? Navisec
Website:http://navisec.it
Network security personnel's Internet navigation, security personnel essential website. Website focused content, and not too much decoration, style is extremely concise. Frequently visited forums, vulnerability libraries, well-known blogs, emergency response centers, everything. Before, have been suffering from the absence of a website can be common security sites collected together. The appearance of Navisec made the editor feel pleasantly surprised.
Zhong Eye
Website:http://www.zoomeye.org
Zoomeye Chinese name "Zhong Eye", it is located in the network Space search engine, can be exposed to the public network of host equipment and Web site components for a full range of search (as long as there is an IP address can be searched), the discovery of the loopholes in the network, "hide the Problem". The difference between Zoomeye and SHODANHQ is that Zoomeye currently focuses on Web-level asset discovery while SHODANHQ focuses on the host plane. The site's authoring team is from: Know Chong Woo
Dharma
Website:http://fofa.so
FOFA website Information search engine, is a technical staff to provide fingerprint identification, all-network application recognition of the open online search engine.
Satan
http://www.shodanhq.com/
Shodan can be said to be a "dark" Google, a moment constantly looking for all the Internet-related servers, cameras, printers, routers and so on. Zoomeye some of the ideas and SHODANHQ, you can see the shodanhq of the status of the lake is how high. There are many tutorials online, interested friends can use SHODANHQ to find the camera or something.
Do network security industry, I think there are two points to have: the first is a sharp sense of smell, flexible and efficient means of information collection. The second is to have a hard-working spirit. Here is the website I used when I initially collected information.
Whois
Website:http://Who.is
Who.is query to more comprehensive information, will also display some domain name history, sub-domain information, DNS information and so on. In the current access to the site, he provides information on the availability of very good.
Http://whois.domaintools.com
The information collected is more detailed than the who.is, but it has to be charged. The free information is less than who.is. A friend with a high demand can think about it.
Ping?
Website:http://ping.chinaz.com
His role is not only to ping so simple. The main role is to detect whether the target site uses a CDN. You can even dig out the real website IP. Because there are not too many tests, there is no guarantee of validity here.
Next Station query
Website:http://dns.aizhan.com?? ? ? http://www.114best.com/ip/
Side-note skills, the earliest known is in the Ming boy's side note tool. Host security is generally poor in the current year, many servers have a local overflow vulnerability. As long as a station on the server, you can get the target site. Later, this technique continues until today.
Website fingerprint identification
Website:http://www.websth.com/?? ? ? http://hacksoft.org/cms?? ?? http://whatweb.net/
Before the official offensive, I like to understand the program used to target the first. If it is an open source program, we will go to Google, Cloud, vulnerability library, etc. to find out whether the program has previously exposed the vulnerability. If it is written by the other side, you can also use the above tools to identify whether the other side of the thinkphp and other frameworks. The enemy, Baizhanbudai.
?
FB Netizen H4DE5 Supplement
Well, let me add some of the tools I've used myself to:
1,http://www.gpsspg.com/
2,http://websth.com/
3,http://www.showjigenzong.com/
4,http://hd2001562.ourhost.cn/
5,http://www.cz88.net/
6,http://so.baiduyun.me/
7,http://nmap.online-domain-tools.com/
8,http://az0ne.lofter.com/post/31a51a_131960c? There are also many tools in this blog.
From Freebuf
"Security" commonly used penetration testing tool-based Web site