open talk - what are the good ways for everyone to learn and study safety

Posted by fierce at 2020-02-29

Open a post, hoping to help everyone broaden their safety study and research scope, and learn more about some ways to improve their safety.

Well, first of all, I would like to share the most important ways of top 3 in China: 1. There are a large number of excellent courses in spring and autumn college, which are worth learning by people at all stages. 2. I spring and autumn forum, well, when you see this post, it fully shows that you have mastered this way. 3. I all kinds of QQ groups in the spring and Autumn period, a person is lonely, and only when a group of people learn and share can they have a foundation.

Is there any other way besides top 3?

For newcomers, in addition to solid knowledge in the field of security, they should play with various security tools as much as possible. As the so-called play 6, it will grow naturally. Through many penetration integration frameworks, in-depth learning can be carried out. Many frameworks or operating systems integrate multiple security tools. For example, Kali, if you try to study all the tools of Kali, you will certainly enrich your knowledge. For another example, there is a tool called pentestbox, which is a pre configured portable open source penetration test environment under the windows platform. It can make us comfortable to use a lot of tools under windows, including: 1. Sqlmap database injection detection artifact, which should not be introduced 2. Burp suite web request analysis and attack tool 3. Commix command injection tool, which is quite small and delicate. Once command injection is found, it makes you very comfortable "visual control" the other side. 4. Dotdotdotpwn fuzzy traverses the website risk directory, and can also parse * Nix passwd file to extract the user's home folder and search different combinations of common files. 5. Fimap, a local and remote file containing vulnerability detection tool, integrates Google syntax search, which is awkward for children in our enclosure. 6. Golismero is an open-source Web scanner. It not only brings many security testing tools, but also can import and analyze the results of popular scanning tools, such as OpenVAS, wfuzz, sqlmap, DNS Recon, etc., and automatically analyze them. 7. Jsql is a lightweight remote server database injection vulnerability testing tool developed by Java. However, with sqlmap, I think the use is average. 8. Nikto web server scanner, which can scan the web server comprehensively, including more than 3300 potentially dangerous documents CGIs. 9. Wpscanwordpress security detector, recommended. 10. Etc. due to the integration of many tools, it's a bit bulky, but it's also worth downloading. No installation is required after downloading. All dependent pentestbox is installed as well as possible. By default, we only need to decompress to start the safety tool test journey. Official website: due to the possibility of large download, a Baidu online disk address is provided:

Give another website: it integrates many famous security tools, which is highly recommended.

Often pay attention to the security projects on GitHub. Some project authors will keep updating. Such projects will be continuously tracked and upgraded according to the latest security vulnerabilities, which is convenient for us to use. For example, SSL vulnerability automatic scanning

Learn to collect some security consulting websites and blogs and subscribe to RSS. If you are too lazy, you can also look at other people's, for example, some people will summarize the daily security news:

What are the best ways to study and research? What are the better websites and projects? Welcome to come up with them.

Above, only throw bricks to lead the jade of the big guys.

For PHP security, there are many open-source tools worth studying: in short, don't just focus on Chinese materials and exe tools. Look at GitHub. There are many security tools worth learning on it.

Of course, don't forget to share it in spring and autumn Forum~

The classification coverage is very comprehensive, each of which lists several tools: subdomain enumeration scanner database scanner weak password or information disclosure scanner Internet of things device scanner XSS scanner enterprise asset management webshell detection and virus analysis tool intranet penetration middleware scanner special scanner wireless network scanner LAN scanning code scanner modular design scanner Advanced persistent threat (APT) industrial control security

If you want to study a specific direction, you can download these tools in this direction and conduct research, which will be helpful for understanding the principle, etc.

In addition, the webshell sample library is also very comprehensive. I prefer to recommend this:

I don't know what to write...