15 个仓库
Defensive strategies against unauthorized access and exploitation.
Explore 15 awesome GitHub repositories matching security & cryptography · Computer Security Principles. Refine with filters or upvote what's useful.
这是一个全面的教育路线图,旨在指导软件工程师掌握计算机科学基础知识并准备技术面试。它提供了一条结构化的、具备依赖感知能力的学习路径,将复杂的计算概念组织成层级化课程,使用户能够通过迭代学习和实践实现,构建专业的工程基础。 该课程将理论知识与职业发展相结合,提供了一个包含书籍、学术论文和视频教程的交叉引用资源索引。它强调通过渐进复杂度分析实现算法效率的标准化,并提供细粒度的模块化主题分解,以促进跨广阔技术领域的专注、增量学习。 除了核心算法和数据结构外,该仓库还涵盖了广泛的能力领域,包括系统架构设计、分布式系统、计算机安全和高级数学建模。它还为整个招聘生命周期提供战略指导,从简历优化和行为面试准备到长期职业成长。 整个知识库作为版本控制的 Markdown 驱动仓库进行维护,允许以平台无关和协作的方式进行技术教育。
Defend against malicious exploitation by applying fundamental security practices to systems and data.
这是一个由社区策划的开源软件目录,专为在私有服务器环境和家庭实验室中部署而设计。它作为发现主流云服务独立自托管替代方案的综合资源,使用户能够保持对数字基础设施的完全数据所有权和控制权。 该目录通过层级分类法构建,将庞大的应用程序集合组织成逻辑类别,范围从媒体管理和数据分析到私有通信和团队生产力工具。它通过协作同行评审流程脱颖而出,社区成员验证每个提交的质量和相关性,以确保目录保持准确和可靠。 该项目涵盖了广泛的能力领域,包括基础设施自动化、基于容器的服务部署和声明式配置管理。这些工具协助用户维护可复现的服务器环境,并管理私有硬件上的复杂服务依赖。 该目录作为版本控制仓库进行维护,确保所有更新和社区驱动的变更都是可追踪且透明的。
Simulates vulnerable services to attract and analyze malicious activity, providing insights into potential security threats.
该项目作为一个中心化的、社区驱动的技术知识和管理资源仓库。它提供了一个结构化的分类体系,将分散的信息聚合到一个可搜索的框架中,支持系统管理员和网络安全从业者的持续学习和快速问题解决。通过映射跨越进攻性安全、基础设施管理和软件开发的资源,它为技能获取和专业参考提供了统一路径。 该项目由命令行优先的设计理念定义,优先考虑基于终端的实用程序和可脚本化的接口,以促进高效的系统管理和可重复的安全工作流。它通过平台无关的方法脱颖而出,维护在不同类 Unix 和云环境中保持适用的文档和操作指南。这种模块化的工具链集成允许用户组合针对特定管理或安全任务定制的自定义环境。 该仓库涵盖了广泛的能力领域,包括用于系统审计、网络管理和基础设施加固的综合工具包。它为网络安全技能发展提供了结构化的学习路径,范围从道德黑客实验室和渗透测试标准到漏洞评估和系统配置最佳实践。该集合还包含广泛的生产力工具、诊断实用程序和教育材料,旨在简化日常维护并增强整体安全态势。
Adopt community-driven security standards and guidelines to build more resilient software applications.
This project is a long-term, curated tech newsletter and digital trend repository designed for software developers and technology enthusiasts. It functions as a knowledge aggregation archive, providing a recurring publication that synthesizes industry insights, technical trends, and cultural commentary to help professionals navigate the evolving landscape of the tech world. The repository distinguishes itself through a structured, chronological file indexing system that maps years of editorial content to a version-controlled directory. By utilizing a git-driven workflow and storing all issues
Summarizes emerging software practices and industry news through expert commentary and curated weekly analysis.
This project is a comprehensive, community-sourced knowledge base designed for security professionals and researchers. It functions as a centralized repository of offensive security techniques, providing a structured collection of exploit payloads, attack vectors, and methodologies for conducting vulnerability assessments and penetration testing. The repository distinguishes itself through a cross-platform payload taxonomy that categorizes exploitation methods by vulnerability type and target environment, enabling rapid lookup during security assessments. It maintains high standards of data i
Compiles a list of essential industry literature covering advanced penetration testing and network security.
This project is a community-maintained, open-access directory of high-quality public datasets. It serves as a centralized reference point for researchers, developers, and data scientists to locate reliable information sources across a wide spectrum of industries and scientific fields. By providing a structured index, the repository facilitates the discovery of data necessary for exploratory analysis, machine learning model training, and the development of data-intensive applications. The directory distinguishes itself through a lightweight, platform-agnostic approach to resource indexing that
Consolidates threat intelligence and vulnerability datasets for security research.
