Owasp_zap
Zed Attack Proxy
WEB Applicaiton Integrated Penetration testing and vulnerability mining tools
Open source free cross platform easy to use
Truncate agent
Active, passive scanning
Fuzzy, violent cracking
Api
http://zap/
Do your want to persist the ZAP Session
Yes,i want to persist this session with name based on the current timestamp
√yes,i want to persist this session but I want to specify the name and location
No,i do not want to persist the session at this moment in time
Remember my choice and not ask me again.
You can all changs your decision via the Options/database screen
[Email protected]:~# Netstat-pantu | grep 8080
TCP6 0 0 127.0.0.1:8080:::* LISTEN
1685/java
First, Brief introduction
Zaproxy is an easy-to-use, interactive, penetration testing tool for Web Application Vulnerability mining.
Zap can be used for security professionals, developers, functional testers, and even penetration test starters.
Zap provides some tools for manual mining of security vulnerabilities in addition to the automatic scanning tool.
Second, basic settings
1 Menu bar-->> tools-->> Options-->> local agent (ie tested by local agent)
2 menu bar-->> tools-->> option-->>connection (set timeout time and network proxy, authentication)
3 Menu bar-->> tools-->> options-->>spider (set connected threads etc) 4 menu bar-->> tools-->> options-->> Brute force (import dictionary files here) 5 menu bar-->> analysis-->> Scan Policy (set scan policy) three, some points 1 active scanning and passive scanning: Active scanning is like the normal scanner actively to detect the test vulnerability, and the passive scan is to write the regular expression (rule) in the background thread, Does not affect the overall speed of the application and passively responds to the Web application being tested (if a rule is triggered).
2 Request Breakpoint: The Main method of requesting a breakpoint bypasses client-side validation (typically done with JavaScript), intercepting requests from the browser and before changing it to the application that is being tested by the Web site.
3 directory scanning (violence) mainly through the dictionary file directly access to the directory in the form of the directory, can be used to find management background, dictionary file directory: G:\program files\owasp\zed Attack Proxy\dirbuster
4 Fuzzy Testing (Fuzzer): Fuzzy testing refers to a large number of invalid or unexpected data submitted to the target technology. (source Google); Here you import the Blur Test list: The menu bar-->> tool-->> options-->>fuzzer, and you can choose which type of vulnerability to test by default.
5 Calling the application: for example nmap (source Google, has this feature, but how to expand not quite understand) 6 Spider: now manually explore the app, just use the spider to find the link you have missed, or somehow hidden. Iv. Basic Penetration Testing Process 1 Explore: Use the browser to explore all the features provided by the application. Open each URL, press all the buttons, fill out and submit all the form categories. If the application supports more than one user, then each user is guaranteed to have a different file, and then start using the next user, starting a new session.
2 spider: Use Spider to find the URL.
3 Brute force scanning: Use a brute force scanner to find unreferenced files and directories.
4 Active Scan: Use the active scanner to find basic vulnerabilities.
5 Manual testing: The above steps may find a basic vulnerability. To find more vulnerabilities, you need to test the application manually. Another: There is also a port scanning function, as a supplementary test.
Owasp_zap
Persist Session
Mode-----Safe, Protected, Standard, ATTACK
Upgrade Add-ons
Scan Policy
Anti CSRF Tokens
HTTPS-----CA
Scope/contexts/filter
Http Sessions------Default Session tokens & Site session tokens
Note/tag
Passive Scan
Owasp_zap
Standard Scan Workflow
Set up Proxy
Crawl manually
Automatic crawling
Automatic scanning
This note is for safe Cattle class student notes, want to see this course or information security of dry goods can go to safe cattle classes
security+ Certification Why is the Internet + era of the most popular certification?
Manifesto first introduce you to security+
security+ certification is a neutral third-party certification, the issuing agency for the United States Computer Industry Association CompTIA, and CISSP, ITIL and other common inclusion of the international IT Industry 10 Popular certification, and CISSP emphasis on information security management, compared to security+ Authentication is more emphasis on information security technology and operations.
This certification demonstrates your ability to network security, compliance and operational security, threats and vulnerabilities, application, data and Host security, access control and identity management, and encryption technology. Because of its difficult examination difficulty, the gold content is high, has been widely adopted by global enterprises and security professionals.
Why is security+ certification so hot?
reason one: In all information security certification, the emphasis on information security technology certification is blank, security+ certification can make up for the gap in the field of information security technology.
currently recognized in the industry of information security certification mainly has Cisp and CISSP, but whether cisp or CISSP are emphasis on information security management, technical knowledge is broad and simple, the exam is around. And CISSP require a certificate of information security work experience for more than 5 years, Cisp also require a college education 4 years of working experience, these requirements will undoubtedly be able and motivated young people of the road blocked. In the real world, whether it is looking for a job or a raise, or a tender time to report personnel, certification is essential, which brings a lot of injustice to young people. The emergence of security+ can clear these young people career development obstacles, because security+ emphasis on information security technology, so there is no special requirements for work experience. As long as you have an IT-related background, the pursuit of progress can be studied and tested.
reason two: it operation and maintenance personnel work and turn over the weapon.
in the banking, securities, insurance, information and communications industries, the IT operations personnel are very many, it operations involved in the face is very wide. is a network, system, security, application architecture, storage as one integrated technology post. Although no program ape "born as a Bachelor, Die also write code," The solemn and tragic, but also has "Hoe wo Day Copse, as the operation of suffering" feeling. Every day to the computer and machine, the time has been inevitable for career development confusion and confusion. The advent of security+ international certification allows the pursuit of IT operations personnel to learn network security knowledge, to master network security practices. Career development in the direction of network security, to solve the problem of the shortage of information security personnel in China. In addition, even if not transformation, to do a good job in operation and maintenance, learning safety knowledge to obtain safety certification is also essential.
Reason three: grounding gas, international stylish, easy to test, moderate cost!
As the most influential global leader in the global ICT sector, CompTIA is professional, fair and impartial in the field of information security talent certification. Security+ certification is highly operational and closely related to the daily work of frontline engineers. Suitable for banks, securities, insurance, internet companies and other IT-related personnel learning. As an international certification in 147 countries around the world are widely recognized.
Under the current tide of information security, talent is the key to the development of information security. and the current domestic information security personnel is very scarce, I believe security+ certification will become the most popular information security certification.
This article is from the "11662938" blog, please be sure to keep this source http://11672938.blog.51cto.com/11662938/1968408
"Safe Cow Study notes" Owasp_zap