# Security
Security is essential.

Security needs to convince: https://utcc.utoronto.ca/~cks/space/blog/tech/SecurityNeedsToConvince


# Passive recon
Network recon without being detected.

[OSINT](https://osintframework.com) → tool hierarchy for information gathering
[Spiderfoot](./Linux/Programs/Network/spiderfoot.md) → CLI/webUI automated OSINT scanner
[crt.sh](https://crt.sh) → subdomain finder based on SSL certs


# Dorks
Search engine specifiers that sometimes reveal useful info.

https://www.exploit-db.com/google-hacking-database


# Exploits
https://www.exploit-db.com/ -> Practical CVEs


# CTF
<https://primer.picoctf.org> → CTF introduction

<https://book.hacktricks.wiki/en/index.html> → CTF resources for different attacks
<https://trailofbits.github.io/ctf/> → CTF field guide

<https://hacktricks.boitatech.com.br/misc/basic-python/bypass-python-sandboxes> → break python sandbox

<https://play.picoctf.org/practice/> → CTF practice


# RSS Feeds
Feeds for security updates one should follow.