Git Product home page Git Product logo

web_security's Introduction

web_security

------the skill of how to google------

 accurate search

“CESIGN”

excludeing a word

linux -ubuntu

site search

site:cesign.com hello

related words

~hello

the wildcard

"hello *"

time ranges

ubuntu 2008..2010

file type

filetype:pdf how to learn

one world or the other

ubuntu or linux

word definitions

define:word

find the words you want in one webpage

intext:word1 word2 word3

find the words you want in the title of one page (<title>hello</title>:like this)

intitle:word

find the cache data on the web

cache:hdu.edu.cn

find the basic information of somwthing

info:keyword

search the url contains the key word

inurl:keyword

get all the url of one website

site:url

find the page that has some connections with the url you give

related:url

? the way to use

like a letter you don't know eg:"I l?ve"

 实战篇

加密方法 base64,rot13

`工具 chrome插件:http-header修改:modify headers`
`验证码常有三种错误:(1)一个验证码可重复用,不过期;(2)验证码只能用一次,但后台清空后可以构造为空;`

PHP伪协议

学习地址

常识

使用str_replace函数是极其不安全的,因为可以使用双写绕过替换规则。 例如page=hthttp://tp://192.168.5.12/phpinfo.txt时,str_replace函数会将http://删除,于是page=http://192.168.5.12/phpinfo.txt,成功执行远程命令。

sql盲注

学习地址 防注可以用PDO技术 [学习地址](http://www.jb51.net/article/56612.htm)

xss各种漏洞

学习地址(freebuf)

shodan的使用

学习地址

web_security's People

Contributors

jwcesign avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.