# pentest_book **Repository Path**: asdhasui/pentest_book ## Basic Information - **Project Name**: pentest_book - **Description**: 介绍一些安全行业书籍电子版本和PPT,希望有一个方便学习和下载的平台。 - **Primary Language**: Unknown - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 1 - **Created**: 2024-10-12 - **Last Updated**: 2024-10-12 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README ## 红日攻防实验室 ### 介绍一些安全行业书籍电子版本和PPT,希望给学安全行业人群,有一个方便学习和下载的平台。在线安全书籍网址。 - Web安全书籍 - Wi-Fi安全书籍 - POC编写安全书籍 - PHP代码审计安全书籍 - Android安全书籍 - Python编程书籍 - 安全会议PPT - 安全观察Paper - 渗透测试书籍 - 网络安全分析书籍 - 逆向安全书籍 - 社会工程师书籍 - 更多内容请查看该博客和论坛 + [加入红日安全团队](http://sec-redclub.com/team/) + [红日安全论坛](http://bbs.sec-redclub.com/hr/forum.php) - 书籍资源主要是网上收集整理,别外有一些红日安全专刊以及书籍。多做一些公益上的事情,可以让更多的人看到,如果这个项目帮助到你,*请点击`Star`对我们支持,后续让我们做的更好。 # 在线安全书籍网址 ## 红日安全Papers * [Hongri-Online-Security-Papers](http://sec-redclub.com/index.php/archives/794/) - Hr-Papers|宽字节注入深度讲解 ## 红日安全专刊 * [Hongri-Online-Security-Book](http://sec-redclub.com/index.php/archives/765/) - 红日Web安全新手入门专刊(第一期) ## 安全优秀电子Papers * [Online-Security-GoodPapers](https://pan.baidu.com/s/1Fd5SoJnxPMBpkyUvUIjpIg) - 2017滴滴安全大会PPT公开下载 * [Online-Security-GoodPapers](https://pan.baidu.com/s/1bSAETpzWjajJ3TAQaIYrcw) - 2018美团点评技术年货(合辑) * [Online-Security-GoodPapers](https://pan.baidu.com/s/1yWWS5NyZeUqsFsYUBBULOg) - 携程技术2017年度合辑 * [Online-Security-GoodPapers](http://www.yunzhan365.com/81050356.html) - 2017绿盟网络安全观察 * [Online-Security-GoodPapers](http://www.aqniu.com/industry/27019.html) - 网络安全行业全景图 * [Online-Security-GoodPapers](https://pan.baidu.com/s/1eR2ZruM) - 网络安全行业研究报告 * [Online-Security-GoodPapers](https://pan.baidu.com/s/1XinlJcGbqmC4QV4JGy_ugw) -百度2017技术精选专刊 * [Online-Security-GoodPapers](https://pan.baidu.com/s/1XinlJcGbqmC4QV4JGy_ugw) -白帽学习之路-猪猪侠 * [Online-Security-GoodPapers](https://pan.baidu.com/s/1XinlJcGbqmC4QV4JGy_ugw) -自动化打造你的SSRF之路-猪猪侠 * [Online-Security-GoodPapers](https://pan.baidu.com/s/10Su8jfrpACZx4l38zaJi2Q) -自动化攻击背景下的过去、现在与未来-猪猪侠 * [Online-Security-GoodPapers](https://pan.baidu.com/s/17YitEZNI5rgdCRzhJNZT8A) -与业务融合的漏洞检测之路-猪猪侠 ## Web安全书籍 * [Online-WebBook](https://pan.baidu.com/s/1YBt3sZKsqoG7Gef_p22upw) - SQL基础教程 * [Online-WebBook](https://pan.baidu.com/s/1Cd7gVOJDkuitoSIqgAlLTA) - SQL注入攻击与防御 * [Online-WebBook](https://www.gitbook.com/book/wizardforcel/web-hacking-101/details) - Web Hacking 101 中文版 * [Online-WebBook](https://wizardforcel.gitbooks.io/kali-linux-web-pentest-cookbook/content/) - Kali Linux Web渗透测试秘籍 中文版 * [Online-WebBook](https://www.gitbook.com/book/t0data/burpsuite/details) - Kali Linux burpsuite实战指南 * [Online-WebBook](http://www.kanxue.com/?article-read-1108.htm=&winzoom=1) - 渗透测试Node.js应用 * [Online-WebBook](https://github.com/qazbnm456/awesome-web-security) - Web安全资料和资源列表 * [Online-WebBook](https://www.gitbook.com/book/wizardforcel/kali-linux-web-pentest-cookbook/details) - Kali Linux Web 渗透测试秘籍 