malwaredomainlist.com
Malware.lu https://malware.lu/
SafeGroup http://www.malware.pl/
NovCon Minotaur http://minotauranalysis.com
Clean MX http://support.clean-mx.de/clean-mx/viruses.php
Edu malrec http://panda.gtisc.gatech.edu/malrec/
Secubox Labs http://secuboxlabs.fr/
Abuse CH https://www.abuse.ch/
Maltrieve https://github.com/technoskald/maltrieve
Malware domain blocklist http://www.malwaredomains.com
Tool Mwcrawler https://github.com/0day1day/mwcrawler
ZeuS Tracker https://zeustracker.abuse.ch
theZoo aka Malware DB https://ytisf.github.io/theZoo/
Malware Analysis course https://github.com/RPISEC/Malware


Malware analysis - Sandbox :mask:

Name URL
Zeltser’s list https://zeltser.com/automated-malware-analysis/
Cuckoo Sandbox https://www.cuckoosandbox.org/
Mastiff https://github.com/KoreLogicSecurity/mastiff
Fastir https://github.com/SekoiaLab/Fastir_Collector
SysAnalyser https://github.com/dzzie/SysAnalyzer
Viper https://github.com/viper-framework/viper
REMnux http://zeltser.com/remnux/
Zeltser analysis http://zeltser.com/reverse-malware/automated-malware-analysis.html
Manalyze https://github.com/JusticeRage/Manalyze
Quarkslab IRMA http://irma.quarkslab.com/
Dorothy2 https://github.com/m4rco-/dorothy2
F-Secure see https://github.com/F-Secure/see
Noriben https://github.com/Rurik/Noriben
Norman http://enterprise.norman.com/analysis
Malheur https://github.com/rieck/malheur
Drakvuf https://github.com/tklengyel/drakvuf
Zero Wine Tryouts http://zerowine-tryout.sourceforge.net/
CWSandbox http://www.cwsandbox.org
RFI sandbox https://monkey.org/~jose/software/rfi-sandbox/
Malwasm https://github.com/malwarelu/malwasm
Androidsandbox http://androidsandbox.net/ (temporarily out of service)


Online malware analysis - Sandbox :mask:

Name URL
Malwr https://malwr.com/submission/
Hybrid analysis https://www.hybrid-analysis.com/
Virscan http://www.virscan.org/
Virusade http://virusade.com/
VirusTotal http://www.virustotal.com/
Malwareconfig http://malwareconfig.com/
Deepviz https://sandbox.deepviz.com/
AVcaesar https://avcaesar.malware.lu/
Detux GNU/Linux sandbox http://detux.org/
Vscan http://vscan.novirusthanks.org/
Mastiff online https://mastiff-online.korelogic.com/
AndroTotal https://andrototal.org/
Comodo http://camas.comodo.com/cgi-bin/submit
VirScan http://r.virscan.org/
Manalyzer https://manalyzer.org/
Document Analyzer http://www.document-analyzer.net/
Malware tracker http://www.cryptam.com/
Metascan https://www.metascan-online.com/
Jotti http://virusscan.jotti.org/it
ViCheck https://www.vicheck.ca/
PDF examiner http://www.pdfexaminer.com/
ThreadExpert http://www.threatexpert.com/submit.aspx
Xecure-lab http://scan.xecure-lab.com/
Randomly changes Win32/64 PE Files https://github.com/secretsquirrel/recomposer
Virus Total Notifier https://github.com/mubix/vt-notify
Other list http://cleanbytes.net/malware-online-scanners
APK Analzyer http://www.apk-analyzer.net/
Joebox Cloud https://jbxcloud.joesecurity.org/login
SandDroid http://sanddroid.xjtu.edu.cn
Tracedroid http://tracedroid.few.vu.nl
MobiSecLab http://akana.mobiseclab.org/


Decoder/Packer/Unpacker :hurtrealbad:

Name URL
URL http://meyerweb.com/eric/tools/dencoder/
HEXdecoder http://ddecode.com/hexdecoder/
JSDetox http://www.relentless-coding.com/projects/jsdetox/
JSNice http://www.jsnice.org/
JSUnpack https://github.com/urule99/jsunpack-n
JSBeautifier http://jsbeautifier.org/
JavaScript Compressor http://dean.edwards.name/packer/
Jjencode http://utf-8.jp/public/jjencode.html
JSFuck http://www.jsfuck.com/
Jsobfuscate http://www.jsobfuscate.com/
Netteleuthe http://www.netteleuthe.de/gc/
PHPdecoder http://ddecode.com/phpdecoder/
PHP encoding http://yehg.net/encoding/
Hackvertor (Tag based decoder/encoder) https://hackvertor.co.uk/public


Forensic - Network :mag:

