Home | Mirror | Search

Netkiller Security 手札

Sniffer, Scanner, Vulnerability, Penetration

Mr. Neo Chan, 陳景峰(BG7NYT)


中國廣東省深圳市龍華新區民之街道溪山美地
518109
+86 13113668890
+86 755 29812080

版權聲明

轉載請與作者聯繫,轉載時請務必標明文章原始出處和作者信息及本聲明。

文檔出處:
http://netkiller.sourceforge.net
http://netkiller.github.com

2011-12-9


您可以使用iBook閲讀當前文檔

目錄

自述
1. 系列文檔
2. 作者簡介
3. 寫給讀者
1. Sniffer
1. nmap - Network exploration tool and security / port scanner
1.1. HOST DISCOVERY
1.1.1. -sP: Ping Scan - go no further than determining if host is online
1.2. SCAN TECHNIQUES
1.2.1. -sU: UDP Scan 掃瞄
1.2.2. -b <FTP relay host>: FTP bounce scan
1.3. PORT SPECIFICATION AND SCAN ORDER
1.3.1. -p <port ranges>: Only scan specified ports
1.4. SCRIPT SCAN
1.4.1. ftp-anon
1.4.2. mysql-info
1.4.3. http
1.4.4. snmp
1.4.5. SSHv1
1.4.6. --script-updatedb 更新腳本
1.5. OS DETECTION
1.5.1. -O: Enable OS detection 操作系統探測
1.6. OUTPUT
1.6.1. --open: Only show open (or possibly open) ports 操作系統探測
1.7. MISC
1.7.1. -6: Enable IPv6 scanning
1.7.2. -A: Enables OS detection and Version detection, Script scanning and Traceroute
1.8. Nmap Scripting Engine (NSE)
2. tcpdump - A powerful tool for network monitoring and data acquisition
2.1. 監控網絡適配器介面
2.2. 監控主機
2.3. 監控TCP連接埠
2.4. 監控協議
2.5. 輸出到檔案
2.6. 保存結果
2.7. Cisco Discovery Protocol (CDP)
2.8. 案例
2.8.1. 監控80連接埠與icmp,arp
2.8.2. monitor mysql tcp package
2.8.3. HTTP 包
2.8.4. 顯示SYN、FIN和ACK-only包
3. cdpr - Cisco Discovery Protocol Reporter
4. nc - TCP/IP swiss army knife
5. Unicornscan,Zenmap,nast
6. netstat-nat - Show the natted connections on a linux iptable firewall
7. Wireshark
2. sqlmap - automatic SQL injection and database takeover tool
1. Installation
2. 開始入住實驗
2.1. 測試腳本
2.2. sqlmap.ini
3. Request參數
3.1. --method, --data
3.2. --cookie
3.3. --referer
3.4. --user-agent
3.4.1. -a
3.5. --headers
3.6. auth
3.6.1. --auth-type
3.6.2. --auth-cred
3.7. --proxy
3.8.
3.9. --threads
3.10. --delay
3.11. --timeout
4. Injection
4.1. --dbms
4.2. --prefix
4.3. --postfix
4.4. --string
4.5. --regexp
4.6. --excl-str
4.7. --excl-reg
5. Techniques
5.1. --stacked-test
5.2. --time-test
5.3. --union-test
5.4. --union-tech
5.5. --union-use
6. Enumeration
6.1. dbs
6.2. --count
6.3. --dump/--dump-all
6.4. --sql-query
6.5. --sql-shell
7. Miscellaneous
7.1. --update
7.2. --save
3. Vulnerability Scanner
1. Nessus
2. OpenVAS
4. Injection & Penetration
1. Backtrack Linux
5. SELinux
1. getsebool - get SELinux boolean value
2. setsebool - set SELinux boolean value
3. chcon - change file SELinux security context
4. rsync
comments powered by Disqus