DevOps-Roadmap is a comprehensive educational repository and knowledge base designed to guide technical professionals through the complexities of modern software engineering. It functions as a structured curriculum and reference library, covering the full spectrum of skills required to master system architecture, infrastructure management, and cloud operations. The project distinguishes itself by bridging the gap between high-level architectural design and the practical realities of engineering leadership. It provides curated insights into distributed systems, data consistency, and scalable d
Monitors shifts in developer learning patterns and technology adoption rates to inform strategic decision-making.
This project is a comprehensive, curated directory of cybersecurity resources, software, and documentation designed to support system and network protection. It serves as a centralized knowledge base and index for security professionals, aggregating industry-standard practices and open-source tools across a wide range of technical domains. The repository distinguishes itself by providing a structured collection of methodologies and frameworks for security operations. It covers critical areas including threat intelligence, digital forensics, infrastructure auditing, and vulnerability assessmen
Provides simulated services designed to attract and analyze malicious activity.
This project is a comprehensive, community-driven directory of open-source tools, datasets, and documentation for malware analysis and cybersecurity research. It serves as a centralized index for security professionals and researchers to locate resources for investigating, reverse engineering, and analyzing malicious software. The directory organizes information through a structured taxonomy, covering specialized domains such as memory forensics, network traffic inspection, and honeypot threat research. By aggregating links to external utilities and frameworks, it provides a platform-agnostic
Indexes platforms and environments for deploying honeypots to capture and analyze live malware.
The Web Application Security Testing Guide is an open-source security testing standard and comprehensive framework of procedures for identifying vulnerabilities in web applications and services. It serves as a vulnerability assessment methodology and a web API security audit framework, providing a structured approach for conducting consistent and thorough security audits of web-based software. The project utilizes a methodology-based audit framework and checklist-driven workflows to ensure repeatable discovery and exploitation steps. It organizes security tests through taxonomy-based vulnerab
Serves as a community-driven standard for conducting consistent and thorough audits of web-based software.
这是一个教学资源和手册集合,提供用于保护加密货币资产和数字身份的战略防御框架。它作为一个安全指南,用于减轻基于区块链的漏洞利用、管理数字钱包并实施风险框架以防止数字资产被盗。 该文档提供了关于钱包安全的详细手册,包括私钥管理、硬件钱包的使用以及安全交易签名。它提供了关于反钓鱼防御和识别社会工程策略以避免欺诈性骗局和恶意签名的专门指导。 该框架涵盖了广泛的安全功能,包括设备加固、通过零信任原则进行资产隔离以及智能合约风险审计。它还详细介绍了事件响应协议,例如根本原因分析、取证证据保存以及定位被盗资金的链上资产跟踪。 材料被组织成一套涵盖区块链取证、资产保护和数字风险管理的手册和指南。
Implements defensive strategies such as zero trust and continuous validation to minimize overall asset risk.
Streams full-text of public-domain books directly in the browser without requiring a download.
Talebook is a self-hosted personal ebook library server that allows you to import, organize, and host your ebook collection on the web. It provides a built-in browser-based EPUB reader so you can read books directly without downloading them, and it can push selected ebooks to a Kindle device via email for offline reading. The library catalog is exposed over OPDS, enabling mobile reading apps to browse and download titles. Talebook supports multiple user accounts with social login integration, making it suitable for shared library management among friends or family. It also includes a passcode
Opening EPUB files directly in a web browser with reading controls, eliminating the need to download books beforehand.
This project is a technical interview study guide and computer science learning path. It serves as a structured curriculum and software engineering knowledge base designed to help users prepare for engineering interviews by mastering core technical concepts. The curriculum covers a wide range of domains, including computer science fundamentals, programming language mastery, and software architecture learning. It provides guidance on secure application development and professional development workflows. The educational content includes modules on data structures, networking, database internal
Covers defensive strategies, encryption methods, and authentication protocols to identify and fix application vulnerabilities.
ShuiZe_0x727 是一个开源情报收集框架和攻击面管理工具。它作为一个资产发现引擎和网络情报聚合器,旨在识别面向互联网的资产、映射网络基础设施并可视化总网络暴露情况。 该项目集成了漏洞扫描和敏感数据泄露检测,以识别安全弱点和未经授权的访问点。它结合了网络空间 API 查询、证书日志分析和公共存储库扫描,以提取泄露的凭据、API 密钥和内部管理路径。 该框架提供了自动化信息收集和网络情报研究的功能,利用基于插件的扫描引擎来检测跨 Web 服务和开放端口的漏洞。收集到的资产数据和安全发现被导出为格式化的电子表格,以便进行离线分析和审计。
Queries external network space APIs to identify target assets using titles and organizational fingerprints.