随笔分类 - 艺术
摘要:OpenVAS(1) Official site: https://www.openvas.org/ https://github.com/greenbone/openvas/blob/master/INSTALL.md Install perquisites on Kali: https://ww
阅读全文
摘要:Vulnerability Scanning VULNERABILITY SCAN Structured approach to examining targets to identify known weaknesses Many different types Determine if any
阅读全文
摘要:Application and Open-Source Resources DECOMPILATION Complier - translates source code into executable instructions Decompiler - attempts to convert ex
阅读全文
摘要:Packet Investigation PACKET INVESTIGATION Packet crafting Creating specific network packets to gather information or carry out attacks Tools - netcat,
阅读全文
摘要:Scanning and Enumeration INFORMATION GATHERING Scanning Process of looking at some number of "things" to determine characteristics Commonly used in pe
阅读全文
摘要:Scope Vulnerabilities SCHEDULING AND SCOPE CREEP Scheduling When can/should tests be run? Who should be notified? When must tests be completed? Scope
阅读全文
摘要:Project Strategy and Risk CONSIDERATIONS White-listed No one can access resources unless specifically granted Black-listed Everyone can access unless
阅读全文
摘要:Lab Environment Setup ENV1: Kali Linux Install a Kali Linux Virtual Machine. https://www.kali.org/ ENV2: DVWA - DAMN VULNERABLE WEB APPLICATION Downlo
阅读全文
摘要:Penetration Test - Planning and Scoping(7) TYPES OF ASSESSMENTS Goal-based Goals created upfront Tests set up to fulfill goal(s) Objectives-based Defi
阅读全文
摘要:Penetration Test - Planning and Scoping(6) LEGAL CONCEPTS Statement of Work(SOW) Clearly states what tasks are to be accomplished Master Service Agree
阅读全文
摘要:Penetration Test - Planning and Scoping(5) SUPPORT RESOURCES WSDL/WADL Web services/application description language XML file with lots of info about
阅读全文
摘要:Penetration Test - Planning and Scoping(4) SET EXPECTATIONS Impact The result of testing Report vulnerabilities Remediation How should client respond?
阅读全文
摘要:Penetration Test - Planning and Scoping(3) RESOURCES AND REQUIREMENTS What does each party provide? At what point does the engagement begin? Confident
阅读全文
摘要:Penetration Test - Planning and Scoping(2) TARGET AUDIENCE AND ROE Know your target audience Who is sponsoring the pen test? What is the purpose of th
阅读全文
摘要:Penetration Test - Planning and Scoping(1) PLANNING AND SCOPING Get Permission Know how much work you have to do Don't do more than that Watch out for
阅读全文
摘要:OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to use. It can also be used for manual testing. This
阅读全文
摘要:XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript code into the page. The code is executed when the page loads. The co
阅读全文
摘要:SQL INJECTION Preventing SQLi Filters can be bypassed. Use a blacklist of commands? Still can be bypassed. Use whitelist? Same issue. -> Use parameter
阅读全文
摘要:SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...etc. >sqlmap --help >sqlmap -u [target URL] Fo
阅读全文
摘要:SQL INJECTION Discovering SQLi in GET Inject by browser URL. Selecting Data From Database Change the number to a big one, then you can get a useful er
阅读全文
浙公网安备 33010602011771号