Safety Testing ===web learning routes for safety penetration

Source: Internet
Author: User
Tags php and mysql php framework kali linux

To Sheng Li
Links: https://www.zhihu.com/question/21914899/answer/39344435
Source: Know
Copyright belongs to the author. Commercial reprint please contact the author for authorization, non-commercial reprint please specify the source.

Web Security Engineer

  • Web Security related concepts
    Familiar with the basic concepts (SQL injection, upload, XSS, CSRF, a word trojan, etc.).
    1. Through keywords (SQL injection, upload, XSS, CSRF, a word trojan, etc.) to Google/secwiki;
    2. Read "Proficient script hacker", although very old also have errors, but the introduction is still possible;
    3. See some infiltration notes/video, understand the whole process of infiltration, can Google (infiltration notes, infiltration process, intrusion process, etc.);
  • 3 weeks

    Familiar with penetration related tools
    Familiar with the use of Awvs, Sqlmap, Burp, Nessus, Chopper, Nmap, AppScan and other related tools.
    1. Understand the use of such tools and usage scenarios, first with the software name Google/secwiki;
    2. Download the software that is not available for installation;
    3. Study and use, the specific teaching materials can be searched on Secwiki, for example: Brup tutorial, Sqlmap;
    4. The few software to be used are learned to install the Sonic start to do a penetration toolbox;
  • 5 weeks

    Infiltration actual operation
    Master the entire stage of penetration and be able to penetrate small sites independently.
    1. Penetrate the network to see and think about the ideas and principles of the video, keywords (infiltration, SQL injection video, file upload intrusion, database backup, dedecms exploit, etc.);
    2. Find your own site/build test environment for testing, remember to hide yourself;
    3. Thinking about infiltration is divided into several stages, each of which needs to do the work, such as this: PTEs penetration test execution standards;
    4. Study the types of SQL injection, injection theory, manual injection skills;
    5. Research the principle of file upload, how to truncate, double-suffix spoofing (IIS, PHP), parsing exploit (IIS, Nignix, Apache), etc., refer to: Upload attack framework;
    6. Study the principle and type of XSS formation, the specific learning method can be Google/secwiki, can refer to: XSS;
    7. To study the method and specific use of windows/linux, you can refer to: right to raise;
    8. can refer to: Open source penetration testing vulnerable systems;
  • 1 weeks

    Focus on Security Circle dynamics
    Focus on the latest vulnerabilities, security incidents, and technical articles in the security circle.
    1. Browse Daily Security Technical articles/events through Secwiki;
    2. Through the weibo/twitter concerned about the safety circle practitioners (encounter Daniel's attention or close friends resolute attention), every day to draw time to brush;
    3. Through the feedly/fruit subscription domestic and foreign Security technology blog (not limited to domestic, usually pay more attention to accumulate), there is no source can see the secwiki of the aggregation column;
    4. Develop the habit, every day actively submit security technical articles linked to Secwiki to accumulate;
    5. More attention to the latest vulnerability list, recommended several: exploit-db, CVE Chinese Library, Wooyun, and so on, encountered public loopholes are to practice.
    6. Focus on national and international Security conference issues or video, recommend Secwiki-conference.
  • 3 weeks

    Familiarity with Windows/kali Linux
    Learn Windows/kali Linux basic commands, common tools;
    1. Familiar with the common CMD commands under Windows, for example: Ipconfig,nslookup,tracert,net,tasklist,taskkill, etc.;
    2. Familiar with the common commands under Linux, such as: Ifconfig,ls,cp,mv,vi,wget,service,sudo, etc.;
    3. Familiar with Kali Linux system common tools, can refer to Secwiki, "Web penetration Testing with Kali Linux", "Hacking with Kali" and so on;
    4. Familiar with Metasploit tools, can refer to Secwiki, "Metasploit Penetration Test Guide".
  • 3 weeks

    Server Security Configuration
    Learn the server environment configuration and find out the security issues with the configuration by thinking about it.
    1. windows2003/2008 Environment of IIS configuration, pay special attention to configure security and operation permissions, you can refer to: secwiki-configuration;
    2. Linux environment, the security configuration of lamp, mainly consider the operation permissions, cross-directory, folder permissions, etc., you can refer to: secwiki-configuration;
    3. Remote system reinforcement, restrict user name and password login, restrict port through iptables;
    4. Configure the software WAF to strengthen the system security, in the server configuration mod_security and other systems, see Secwiki-modsecurity;
    5. Security detection of configuration environment through Nessus software, unknown security threats found.
  • 4 weeks

    Scripting Programming Learning
    Select one of the scripting language Perl/python/php/go/java to program the common libraries.
    1. Build development environment and choose ide,php Environment recommended Wamp and Xampp,ide strongly recommend Sublime, some Sublime tips: secwiki-sublime;
    2. Python programming learning, learning content includes: grammar, regular, file, network, multi-threaded and other common library, recommended "Python core programming", do not read ;
    3. Use Python to write the vulnerability of exp, and then write a simple web crawler, see secwiki-crawler, video;
    4. PHP Basic grammar to learn and write a simple blog system, see "PHP and MySQL Program design (4th edition)", video;
    5. Familiarize yourself with the MVC architecture and try to learn a PHP framework or Python framework (optional);
    6. Understand the layout of Bootstrap or CSS, you can refer to: secwiki-bootstrap;
  • 3 weeks

    Source Audit and vulnerability analysis
    Can independently analyze the script source code program and find security issues.
    1. Familiar with the dynamic and static methods of source audit, and know how to analyze the program, see secwiki-Audit;
    2. From the Wooyun to find Open source Program Vulnerability Analysis and try to analyze their own;
    3. Understand the causes of web vulnerabilities, and then search through the keyword for analysis, see secwiki-Code Audit, Advanced PHP Application Vulnerability Audit technology;
    4. Study the principle of web vulnerability formation and how to avoid this kind of vulnerability from the source level, and organize into checklist.
  • 5 weeks

    Design and development of safety system
    can establish its own security system, and can provide some security recommendations or system architecture.
    1. Develop some practical security gadgets and open source, reflect personal strength;
    2. Establish their own security system, the company's security has its own some knowledge and views;
    3. Propose or join the architecture or development of a large security system;
    4. Look at the development of their own ~

Safety Testing ===web learning routes for safety penetration

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.