blocks|key|401340|text|我见过的白帽顾问进来了&使用这个工具，然后给你寄来一大笔账单。|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|401341|看看OWASP+()，它们信息丰富，免费！他们有一个非常详细的笔试指南，您必须看。|entityMap|0|LINK|mutability|MUTABLE|url|http://nessus.org/|1|http://owasp.org/|2|http://www.owasp.org/index.php/Category:OWASP_Testing_Project#OWASP_Testing_Guide_v3^0|E|4|0|0|2|5|1|V|4|2^^$0|@$1|2|3|4|5|6|7|Q|8|@]|9|@$A|R|B|S|1|T]]|C|$]]|$1|D|3|E|5|6|7|U|8|@]|9|@$A|V|B|W|1|X]|$A|Y|B|Z|1|10]]|C|$]]]|F|$G|$5|H|I|J|C|$K|L]]|M|$5|H|I|J|C|$K|N]]|O|$5|H|I|J|C|$K|P]]]]

the whitehat consultants i've seen come in &amp; use <a href="http://nessus.org/" rel="nofollow noreferrer">this tool</a> then send you a massive bill.

Take a look at <a href="http://owasp.org" rel="nofollow noreferrer">OWASP</a> (Open Web Application Security Project) they're very informative &amp; free! they have a very detailed <a href="http://www.owasp.org/index.php/Category:OWASP_Testing_Project#OWASP_Testing_Guide_v3" rel="nofollow noreferrer">pen-testing guide</a> that you must look at.

blocks|key|4138996|text|我会用的工具|type|unstyled|depth|inlineStyleRanges|entityRanges|data|4138997|Nmap姐妹工具SQLMap|offset|length|4138998|和内苏斯|4138999|XSS和HTML的快速扫描--+http://www.seoegghead.com/tools/scan-for-html-injection.seo也是http://www.cirt.net/nikto2|4139000|确保您在开发OWASP期间看过这个|4139001|您还需要检查MS+Windows+2008安全指南的安全指南|entityMap|0|LINK|mutability|MUTABLE|url|http://nmap.org/|1|http://sqlmap.sourceforge.net/doc/README.html|2|http://nessus.org/nessus/|3|http://www.seoegghead.com/tools/scan-for-html-injection.seo|4|http://www.cirt.net/nikto2|5|http://www.owasp.org/index.php/Main_Page|6|http://www.microsoft.com/downloads/details.aspx?FamilyID=fb8b981f-227c-4af6-a44b-b115696a80ac&displaylang=en^0|0|0|4|0|8|6|1|0|1|3|2|0|G|1N|3|25|Q|4|0|6|5|5|0|9|G|6^^$0|@$1|2|3|4|5|6|7|16|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|17|8|@]|9|@$D|18|E|19|1|1A]|$D|1B|E|1C|1|1D]]|A|$]]|$1|F|3|G|5|6|7|1E|8|@]|9|@$D|1F|E|1G|1|1H]]|A|$]]|$1|H|3|I|5|6|7|1I|8|@]|9|@$D|1J|E|1K|1|1L]|$D|1M|E|1N|1|1O]]|A|$]]|$1|J|3|K|5|6|7|1P|8|@]|9|@$D|1Q|E|1R|1|1S]]|A|$]]|$1|L|3|M|5|6|7|1T|8|@]|9|@$D|1U|E|1V|1|1W]]|A|$]]]|N|$O|$5|P|Q|R|A|$S|T]]|U|$5|P|Q|R|A|$S|V]]|W|$5|P|Q|R|A|$S|X]]|Y|$5|P|Q|R|A|$S|Z]]|10|$5|P|Q|R|A|$S|11]]|12|$5|P|Q|R|A|$S|13]]|14|$5|P|Q|R|A|$S|15]]]]

Tools that I would use

<a href="http://nmap.org/" rel="nofollow noreferrer">Nmap</a> Sister Tool <a href="http://sqlmap.sourceforge.net/doc/README.html" rel="nofollow noreferrer">SQLMap</a>

and <a href="http://nessus.org/nessus/" rel="nofollow noreferrer">Nessus</a>

also quick scanning for XSS and HTML Injection <a href="http://www.seoegghead.com/tools/scan-for-html-injection.seo" rel="nofollow noreferrer">http://www.seoegghead.com/tools/scan-for-html-injection.seo</a> also <a href="http://www.cirt.net/nikto2" rel="nofollow noreferrer">http://www.cirt.net/nikto2</a>

Make sure you have looked at this during your development <a href="http://www.owasp.org/index.php/Main_Page" rel="nofollow noreferrer">OWASP</a>

