随笔分类 - 艺术
摘要:Parent and Derived Roles in SAP Type of Roles in SAP Roles in SAP Role: Role is the group of Profiles, menus, transactions, reports and user assignmen
阅读全文
摘要:Roles and Authorizations in SAP T-Code: PFCG Description Menu Application Authorization User Personnalization
阅读全文
摘要:Login Parameters Profiles in SAP Parameters Explanation login/min_password_lng Defines the minimum length of the password. Default value:3; permissibl
阅读全文
摘要:User Types in SAP 1.Dialog 2.System 3.Communication 4.Service 5.Reference Dialog User User type for exactly one interactive user (all logon types incl
阅读全文
摘要:Authorization Concept in SAP Authorization Concept The R/3 authorization concept allows you to protect transactions and programs from unauthorized use
阅读全文
摘要:Authorization Checks in SAP Authorization Checks in SAP When a user starts a transaction, the system performs the following checks: The system checks
阅读全文
摘要:User Master Record T-code: SU01 Components of the User Master Record User Master Record Address: Personal data, Communication data, Company add. Logon
阅读全文
摘要:Introduction to SAP Security What is Security Security in the context of IT denotes giving access to users to only those system resources which they r
阅读全文
摘要:Web渗透概述 Web应用渗透技术 特点 广泛性: Web应用几乎无处不在 技术门槛低: Web技术简单易懂,进入的技术门槛低 防火墙可绕过性: 几乎所有传统防火墙策略都会放行入方向的HTTP/HTTPS流量 安全机制不够成熟: HTTP的认证和授权技术相对滞后 隐蔽性: 攻击追溯和取证工作比较困难
阅读全文
摘要:情报搜集技术 外围信息搜索 通过DNS和IP地址挖掘目标网络信息 nslookup根据域名查询IP nslookup DNS记录类型 A 记录 - 把一个域名解析为一个IPv4地址 AAAA记录 - 把一个域名解析为IPv6地址 PTR - 把一个IP地址解析成域名 CNAME - 把一个域名解析成
阅读全文
摘要:渗透测试概述 渗透测试标准 PTES渗透测试执行标准 NIST SP 800-42网络安全测试指南 OWASP十大WEB应用安全威胁项目 web安全威胁分类标准 渗透测试过程环节 前期交互阶段 确定渗透测试的范围、目标、限制条件、服务合同细节 收集客户需求、准备测试计划、定义测试范围、定义业务目标、
阅读全文
摘要:内网渗透 内网组成 路由器 服务器 打印机 交换机 k8s集群 OpenStack Linux系统 MacOS系统 Windows系统 Windows AD域 内网渗透思路 公网->内网 信息搜集 用户信息 进程信息 系统信息 环境变量 系统版本 启动信息 计划任务 后缀信息 注册表项 域内信息 密
阅读全文
摘要:Fix error - processing package linux-headers-6.0.0-kali6-amd64 (--configure) Issue: Setting up linux-headers-6.0.0-kali6-amd64 (6.0.12-1kali1) ... /et
阅读全文
摘要:Wireshark for Ethical Hackers - 12 Saving and Exporting Packets Annotating and Printing Packets How to use the new annotation feature. How to find pac
阅读全文
摘要:CRISC Learning Notes 1 - Governance Governance answers four questions: Are we doing the right things? Are we doing them the right way? Are we getting
阅读全文
摘要:Sniffing attacks Crash Theory Practice - Part 2 ARP Spoofing Address Resolution Protocol is used to convert a L3 address to a L2 address - an IP addre
阅读全文
摘要:Sniffing attacks Crash Theory Practice - Part 1 Prepare for Labs Kali Linux Virtual Machine. Ubuntu Virtual Machine. MAC Flooding As a rule, the switc
阅读全文
摘要:Networking of Sniffing Crash Theory Practice - Part 4 TAPs Tap is a L1-device that allows to monitor traffic between 2 points passively Better than Po
阅读全文
摘要:Networking of Sniffing Crash Theory Practice - Part 3 Active Sniffing vs. Passive Sniffing Active Sniffing relies on sending some frames, performing M
阅读全文
摘要:Networking of Sniffing Crash Theory Practice - Part 2 Port Mirroring SPAN RSPAN Mirrors incoming/outgoing frames from a port or a VLAN to a local inte
阅读全文
浙公网安备 33010602011771号