中文版 * [Online-WebBook](https://pan.baidu.com/s/1hs3Rwxe) - 做好新型信息技术发展应用的信息安全等级保护工作 * [Online-WebBook](http://pan.baidu.com/s/1eStgj3k) - 欺骗的艺术 * [Online-WebBook](https://pan.baidu.com/s/1mi3d1Q4) - HTTP权威指南 * [Online-WebBook](https://pan.baidu.com/s/1c183nY4) - Web安全渗透剖析 * [Online-WebBook](https://pan.baidu.com/s/1nvzDCDF) - Web前端黑客技术揭秘 * [Online-WebBook](https://pan.baidu.com/s/1nvke9ML) - Web应用安全威胁与防治 * [Online-WebBook](https://pan.baidu.com/s/1gfiUWiJ) - Web应用漏洞侦测与防御 * [Online-WebBook](https://pan.baidu.com/s/1jInHjoy) - 白帽子讲web安全 * [Online-WebBook](https://pan.baidu.com/s/1c2awlR6) - 黑客渗透笔记完整版 ## Wi-Fi安全书籍 * [Online-Wi-FiBook](https://www.gitbook.com/book/wizardforcel/kali-linux-wireless-pentest/details) - Kali Linux 无线渗透测试入门指南 中文版 * [Online-Wi-FiBook](http://pan.baidu.com/s/1nuRN6Sp) - 无线网络安全攻防实战进阶 ## POC编写安全书籍 * [Online-PocBook](https://poc.evalbug.com/index.html) - PoC 编写指南 ## PHP代码审计安全书籍 * [Online-CodeBook](https://phpaudit.books.virzz.com/) - PHP代码审计 * [Online-CodeBook](https://wizardforcel.gitbooks.io/php-common-vulnerability/content/) - 论PHP常见的漏洞 ## Android安全书籍 * [Online-AndroidBook](https://wizardforcel.gitbooks.io/lpad/content/) - Android 渗透测试学习手册 中文版 * [Online-AndroidBook](https://pan.baidu.com/s/1jI3h7b4) - Android 渗透测试攻防实战中文版 * [Online-AndroidBook](https://pan.baidu.com/s/1kVsVYlD) - OWASP TOP10移动安全漏洞(安卓) ## Python编程书籍 * [Online-PythonBook](https://pan.baidu.com/s/1bulcCwciCaRr1Ocrjgf82g) - Python基础教程(第2版) * [Online-PythonBook](https://pan.baidu.com/s/1Ncwt9ORBtMDZFLrcnkqqzw) - Python灰帽子 * [Online-PythonBook](http://pan.baidu.com/s/1b65k9S) - Python安全编程 * [Online-PythonBook](https://piaosanlang.gitbooks.io/spiders/content/01day/section1.1.html) - Python爬虫书籍 * [Online-PythonBook](https://aceld.gitbooks.io/python/content/) - Python高级与网络编程 * [Online-PythonBook](https://www.gitbook.com/book/wizardforcel/py-sec-tutorial/details) - Python 安全编程教程 * [Online-PythonBook](https://pan.baidu.com/s/1o8JUwFS) - Python Web开发 * [Online-PythonBook](https://pan.baidu.com/s/1eS07Q8M) - Python Web开发实战 * [Online-PythonBook](https://pan.baidu.com/s/1hsnCA8G) - Python 网络攻防实战 ## 安全会议PPT * [Online-Conference](https://pan.baidu.com/s/1gf05AWN) - 2012-2017安全会议资料 * [Online-Conference](https://www.blackhat.com/us-17/briefings.html) - Black Hat USA 2017 议题 PPT * [Online-Conference](https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/?C=S&O=D) - defcon 2017 PPT * [Online-Conference](http://www.owasp.org.cn/OWASP_Conference/owasp-2017yzfh/fhyc) - OWASP亚洲峰会 2017 PPT ## 安全运维 * [Online-Report](https://pan.baidu.com/s/1hsgQYpQ) - 日志分析技巧分享 * [Online-Report](https://pan.baidu.com/s/1o81D6x8) - 日志管理与分析权威指南 ## 渗透测试书籍 * [安全客2017季刊第一期电子书](http://bobao.360.cn/download/book/security-geek-2017-q1.pdf) * [安全客2017季刊第二期电子书](http://bobao.360.cn/download/book/security-geek-2017-q2.pdf) * [Kali Linux 中文文档](https://wizardforcel.gitbooks.io/kali-linux-doc/content/index.html) * [Kali