kezhen的专栏

转自：http://blog.rootcon.org/2012/03/introducing-35-pentesting-tools-used.html1. w3afw3af or Web Application Attack and Audit Framework is an open source penetration testing tool for finding

HTTP协议HTTP是Web的基本协议，对该

The WebWeb appl ications are probably the most common services exposed by companiesand insti tutions on the internet, furthermore, most old appl ications have now a "webversion" to be avai lable

HTTP Responses当用户发送一个请求时，服务器会返回HTTP 响应。例如

1、http://blog.mhartl.com/2008/09/21/mass-assignment-in-rails-applications/This is a brief review of mass assignment in Rails. See the follow-up post on Finding and fixing mass assignment probl

本文总结了目前网络上比较流行的渗透测试演练系统，这些系统里面都提供了一些实际的安全漏洞，排名不分先后，各位安全测试人员可以亲身实践如何利用这个漏洞，同时也可以学习到漏洞的相关知识。DVWA (Dam Vulnerable Web Application)DVWA是用PHP+Mysql编写的一套用于常规WEB漏洞教学和检测的WEB脆弱性测试程序。包含了SQL注入、XSS、盲注等常见的一些安全漏洞

转自：http://ssi.su/

原文：http://www.binarytides.com/netcat-tutorial-for-beginners/

摘自：http://www.binarytides.com/php-reverse-shell-with-netcat/Once you are able to gain access to a remote website or server such that you can upload any arbitrary file to it, the next thing you wan

This is a short post explaining how to deal with metasploit instance not connected to its database (I’m using the new Kali Linux but it is the same for Backtrack 5). The issue usually surfaces when yo

转自：http://www.cnblogs.com/zcy_soft/archive/2013/09/23/3335235.htmlDNS A记录 NS记录 MX记录 CNAME记录 TXT记录 TTL值 PTR值 建站名词解释：DNS A记录 NS记录 MX记录 CNAME记录 TXT记录 TTL值 PTR值 泛域名 泛解析 域名绑定 域名转向 1.DNS：Domain

转自：http://www.securesolutions.no/xss-explained/Cross site scripting is vulnerabilities in web applications that involves injecting valid HTML or scripts in some form or way.XSS is a very wid

转自：https://pentestlab.wordpress.com/2013/01/13/detecting-web-application-firewalls/Web application firewalls play an important role in the security of websites as they can mitigate risks and the

转自：http://www.cnblogs.com/mchina/archive/2013/01/01/2840815.html一、简介Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized

转自：http://resources.infosecinstitute.com/beef-part-1/1. IntroductionWe can categorize the BeEF social engineering framework as shown in the picture below:We can read more about t

转自：http://www.zbeol.com/blog/post/1856.html!@#123*******000110011C12010510111112123123!@#12332112345123456123654123654789123654789!123654789.123go1314520133

Developers are notorious for leaving statements like FIXME's, TODO's, Code Broken, Hack, etc... inside the source code.  Review the source code for any comments denoting  passwords, backdoors, or some

http://deadlytechnology.com/web-development/xss/

https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_SheetThis article provides a simple positive model for preventing XSS using output escaping/encoding properly. Whi

转自：http://hi.baidu.com/oracledba/item/9f7be51ee6a7fbe45e53b16d1、  什么是WebApp PentestingWebApp Pentesting，由PentesterLab出品。官方给自己的定义是一个简单又十分有效学习渗透测试的演练平台。它提供诸多的漏洞系统以供网络安全发烧友进行测试和让黑阔们更加深刻地且透彻理解“漏洞”。

https://www.owasp.org/index.php/Testing_for_SQL_Injection_(OWASP-DV-005)Brief SummaryA SQL injection attack consists of insertion or "injection" of either a partial or complete SQL query

1、https://code.google.com/p/wfuzz/downloads/list 下载wfuzz，解压2、运行命令：[root@localhost wfuzz-read-only]# python wfuzz.py  -z file -f wordlist/general/common.txt  --hc 404 http://192.168.65.155/FUZZTr

OverviewCross-Site Scripting (XSS) attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. XSS attacks occur when an attacke

http://projects.webappsec.org/w/page/13246947/LDAP%20InjectionLDAP InjectionLDAP Injection is an attack technique used to exploit web sites that construct LDAP statements from user-supplied in

https://www.owasp.org/index.php/SQL_InjectionOverviewA SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A succe

https://www.owasp.org/index.php/Guide_to_SQL_InjectionThere are two complementary and successful methods of mitigating SQL Injection attacks:有两种互为补充的方法可以缓解SQL注入攻击：Parameterized queries usi

https://www.owasp.org/index.php/Blind_SQL_InjectionDescriptionBlind SQL (Structured Query Language) injection is a type of SQL Injection attack that asks the database true or false questions a

http://en.wikipedia.org/wiki/Prepared_statementIn database management systems, a prepared statement or parameterized statement is a feature used to execute the same or similar database statement

实验准备：1）WebGoat 下载 并解压

http://www.bishopfox.com/resources/tools/google-hacking-diggity/attack-tools/Sometimes, the best defense is a good offense. Bishop Fox’s attack tools level the playing field by allowing our client

WebGoat中的Blind Numeric SQL Injection 和 Blind String SQL Injection 两个例子

http://en.wikipedia.org/wiki/Login_spoofingLogin spoofings are techniques used to steal a user's password. The user is presented with an ordinary looking login prompt for username and password

DescriptionThe purpose of the command injection attack is to inject and execute commands specified by the attacker in the vulnerable application. In situation like this, the application, which execu

https://www.owasp.org/index.php/Testing_for_Bypassing_Authorization_Schema_(OWASP-AZ-002)Brief SummaryThis kind of test focuses on verifying how the authorization schema has been implemented f

DescriptionSimilar to SQL Injection, XPath Injection attacks occur when a web site uses user-supplied information to construct an XPath query for XML data. By sending intentionally malformed infor

Introducing XPath XPath 1.0 is a well-supported and fairly old query language for selecting nodes in an XML documentand returning a computed value from the selected nodes. There are plenty of li

转自：http://nibblesec.org/files/MSAccessSQLi/MSAccessSQLi.html