1. Web security direction:
- Tell me about the digging experience (or CTF experience) that you think is interesting (★★★)
- Causes and defense measures of CSRF (how to solve it without token) (★)
- Causes and defense measures of SSRF (★★)
- Briefly describe the bypass method of SSRF (★★)
- Briefly describe the bypassing principle and repair method of DNSRebind in SSRF (★)
- Introduce the causes of SQL injection vulnerabilities and how to prevent them? What are the injection methods? In addition to dragging and pulling database data, what are the other ways to use it? (★★)
- How to write a shell through SQL injection, what are the prerequisites for writing a shell? (★★)
- Introduce the types of XSS vulnerabilities, what is the difference between dom type XSS and reflected XSS? (★★)
- How to prevent XSS vulnerabilities, how to do it on the front end, how to do it on the back end, where is better, why? (★★)
- Assuming that you are a security engineer of Party A, how should you reduce the occurrence rate of logic vulnerabilities? (★★)
- What problems may occur during the oauth authentication process, and what kind of loopholes may result? (★)
- How to use and configure CSP, and what are the ways to bypass CSP (★★)
- It is known that there is LFI (Local File Inclusion) on a website, but no files can be uploaded, what are the ways to use it for this situation? (★★)
2. Penetration testing
Direction:
- How to bypass the CDN to find the real IP, please list five methods (★★★)
- How to use redis unauthorized access, what are the prerequisites for using it? (★★★)
- What are the methods of mysql privilege escalation? What are the conditions for use? (★)
- windows+mysql, there is sql injection, but the machine has no external network permissions, can it be exploited? (★)
- What are the commonly used methods of information collection? Apart from common methods such as path scanning and sub-domain name blasting, are there any wretched ways to collect enterprise information? (★★)
- What is the difference between SRC mining and penetration testing? For these two different goals, what will be the difference in the implementation process (★★)
- How to store xss in a pure intranet environment? (★★)
3. Security research and development direction:
- Briefly introduce your commonly used scanners and their implementation features (★★)
- If you are asked to design a HIDS, how should you design it(★)
- Introduce iterators, generators, decorators in Python (★)
- Introduce your commonly used python library (★)
- Talk about the characteristics and principles of celery (★)
- A brief introduction to GIL locks in Python and how to break the restrictions of GIL locks (★★)
- masscan claims to be the fastest scanner in the world, what is the reason for it being so fast, and how to implement a masscan of your own? (★★)
- Briefly describe the difference between coroutines, threads, and processes (★★)
The above practical questions are just some examples, more content is shown in pictures
In addition to interview/written test questions, there are also learning route supporting materials to help everyone learn and improve their skills. If you need friends, you can leave a message in the comment area.
From entry to advanced technology, I hope to help everyone.