Python Ethical Hacking - WEB PENETRATION TESTING(3)
CRAWLING SUMMARY
Our crawler so far can guess:
- Subdomains.
- Directories.
- Files.
Advantages:
->Discover "hidden" paths/paths admin does not want us to know.
Disadvantages:
-> Will does not discover everything.
Solution:
-> Analyse discovered paths to discover more paths.
#!/usr/bin/env python import requests def request(url):
try:
return requests.get("http://" + url)
except requests.exceptions.ConnectionError:
pass target_url = "10.0.0.45/mutillidae/" response = request(target_url) print(response.content)
Python Ethical Hacking - WEB PENETRATION TESTING(3)的更多相关文章
- Python Ethical Hacking - WEB PENETRATION TESTING(1)
WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...
- Python Ethical Hacking - WEB PENETRATION TESTING(2)
CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories ...
- Python Ethical Hacking - WEB PENETRATION TESTING(5)
Guessing Login Information on Login Pages Our target website: http://10.0.0.45/dvwa/login.php #!/usr ...
- Python Ethical Hacking - WEB PENETRATION TESTING(4)
CRAWING SPIDER Goal -> Recursively list all links starting from a base URL. 1. Read page HTML. 2. ...
- Ethical Hacking - Web Penetration Testing(13)
OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to ...
- Ethical Hacking - Web Penetration Testing(8)
SQL INJECTION WHAT IS SQL? Most websites use a database to store data. Most data stored in it(userna ...
- Ethical Hacking - Web Penetration Testing(10)
SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...
- Ethical Hacking - Web Penetration Testing(6)
REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ...
- Ethical Hacking - Web Penetration Testing(4)
CODE EXECUTION VULNS Allows an attacker to execute OS commands. Windows or Linux commands. Can be us ...
随机推荐
- Spring整合JDBC temple
一.Spring对Jdbc的支持 Spring为了提供对Jdbc的支持,在Jdbc API的基础上封装了一套实现,以此建立一个 JDBC 存取框架. 作为 Spring JDBC 框架的核心, JDB ...
- cb50a_c++_STL_算法_局部排序partial_sort
cb50a_c++_STL_算法_局部排序partial_sort partial_sort(b,se,e)排序一部分,begin,source end,endcout << " ...
- 面试题40:最小的 k 个数
import java.util.Arrays; /** * Created by clearbug on 2018/2/26. * * 面试题40:最小的 k 个数 * * 注意:因为前两天在陌陌面 ...
- Maximum Subsequence Sum(java)
7-1 Maximum Subsequence Sum(25 分) Given a sequence of K integers { N1, N2, ..., NK }. A con ...
- 腾讯IEG--2020春招实习
笔试 正常批就五道编程题,可以跳出使用本地IDE,题目很好理解,基本都能写出来,但是要过全部用例不容易.具体题目和题解可以看看这位大佬的牛客帖子,我的就不献丑了,有两题都只过了40%,我当时是用C#做 ...
- Java笔试面试总结—try、catch、finally语句中有return 的各类情况
前言 之前在刷笔试题和面试的时候经常会遇到或者被问到 try-catch-finally 语法块的执行顺序等问题,今天就抽空整理了一下这个知识点,然后记录下来. 正文 本篇文章主要是通过举例的方式来阐 ...
- 从数据库中取时间值,遇到:java.sql.Timestamp cannot be cast to java.lang.Long
将 java.sql.Timestamp 类型转换为 java.util.Date 类型.二者其实是父子关系,直接 Date d = (Date)时间戳 就可以了. Date d = (Date)时间 ...
- Git 新建版本库命令
Command line instructions Git global setup git config --global user.name "张三" git config - ...
- BAT 非右键方式以管理员身份运行批处理
@echo off & PUSHD %~dp0 & TITLE Run The BAT File As An Administrator mode con lines=4 cols=6 ...
- C# wpf 实现 MD5加密解密 小工具
源文件: http://pan.baidu.com/share/link?shareid=2038099474&uk=3912660076 MD5 C# 实现代码来源于网络,感谢原系作者! 参 ...