随笔分类 - 艺术
摘要:Local Host Vulnerabilities CVE(Common Vulnerabilities and Exposures) Database https://www.cvedetails.com/vendor.php Windows 10 Apple Linux Kernel Andr
阅读全文
摘要:Code Vulnerabilities UNSECURE CODE PRACTICES Comments in source code Good for developers and technical personnel Bad for keeping secrets Lack of error
阅读全文
摘要:Cross-Site Scripting Demo Given a scenario, exploit application-based vulnerabilities. Test Environment: DVWA Case 1 - Security Level: Low View the so
阅读全文
摘要:Application Exploits, Part III CROSS-SITE SCRIPTING(XSS) Injection attack in which an attacker sends malicious code(client-side script) to a web appli
阅读全文
摘要:Application Exploits, Part II AUTHENTICATION EXPLOITS Credential brute forcing Offline cracking(Hydra) Session hijacking Intercepting and using a sess
阅读全文
摘要:SQL Injection Demo Tools: Kali Linux Target Application: DVWA(Damn Vulnerable Web App) Login the DVWA website:http://10.0.0.20/dvwa/login.php Set the
阅读全文
摘要:Application Exploits, Part I APPLICATION-BASED EXPLOITS Injection attack Inserting additional data into application beyond what is expected SQL (Struc
阅读全文
摘要:Wireless Exploits WIRELESS AND RF VULNERABILITIES Wireless and RF vulnerabilities Broadcast is wide open aircrack-ng Evil twin - rogue WAP used to eav
阅读全文
摘要:Man in the middle exploits ADDITIONAL NETWORK EXPLOITS Man-in-the-middle Family of attacks where the attack intercepts messages between a sender and r
阅读全文
摘要:FTP Exploit Demo Use Nmap to find the vulnerability. nmap --script vulscan --script-args vulscandb=exploitdb.csv -sV -p 21 10.0.0.19 Use metasploit-fr
阅读全文
摘要:Network-Based Exploits NAME RESOLUTION EXPLOITS NETBIOS name service(NBNS) Part of NetBIOS-over-TCP Similar functionality to DNS LLMNR(Link-local Mult
阅读全文
摘要:In-Person Social Engineering MORE ATTACKS AND EXPLOITS Elicitation Gathering info about a system from authorized users Interrogation Informal intervie
阅读全文
摘要:Remote Social Engineering SOCIAL ENGNEERING Tricking or coercing people into violating security policy Depends on willingness to be helpful Human weak
阅读全文
摘要:Weaknesses in Specialized Systems ICS(Industrial Control Systems) Environment conditions SCADA(Supervisory Control and Data Acquisition) - SCADA is th
阅读全文
摘要:Credential Attacks Hydra https://sectools.org/tool/hydra/ hydra -L username.txt -P password.txt ftp://10.0.0.19 Get bad web-usernames from the followi
阅读全文
摘要:Common Attack Techniques Common Attack Techniques Some Windows exploits can be run in Linux Cross-compiling code Compile exploit for another OS https:
阅读全文
摘要:Prioritization of vulnerabilities LEVERAGE INFORMATION Leveraging information to prepare for exploitation Map vulnerabilities to potential exploits Lo
阅读全文
摘要:Nmap Timing and Performance Options Nmap cheat sheat https://www.stationx.net/nmap-cheat-sheet/ nmap -A -p 21 -T4 10.0.0.0/24 QUICK REVIEW Understand
阅读全文
摘要:Target Considerations Given a scenario, perform a vulnerability scan. CONTRAINER Lightweight instance of a VM Runs on to of host OS Docker, Puppet, Va
阅读全文
摘要:Openvas - Greenbone Security Manager Virtual Machine Download the image and installed a standalone Virtual Machine is a easier and faster method. Step
阅读全文
浙公网安备 33010602011771号