mdk
/
mdk.fr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

links

This commit is contained in:
Julien Palard 2021-06-18 08:57:55 +02:00
parent e375033f4e
commit fc547c04a8
1 changed files with 75 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
content/pages/bookmarks.md
View File

@ -72,7 +72,70 @@ Date: 2021-05-05 15:21:00
- 🔧 [Temporary email address redirection](jetable.org)
- 🔧 [fsociety — A Modular Penetration Testing Framework](https://github.com/fsociety-team/fsociety)
- 📚 [hackingthe.cloud — Knowledge about cloud, enumeration, exploitation, avoid detection, AWS, azure, GCP...](https://hackingthe.cloud/aws/)
- 🔧 [PDF Tools](https://blog.didierstevens.com/programs/pdf-tools/)
- 📘 [Security books](https://opsecx.com/index.php/security-books/)
- 📚 [Linux Security Tools](https://linuxsecurity.expert/tools/)
- 📚 [Reddit hacking Wiki (podcasts, osint, scanning, cracking, sqli, awesome, red team, phishing)](https://old.reddit.com/r/hacking/wiki/index)
- 📚 [PortSwigger blog](https://portswigger.net/research)
- 📑 [Hacking Tools Cheat Sheet](https://i.redd.it/fviaw8s43q851.jpg)
- 🔧 [ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.](https://github.com/michelin/ChopChop)
- 📑 [The history of Lets'Encrypt](https://blog.acolyer.org/2020/02/12/lets-encrypt-an-automated-certificate-authority-to-encrypt-the-entire-web/)
- 📼 [Root KSK ceremony](https://www.youtube.com/watch?v=erfsFJsapAs)
- 📚 [Network Cheat Sheets (BGP, EIGRP, IPsec, ...)](https://packetlife.net/library/cheat-sheets/)
- 📑 [nmap cheat sheet](https://docs.google.com/document/d/1ekOUND30jr4RmD-QzL5XQUPPoZkbQwJgvuZ7BwlicIE/mobilebasic)
- 📑 [BeEF - The Browser Exploitation Framework Project](https://beefproject.com/)
- 📚 [Password lists](https://github.com/lavalamp-/password-lists.git)
- 📑 [List of the most common french passwords](https://github.com/tarraschk/richelieu)
- 📚 [SecLists — List of usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.](https://github.com/danielmiessler/SecLists.git)
- 📼 [MOOC de l'ANSSI](https://secnumacademie.gouv.fr/)
- 📘 [This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering](http://dfir.org/?q=node/8)
- 📑 [Five Minute Guide to Software Security](https://oneupsecurity.com/research/five-minute-guide-to-software-security)
- 🔧 [Search numbers in a database of 290,695,246 primes and 2,050,312,768 known compisite numbers with known factors](http://factordb.com/)
- 📚 [Collection of articles](http://rafale.org/)
- 📚 [Collection of links](http://www.wawaseb.com/lutile/wsl212.php)
- 🎮 [learn about common mistakes and gotchas when using Amazon Web Services](http://flaws.cloud/)
- [Yes We Hack — bug bounty](https://www.yeswehack.com)
- 🎮 [IRC Puzzles](https://blog.ircpuzzles.org/)
- 📑 [Référentiel général de sécurité](https://www.ssi.gouv.fr/entreprise/reglementation/confiance-numerique/le-referentiel-general-de-securite-rgs/)
- 📑 [Livre Blanc sur la Défense et la Sécurité Nationale](http://www.defense.gouv.fr/content/download/206186/2286591/Livre-blanc-sur-la-Defense-et-la-Securite-nationale%202013.pdf)
- 📑 [haveibeenpwned.com pwned our helpdesk!](https://fyr.io/2020/05/30/haveibeenpwned-com-pwned-our-helpdesk-glpi-9-4-5-sql-injection/)
- 🔧 [JSFuck is an esoteric and educational programming style based on the atomic parts of JavaScript.](http://www.jsfuck.com/)
- 🔧 [Inject javascript into a PDF file](https://github.com/cornerpirate/JS2PDFInjector)
- 📑 [ANSSI](https://www.ssi.gouv.fr/)
- 📑 [Zero trust security model](https://en.wikipedia.org/wiki/Zero_Trust_Networks)
- 📑 [Auditing Algorithms](https://auditingalgorithms.science/)
- - 🔧 [PDF Tools](https://blog.didierstevens.com/programs/pdf-tools/)
- 📘 [Security books](https://opsecx.com/index.php/security-books/)
- 📚 [Linux Security Tools](https://linuxsecurity.expert/tools/)
