没有合适的资源?快使用搜索试试~ 我知道了~
首页CTF全栈指南(入门篇).pdf
资源详情
资源评论
资源推荐
1
CTF全栈指南-作者:万事屋小贱
CTF全栈指南-作者:万事屋小贱 ......................................................................................1
misc ......................................................................................................................................9
网络通信 .......................................................................................................................10
TCP/IP.........................................................................................................................10
OSI七层模型与TCP/IP模型 .......................................................................................10
IPv4及子网掩码 ........................................................................................................10
pwn ....................................................................................................................................10
学习资源 .......................................................................................................................11
基础知识 .......................................................................................................................11
Linux管道“|”..............................................................................................................12
命令行参数 ...............................................................................................................12
环境变量参数 ...........................................................................................................12
objdump使用.............................................................................................................13
函数指针 ...................................................................................................................13
函数调用约定 ...........................................................................................................13
AT&T与Inter汇编区别 .............................................................................................14
__builtin_return_address函数 ..................................................................................16
理解多层跳转 ...........................................................................................................16
strdup函数.................................................................................................................16
grep命令 ....................................................................................................................16
checksec脚本.............................................................................................................17
栈帧 ...........................................................................................................................17
NX选项.......................................................................................................................17
GOT和PLT...................................................................................................................18
信息泄露的实现 .......................................................................................................18
libc.so.6文件的作用 ..................................................................................................18
gdb .............................................................................................................................19
结合使用(信息泄露的实现, libc.so.6文件的作用)..................................................22
linux攻击........................................................................................................................22
基本linux攻击............................................................................................................22
高级linux攻击............................................................................................................26
常见漏洞 .......................................................................................................................26
缓冲区漏洞 ...............................................................................................................26
整数溢出 ...................................................................................................................34
格式化字符串漏洞 ...................................................................................................34
释放后使用 ...............................................................................................................35
2
逻辑漏洞 ...................................................................................................................35
shellcode ........................................................................................................................35
shellcode的加载与调试............................................................................................36
编码与解码 ...............................................................................................................37
用metasploit开发shellcode.......................................................................................38
Exploit漏洞利用 ............................................................................................................38
基本步骤 ...................................................................................................................38
用metasploit开发Exploit...........................................................................................39
逆向技巧 .......................................................................................................................39
关键数据结构分析 ...................................................................................................39
控制流分析 ...............................................................................................................40
数据流分析 ...............................................................................................................40
web ....................................................................................................................................41
ASCII码表 .......................................................................................................................41
HTML实体符号表..........................................................................................................41
通用知识 .......................................................................................................................41
前端基础 ...................................................................................................................42
伪造ip ........................................................................................................................52
用户登录 ...................................................................................................................53
验证码绕过 ...............................................................................................................53
浏览器的同源策略 ...................................................................................................54
信息收集 .......................................................................................................................56
全面扫描 ...................................................................................................................56
踩点网站 ...................................................................................................................57
获得网站真实ip ........................................................................................................57
收集二级域名 ...........................................................................................................58
扫路径 .......................................................................................................................58
DNS ............................................................................................................................59
whois..........................................................................................................................59
nmap ..........................................................................................................................59
cms扫描.....................................................................................................................59
robots.txt审计有用信息 ...........................................................................................59
扫描包含漏洞 ...........................................................................................................59
sql注入...........................................................................................................................60
1 挖掘经验 ................................................................................................................61
2 寻找注入点 ............................................................................................................62
3 绕过方法 ................................................................................................................63
4 判断类型 ................................................................................................................64
5 注入格式 ................................................................................................................65
3
6 cheat-sheet .............................................................................................................67
7 十种MySQL报错注入 .............................................................................................68
8 MSSQL注入.............................................................................................................70
9 SQLite注入..............................................................................................................70
10 PostgreSQL注入....................................................................................................70
11 常用参数 ..............................................................................................................71
12 理论基础 ..............................................................................................................73
13 手动注入详解 ......................................................................................................73
14 sqlmap...................................................................................................................73
15 读书笔记 ..............................................................................................................73
xss ..................................................................................................................................73
xss笔记 ......................................................................................................................73
XSS平台......................................................................................................................73
xss payload.................................................................................................................74
测试过滤了那些符号 ...............................................................................................82
cheatsheet .................................................................................................................82
构造思路 ...................................................................................................................83
那些年一起学xss模型 ..............................................................................................94
CSRF ...............................................................................................................................99
原理 ...........................................................................................................................99
检测 .........................................................................................................................100
点击劫持clickjacking ...................................................................................................101
图片覆盖 .................................................................................................................102