You need to also check the Security Guidence from MS
<a href="http://www.microsoft.com/downloads/details.aspx?FamilyID=fb8b981f-227c-4af6-a44b-b115696a80ac&amp;displaylang=en" rel="nofollow noreferrer">Windows Server 2008 Security Guide</a>

blocks|key|401070|text|另一个选择是奎尔。请记住，Qualys和mcAfee安全解决方案是漏洞扫描器。笔式测试可以在扫描方面自动化，其中一些可以用于XSS和SQL注入攻击的自动化，但最终，您可能需要一个信誉良好的戊酯检查系统。|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|entityMap|0|LINK|mutability|MUTABLE|url|http://www.qualys.com/^0|6|2|0^^$0|@$1|2|3|4|5|6|7|K|8|@]|9|@$A|L|B|M|1|N]]|C|$]]]|D|$E|$5|F|G|H|C|$I|J]]]]

Another option is <a href="http://www.qualys.com/" rel="nofollow noreferrer">Qualys</a>. Keep in mind that Qualys and the mcAfee Secure solution are vulnerability scanners. Pen-testing can be automated with respect to scans, and some of it can be automated for XSS and SQL injection attacks, but ultimately, you'd want a reputable pentester checking the system.

blocks|key|4138778|text|第一件事就是网络扫描。因为您是在windows堆栈上，所以使用zenmap并扫描sql服务器和sql服务器。这将告诉您开放的端口和正在运行的服务。在综合测试上运行zenmap。我会使用这个信息来调整您的防火墙，以阻止公开的端口。|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|4138779|您要做的另一件事是查找SQL注入漏洞。|4138780|斯爬伯是一个用于扫描web应用程序上SQL注入漏洞的免费软件。它是由惠普网络安全研究小组协同微软安全响应中心开发的。|blockquote|4138781|看看我创建的这个ScreenToaster视频。它演示了sql服务器的简单网络扫描、端口1433和基本SQL注入。|entityMap|0|LINK|mutability|MUTABLE|url|http://nmap.org/zenmap/|1|http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2008/06/23/finding-sql-injection-with-scrawlr.aspx|2|http://www.screentoaster.com/watch/stUE9XS0RIR11eSFxVX1peVlZR^0|V|6|0|0|0|0|3|1|0|8|F|2^^$0|@$1|2|3|4|5|6|7|V|8|@]|9|@$A|W|B|X|1|Y]]|C|$]]|$1|D|3|E|5|6|7|Z|8|@]|9|@]|C|$]]|$1|F|3|G|5|H|7|10|8|@]|9|@$A|11|B|12|1|13]]|C|$]]|$1|I|3|J|5|6|7|14|8|@]|9|@$A|15|B|16|1|17]]|C|$]]]|K|$L|$5|M|N|O|C|$P|Q]]|R|$5|M|N|O|C|$P|S]]|T|$5|M|N|O|C|$P|U]]]]

The first thing would be a network scan. Since you're on the windows stack, use <a href="http://nmap.org/zenmap/" rel="nofollow noreferrer">zenmap</a> and scan the webserver and both sql servers. This will tell you about open ports and services running. Run zenmap on the comprehensive test. I would use this info to tweak your firewall to block ports that are exposed. 

Another thing you would want to do is look for SQL Injection vulnerabilities. 

<blockquote>
 <a href="http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2008/06/23/finding-sql-injection-with-scrawlr.aspx" rel="nofollow noreferrer">Scrawlr</a> is a free software for
 scanning SQL injection vulnerabilities
 on your web applications.
 
 It is developed by HP Web Security
 Research Group in coordination with
 Microsoft Security Response Center.
</blockquote>

Check out this <a href="http://www.screentoaster.com/watch/stUE9XS0RIR11eSFxVX1peVlZR" rel="nofollow noreferrer">ScreenToaster video</a> that I created. It demonstrates a simple network scan for sql server, port 1433, and a basic SQL Injection.

blocks|key|4139027|text|漏洞扫描器的顶级l0列表:+http://+sectools.org/vuln-scanners.html|type|unstyled|depth|inlineStyleRanges|entityRanges|data|4139028|还有微软的基线安全分析器，如果在部署服务器之前还没有部署到prod:+http://+www.microsoft.com/downloads/details.aspx?familyid=F32921AF-9DBE-4DCE-889E-ECF997EB18E9&displaylang=en，它应该是基本设置的一部分。|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|E|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|F|8|@]|9|@]|A|$]]]|D|$]]

