整合营销服务商
电脑端+手机端+微信端=数据同步管理
免费咨询热线:
电脑端+手机端+微信端=数据同步管理
免费咨询热线:
言:
本篇主要来推荐给大家一个好用的web渗透测试靶站。
对于网络安全行业的渗透测试人员,这个工具无疑会大大增加工作效率;
对于非网络安全行业的技术爱好者来说,也是一个值得收藏的工具。
bWAPP
bWAPP
这个站点覆盖了100+通用普遍的web漏洞,包括SQL注入攻击、越权、XSS攻击、CSRF、配置安全、敏感数据泄漏等等,下面是一个明细列表:
--------------
A1 - Injection
--------------
HTML Injection - Reflected (GET)
HTML Injection - Reflected (POST)
HTML Injection - Reflected (Current URL)
HTML Injection - Stored (Blog)
iFrame Injection
LDAP Injection (Search)
Mail Header Injection (SMTP)
OS Command Injection
OS Command Injection - Blind
PHP Code Injection
Server-Side Includes (SSI) Injection
SQL Injection (GET/Search)
SQL Injection (GET/Select)
SQL Injection (POST/Search)
SQL Injection (POST/Select)
SQL Injection (AJAX/JSON/jQuery)
SQL Injection (CAPTCHA)
SQL Injection (Login Form/Hero)
SQL Injection (Login Form/User)
SQL Injection (SQLite)
SQL Injection (Drupal)
SQL Injection - Stored (Blog)
SQL Injection - Stored (SQLite)
SQL Injection - Stored (User-Agent)
SQL Injection - Stored (XML)
SQL Injection - Blind - Boolean-Based
SQL Injection - Blind - Time-Based
SQL Injection - Blind (SQLite)
SQL Injection - Blind (Web Services/SOAP)
XML/XPath Injection (Login Form)
XML/XPath Injection (Search)
-----------------------------------------------
A2 - Broken Authentication & Session Management
-----------------------------------------------
Broken Authentication - CAPTCHA Bypassing
Broken Authentication - Forgotten Function
Broken Authentication - Insecure Login Forms
Broken Authentication - Logout Management
Broken Authentication - Password Attacks
Broken Authentication - Weak Passwords
Session Management - Administrative Portals
Session Management - Cookies (HTTPOnly)
Session Management - Cookies (Secure)
Session Management - Session ID in URL
Session Management - Strong Sessions
-------------------------------
A3 - Cross-Site Scripting (XSS)
-------------------------------
Cross-Site Scripting - Reflected (GET)
Cross-Site Scripting - Reflected (POST)
Cross-Site Scripting - Reflected (JSON)
Cross-Site Scripting - Reflected (AJAX/JSON)
Cross-Site Scripting - Reflected (AJAX/XML)
Cross-Site Scripting - Reflected (Back Button)
Cross-Site Scripting - Reflected (Custom Header)
Cross-Site Scripting - Reflected (Eval)
Cross-Site Scripting - Reflected (HREF)
Cross-Site Scripting - Reflected (Login Form)
Cross-Site Scripting - Reflected (phpMyAdmin)
Cross-Site Scripting - Reflected (PHP_SELF)
Cross-Site Scripting - Reflected (Referer)
Cross-Site Scripting - Reflected (User-Agent)
Cross-Site Scripting - Stored (Blog)
Cross-Site Scripting - Stored (Change Secret)
Cross-Site Scripting - Stored (Cookies)
Cross-Site Scripting - Stored (SQLiteManager)
Cross-Site Scripting - Stored (User-Agent)
--------------------------------------
A4 - Insecure Direct Object References
--------------------------------------
Insecure DOR (Change Secret)
Insecure DOR (Reset Secret)
Insecure DOR (Order Tickets)
------------------------------
A5 - Security Misconfiguration
------------------------------
Arbitrary File Access (Samba)
Cross-Domain Policy File (Flash)
Cross-Origin Resource Sharing (AJAX)
Cross-Site Tracing (XST)
Denial-of-Service (Large Chunk Size)
Denial-of-Service (Slow HTTP DoS)
Denial-of-Service (SSL-Exhaustion)
Denial-of-Service (XML Bomb)
Insecure DistCC Configuration
Insecure FTP Configuration
Insecure NTP Configuration
Insecure SNMP Configuration
Insecure VNC Configuration
Insecure WebDAV Configuration
Local Privilege Escalation (sendpage)
