web security

[Switch port mirroring configuration (Huawei, H3C)]

Switch port mirroring configuration (Huawei, H3C) Port mirroring application scenario settingsH3C switch configuration port mirroringHuawei switch configuration port mirroring Port mirroring application scenario settings In order to strengthen network security protection, a company recently purchased a new IDS network security detection equipment. The configuration of the IDS detection equipment w... »

Cisco simulator Cisco Packet Tracer 7.3.0 installation and configuration

Table of contents 1. Introduction 1.1 Overview 1.2 Introduction to Cisco Packet Tracer Simulator 1.3 Preparing tools 2. Packet Tracer simulator installation 2.1 Simulator installation 2.2 Chinese simulator 2.3 The last step, I won’t say what the specific purpose is. Cisco simulator Cisco Packet Tracer 7.3.0 installation and configuration Installation package link Link:https://pan.baidu.com/s/1KZpi... »

Metasploitable-linux-2.0.0 target machine download and configuration tutorial

1 Overview (1) metasploitable-linux-2.0.0.zip download:Link:https://pan.baidu.com/s/1wb3z1oFNTO9DQY7RoQ4rUw?pwd=1111 Extraction code: 1111(2) VMware version: VMware Workstation 15 Pro (15.5.0 build-14665864) 2. Installation process(1) Directly decompress the compressed package: metasploitable-linux-2.0.0.zip. Double-click to select the extracted .vmx file (2) Modify the network configuration of th... »

A must-kill, impossible-to-prevent vulnerability, basic introduction to WEB security—file upload vulnerability

Welcome to follow the subscription column!The WEB security series includes the following three columns: “WEB Security Basics-Server-Side Vulnerabilities”“WEB Security Basics-Client Vulnerabilities”“Advanced WEB Security – Comprehensive Utilization” The knowledge points are comprehensive and detailed, the logic is clear, combined with actual combat, and equ... »

web security-SSTI template injection vulnerability

1. First introduction to SSTI 1. What is SSTI injection? SSTI template injection (Server-Side Template Injection), by interacting with the input and output of the server-side template, constructs malicious input data without strict filtering, so as to achieve the purpose of reading files or getshell. 2. Causes of SSTI vulnerabilities The cause of the vulnerability is that after the server receives... »

SUID privilege escalation

Table of contents 1. Principle 2. Rights escalation steps 1.Information collection (1) User permission collection (whoami&id) (2) SUID permission file collection (find / -user root -perm -4000 -exec ls -ldb {} \;) 2. Elevate privileges (1) Directory switching (cd /tmp) (2) Arbitrary file creation (touch file name) (3) Specific SUID privilege escalation (find/nmap/bash, etc. file name-exec whoa... »

Network security/penetration testing tool AWVS14.9 download/usage tutorial/installation tutorial

Keywords: awvs download, awvs usage tutorial, awvs installation tutorial, awvs batch scan, awvs usage A new Acunetix Premium has been released for Windows, Linux and macOS Update: 14.9.220713150 This Acunetix version introduces IAST support for WebSphere, thus The Java IAST sensor (AcuSensor) can be used on this Java server. Additionally, Acunetix DeepScan has been updated to better scan single-pa... »

HFish | A safe, simple, and effective honeypot platform | Detailed instructions on how to build and use it

1. HFish honeypot Official introductionHFish is a community-based free honeypot that focuses on enterprise security scenarios. Starting from three scenarios: internal network compromise detection, external network threat perception, and threat intelligence production, it provides users with independently operable and practical functions. Through security, agility, and Reliable low- to medium-inter... »

Detailed tutorial on installing sqlmap

Python environment installation + sqlmap shortcut creation tutorial Because sqlmap is written in python language, we must install the python environment before using sqlmap. python download address:Download Python | Python.org Choose the version that suits your operating system After successful download, double-click the exe file to install automatically. After clicking Install, the installation p... »

The 20 most common types of cybersecurity attacks

What is a cyber attack? ​A cyber attack is an act aimed at targeting a computer or any element of a computerized information system in order to alter, destroy or steal data and exploit or harm a network. Cyberattacks have been on the rise, coinciding with the digitization of business that has become increasingly popular in recent years. While there are dozens of different types of attacks, this li... »

Page 1 of 32123»