A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

收集的文章 https://mrwq.github.io/tools/paper/

适用于一线安服的ctf培训题目，全docker环境一键启动

IAST 灰盒扫描工具

30 days of JavaScript programming challenge is a step-by-step guide to learn JavaScript programming language in 30 days. This challenge may take more than 100 days, please just follow your own pace…

A collection of various awesome lists for hackers, pentesters and security researchers

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Golang for Security Professionals

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

python安全和代码审计相关资料收集 resource collection of python security and code review

BCS（北京网络安全大会）2019 红队行动会议重点内容

Gitbook

BurpSuite using the document and some extensions

1000个PHP代码审计案例(2016.7以前乌云公开漏洞)

tools

Open-Source Security Architecture | 开源安全架构

What the f*ck Python? 😱

KCon is a famous Hacker Con powered by Knownsec Team.

The security tool(project) Set from github。github安全项目工具集合

The OWASP Guide

一个帮你总结所有类型的上传漏洞的靶场

介绍一些安全行业书籍电子版本和PPT,希望有一个方便学习和下载的平台。

upload-labs 上传漏洞靶场的解题方法

DataX是阿里云DataWorks数据集成的开源版本。

SRCHunter一款基于python的开源扫描器

Light-weight system monitor for X, Wayland, and other things, too

Web-Security-Learning

The toolbox of open source scanners - 安全行业从业人员自研开源扫描器合辑👻

💯✅自动化运维平台：CMDB、CI/CD、DevOps、资产管理、任务编排、持续交付、系统监控、运维管理、配置管理