Local Privilege Escalation (udev)
Man-in-the-Middle Attack (HTTP)
Man-in-the-Middle Attack (SMTP)
Old/Backup & Unreferenced Files
Robots File (Disclosure)
----------------------------
A6 - Sensitive Data Exposure
----------------------------
Base64 Encoding (Secret)
BEAST/CRIME/BREACH SSL Attacks
Clear Text HTTP (Credentials)
Heartbleed Vulnerability
Host Header Attack (Reset Poisoning)
HTML5 Web Storage (Secret)
POODLE Vulnerability
SSL 2.0 Deprecated Protocol
Text Files (Accounts)
--------------------------------------------
A7 - Missing Functional Level Access Control
--------------------------------------------
Directory Traversal - Directories
Directory Traversal - Files
Host Header Attack (Cache Poisoning)
Host Header Attack (Reset Poisoning)
Local File Inclusion (SQLiteManager)
Remote & Local File Inclusion (RFI/LFI)
Restrict Device Access
Restrict Folder Access
Server Side Request Forgery (SSRF)
XML External Entity Attacks (XXE)
--------------------------------------
A8 - Cross-Site Request Forgery (CSRF)
--------------------------------------
Cross-Site Request Forgery (Change Password)
Cross-Site Request Forgery (Change Secret)
Cross-Site Request Forgery (Transfer Amount)
--------------------------------------
A9 - Using Known Vulnerable Components
--------------------------------------
Buffer Overflow (Local)
Buffer Overflow (Remote)
Drupal SQL Injection (Drupageddon)
Heartbleed Vulnerability
PHP CGI Remote Code Execution
PHP Eval Function
phpMyAdmin BBCode Tag XSS
Shellshock Vulnerability
SQLiteManager Local File Inclusion
SQLiteManager PHP Code Injection
SQLiteManager XSS
--------------------------------------
A10 - Unvalidated Redirects & Forwards
--------------------------------------
Unvalidated Redirects & Forwards (1)
Unvalidated Redirects & Forwards (2)
----------
Other bugs
----------
ClickJacking (Movie Tickets)
Client-Side Validation (Password)
HTTP Parameter Pollution
HTTP Response Splitting
HTTP Verb Tampering
Information Disclosure - Favicon
Information Disclosure - Headers
Information Disclosure - PHP version
Information Disclosure - Robots File
Insecure iFrame (Login Form)
Unrestricted File Upload
------
Extras
------
A.I.M. - No-authentication Mode
Client Access Policy File
Cross-Domain Policy File
Evil 666 Fuzzing Page
Hidden Backdoor File
Manual Intervention Required!
Unprotected Admin Portal
We Steal Secrets... (html)
We Steal Secrets... (plain)
WSDL File (Web Services/SOAP)
安装与使用:
前置环境:docker
1. docker pull registry.cn-shanghai.aliyuncs.com/yhskc/bwapp
2. docker run -d -p 0.0.0.0:80:80 registry.cn-shanghai.aliyuncs.com/yhskc/bwapp
# 列出 container id
3. docker container list -a
4. docker start %container-id%初始化环境:
1. 安装 : http://localhost/install.php
2. 注册新用户
3. 登陆
4. 选择要测试的漏洞注册新用户
登陆
选择要测试的漏洞
关于这个环境的使用,也可以参照上一篇中所写: 不要再被这样的流氓邮件给坑了
关于计算机专业,有个调侃就是“修电脑”的,所以首先为了避免不必要的麻烦以及更好地在妹子面前装B,我建议你去了解一下电脑常见故障的解决办法以及万能的“没什么事是重装解决不了的,如果有那就再重装一下”!
玩过的小伙伴都懂吧
基础课程:
数字电子技术、模拟电子技术、计算机组成原理、计算机操作系统、计算机网络、微机原理与接口技术、高级语言(C语言)、软件工程、数据结构、高等数学、离散数学、线性代数概率论与数理统计、以及算法设计与分析等。
拓展课程:前端——HTML5+CSS3、JavaScript+JQuery等;
后端——C++、JAVA、.NET、PHP、Ruby或Python等;
PS:前端跟后端的分类只是说这个语言适合做这件事,而不是说只能做这件事,望周知。
不正经一下
最近看到一些关于IT市场人才饱和的文章,其实吧,饱和的是码农,不是高级程序员,如果你在校期间没学好自己专业的课程的话,很有可能你就是饱和的那一批人,由于是第一次发文,没做好充分准备,想有更深的了解请登录——http://www.chinabgao.com/k/it.html;中国报告大厅->IT行业市场分析报告。
嘻嘻~关注我你就知道了,我会再这里在平时上课的知识总结在这里我们讨论,达到共同进步的效果~感兴趣的同学可以点一下关注哈~
当然,平时遇到什么好玩的代码也会跟大家分享!
者 | David Goldstein
译者 | 王强
策划 | 小智
转发链接:https://mp.weixin.qq.com/s/TK7kWXX4hR3e-jtpVMuBnw
*请认真填写需求信息,我们会在24小时内与您取得联系。
