国外的一些漏洞学习平台+hackoen公开漏洞报告下载

前言

作为网络安全研究人员，信息安全爱好者或者黑客等，都是怎么找到网站漏洞的呢？一个全面、及时、准确的漏洞列表网站是必不可少的，从这些网站及时获取漏洞信息，查询历史漏洞信息，帮助我们提高网络安全技能。

Exploit-db

Exploit-db(https://www.exploit-db.com) 号称“全球漏洞库”，网站收集了来自全球白帽子提交的各类漏洞信息及利用代码，存储了大量的漏洞利用程序，可以帮助安全研究者和渗透测试工程师更好的进行安全测试工作

平台地址

https://hackerone.com

http://www.exploit-db.com/

http://sec.jetlib.com

http://www.sec-wiki.com/

sebug.net

1337day.com

http://www.frsirt.com/

http://www.derkeiler.com/

http://www.securiteam.com/

http://www.securityfocus.com/

http://www.packetstormsecurity.org/

http://www.addict3d.org/index.php?page=security

http://neworder.box.sk/

http://archives.neohapsis.com/archives/

http://security.nnov.ru/exploits/

http://securitydot.net/index.php

http://www.red-database-security.com/

http://packetstormsecurity.nl/

http://www.aspitalia.com/focuson/notizie_Microsoft_Security_Bulletin.aspx

http://marc.info/?l=bugtraq

http://hack.com.ru/

http://www.hackcoza.tk/

http://securityvulns.com/exploits/

http://www.hackerzhell.co.uk/indexmain.php

http://hacktheb0x.tk/

http://www.k-otik.com/

http://www.security-corporation.com/

http://www.hackcoza.com/lynx.html

http://www.anyside.com/

http://www.erratasec.com/

http://www.cnids.com

http://seclists.org

http://metasploit.com/projects/Framework/

http://www.nosec.org

http://www.argeniss.com/

http://www.spidynamics.com/

http://www.appsecinc.com

http://www.securitytracker.com/

http://www.qasec.com/

http://sourceforge.net/index.php

websercurity ---xss&&inject .....

http://www.how-to-hack.org/

http://www.cgisecurity.com/

http://www.php-security.org/index.html

http://www.web-hack.ru/

http://phpsec.org/

http://www.owasp.org/index.php/Main_Page

http://www.phpsecure.info

http://freeworld.thc.org/welcome/

http://www.webappsec.org/

http://www.sqlsecurity.com/

http://www.hacksafe.com.au/

http://www.xssed.com/

http://www.fuzzing.org fuzzing tool

http://www.nsfocus.net

参考: inforscan、csdn

hackoen公开漏洞报告下载

后面资料尽量不用x度盘

https://wws.lanzous.com/b01hrk8ed

密码:4qu7