01 2019 档案
摘要:1、Use Namp performing SYN scanning of the remote system in the lab ,there are two systems in you windows.an instance of Metasploitable2 is used to per
阅读全文
摘要:1、 Network Reconnaissance first we can use the command to gather the site information by whois eg : whois -i mnt-by YAHOO-MNT 2 、dig to gather the DNS
阅读全文
摘要:1、UDP scanning with Scapy Scapy is a tool that can be used to craft and inject custom packets into a network ,in this specific recipe, Scapy will be u
阅读全文
摘要:1、theree -way handshake A TCP SYN packet is sent from the device that wishes to establish a connection with a port of the device the it derires to con
阅读全文
摘要:1、NetDiscover you performe layer 2 the comand : netdiscover -r 192.168.2.0/24 or use netdiscover -l iplist.txt 2、in fact we use ARP to request the sys
阅读全文
摘要:一、 Continue to jot down notes about the Nmap 1、nmap -sn [ip] This command will send an ARP request to the LAN broadcast address and will determine whe
阅读全文
摘要:1、在原来BoilerControl的基础上建立一个 2、检查通过标签构造的报告的时候,在键盘上按下Control键并一直保持的同时按下L键 将会弹窗一个ORD窗口代表定义的参数。同时按下Control键和C键表示复制ORD,之后选择取消按钮。 区域温度控制回路, 实验 如何将拷贝的项目为年纪这么好
阅读全文
摘要:1、Generating a Shell payload using msfvenom 2、web intrusion Test in fact in the websecurity ,the web pentration test is only ont piece of the puzzle ,
阅读全文
摘要:root@kali:~# nikto -host www.baidu.com- Nikto v2.1.6 + Target IP: 115.239.211.112+ Target Hostname: www.baidu.com+ Target Port: 80+ Start Time: 2019-0
阅读全文
摘要:一、jace配置 1、按照Jace 的默认IP配置自己电脑的IP网段(同一个网段),连接上之后使用默认的密码登录,导入tridiumEMEA…..的授权文件,之后创建Station,选择需要的协议驱动,或者自己写驱动导入连接。 修改javce的响应不配置,添加新的账号名等。 2、测试配置的Jace
阅读全文
摘要:1、Summaize the book Practical Web Penetration Testing first nmap tools is important for gather information of servers nmap -sn [ip] ping scan Netdisco
阅读全文
摘要:1、first you shold download the nessus on the web station the nessus download site url: https://www.tenable.com/downloads/nessus and then you wiil find
阅读全文
摘要:1、berfore we talking abnout the Source Code review,here's what we want to know about the most popular programming langurages . Web application develop
阅读全文
摘要:1、the basic information about workbench Last saved station open in the workbench or opened another workbench ,first you should opend the deam : Instal
阅读全文
摘要:Explore online vulnerability for servers and IoT devices : https://www.shodan.com get dumped leaked information : https://www.pastebin.com Text and so
阅读全文
摘要:1、 an SQLi vulnerability will allow you to do the following query the database using select statement forezample users table. you might get the passwo
阅读全文
摘要:1、 an SQLi vulnerability will allow you to do the following query the database using select statement forezample users table. you might get the passwo
阅读全文
摘要:1、 Reflected XSS ,we can use more sophisticated Javascript logic to collect personal information from its vitim, we can use javascript <script>alert(1
阅读全文
摘要:1、使用 OllyDBG打开的dll文件,最好找破解pro版本。不然没有编辑权限 ,目前OllyDBG并不支持eclipse IDE 64位编辑的 .class文件类型。 另外使用反编译的时候物理内存必须大于4G,汇编的时候会占用很多的计算。 对HEX的数据根据需要编辑之后,使用分析指令 2、寄存器
阅读全文