Name URL
Package forensic-all https://packages.debian.org/jessie-backports/forensics-all
CFReDS http://www.cfreds.nist.gov/
DEFT package http://www.deftlinux.net/package-list/
Tools list http://toolcatalog.nist.gov/populated_taxonomy/index.php
Aldeid list https://www.aldeid.com/wiki/Category:Digital-Forensics
Forensic tools http://forensicswiki.org/wiki/Tools
Forensic Control https://forensiccontrol.com/resources/free-software/
Windows tools list http://forensic-proof.com/tools
Windows Artifact https://blogs.sans.org/computer-forensics/
More forensic links http://www.amanhardikar.com/mindmaps/ForensicChallenges.html
Wireshark extentions https://www.honeynet.org/project/WiresharkExtensions
GNU/Linux monitoring https://blog.serverdensity.com/80-linux-monitoring-tools-know/
Anti forensic Windows https://www.reddit.com/r/security/
Testing Images http://dftt.sourceforge.net/
FR - Zythom list https://zythom.blogspot.se/2007/02/les-outils-dun-expert-judiciaire.html
Write blocker http://www.cftt.nist.gov/software_write_block.htm
Write blocker https://github.com/msuhanov/Linux-write-blocker


Wireless :signal_strength:

Name URL
Awesome wifi tools list https://github.com/0x90/wifi-arsenal
Penetration test http://0daysecurity.com/penetration-testing/wireless-penetration.html
Great wifi map https://wigle.net/
Wireless in airports https://www.google.com/maps/d/viewer?mid=1Z1dI8hoBZSJNWFx2xr_MMxSxSxY


##VOIP :phone:
Name | URL
——————————————- | ———————————————
Penetration test | http://0daysecurity.com/penetration-testing/VoIP-security.html
Penetration test | http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP


Free shell :shell:

Name URL
FreeShells list http://www.freeshells.info/
Devio.us OpenBSD http://devio.us/
Red-pill http://shells.red-pill.eu/


Domain reputation :chart_with_downwards_trend:

Name URL
Domain Analysis https://github.com/rshipp/awesome-malware-analysis/#domain-analysis
Zeltser’s list https://zeltser.com/lookup-malicious-websites/
Alien Vault http://www.alienvault.com
Isithacked http://www.isithacked.com
Sucuri http://sitecheck.sucuri.net/scanner/
Trustedsource http://www.trustedsource.org/
urlQuery http://urlquery.net/search.php
URLVoid http://www.urlvoid.com/
Haveibeenpwned http://haveibeenpwned.com/
IPVoid http://www.ipvoid.com/


Mail utilities :mailbox_with_mail:

Name URL
10 Minute Mail http://10minutemail.com
Spam DB http://www.dnsbl.info/dnsbl-database-check.php
Mxtoolbox http://www.mxtoolbox.com/
Open relay http://www.mailradar.com
Openresolver JP http://www.openresolver.jp/en/
DKIM validator http://dkimvalidator.com/
Email recon https://github.com/laramies/theHarvester
Gophish https://github.com/gophish/gophish
SimplyEmail https://github.com/killswitch-GUI/SimplyEmail
SpeedPhish Framework https://github.com/tatanus/SPF
Phishing Framework https://github.com/pentestgeek/phishing-frenzy
Spam encode secret http://spammimic.com/encode.cgi


Passwords list :key:

Name URL
CrackStation https://crackstation.net
HaskKiller https://hashkiller.co.uk
Default password https://default-password.info/
Default password https://cirt.net/passwords
Skull security https://wiki.skullsecurity.org/Passwords
SecLists https://github.com/danielmiessler/SecLists/tree/master/Passwords
OpenWall http://www.openwall.com/passwords/wordlists/
Packets storm https://packetstormsecurity.com/Crackers/wordlists/
Other list https://github.com/duyetdev/bruteforce-database
Outpost9 http://www.outpost9.com/files/WordLists.html
Cotse http://www.cotse.com/tools/wordlists.htm
CrackStation https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm


Generic utilities :file_folder:

Will be reorganized

Name URL
Linux executable walkthrough https://i.imgur.com/q5nyHp7.png
Windows executable walkthrough https://i.imgur.com/pHjcI.png
Understand your commands http://explainshell.com
Hashes example https://hashcat.net/wiki/doku.php?id=example_hashes
w4rri0r toolbox http://www.w4rri0r.com/
Code analysises https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis
Python tools http://s3ize.blogspot.fr/2012/08/python-tools-for-penetration-testers.html
Tools http://seclist.us/
Sans http://isc.sans.edu/diary/
Security wiki http://oss-security.openwall.org/wiki/
Hackforum http://hackforums.net/
Codepad http://codepad.org/
Browserling http://browserling.com/
GZinflate http://www.tareeinternet.com/scripts/decrypt.php
Hurl http://www.hurl.it/
Magic-net http://www.magic-net.info
MAC_Find http://www.coffer.com/mac_find/
MAC_Search http://hwaddress.com
Mibbit http://www.mibbit.com/
Skype grab http://skypegrab.net/resolver.php
Microsoft security scanner http://www.microsoft.com/security
Microsoft threat http://www.microsoft.com/security
Random data generator http://www.mockaroo.com/
Nmap-parser http://www.nmap-parser.org/
Ping.eu http://ping.eu/
Project Honeypot https://www.projecthoneypot.org/
Router-defaults http://router-defaults.com/
Sandsprite http://sandsprite.com/shellcode_2_exe.php
Uptimerobot http://uptimerobot.com/
Fake ID http://www.fakenamegenerator.com/


Defaced websites / Data leak :ambulance:

Name URL
Zone-H https://zone-h.org/
URL Find http://urlfind.org/
XSSposed https://www.xssposed.org/
Leakedin http://www.leakedin.com/


IP List

Name URL
BGP Toolkit http://bgp.he.net/
Check-host http://check-host.net/
Nirsoft country IP http://www.nirsoft.net/countryip/
Wikiscan http://fr.wikiscan.org/plage-ip
Malicious IP https://zeltser.com/malicious-ip-blocklists/


VPN

Name URL
Comparison https://thatoneprivacysite.net/vpn-comparison-chart/
Location test https://www.dnsleaktest.com/
Location test https://ipleak.net/


Tor resources

Name URL
Tor Project https://www.torproject.org/
Tor know exit nodes https://check.torproject.org/exit-addresses
Tor bulk exit list https://check.torproject.org/cgi-bin/TorBulkExitList.py
Tor status https://torstatus.blutmagie.de/
Tor socks https://gitweb.torproject.org/torsocks.git
Tor hidden services https://www.torproject.org/docs/hidden-services.html.en
Tor Hidden Services search http://www.ahmia.fi
Tor hidden services scanner https://github.com/superp00t/sadonion
Tor Browser Fingerprint https://github.com/jonaslejon/tor-fingerprint
Onion Mail http://onionmail.info/
Tails https://blog.torproject.org/blogs/tails


Web browser test

Name URL
Browser recommendations https://gist.github.com/atcuno/3425484ac5cce5298932
Fingerprint https://amiunique.org/
Amiunique project https://github.com/DIVERSIFY-project/amiunique
Fingerprint https://panopticlick.eff.org/
SSL https://www.ssllabs.com/ssltest/viewMyClient.html
User agent http://whatsmyuseragent.com/
Referer https://www.whatismyreferer.com/
Flash http://isflashinstalled.com/


Fingerprint

Name URL
Robtex https://www.robtex.com/dns/
Netcraft http://www.netcraft.com/
TCP utils http://www.tcpiputils.com/
DNS stuff http://www.dnsstuff.com/
Into dns http://www.intodns.com/
Web archive https://web.archive.org/web/*/
Web cookies http://webcookies.org/cookies/


SSL

Name URL
OWASP tests https://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers
Testssl.sh https://github.com/drwetter/testssl.sh
O-Saft https://www.owasp.org/index.php/O-Saft
SSLyze https://github.com/iSECPartners/sslyze
SSLscan https://github.com/rbsec/sslscan
Qualys SSL Labs https://www.ssllabs.com/ssltest/
Htbridge https://www.htbridge.com/ssl/
SSLAnalyzer Comodoca https://sslanalyzer.comodoca.com/
Freak https://freakattack.com/
Heartbleed http://heartbleed.com/,https://filippo.io/Heartbleed/
Logjam https://weakdh.org/sysadmin.html
Poodle https://poodle.io/,https://www.poodlescan.com/


Fun :trollface:

Name URL
Pwnie Awards http://pwnies.com/nominations/
Dead drops https://deaddrops.com/db/
Malware tech https://intel.malwaretech.com/
The cyber shark https://lab.thecybershark.com/
Norse map http://map.norsecorp.com/
Fire eye map https://www.fireeye.com/cyber-map/threat-map.html
Kaspersky AV map https://cybermap.kaspersky.com/
Kaspersky map https://apt.securelist.com/
Eset map http://www.virusradar.com/
DDoS attacks http://www.digitalattackmap.com/
Sub marine cable http://www.submarinecablemap.com/
Sub marine cable http://submarine-cable-map-2016.telegeography.com/
Sub marine cable http://lifewinning.com/submarine-cable-taps/
Flight radar https://www.flightradar24.com
Fligh aware https://flightaware.com/
World of VNC https://worldofvnc.net/

haskell 资料收集

University of Virginia CS 1501 Lectures

弗吉尼亚大学(University of Virginia) Haskell课程
Introduction to Haskell
University of Virginia CS 1501 Lectures Spring 2013
image

Haskell 开发相关的几个 docker 镜像

提供一个完整的 Haskell 开发编译环境

  • fpco/stack-build (the default) - GHC (patched), tools (stack, cabal-install, happy, alex, etc.), and system developer libraries required to build all Stackage packages.
  • fpco/stack-ghcjs-build - Like stack-build, but adds GHCJS.
  • fpco/stack-full - Includes all Stackage packages pre-installed in GHC’s global package database. These images are over 10 GB!
  • fpco/stack-ghcjs-full - Like stack-full, but adds GHCJS.
  • fpco/stack-run - Runtime environment for binaries built with Stackage. Includes system shared libraries required by all Stackage packages. Does not necessarily include all data required for every use (e.g. has texlive-binaries for HaTeX, but does not include LaTeX fonts), as that would be prohibitively large. Based on phusion/baseimage.
    FP Complete also builds custom variants of these images for their clients.