拖拽劫持 .................................................................................................................103
代码审计 .....................................................................................................................103
gbxxxx 系列的编码有宽字节漏洞..........................................................................103
mysql日志监控........................................................................................................103
seay代码审计系统 ..................................................................................................104
环境搭建 .................................................................................................................104
通用思路 .................................................................................................................104
PHP核心配置...........................................................................................................106
各种漏洞 .................................................................................................................109
PHP函数漏洞及逻辑漏洞.......................................................................................129
代码审计小技巧 .....................................................................................................139
数据库 .........................................................................................................................142
mysql........................................................................................................................142
密码学 .............................................................................................................................166
常用密码知识 .............................................................................................................166
md5和base64区别 ..................................................................................................166
4
凯撒密码 .................................................................................................................166
MD5原理 .................................................................................................................167
维吉尼亚密码 .........................................................................................................167
格栅密码 .................................................................................................................168
base64/32 ................................................................................................................168
密码工具 .....................................................................................................................168
jsfuck ........................................................................................................................168
自己写的工具 .........................................................................................................169
超级加密解密 .........................................................................................................169
编码工具 .................................................................................................................169
brainfuck/Ook ..........................................................................................................169
Jscript/VBScript/ASP解码 ........................................................................................169
古典密码 .................................................................................................................169
PYG_TOOL_VER5 .....................................................................................................169
思科密码破解器 .....................................................................................................169
有密码的Access数据库file.mdb .............................................................................169
分类 .............................................................................................................................170
对称密码 .................................................................................................................170
公钥密码 .................................................................................................................172
混合密码系统 .........................................................................................................175
单向散列函数 .........................................................................................................176
证书 .........................................................................................................................183
SSL/TLS .....................................................................................................................184
工具 .................................................................................................................................184
nmap ............................................................................................................................184
netcat ...........................................................................................................................185
metasploit ....................................................................................................................185
更新 .........................................................................................................................185
常用命令 .................................................................................................................185
rc 脚本 .....................................................................................................................186
后渗透 .....................................................................................................................187
各种模块 .................................................................................................................187
开发shellcode ..........................................................................................................188
开发exploit模块 ......................................................................................................189
搜jmp esp等跳板.....................................................................................................189
cobaltstrike ..................................................................................................................189
BEEF .............................................................................................................................191
burpsuite......................................................................................................................191
插件大全 .................................................................................................................191
intruder payloads.....................................................................................................191
5
hydra ............................................................................................................................191
问问题搜索引擎 .........................................................................................................191
ask.com ....................................................................................................................192
stackoverflow.com(荐) ............................................................................................192
git .................................................................................................................................192
工作流程 .................................................................................................................192
git reset --hard回到过去 .........................................................................................194
git reflog 回到未来..................................................................................................194
git checkout对单个文件回到过去 .........................................................................194
git log 查看提交历史 ..............................................................................................194
配置git .....................................................................................................................195
取得项目的git仓库 .................................................................................................196
忽略某些文件 .........................................................................................................196
git rm 移除...............................................................................................................197
git mv 移动 ..............................................................................................................197
git diff 查看没commit的和commit的不同 .............................................................197
git branch 分支 ........................................................................................................197
临时要修改别的分支,当前还没stage.................................................................199
上传github...............................................................................................................199
git reset --hard HEAD@{xx}(git reset --hard回到过去, git reflog 回到未来).........200
vim ...............................................................................................................................200
Atom ............................................................................................................................201
pycharm .......................................................................................................................201
Inter转换AT&T.............................................................................................................201
api窥测器kerberos_API...............................................................................................201
非比赛技能 .....................................................................................................................202
暗网网址大全 .............................................................................................................202
tor proxychains ............................................................................................................202
shadowsocks服务端....................................................................................................202
钟馗之眼 .....................................................................................................................202
shodan语法 .................................................................................................................202
社工 .............................................................................................................................203
社工思路 .................................................................................................................203
社工裤 .....................................................................................................................203
hijack网络侦探........................................................................................................203
身份证制作 .............................................................................................................203
crazytalk刷脸...........................................................................................................205
定位 .........................................................................................................................205
常用密码猜测 .........................................................................................................205
剩余512页未读,继续阅读
notwiner
- 粉丝: 22
- 资源: 2
上传资源 快速赚钱
- 我的内容管理 收起
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
会员权益专享
最新资源
- zigbee-cluster-library-specification
- JSBSim Reference Manual
- c++校园超市商品信息管理系统课程设计说明书(含源代码) (2).pdf
- 建筑供配电系统相关课件.pptx
- 企业管理规章制度及管理模式.doc
- vb打开摄像头.doc
- 云计算-可信计算中认证协议改进方案.pdf
- [详细完整版]单片机编程4.ppt
- c语言常用算法.pdf
- c++经典程序代码大全.pdf
- 单片机数字时钟资料.doc
- 11项目管理前沿1.0.pptx
- 基于ssm的“魅力”繁峙宣传网站的设计与实现论文.doc
- 智慧交通综合解决方案.pptx
- 建筑防潮设计-PowerPointPresentati.pptx
- SPC统计过程控制程序.pptx
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论2