Penetraion test does not have a standard definition. A common saying reached by some foreign security organizations is that penetration test is an evaluation method to evaluate the security of computer network systems by simulating the attack method of malicious hackers. This process includes active analysis of any weaknesses, technical defects, or vulnerabilities in the system. This analysis is conducted from a location where an attacker may exist, and from this location, conditions are used to actively exploit security vulnerabilities.
In other words, penetration testing refers to penetration personnel using different means to test a particular network in different locations (such as from the internal network, external locations, etc.), with a view to discovering and digging up vulnerabilities in the system, and then output a penetration test report, And submit it to the network owner. Based on the penetration test report provided by the penetration personnel, the network owner can clearly know the security risks and problems in the system.
1. Script (asp, php, jsp)
2 , HTML (css, js, html)
3 , HTTP protocol
4 , CMS (B / S)
5 , MD5 / salt (slat)
6 , broiler, chicken, DDOS, cc
7 , one sentence, pony, malaysia, webshell, privilege escalation, backdoor, springboard, rookit 8 , source code packaging, off pants,
tyranny
9 , sniffing, rootkit, social worker
10 , poc, exp, cve
11 , src Platform, 0day
12 , event-based vulnerabilities, general-purpose vulnerabilities
13 , web servers, web containers, middleware