diff --git a/AUDIT_MANIFEST.json b/AUDIT_MANIFEST.json index 9db3200..a64b7ff 100644 --- a/AUDIT_MANIFEST.json +++ b/AUDIT_MANIFEST.json @@ -572,5 +572,16 @@ "training/pathways/entry-path.md": "tree", "training/pathways/index.md": "tree", "training/recommendations.md": "sprout" + }, + "training/references/book-of-secret-knowledge.md": { + "silo": "2890", + "growth": "tree", + "tags": [ + "cli", + "linux", + "networking", + "security", + "reference" + ] } } \ No newline at end of file diff --git a/submissions_state.json b/submissions_state.json index aa006ee..ed5ec9b 100644 --- a/submissions_state.json +++ b/submissions_state.json @@ -1,5 +1,5 @@ { - "last_processed_id": "1504316757257617438", + "last_processed_id": "1509735392755318784", "processed_ids": [ "1504311623328727210", "1504311826098290829", @@ -13,6 +13,16 @@ "1504313397854863512", "1504314756339597333", "1504315131126091917", - "1504316757257617438" + "1504316757257617438", + "1509734816785105050", + "1509734845419491479", + "1509734990517375028", + "1509735212697780265", + "1509735244213780643", + "1509735373054542024", + "1509735382760030308", + "1509735383708078313", + "1509735392231030896", + "1509735392755318784" ] } \ No newline at end of file diff --git a/training/references/book-of-secret-knowledge.md b/training/references/book-of-secret-knowledge.md new file mode 100644 index 0000000..39a3d09 --- /dev/null +++ b/training/references/book-of-secret-knowledge.md @@ -0,0 +1,79 @@ +--- +title: "The Book of Secret Knowledge — CLI & Security Reference" +growth: tree +last_verified: 2026-05-29 +freshness: seasonal +silo: 2890 +prerequisites: [] +related: + - first-technical-resources +tags: [cli, linux, networking, security, reference, sysadmin, pentesting] +--- + +# The Book of Secret Knowledge — CLI & Security Reference + +> "Knowledge is powerful, be careful how you use it!" + +**Source:** (225k ⭐, MIT License) + +A massive curated collection of CLI tools, GUI tools, web tools, cheatsheets, shell one-liners, and security/hacking resources. Maintained by trimstray, aimed at sysadmins, DevOps, pentesters, and security researchers. + +## Why We Keep This + +This repo is a swiss-army-knife bookmark collection for anyone on the team who wants to go deeper into Linux, networking, cybersecurity, or just be more effective at the command line. If you're the type who reads man pages for fun — this is for you. + +## What's In It + +### CLI Tools +- **Shells & plugins** — Bash, Zsh, Oh My ZSH, Starship prompt, fzf (fuzzy finder), z (directory jumper) +- **Text editors** — Vim, Neovim, micro, Emacs +- **File management** — fd (find alternative), ncdu (disk usage), Midnight Commander, ranger +- **Network** — nmap, masscan, tcpdump, tshark, netcat, socat, hping3, curl, HTTPie +- **DNS tools** — dnsdiag, subfinder, massdns, dnscrypt-proxy +- **HTTP tools** — curl, wrk, siege, bombardier (load testing), gobuster +- **SSL** — openssl, testssl.sh, Certbot, mkcert +- **System diagnostics** — strace, htop, glances, FlameGraph, bpftrace +- **Log analyzers** — lnav, GoAccess, ngxtop +- **Databases** — usql, pgcli, mycli, litecli, OSQuery + +### GUI Tools +- **Terminal emulators** — Kitty, Alacritty, Terminator +- **Network** — Wireshark, Ettercap, JMeter +- **Password managers** — KeePassXC, Bitwarden +- **Encrypted messaging** — Signal, Matrix + +### Web Tools +- **SSL/Security testing** — SSLLabs, ImmuniWeb, crt.sh, Hardenize +- **DNS** — ViewDNS, DNSdumpster, intoDNS, What's My DNS +- **HTTP headers** — Security Headers, Mozilla Observatory +- **Mass scanners** — Shodan, Censys, GreyNoise, ZoomEye +- **CVE databases** — CVE Mitre, Exploit DB, Vulncode-DB +- **Regex testing** — Regex101, RegExr, CyberChef (encoding Swiss army knife) + +### Security & Pentesting +- **Frameworks** — Metasploit, Burp Suite, OWASP ZAP, sqlmap, Recon-ng +- **Reverse engineering** — Ghidra, radare2, Cutter, IDA +- **CTF platforms** — Hack The Box, TryHackMe, picoCTF, OverTheWire, Cryptopals +- **Vulnerable lab apps** — DVWA, OWASP Juice Shop, vulhub, RootTheBox +- **Wordlists** — SecLists, Weakpass, skullsecurity + +### Shell One-Liners & Tricks +- Practical recipes for `find`, `tcpdump`, `openssl`, `nmap`, `netcat`, `strace`, `awk`, `sed`, `grep`, `perl` +- SSH tunneling and port forwarding +- Network debugging and packet capture +- File system tricks (secure delete, backups, permissions) + +## Sections Most Relevant to FRC / Team 2890 + +- **Networking** → robot comms debugging, SSH, DNS, tcpdump for debugging roboRIO traffic +- **CLI one-liners** → leveling up your Linux/terminal game +- **Containers** → running Docker (PhotonVision, Gitea, wiki infrastructure) +- **Security** → the cybersecurity competition side of the team +- **CTF platforms** → practice environments for cyber competitions + +## Caveats + +- This is a **reference collection**, not a tutorial. It points you to tools — you still need to learn them. +- The pentesting/hacking sections are for **authorized security research and competition use only**. Never use these tools on systems you don't own or have explicit permission to test. +- The repo hasn't been updated in ~2 years (last commit 2024). Some links may be stale, but the core tools are timeless. +- It's overwhelming if you try to digest it all at once. Pick one section that interests you and explore from there. \ No newline at end of file