gitwtfhub

wtf is mind-map?

phith0n/mind-map — explained in plain English

Analysis updated 2026-06-26

4,593Audience · developerComplexity · 1/5Setup · easy

TL;DR

A curated collection of security mind map images and PDFs covering penetration testing, XSS, SQL injection, SSRF, binary vulnerabilities, defensive strategies, and specific tools like Nmap and SQLmap, primarily in Chinese.

Mindmap

mindmap
  root((Security Mind Maps))
    Attack techniques
      XSS attacks
      SQL injection
      SSRF
      Binary vulns
    Defensive topics
      Enterprise defense
      Intrusion detection
      Linux security
    Tools covered
      Nmap usage
      SQLmap options
    Audience
      Security learners
      Pentesters

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Why would anyone build with this?

REASON 1

Use the penetration testing workflow mind map as a checklist when conducting a security audit of a web application.

REASON 2

Study XSS, SQL injection, and SSRF mind maps to understand attack techniques and their variations before a CTF competition.

REASON 3

Reference the enterprise defense and intrusion detection mind maps when planning a security operations strategy.

REASON 4

Share the Nmap or SQLmap tool mind maps with a team as a visual quick-reference for tool options and usage patterns.

How it stacks up

phith0n/mind-mapnvlabs/neuralangelo0x4d31/awesome-threat-detection
Stars4,5934,5934,592
LanguagePython
Setup difficultyeasyhardeasy
Complexity1/55/51/5
Audiencedeveloperresearcherops devops

Figures from each repo's GitHub metadata at analysis time.

How do you spin it up?

Difficulty · easy Time to first run · 5min

No installation needed, browse image and PDF files directly on GitHub, content is primarily in Chinese.

Wtf does this do

This repository is a collection of security-related mind maps gathered and organized in one place. A mind map is a visual diagram that breaks a topic into branches, making it easier to see how concepts relate to each other. The repository does not contain code, it is entirely made up of image and PDF files, each covering a different area of computer security. The topics span a wide range of the security field. There are mind maps on penetration testing workflows, browser security, cross-site scripting (XSS) attacks, SQL injection tooling, server-side request forgery (SSRF), XML security, web application security, PHP and Python code review techniques, and binary vulnerability analysis for beginners. On the defensive side, there are diagrams covering security operations, enterprise defense strategies, intrusion detection systems, and Linux security. Additional maps cover reconnaissance and intelligence gathering, domain enumeration, and financial sector security considerations. Several of the entries cover specific tools rather than broad concepts. There are dedicated mind maps for Nmap (a network scanning tool) and SQLmap (a tool for testing SQL injection vulnerabilities), each laying out the tool's options and usage patterns in diagram form. The content is primarily in Chinese, though some entries use English titles. The repository functions as a reference library rather than an interactive or executable project. Anyone interested in the security field, whether learning or already working in it, can browse the images directly from GitHub without cloning anything locally.

Yoink these prompts

Prompt 1
I'm studying XSS attack techniques from phith0n's mind map. Explain stored XSS vs reflected XSS vs DOM-based XSS with a working code example of each in a simple Node.js app.
Prompt 2
The SSRF mind map in this repo covers different SSRF bypass techniques. Explain what Server-Side Request Forgery is and show me a code example of a vulnerable PHP endpoint with how to test it safely in a lab.
Prompt 3
Walk me through a standard penetration testing workflow covering reconnaissance, scanning, exploitation, and reporting, as laid out in a typical pentest methodology.
Prompt 4
The SQLmap mind map covers its main options. Show me the SQLmap command to test a login form for SQL injection, extract the database schema, and dump a specific table.

Frequently asked questions

wtf is mind-map?

A curated collection of security mind map images and PDFs covering penetration testing, XSS, SQL injection, SSRF, binary vulnerabilities, defensive strategies, and specific tools like Nmap and SQLmap, primarily in Chinese.

How hard is mind-map to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is mind-map for?

Mainly developer.

View the repo → Decode another repo

This repo across BitVibe Labs

Don't trust strangers blindly. Verify against the repo.