explaingit

phith0n/mind-map

4,593Audience · developerComplexity · 1/5Setup · easy

TLDR

A curated collection of security mind map images and PDFs covering penetration testing, XSS, SQL injection, SSRF, binary vulnerabilities, defensive strategies, and specific tools like Nmap and SQLmap, primarily in Chinese.

Mindmap

mindmap
  root((Security Mind Maps))
    Attack techniques
      XSS attacks
      SQL injection
      SSRF
      Binary vulns
    Defensive topics
      Enterprise defense
      Intrusion detection
      Linux security
    Tools covered
      Nmap usage
      SQLmap options
    Audience
      Security learners
      Pentesters
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Use the penetration testing workflow mind map as a checklist when conducting a security audit of a web application.

USE CASE 2

Study XSS, SQL injection, and SSRF mind maps to understand attack techniques and their variations before a CTF competition.

USE CASE 3

Reference the enterprise defense and intrusion detection mind maps when planning a security operations strategy.

USE CASE 4

Share the Nmap or SQLmap tool mind maps with a team as a visual quick-reference for tool options and usage patterns.

Getting it running

Difficulty · easy Time to first run · 5min

No installation needed, browse image and PDF files directly on GitHub, content is primarily in Chinese.

In plain English

This repository is a collection of security-related mind maps gathered and organized in one place. A mind map is a visual diagram that breaks a topic into branches, making it easier to see how concepts relate to each other. The repository does not contain code, it is entirely made up of image and PDF files, each covering a different area of computer security. The topics span a wide range of the security field. There are mind maps on penetration testing workflows, browser security, cross-site scripting (XSS) attacks, SQL injection tooling, server-side request forgery (SSRF), XML security, web application security, PHP and Python code review techniques, and binary vulnerability analysis for beginners. On the defensive side, there are diagrams covering security operations, enterprise defense strategies, intrusion detection systems, and Linux security. Additional maps cover reconnaissance and intelligence gathering, domain enumeration, and financial sector security considerations. Several of the entries cover specific tools rather than broad concepts. There are dedicated mind maps for Nmap (a network scanning tool) and SQLmap (a tool for testing SQL injection vulnerabilities), each laying out the tool's options and usage patterns in diagram form. The content is primarily in Chinese, though some entries use English titles. The repository functions as a reference library rather than an interactive or executable project. Anyone interested in the security field, whether learning or already working in it, can browse the images directly from GitHub without cloning anything locally.

Copy-paste prompts

Prompt 1
I'm studying XSS attack techniques from phith0n's mind map. Explain stored XSS vs reflected XSS vs DOM-based XSS with a working code example of each in a simple Node.js app.
Prompt 2
The SSRF mind map in this repo covers different SSRF bypass techniques. Explain what Server-Side Request Forgery is and show me a code example of a vulnerable PHP endpoint with how to test it safely in a lab.
Prompt 3
Walk me through a standard penetration testing workflow covering reconnaissance, scanning, exploitation, and reporting, as laid out in a typical pentest methodology.
Prompt 4
The SQLmap mind map covers its main options. Show me the SQLmap command to test a login form for SQL injection, extract the database schema, and dump a specific table.
Open on GitHub → Explain another repo

← phith0n on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.