Last active
August 29, 2015 14:25
Revisions
-
RicterZ revised this gist
Jul 25, 2015 . 1 changed file with 78 additions and 0 deletions.There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,78 @@ Web/Pentest 方向 === # Web 前端 + HTML + 点击劫持 + JavaScript + Xss + CSRF + 蠕虫 + 可以模拟用户一切行为 + CSS + XSIO + Flash + 参数注入 + XSS + 反编译 # 浏览器 + 平台 + FIrefox + Chrome + IE + 国内各种改版 + 微软版 + Opera + Safari + 手机游览器 + 插件 + PDF + Flash + Office + Java Applet + 国内各种。。。 + FIrefox黑客插件/Chrome黑客插件 + 解析 + 同源策略 + 字符编码 + DOM + URL + P3P # 服务器安全 + CDN + 域名/DNS + 服务器权限设置 + WEB容器了解:IIS/Apache/Nginx + 端口 + Windows/Linux 操作系统 + 服务器安全运维 # 程序语言 + Python + PHP + ASP + ASP .NET + JSP + Shell + 代码审计 # 人 + 社会工程学 # 后端安全 + 数据库 + Mysql/SqlServer/Postgresql/Oracle/Access/Sqlite + 密码猜解 + Exploit + 脚本语言代码漏洞 + SQL注入 + XSS + 目录读取 + 任意文件读取 + 任意文件包含 + 任意文件下载 + 远程命令执行 + 上传漏洞 + 逻辑漏洞 -
Jul 25, 2015 . 1 changed file with 41 additions and 0 deletions.There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,41 @@ binary 方向 ===== # 基础 + python + 常见工具的使用(ida,od,windbg,gdb) + win32编程(其他平台类推) + c与汇编指令的对应 + c语言 + 常见汇编指令(其他平台类推) ## 逆向 + pe结构(windows工平台的文件格式,其他平台类推) + 常见保护技术及破解思路 + 脱壳 + 常见加密算法及逆向特征 + 常见反调试技术及对抗思路 ## 漏洞挖掘 + 模糊测试原理 + 常见模糊测试工具及模糊测试框架 ## 常见保护机制及对抗思路 + GS + SafeSEH + SEHOP + DEP + ASLR ## 常见漏洞原理 + 栈溢出 + 堆溢出 + 指针覆盖 + 整数漏洞 + 格式化字符串漏洞 ## 内核 + 编写/调试驱动程序的方法 + More ## 安卓安全 -
Jul 25, 2015 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -28,6 +28,7 @@ Basic Tools List of Pentest + Ruby + PHP + MySQL + Java # 基础工具 @@ -39,4 +40,5 @@ Basic Tools List of Pentest + Windows Server 2003 (如果你用 Linux / Mac OS X) + Kali Linux (如果你用 Windows) + Navicat + mingw (如果你用 Windows) + BurpSuite -
Jul 25, 2015 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,6 @@ Basic Tools List of Pentest ==== # 浏览器 + Chrome -
Jul 25, 2015 .There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,41 @@ Basic Tools List of Pentest ==== # 浏览器 + Chrome + Firefox # 浏览器插件 ##### Firefox + Hackbar + ModifyHeaders + AutoProxy + Firebug ##### Chrome + SwitchySharp + 印象笔记·剪藏 + Postman # 系统环境 + Linux / Windows + Python + Ruby + PHP + MySQL # 基础工具 + VPN + sqlmap + Metasploit + 中国菜刀 + 虚拟机 + Windows Server 2003 (如果你用 Linux / Mac OS X) + Kali Linux (如果你用 Windows) + Navicat + mingw (如果你用 Windows)