Linux 秘籍 中文版](https://www.gitbook.com/book/wizardforcel/kali-linux-cookbook/details) * [大学霸 Kali Linux 安全渗透教程](https://www.gitbook.com/book/wizardforcel/daxueba-kali-linux-tutorial/details) * [Kali Linux 秘籍 中文版](https://www.gitbook.com/book/wizardforcel/kali-linux-cookbook/details) * [Metasploit v4 POC 上手指南](https://wizardforcel.gitbooks.io/metasploit-manual/content/) * [Nmap 参考指南](https://wizardforcel.gitbooks.io/nmap-man-page/content/) * [Wireshark 用户手册](https://wizardforcel.gitbooks.io/wireshark-manual/content/) * [灰帽攻击安全手册](http://pan.baidu.com/s/1nuLHSbn) * [Nessus中文指南](http://pan.baidu.com/s/1boLwtT9) * [Nmap渗透测试指南](https://pan.baidu.com/s/1slDI9Md) * [高度安全环境下的高级渗透测试](https://pan.baidu.com/s/1eRHSBDo) * [揭秘家用路由器0day漏洞挖掘技术](https://pan.baidu.com/s/1pKKXXr1) * [渗透测试实践指南:必知必会的工具与方法](https://pan.baidu.com/s/1kUS7N6Z) * [渗透测试实践指南:必知必会的工具与方法](https://pan.baidu.com/s/1o8eCSXk) * [The Art of Exploitation by Jon Erickson, 2008](https://www.nostarch.com/hacking2.htm) * [Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011](https://www.nostarch.com/metasploit) * [Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014](https://www.nostarch.com/pentesting) * [Rtfm: Red Team Field Manual by Ben Clark, 2014](http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/) * [The Hacker Playbook by Peter Kim, 2014](http://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1494932636/) * [The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013](https://www.elsevier.com/books/the-basics-of-hacking-and-penetration-testing/engebretson/978-1-59749-655-1) * [Professional Penetration Testing by Thomas Wilhelm, 2013](https://www.elsevier.com/books/professional-penetration-testing/wilhelm/978-1-59749-993-4) * [Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012](http://www.packtpub.com/networking-and-servers/advanced-penetration-testing-highly-secured-environments-ultimate-security-gu) * [Violent Python by TJ O'Connor, 2012](https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6) * [Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007](http://www.fuzzing.org/) * [Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014](http://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900) * [Penetration Testing: Procedures & Methodologies by EC-Council, 2010](http://www.amazon.com/Penetration-Testing-Procedures-Methodologies-EC-Council/dp/1435483677) * [Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010](http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security-ebook/dp/B005DIAPKE) * [Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014](http://www.amazon.com/Advanced-Persistent-Threat-Hacking-Organization/dp/0071828362) * [Bug Hunter's Diary by Tobias Klein, 2011](https://www.nostarch.com/bughunter) * [0day安全:软件漏洞分析技术(第2版)](https://pan.baidu.com/s/1dFJFzzF) ## 网络安全分析书籍 * [Kali Linux 网络扫描秘籍 中文版](https://www.gitbook.com/book/wizardforcel/kali-linux-network-scanning-cookbook/details) * [网络安全与攻击工具](https://www.gitbook.com/book/aceld/attack-tool/details) * [企业网网络安全系统](https://pan.baidu.com/s/1slNROG9) * [下一代网络安全.