pentest methodology

From the accidentally climax of ' blogEgg ache, write a bit, Medusa crack up still relatively fast, first we see Help[Email protected]:/pentest/exploits/framework3# MedusaMedusa v1.5 [http://www.foofus.net] (C) jomo-kun/foofus Networks Alert:host information must be supplied.Syntax:medusa [-H host|-h file] [-u username|-u file] [-P password|-p file] [-C file]-M module [OPT]-H [TEXT]: Target hostname or IP address-h [File]: file containing target hostn

Use of DNS scanning toolsDNS scanning tools can be used to collect information including: domain name registration information, domain name resolution server (DNS server), valid sub-domain names(Information that can be used to collect: domain name registration information, name, phone number, email address, expiration time, valid subdomain name ....)1. WhoisUsage: whois top-level domain name (must be top-level domain name)Domain name status:The server group used to resolve DNS:Domain Name and Ne

One common feature of agile methodologies is that they point to "documentation", which argues that the traditional software engineering approach is too "heavy", called a "heavyweight" approach, and that the corresponding agile approach is a "lightweight" approach. It is because of the "lightweight" feeling that there is no power, not only can not effectively reflect flexibility, but it seems to be a methodological approach to solve the problem. As a result, there was an epoch-making meeting that

Information Detection: Target Site: http://www.sixxf.itServer IP Address: 192.232.2xx.97 (USA)Environment platform: PHPServer System: ApacheThis time, I used a webpage to detect that the information on this site is not complete. Go to the topic, open the website background, and enter a 'in the login account text. The returned result is as follows:After the execution of ', the SQL statement reports an error, indicating that there may be injection. Use the Sqlmap tool in the Back Track system to t

An nginx egg DAY has been generated in recent days. Some people always ask how to judge the Web server, and ask the scanner that has a sudden menstruation. Such as nmap nc nikto .... What should we do with so many scanners? NMAP is enough! Method N: a few more examples! Nmap Pentest @ yinyin :~ $ Nmap-sV-p 80 www.xxoo.com Starting Nmap 5.00 (http://nmap.org) at 2010-05-24 CSTInteresting ports on 203. xxx. xxx.1 × 1:PORT STATE SERVICE VERSION80/tcp ope

Injection–blind SQL INJECTION–LFI–RFI–XSS–CSRF and so on.We will use Nikto to collect vulnerability information:[Email protected]:/pentest/web/nikto# perl nikto.pl-h hack-test.comWe will also use the W3AF tool in backtrack 5 R1:[Email protected]:/pentest/web/w3af#./w3af_guiWe enter the address of the website to be detected and select the Complete security audit option.Wait a moment, and you'll see the resu

. Incorrect results at http://nmap.org/submit/. Nmap done:1 IP Address (1 host up) scanned in 7.42 seconds server only open 80 ports, operating system is Linux 2.6.22 (Fedora Core 6) Now that we've got all the important information, let's do a bit of vulnerability testing, such as SQL injection, blinds, LFI,RFI,XSS,CSRF, etc. We use nikto.pl to get information and weaknesses: [Email protected]:/pentest/web/nikto# perl nikto.pl-h http:/

Today, I want to learn how to install PostgreSQL8.4 in Ubuntu9.10. After executing the following command, linuxidc @ pentest :~ $ The sudoapt-getinstallpostgresql-8.4postgresql-client-8.4postgresql-contrib-8.4 returns the following: update-alternatives: Using/usr/share/postgresql I want to install PostgreSQL 9.10 on Ubuntu 8.4 today. After executing the following command Linuxidc @ pentest :~ $ Sudo apt-get

SQL injection, blinds, LFI,RFI,XSS,CSRF, etc.We use nikto.pl to get information and weaknesses:[Email protected]:/pentest/web/nikto# perl nikto.pl-h http://hashlinux.com-Nikto v2.1.4---------------------------------------------------------------------------+ Target ip:192.168.1.2+ Target Hostname:hashlinux.com+ Target port:80+ Start time:2011-12-29 06:50:03---------------------------------------------------------------------------+ server:apache/2.2.

SCTF2016 the painful infiltration of the road 0x00 Preface This time the CTF play very sour, a total of 7 web penetration of the topic, this is the beginning of pain. A good jury, for him so many high door threshold. 0x01 pentest-homework-200 http://homework.sctf.xctf.org.cn/ Open full, is the landing page, entered the registration. Name, age, upload pictures. After landing, a picture was displayed. There's also a homework link. Click Homework

1. The previous analysis of Main and Execve, with the "Basic Shellcode extraction method" in the corresponding part of the explanation. If the EXECVE () call fails, the program will continue to fetch the instruction from the stack and execute it, while the data in the stack is random, usually the program will be core dump. If we want the program to still exit gracefully when the EXECVE () call fails, we must add an exit system call after the EXECVE () call. Its C language program is as follows:

------------------------------------------------------------ IBM DeveloperWorks Software Engineering Project 1. Agile thinking--Methodology in architecture design Mr. Lin In this column on software engineering, the authors will apply agile methodologies to research the architecture design in the development process. 1. Agile thinking-Methodology in architecture design (1)--architecture design from the p

only need to find the version of the corresponding operating system in sqlmap. root@bt:/pentest/database/sqlmap/udf/mysql# lslinux windowsroot@bt:/pentest/database/sqlmap/udf/mysql/linux# ls32 64root@bt:/pentest/database/sqlmap/udf/mysql/linux/64# lslib_mysqludf_sys.so 3. Use the udf library file to load the function and execute the command. First, you must ob