Introduction to WEB security attack and defense, security network attack and defense contest video

1 year ago (2023-12-24) Shallow singing
8 minutes
three hundred and twenty
zero

1 Information collection stage

ailx10
1188 consultations

four point nine

Excellent respondent of network security
Master of Network Security

Go to consult

1.1 Domain name information

The prologue is written to the entrants. Domain name query can quickly understand who is the operator of a website. If no operator can be found, it means that it is a phishing website or an illegal website, especially engaged in financial transactions, which needs special attention.

1.1.1 Whois Query

Recommended index: ★★

1.1.2 Sky eye inspection

Tianyan Query - Business Security Tools_Enterprise Information Query _ Company Query _ Industrial and Commercial Query _ Enterprise Credit Information System

Recommended index: ★★★★★

1.1.3 Station master tools

Webmaster Tools - Home of Webmaster

Recommended index: ★★★★★

1.2 Subdomain information

1.2.1 Sublist3r

Recommended index: ★★★★

1.2.2 DNSdumpster

dns recon and research, find and lookup dns records

Recommended index: ★★★

1.2.3 CRT:SH

crt.sh | Certificate Search

Recommended index: ★★★

1.3 Port information

1.3.1 Nmap

Recommended index: ★★★★★

1.3.2 Masscan

Recommended index: ★★

1.3.3 Well known port vulnerabilities

Github details: BestBDs/port-bug

Recommended index: ★★★

File sharing server

21/22/69 ftp/tftp: file transfer protocol; blast; Sniffing; Spillover; Rear door; 2049 nfs: network file system; Improper configuration; 139 smaba: Linux file sharing; blast; Unauthorized access; Remote code execution; 389 ldap: directory access protocol; Injection; Anonymous access; Weak password;

Remote connection server

22 ssh: secure shell protocol; blast; Tunnel; 23 telnet: telecommunication network protocol; blast; Sniffing; 3389 rdp: Remote Desktop Protocol; blast; 5900 vnc: virtual network computing protocol; Weak password; blast; 5632 pcanywhere: remote control protocol; Weak password; Code execution;

WEB application server

80/8080/443/8443 web: web attack; 7001/7002 weblogic: java deserialization; Weak password; 8089 jboss/resin/jetty/jenkins: deserialize; Weak password; 9090 websphere: deserialization; Weak password; 4848 glassfish: weak password; 1352 lotus domino: weak password; Information leakage; blast; 10000 webmin web: weak password;

database server

3306 MySQL: injection; Raising rights; blast; 1433 mssql: injection; Raising rights; blast; 1521 oracle: TNS blasting; Injection; Bounce shell; 5432 postgresql: blasting; Injection; Weak password; 27017/27018 mangodb: blasting; Unauthorized access; 6379 Redis: unauthorized access; Weak password blasting; 5000 sysbase/db2: blasting; Injection;

Mail server

25 smtp: Simple Mail Transfer Protocol; Mail forgery; 110 pop3: Post office protocol version 3; blast; Sniffing; 143 imap: interactive mail access protocol; blast;

1.4 Website fingerprint information

1.4.1 whatweb

Recommended index: ★★★

1.4.2 bugscaner

Online fingerprint identification, online cms identification plug-in -- online tool

Recommended index: ★★★

1.4.3 Yunxi Fingerprint

Yunxi WEB Assets Sorting | Online CMS Fingerprint Identification Platform - Yunxi Security

Recommended index: ★★★

1.5 Sensitive information collection

1.5.1 Google Hacker

Recommended index: ★★★★

Site: specify the domain name inurl: specify the keywords existing in the url context: specify the keywords in the body of the web page filetype: specify the file type integer: specify the keywords in the title of the web page link: return all urlinfo linked to the link: find some basic information about the specified site cache: search Google's cache for some content

Anyone who is copying and pasting your article can easily find it through Google link: content. Go and see if your original article has been moved.

1.5.2 Foreign IP address query

CA App Synthetic Monitor website monitoring service

Recommended index: ★★★★

1.5.3 Domestic IP address query

Website speed measurement | Website speed test | Network speed test | Telecom | Unicom | Netcom | China | Monitoring | CDN | PING | DNS 17CE COM

Recommended index: ★★★★

1.5.4 Bypass CDN to Query IP Address

VirusTotal

Recommended index: ★★★★★

1.5.5 DirBuster website directory traversal

Recommended index: ★★

1.6 Social engineering

Free query of social worker database (It is not guaranteed to live, and the general social work library is on the hidden network)

Recommended index: ★★

Introduction to WEB security attack and defense, security network attack and defense contest video

Next: Take you hand in hand to build a loophole shooting range( Ailx10: Take you hand in hand to build a loophole shooting range

This article is written by: Shallow singing Published on Software Development of Little Turkey , please indicate the source for reprinting: //hongchengtech.cn/blog/3062.html
Shallow singing
author

Related recommendations

1 year ago (2024-02-20)

How does the WeChat management system manage enterprise WeChat chat content, and chat records of enterprise WeChat administrator permissions

Original title: How does the WeChat management system manage enterprise WeChat chat content How does the enterprise WeChat chat content manage enterprise WeChat chat content? Most WeChat chat content viewers on the market are for private viewing, but viewing WeChat chat content in enterprises is also particularly important. Without the use of WeChat management system, many behaviors such as abusing customers, flying orders, and randomly promising customers are
six hundred and sixty-four
zero
1 year ago (2024-02-20)

Liaocheng Chiping District Sub branch of Agricultural Development Bank of China carried out the second online exercise of the new generation credit management system, and how to do a good job in credit work as a member of Agricultural Development Bank of China

Recently, Chiping District Sub branch of Agricultural Development Bank of China actively implemented the second phase online exercise of the new generation credit management system. In accordance with the requirements of the overall exercise plan issued by the superior bank, it carefully deployed, carefully organized, clearly defined the division of labor, strengthened the coordination and linkage between various departments, closely cooperated, and effectively performed various work responsibilities during the exercise. Chiping District Sub branch organized all staff of the Customer Department to participate in the online drill
four hundred and ninety-one
zero
1 year ago (2024-02-18)

Content marketing is hard to do? Zhiqu Baichuan teaches you how to easily build a content management system, and what needs to be done well in content marketing

Two days ago, we received an official email "to Baichuan to remove from the salesforce app store" - because the United States issued an administrative order on August 6, 2020, prohibiting "any WeChat related transactions", which came into effect 45 days after the administrative order was issued (that is, September 20). The "one-stop marketing cloud" provided by Zhiqu Baichuan includes
three hundred and forty-three
zero
1 year ago (2024-02-18)

Why Enterprise Content Management System?, Why did you choose Business Management

As paper has almost disappeared, your company's important documents and information need to be digitized, stored and used in a way that supports processes and workflows. Through the enterprise content management (ECM) system, you can better manage enterprise content and choose a more interactive way to process the information of the entire enterprise. Do you check the internal documents, invoices, training materials, contracts, finance
two hundred and eighty-nine
zero

comment

0 people have participated in the review

Scan code to add WeChat

contact us

WeChat: Kuzhuti
Online consultation: