部分 IX. Security
上一頁
下一頁
Home
|
Mirror
|
Search
部分 IX. Security
目錄
126. Sniffer
1. nmap - Network exploration tool and security / port scanner
1.1. HOST DISCOVERY
1.1.1. -sP: Ping Scan - go no further than determining if host is online
1.2. SCAN TECHNIQUES
1.2.1. -sU: UDP Scan 掃瞄
1.2.2. -b <FTP relay host>: FTP bounce scan
1.3. PORT SPECIFICATION AND SCAN ORDER
1.3.1. -p <port ranges>: Only scan specified ports
1.4. SCRIPT SCAN
1.4.1. ftp-anon
1.4.2. mysql-info
1.4.3. http
1.4.4. snmp
1.4.5. SSHv1
1.4.6. --script-updatedb 更新腳本
1.5. OS DETECTION
1.5.1. -O: Enable OS detection 操作系統探測
1.6. OUTPUT
1.6.1. --open: Only show open (or possibly open) ports 操作系統探測
1.7. MISC
1.7.1. -6: Enable IPv6 scanning
1.7.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
1.8. Nmap Scripting Engine (NSE)
2. tcpdump - A powerful tool for network monitoring and data acquisition
2.1. 監控網絡適配器介面
2.2. 監控主機
2.3. 監控TCP連接埠
2.4. 監控協議
2.5. 輸出到檔案
2.6. 保存結果
2.7. Cisco Discovery Protocol (CDP)
2.8. 案例
2.8.1. 監控80連接埠與icmp,arp
2.8.2. monitor mysql tcp package
2.8.3. HTTP 包
2.8.4. 顯示SYN、FIN和ACK-only包
3. cdpr - Cisco Discovery Protocol Reporter
4. nc - TCP/IP swiss army knife
5. Unicornscan,Zenmap,nast
6. netstat-nat - Show the natted connections on a linux iptable firewall
7. Wireshark
127. sqlmap - automatic SQL injection and database takeover tool
1. Installation
2. 開始入住實驗
2.1. 測試腳本
2.2. sqlmap.ini
3. Request參數
3.1. --method, --data
3.2. --cookie
3.3. --referer
3.4. --user-agent
3.4.1. -a
3.5. --headers
3.6. auth
3.6.1. --auth-type
3.6.2. --auth-cred
3.7. --proxy
3.8.
3.9. --threads
3.10. --delay
3.11. --timeout
4. Injection
4.1. --dbms
4.2. --prefix
4.3. --postfix
4.4. --string
4.5. --regexp
4.6. --excl-str
4.7. --excl-reg
5. Techniques
5.1. --stacked-test
5.2. --time-test
5.3. --union-test
5.4. --union-tech
5.5. --union-use
6. Enumeration
6.1. dbs
6.2. --count
6.3. --dump/--dump-all
6.4. --sql-query
6.5. --sql-shell
7. Miscellaneous
7.1. --update
7.2. --save
128. Vulnerability Scanner
1. Nessus
2. OpenVAS
129. Injection & Penetration
1. Backtrack Linux
130. SELinux
1. getsebool - get SELinux boolean value
2. setsebool - set SELinux boolean value
3. chcon - change file SELinux security context
4. rsync
Please enable JavaScript to view the
comments powered by Disqus.
comments powered by
Disqus