当前位置:网站首页>Secondary vocational network security skills competition P100 web penetration test
Secondary vocational network security skills competition P100 web penetration test
2022-07-25 03:22:00 【Beluga】
One 、 What is penetration testing
Penetration test (penetration testing) It is an authorization attack on computer system , To evaluate the system / The security of the network , Perform tests to identify vulnerabilities and their risks . generally speaking , The penetration test process is divided into five stages : Including identifying the target system 、 Detect the existing vulnerabilities and the availability of each vulnerability . The goal of penetration testing is to find as many vulnerabilities as possible , And deliver reports in a common format acceptable to customers .
Two 、 Penetration test type
White box (white box): In the white box test , The testee will generally provide the target system to the tester 、 The Internet 、 Application and other details ( Including account number 、 password 、SSH/Telnet login information 、 framework 、 Network structure 、 Source code … … wait ).
Black box (black box): Test simulating the attacker scenario . Act as a real attacker's perspective , There is no information about the target system ( White box test description ), The biggest feature of this test is that the tester will pay more attention to the first stage of penetration test —— information gathering . The more information you collect , The better the effect of post test .
Gray box (gray box): Between black and white box test , In a typical gray box test , The tester will know the relevant target system in advance 、 Applications 、 Internet Information … … wait . This kind of test is usually applicable to organizations with time limit requirements , The tested person provides effective information , Testers can focus on systems that are more risky , Save the early information collection time .
3、 ... and 、 Penetration test phase
according to Harpreet Singh、Himanshu Sharma Professional description of others , The infiltration process can be divided into the following stages :
Stage 1: Information collection and investigation
Stage 2: enumeration
边栏推荐
- Test question C: question brushing statistics
- Question D: pruning shrubs
- Day 9 (capture traffic and routing strategy)
- Can bus baud rate setting of stm32cubemx
- Direct insert sort / Hill sort
- Eslint error
- NVM installation and use
- Openlayers draw deletes the last point when drawing
- Leetcode programming practice -- Tencent selected 50 questions (I)
- Test question f: statistical submatrix
猜你喜欢
Modulenotfounderror: no module named 'pyemd' solution
![[leetcode medium] 34. Find the first and last positions of elements in the sorted array - array double pointer](/img/f0/e572fe077ddd51b9c160e3382b2a07.png)
[leetcode medium] 34. Find the first and last positions of elements in the sorted array - array double pointer
NVM installation and use
Machine learning notes - building a recommendation system (4) matrix decomposition for collaborative filtering
Message queue (MQ)
Unified return data format
Consistent hash, virtual node, bloom filter
![[template engine] microservice Learning Notes 6: freemaker](/img/6a/cfe9c5aea0f7fc83d0812237de2256.png)
[template engine] microservice Learning Notes 6: freemaker
kettle_ Configure database connection_ report errors
A code takes you to draw multi format sangjimei pictures such as interactive +pdf+png
随机推荐
MySQL configuration in CDH installation
Backtracking to solve combinatorial problems
Node queries the path of all files (files or folders) named filename under the target directory
Resolve the error: org.apache.ibatis.binding.bindingexception
Merge sort / quick sort
Vscode copy synchronization plug-in expansion
Concurrent programming day01
Flink1.15 source code reading - Flink annotations
Swagger key configuration items
Learning notes - talking about the data structure and algorithm of MySQL index and the introduction of index
Learning record 12
Eslint error
Swiper4 is used to smooth longitudinal seamless scrolling. After clicking or dragging the mouse, the animation is not completely completed, the mouse moves out of the automatic rotation, and the dynam
Handwriting promise
Win10 -- open the hosts file as an administrator
[leetcode medium] 34. Find the first and last positions of elements in the sorted array - array double pointer
Implementation principle of virtual DOM
Reasons for not sending requests after uni app packaging
Day 9 (capture traffic and routing strategy)
Web -- JDBC tool class writing