- 📚 [Reddit hacking Wiki (podcasts, osint, scanning, cracking, sqli, awesome, red team, phishing)](https://old.reddit.com/r/hacking/wiki/index)
- 📚 [PortSwigger blog](https://portswigger.net/research)
- 📑 [Hacking Tools Cheat Sheet](https://i.redd.it/fviaw8s43q851.jpg)
- 🔧 [ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.](https://github.com/michelin/ChopChop)
- 📑 [The history of Lets'Encrypt](https://blog.acolyer.org/2020/02/12/lets-encrypt-an-automated-certificate-authority-to-encrypt-the-entire-web/)
- 📼 [Root KSK ceremony](https://www.youtube.com/watch?v=erfsFJsapAs)
- 📚 [Network Cheat Sheets (BGP, EIGRP, IPsec, ...)](https://packetlife.net/library/cheat-sheets/)
- 📑 [nmap cheat sheet](https://docs.google.com/document/d/1ekOUND30jr4RmD-QzL5XQUPPoZkbQwJgvuZ7BwlicIE/mobilebasic)
- 📑 [BeEF - The Browser Exploitation Framework Project](https://beefproject.com/)
- 📚 [Password lists](https://github.com/lavalamp-/password-lists.git)
- 📑 [List of the most common french passwords](https://github.com/tarraschk/richelieu)
- 📚 [SecLists — List of usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.](https://github.com/danielmiessler/SecLists.git)
- 📼 [MOOC de l'ANSSI](https://secnumacademie.gouv.fr/)
- 📘 [This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering](http://dfir.org/?q=node/8)
- 📑 [Five Minute Guide to Software Security](https://oneupsecurity.com/research/five-minute-guide-to-software-security)
- 🔧 [Search numbers in a database of 290,695,246 primes and 2,050,312,768 known compisite numbers with known factors](http://factordb.com/)
- 📚 [Collection of articles](http://rafale.org/)
- 📚 [Collection of links](http://www.wawaseb.com/lutile/wsl212.php)
- 🎮 [learn about common mistakes and gotchas when using Amazon Web Services](http://flaws.cloud/)
- [Yes We Hack — bug bounty](https://www.yeswehack.com)
- 🎮 [IRC Puzzles](https://blog.ircpuzzles.org/)
- 📑 [Référentiel général de sécurité](https://www.ssi.gouv.fr/entreprise/reglementation/confiance-numerique/le-referentiel-general-de-securite-rgs/)
- 📑 [Livre Blanc sur la Défense et la Sécurité Nationale](http://www.defense.gouv.fr/content/download/206186/2286591/Livre-blanc-sur-la-Defense-et-la-Securite-nationale%202013.pdf)
- 📑 [haveibeenpwned.com pwned our helpdesk!](https://fyr.io/2020/05/30/haveibeenpwned-com-pwned-our-helpdesk-glpi-9-4-5-sql-injection/)
- 🔧 [JSFuck is an esoteric and educational programming style based on the atomic parts of JavaScript.](http://www.jsfuck.com/)
- 🔧 [Inject javascript into a PDF file](https://github.com/cornerpirate/JS2PDFInjector)
- 📑 [ANSSI](https://www.ssi.gouv.fr/)
- 📑 [Zero trust security model](https://en.wikipedia.org/wiki/Zero_Trust_Networks)
- 📑 [SSRF Cheat Sheet & Bypass Techniques](https://highon.coffee/blog/ssrf-cheat-sheet/)
## Cybersecurity/Cryptography
@ -144,6 +207,7 @@ Or from command line with a postgresql client:
- 🎮 [pentesterlab](https://pentesterlab.com/exercises)
- 🎮 [zenk-security](https://www.zenk-security.com/)
- 🎮 [France Cybersecurity Challenge](https://www.france-cybersecurity-challenge.fr/challenges)
- 📑 [Pentesting cheat sheet](https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/#osint)
## Cybersecurity/Reverse
@ -151,42 +215,6 @@ Or from command line with a postgresql client:
- [GEF is a set of commands to assist exploit developers and reverse-engineers when using old school GDB](https://github.com/hugsy/gef/blob/dev/README.md)
## Cybersecurity/Misc
- 🔧 [PDF Tools](https://blog.didierstevens.com/programs/pdf-tools/)
- 📘 [Security books](https://opsecx.com/index.php/security-books/)
- 📚 [Linux Security Tools](https://linuxsecurity.expert/tools/)
- 📚 [Reddit hacking Wiki (podcasts, osint, scanning, cracking, sqli, awesome, red team, phishing)](https://old.reddit.com/r/hacking/wiki/index)
