Common Vulnerability Scoring System CVSS
1、Generating a Shell payload using msfvenom
2、web intrusion Test
in fact in the websecurity ,the web pentration test is only ont piece of the puzzle ,in order to achive a success,ful penteration test ,you need to include the Threat Modeling and souce review and much network pentests ,as well .
well i list a checklist to indentifying hidden contents .
first you shoud care the rebot.txt the file include the web general infromation ,and the backup files(.back 。。.old) other intersting files (.xls .doc .pdf .txt ) and administrator URL (for example phpmyadmin\ wp-admin 、login ) and other application such as WordPress ,through these means we can gather Persional information for example : Email -address Credential eventhough another entry system(eg WordPress Camera and other terminal equipment)
3、Common web page checklist and Special pages checklist
special pages include login page 、 Registration page 、 Reset/Change password page Upload page 。
4、Pentest automation Using Python
as a pentest you will realize during pentests is that a lot of commands will just repeat over and over again.
最新文章
- servlet开发中遇到的问题集合
- UVALive 3902 网络
- LCA
- hibernate(四)__由表逆向创建Domain对象和对象关系映射文件
- [WP8] 使用ApplicationMenu与使用者互动
- CentOS下编译安装MySQL 5.6.21
- hdu 2501 Tiling_easy version 递推
- mount
- poj1286
- html5 input属性
- 【Java基础】 static
- ubuntu软件使用汇总
- Elasticsearch.Net 多层嵌套的逻辑实现
- React 中 Link 和 NavLink 组件 activeClassName、activeStyle 属性不生效的问题
- 金融量化分析【day112】:量化平台的使用-下单函数
- Git和Eclipse的使用、上传、部署
- day 7 - 1 集合、copy及基础数据类型汇总
- sed 随笔
- linux降低内存后oracle数据库无法启动
- ServiceDesk Plus解析内容,简化工单管理