- Hands-On Bug Hunting for Penetration Testers
- Joseph Marshall
- 107字
- 2021-07-16 17:53:13
Questions
- What's a good tool for finding hidden directories and secret files on a site?
- How and where can you find a map of the site's architecture? How can you create one if it's not already there?
- How can you safely create a map of an application's attack surface without using scanners or automated scripts?
- What's a common resource in Python for scraping websites?
- What are some advantages to writing scripts according to the Unix philosophy (single-purpose, connectable, built around text)?
- What's a good resource for finding XSS submissions, SQLi snippets, and other fuzzing inputs?
- What's a good resource for discovering DNS info associated with a target?
推薦閱讀
- SASE原理、架構與實踐
- Metasploit Penetration Testing Cookbook(Third Edition)
- Learning Python for Forensics
- Practical Network Scanning
- 信息系統安全檢測與風險評估
- 局域網交換機安全
- 學電腦安全與病毒防范
- 黑客攻防實戰從入門到精通
- Mastering Python for Networking and Security
- 網絡安全監控實戰:深入理解事件檢測與響應
- Kali Linux無線網絡滲透測試詳解
- ATT&CK視角下的紅藍對抗實戰指南
- 2023—2024年中國網絡安全發展藍皮書
- 極限黑客攻防:CTF賽題揭秘
- Cisco Firepower威脅防御(FTD)設備的高級排錯與配置