思科中国](https://pan.baidu.com/s/1jHDG3Dc) * [图解TCP IP第5版](https://pan.baidu.com/s/1pLa6ZeN) * [网络扫描技术揭秘](https://pan.baidu.com/s/1b87tvC) * [网络硬件设备完全技术宝典(第3版)](https://pan.baidu.com/s/1bphbjrT) * [Nmap Network Scanning by Gordon Fyodor Lyon, 2009](https://nmap.org/book/) * [Practical Packet Analysis by Chris Sanders, 2011](https://www.nostarch.com/packet2.htm) * [Wireshark Network Analysis by by Laura Chappell & Gerald Combs, 2012](https://www.amazon.com/Wireshark-Network-Analysis-Second-Certified/dp/1893939944) * [Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff & Jonathan Ham, 2012](http://www.amazon.com/Network-Forensics-Tracking-Hackers-Cyberspace-ebook/dp/B008CG8CYU/) * [黑客大追踪:网络取证核心原理和实践](https://pan.baidu.com/s/1bpAqzr5) ## 逆向安全书籍 * [IDA Pro权威指南 (第2版)](https://pan.baidu.com/s/1i4RVQqL) * [捉虫日记](https://pan.baidu.com/s/1hrVvH7A) * [缓冲区溢出攻击-检测,剖析与预防](http://pan.baidu.com/s/1c2jGITq) * [Python灰帽子:黑客与逆向工程师的Python编程之道](https://pan.baidu.com/s/1dFCfezJ) * [android逆向菜鸟速参手册完蛋版](https://pan.baidu.com/s/1kVKGqgR) * [Android软件安全与逆向分析](https://pan.baidu.com/s/1eSL61Po) * [逆向工程核心原理](http://pan.baidu.com/s/1jI7RfXs) * [恶意代码分析实战](http://pan.baidu.com/s/1jI5jmD4 ) * [逆向工程核心原理](http://pan.baidu.com/s/1jI7RfXs) * [Reverse Engineering for Beginners by Dennis Yurichev](http://beginners.re/) * [Hacking the Xbox by Andrew Huang, 2003](https://www.nostarch.com/xbox.htm) * [The IDA Pro Book by Chris Eagle, 2011](https://www.nostarch.com/idapro2.htm) * [Practical Reverse Engineering by Bruce Dang et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html) * [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386) ## 社会工程师书籍 * [The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0471237124.html) * [The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764569597.html) * [Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011](http://www.hachettebookgroup.com/titles/kevin-mitnick/ghost-in-the-wires/9780316134477/) * [No Tech Hacking by Johnny Long & Jack Wiles, 2008](https://www.elsevier.com/books/no-tech-hacking/mitnick/978-1-59749-215-7) * [Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470639539.html) * [Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118608577.html) * [Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014](https://www.mhprofessional.com/product.php?isbn=0071818464) ## 推荐书籍列表 * [Online-JD](https://search.jd.com/Search?keyword=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&enc=utf-8&wq=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&pvid=568d8bbd4bc94aea82b950c9635958fb) * [online-新手推荐](https://www.zybuluo.com/sysyz/note/842112)