- 📚 [PortSwigger blog](https://portswigger.net/research)
- 📑 [Hacking Tools Cheat Sheet](https://i.redd.it/fviaw8s43q851.jpg)
- 🔧 [ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.](https://github.com/michelin/ChopChop)
- 📑 [The history of Lets'Encrypt](https://blog.acolyer.org/2020/02/12/lets-encrypt-an-automated-certificate-authority-to-encrypt-the-entire-web/)
- 📼 [Root KSK ceremony](https://www.youtube.com/watch?v=erfsFJsapAs)
- 📚 [Network Cheat Sheets (BGP, EIGRP, IPsec, ...)](https://packetlife.net/library/cheat-sheets/)
- 📑 [nmap cheat sheet](https://docs.google.com/document/d/1ekOUND30jr4RmD-QzL5XQUPPoZkbQwJgvuZ7BwlicIE/mobilebasic)
- 📑 [BeEF - The Browser Exploitation Framework Project](https://beefproject.com/)
- 📚 [Password lists](https://github.com/lavalamp-/password-lists.git)
- 📑 [List of the most common french passwords](https://github.com/tarraschk/richelieu)
- 📚 [SecLists — List of usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.](https://github.com/danielmiessler/SecLists.git)
- 📼 [MOOC de l'ANSSI](https://secnumacademie.gouv.fr/)
- 📘 [This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering](http://dfir.org/?q=node/8)
- 📑 [Five Minute Guide to Software Security](https://oneupsecurity.com/research/five-minute-guide-to-software-security)
- 🔧 [Search numbers in a database of 290,695,246 primes and 2,050,312,768 known compisite numbers with known factors](http://factordb.com/)
- 📚 [Collection of articles](http://rafale.org/)
- 📚 [Collection of links](http://www.wawaseb.com/lutile/wsl212.php)
- 🎮 [learn about common mistakes and gotchas when using Amazon Web Services](http://flaws.cloud/)
- [Yes We Hack — bug bounty](https://www.yeswehack.com)
- 🎮 [IRC Puzzles](https://blog.ircpuzzles.org/)
- 📑 [Référentiel général de sécurité](https://www.ssi.gouv.fr/entreprise/reglementation/confiance-numerique/le-referentiel-general-de-securite-rgs/)
- 📑 [Livre Blanc sur la Défense et la Sécurité Nationale](http://www.defense.gouv.fr/content/download/206186/2286591/Livre-blanc-sur-la-Defense-et-la-Securite-nationale%202013.pdf)
- 📑 [haveibeenpwned.com pwned our helpdesk!](https://fyr.io/2020/05/30/haveibeenpwned-com-pwned-our-helpdesk-glpi-9-4-5-sql-injection/)
- 🔧 [JSFuck is an esoteric and educational programming style based on the atomic parts of JavaScript.](http://www.jsfuck.com/)
- 🔧 [Inject javascript into a PDF file](https://github.com/cornerpirate/JS2PDFInjector)
- 📑 [ANSSI](https://www.ssi.gouv.fr/)
- 📑 [Zero trust security model](https://en.wikipedia.org/wiki/Zero_Trust_Networks)
- 📑 [Auditing Algorithms](https://auditingalgorithms.science/)
# Misc
- 📑 [Degoogling my phone](https://piware.de/post/2018-05-01-android-degoogle/)
@ -330,6 +358,16 @@ Or from command line with a postgresql client:
- https://opensourceinfra.org/
- [SDF Public Access UNIX System .. Est. 1987](https://sdf.org)
- [Testinfra — test your infrastructure](https://testinfra.readthedocs.io/en/latest/)
- [vector.dev: Take Control Of Your Observability Data](https://vector.dev/) "successeur" de logstash.
- [graylog](https://www.graylog.fr/) pour centraliser les logs, alternative à ElasticSearch mais pour les logs.
- Pour les métriques système :
[prometheus](https://github.com/prometheus/prometheus/), il faut
oublier munin. Il faut utiliser [Grafana](https://grafana.com/) pour l'affichage.
- [Grafana Node Exporter Full](https://grafana.com/grafana/dashboards/1860)
- postgres : Surveiller LSN Diff, c'est le truc important.
- Pour les métriques métier : Une recherche dans les logs (dans ES / Graylog), ou statsd.
- [Nomad](https://www.nomadproject.io) successeur de Mesos (qui n'est plus maintenu).
- [Clair — Vulnerability Static Analysis for Containers](https://github.com/quay/clair)
# Music