当前位置:网站首页>Secondary vocational network security skills competition P100 vulnerability detection
Secondary vocational network security skills competition P100 vulnerability detection
2022-07-25 03:22:00 【Beluga】
There are three methods of vulnerability detection , Respectively :
Direct tests (Test): Direct testing refers to the method of using vulnerability characteristics to find system vulnerabilities . To find out the common vulnerabilities in the system , The most obvious way is to try to penetrate the loophole . Penetration testing refers to the use of scripts or programs designed for vulnerability characteristics to detect vulnerabilities . According to the different infiltration methods , Tests can be divided into two different types : Tests that can be observed directly and tests that can only be observed indirectly .
infer (Inference): Inference refers to the method of judging whether a vulnerability exists without taking advantage of system vulnerabilities . It does not directly penetrate vulnerabilities , Just indirectly looking for evidence of the existence of vulnerabilities . The detection methods using inference methods mainly include version checking ( VersionCheck)、 Program behavior analysis 、 Operating system stack fingerprint analysis and timing analysis .
Test with certificate (TestwithCredentials): Voucher refers to visit Ask the user name or password required by the service , Include UNIX Login permission and call from the network WindowsNT Of API The ability of . The test definition with credentials is : In addition to the target host IP Out of address , Neither direct testing nor inference requires any other information .
Vulnerability detection
1. Via local PC Medium penetration test platform Kali For the server scenario p100_win03-20 In a semi open manner ping Scan mode and cooperate with a, The output format of scanning information is required to be xml File format , Get local area network information from the generated scan results ( for example 172.16.101.0/24) Medium survival target , With xml Format to output information to the specified file ( Using tools NMAP, Use the parameters that must be used ), And will xml Format direction
边栏推荐
- Import and export using poi
- Riotboard development board series notes (4) -- using Vpu hardware decoding
- Use of stm32cubemonitor Part II - historical data storage and network access
- Sum of "n" numbers of force deduction summary
- NC | progress has been made in the study of the ecological network relationship between dissolved organic carbon and microorganisms in the context of global change
- Dynamic planning of force buckle punch in summary
- [template engine] microservice Learning Notes 6: freemaker
- Dc-2-range practice
- [stm32f103rct6] motor PWM drive module idea and code
- Force deduction problem 238. product of arrays other than itself
猜你喜欢
Dc-2-range practice
Detailed explanation of three factory modes
Question D: pruning shrubs
NVM installation and use
Page performance: how to optimize pages systematically?
![[stm32f103rct6] can communication](/img/24/71509bd0d74d43ce4a79b8126478ff.jpg)
[stm32f103rct6] can communication
Analysis of browser working principle
Publish the project online and don't want to open a port
What is technical support| Daily anecdotes
Learning Record V
随机推荐
PHP record
Matplotlib tutorial (I) [getting to know Matplotlib first]
Dynamic planning of force buckle punch in summary
Canvas record
Handwriting promise
Riotboard development board series notes (VIII) -- building desktop system
Bubble sort / heap sort
Win10 -- open the hosts file as an administrator
Machine learning notes - building a recommendation system (4) matrix decomposition for collaborative filtering
Lombok detailed introduction
Dc-2-range practice
How does Jupiter notebook change themes and font sizes?
Question D: pruning shrubs
hello csdn
Implementation principle of virtual DOM
Image processing based on hog feature
Introduction to Apache Doris grafana monitoring indicators
Query the information of students whose grades are above 80
C. Mark and His Unfinished Essay
JS construct binary tree