Python is a script-writing artifact! Pretty cool! Information Asset Collection class scripting!

---restore content starts---

The principle of port scanning:

Incoming group: 125240963 to get dozens of sets of PDFs Oh!

Port scanning, as the name implies, is to scan a port or a specified port one at a time. By scanning the results, you can know which services are available on a single computer, and then you can attack them through the known vulnerabilities of the services provided. The principle is that when a host to a remote server on a certain port to establish a connection request, if the other side has this service, will answer, if the other side does not install the service, even if you make a request to the appropriate port, the other side still no answer, using this principle, If a connection is made to all well-known ports or to a known port in a range that you have selected, and the answer given by the remote server is recorded, you can see what services are installed on the target server by looking at a record, which is the port scan, the port scan, You can collect a lot of useful information about the target host. For example, whether the other party provides FPT services, WWW services, or other services.

Three states of the port

Open--The port is open, accessible, and process

CLOSED--The port will not return anything. There might be a WAF.

FILTERED-can be accessed, but no program is listening

Here's a tool for--nmap the chestnuts ...

That's about it, let's start using Python to implement it .... Port scan in Python can be used in a number of modules, this article with the Socket module demo single-threaded in the previous article has said that the specific portal:

A jingzhuang of the purchase of a liar by my complete conquest

Speed is not huge slow, since is the farewell script Kid, write a single-threaded. It's definitely not going to work, huh haha

Releasing multithreaded versions

Very simple, I do not know how to say ... If your basic knowledge is not strong enough, please move on to the introductory article

Python Dafa from getting started to writing POC

Sub-domain Capture script writing

This article will demonstrate three kinds of bar

The first is through the dictionary blasting, this method mainly relies on the dictionary .... How much is collected depends on the size of the dictionary ...

Demo a single-threaded bar

The second is through the search engine to collect subdomains, but some subdomains will not be included in the search engine .....

Refer to this article

Tools | To teach you a collection of sub-domains of information collection

I think this article is also possible to introduce .... I'm too lazy to write it, just stick it over.

The third is through a number of third-party websites. The implementation method is similar to the second

As I mentioned in the previous article, I just quoted it directly.

If not, just read this article, very detailed ...

Python Dafa from HELL0 Momo to writing POC (v)

CMS Fingerprint Identification script writing

There are now a number of open source fingerprint identification programs, W3af,whatweb,wpscan,joomscan, etc., common to identify several ways:

Cool..

Next, is the CMS fingerprint recognition of the second method ...

I used the method to match the keyword ...

Got a matching dictionary for dedecms.

All the dictionary to Baidu Bar, younger brother not ... Younger brother use is Deepin,win error too chicken, really lazy to solve ....

Cool ... This is a simple implementation of CMS recognition ...

Recently for a long time not to write articles, techniques unfamiliar, you dalao forgive me ....

---restore content ends---

Python is a script-writing artifact! Pretty cool! Information Asset Collection class scripting!