the-book-of-secret-knowledge/README.md
trimstray 8371148baf updated 'Web Tools' chapter
- signed-off-by: trimstray <trimstray@gmail.com>
2018-06-28 09:33:37 +02:00

11 KiB
Raw Blame History

Master


A collection of awesome lists, manuals, blogs, hacks and tools for Awesome Ninja Admins.


Branch Awesome Status License

Created by trimstray and contributors


Who is Ninja Admins?

  • race of pure evil who rule the network through a monarchistic feudelic system
  • they never opened the door for strangers (or anyone at all)
  • they know very nasty piece of code like a fork bombs
  • they can make dd is not a disk destroyer
  • they know that #!/usr/bin/env bash superior to #!/bin/bash
  • they know that su - logs in completely as root
  • they love the old admin nix-world

Ninja Admins Collection

CLI Tools

  🔸 Oh My ZSH! - the best framework for managing your Zsh configuration.
  🔸 bash-it - a community Bash framework.
  🔸 Midnight Commander - visual file manager, licensed under GNU General Public License.
  🔸 screen - full-screen window manager that multiplexes a physical terminal.
  🔸 tmux - terminal multiplexer, lets you switch easily between several programs in one terminal.
  🔸 Curl - command line tool and library for transferring data with URLs.
  🔸 HTTPie - a user-friendly HTTP client.
  🔸 gnutls-cli - client program to set up a TLS connection to some other computer.
  🔸 netcat - networking utility which reads and writes data across network connections, using the TCP/IP protocol.
  🔸 tcpdump - powerful command-line packet analyzer.
  🔸 pgcli - postgres CLI with autocompletion and syntax highlighting.

Web Tools

  🔸 SSL Server Test - free online service performs a deep analysis of the configuration of any SSL web server.
  🔸 SSL Server Test (DEV) - free online service performs a deep analysis of the configuration of any SSL web server.
  🔸 ImmuniWeb® SSLScan - test SSL/TLS (PCI DSS, HIPAA and NIST).
  🔸 Security Headers - analyse the HTTP response headers (with rating system to the results).
  🔸 Observatory by Mozilla - set of tools to analyze your website.
  🔸 Report URI - monitoring security policies like CSP and HPKP.
  🔸 CSP Evaluator - allows developers and security experts to check if a Content Security Policy.
  🔸 Common CA Database - repository of information about CAs, and their root and intermediate certificates.
  🔸 CERTSTREAM - real-time certificate transparency log update stream.
  🔸 MX Toolbox - all of your MX record, DNS, blacklist and SMTP diagnostics in one integrated tool.
  🔸 ViewDNS - one source for free DNS related tools and information.
  🔸 DNS Spy - monitor, validate and verify your DNS configurations.
  🔸 DNSlytics - online investigation tool.
  🔸 Censys - platform that helps information security practitioners discover, monitor, and analyze devices.
  🔸 Shodan - the world's first search engine for Internet-connected devices.
  🔸 GreyNoise - mass scanner (such as Shodan and Censys).
  🔸 Netcraft - detailed report about the site, helping you to make informed choices about their integrity.
  🔸 Security Trails - APIs for Security Companies, Researchers and Teams.
  🔸 Online Curl - curl test, analyze HTTP Response Headers.
  🔸 URL Encode/Decode - tool from above to either encode or decode a string of text.
  🔸 GTmetrix - analyze your sites speed and make it faster.
  🔸 Sucuri loadtimetester - test here the performance of any of your sites from across the globe.

Manuals/Howtos/Tutorials

  🔸 pure-bash-bible - a collection of pure bash alternatives to external processes.
  🔸 The Bash Hackers Wiki - hold documentation of any kind about GNU Bash.
  🔸 nixCraft - linux and unix tutorials for new and seasoned sysadmin.
  🔸 TecMint - the ideal Linux blog for Sysadmins & Geeks.
  🔸 Hacking Articles - LRaj Chandel's Security & Hacking Blog.

Blogs

  🔸 Brendan Gregg's Blog - Brendan Gregg is an industry expert in computing performance and cloud computing.
  🔸 Gynvael "GynDream" Coldwind - Gynvael is a IT security engineer at Google.
  🔸 Michał "lcamtuf" Zalewski - "white hat" hacker, computer security expert.
  🔸 Mattias Geniar - developer, Sysadmin, Blogger, Podcaster and Public Speaker.
  🔸 Nick Craver - Software Developer and Systems Administrator for Stack Exchange.
  🔸 Robert Penz - IT security Expert.
  🔸 Scott Helme - Security Researcher, international speaker and founder of securityheaders.com and report-uri.com.
  🔸 Kacper Szurek - Detection Engineer at ESET.
  🔸 Troy Hunt - Microsoft Regional Director and Microsoft Most Valuable Professional for Developer Security.

Systems/Services

  🔸 OpenBSD - multi-platform 4.4BSD-based UNIX-like operating system.
  🔸 HardenedBSD - HardenedBSD aims to implement innovative exploit mitigation and security solutions.
  🔸 Varnish HTTP Cache - HTTP accelerator designed for content-heavy dynamic web sites.
  🔸 Emerald Onion - Seattle-based encrypted-transit internet service provider.

One-liners

  🔸 commandlinefu.com - command line diamonds, created and voted on by our members.
  🔸 Bash One-Liners - practical, well-explained Bash one-liners, and promote best practices in Bash shell scripting.

Lists

  🔸 Awesome Sysadmin - amazingly awesome open source sysadmin resources.
  🔸 Awesome Shell - awesome command-line frameworks, toolkits, guides and gizmos.
  🔸 Awesome-Hacking - awesome lists for hackers, pentesters and security researchers.

Other

  🔸 Openbugbounty - allows any security researcher reporting a vulnerability on any website.