Top l0 list of Vulnerability scanners: http:// sectools.org/vuln-scanners.html

There's also Microsoft's Baseline Security Analyzer which should be part of your base setup if its not already before you deploy a server to prod: http:// www.microsoft.com/downloads/details.aspx?familyid=F32921AF-9DBE-4DCE-889E-ECF997EB18E9&amp;displaylang=en

blocks|key|401479|text|尼克托是寻找众所周知的漏洞的良好开端。在Windows和Linux等操作系统上工作，非常简单，即使对像我这样的傻瓜也是如此:)|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|entityMap|0|LINK|mutability|MUTABLE|url|http://www.cirt.net/nikto2^0|0|3|0^^$0|@$1|2|3|4|5|6|7|K|8|@]|9|@$A|L|B|M|1|N]]|C|$]]]|D|$E|$5|F|G|H|C|$I|J]]]]

<a href="http://www.cirt.net/nikto2" rel="nofollow noreferrer" title="Nikto">Nikto</a> is a nice start to look for well known vulnerabilities. Works on Windows and Linux, etc. Simple enough even for noobs like me :)

blocks|key|401533|text|不管技术是什么，你都需要知道威胁。你需要知道你想要保护的数据是什么？你需要知道你的网站是如何运作的。首先做一个威胁模型，忘记这些神奇的安全子弹技术方法。在进行渗透测试之前，你需要弄清楚自己的位置。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|401534|马特·帕森斯mparsons1980+在…+gmail.com|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|E|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|F|8|@]|9|@]|A|$]]]|D|$]]

Regardless of the technology you need to know the threats. You need to know what is the data that you are trying to protect? You need to know how your website works. Do a threat model first forgetting about these magical security bullet technology methods. You need to figure out where you are at before you spend wasteless money on a penetration test.

Matt Parsons
CISSP
mparsons1980 [at] gmail.com

blocks|key|4139185|text|实际上，我是一个新的五极区(+LiveCD+A)的主要创建者，它是一个回溯道4的分叉。该区域包含了进行良好渗透测试所需的一切(+OpenVAS、Metasploit、fasttrack、milw0rm利用.)。它的名字是影子圈，你可以查看它@|type|unstyled|depth|inlineStyleRanges|entityRanges|data|4139186|www.shadowcircle.org。|4139187|希望你会喜欢;)|entityMap^0|0|0^^$0|@$1|2|3|4|5|6|7|G|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|H|8|@]|9|@]|A|$]]|$1|D|3|E|5|6|7|I|8|@]|9|@]|A|$]]]|F|$]]

Actually i'm the main creator of a new pentest LiveCD Distro, which is a fork of Backtrack 4.
The Distro embbeds everything needed to make good penetration tests ( OpenVAS, Metasploit, fasttrack, milw0rm exploits...). Its name is shadowcircle, and you can check it out @ 

www.shadowcircle.org.

Hope you'll like it ;)

blocks|key|401573|text|有各种各样的公共许可证工具可供您使用，但是，在我操作的地方，我们使用Firefox和Paros代理来操作posts和gets、用于应用程序漏洞报告的WebInspect和用于老式主机扫描的QualysGuard+Enterprise。根据结果是什么，我们调整盒子的配置和安全姿态，为我们不能更改的东西创建风险接受表，或者使用其他工具来决定一个发现是否真的是值得担心的事情。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|entityMap^0^^$0|@$1|2|3|4|5|6|7|C|8|@]|9|@]|A|$]]]|B|$]]

There is a variety of public license tools out there at your disposal, however, where I operate, we use Firefox and Paros Proxy to manipulate posts and gets, WebInspect for application vulnerablity reporting, and QualysGuard Enterprise for a good old fashioned hosts scan. Depending on what the results are, we make adjustments to the configuration and security posture of the box, create risk acceptance forms for things we cannot change, or engage other tools to decide whether or not a finding is actually something to be worried about.

blocks|key|401605|text|免费的Nikto，Nmap，OpenVas漏洞扫描可从本网站在线获得|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|entityMap|0|LINK|mutability|MUTABLE|url|http://www.hackertarget.com/^0|0|Y|0^^$0|@$1|2|3|4|5|6|7|K|8|@]|9|@$A|L|B|M|1|N]]|C|$]]]|D|$E|$5|F|G|H|C|$I|J]]]]

<a href="http://www.hackertarget.com" rel="nofollow noreferrer">Free Nikto, Nmap, OpenVas vulnerability scans available online from this website</a>

We're deploying a new website, hosted ourselves. Short of getting in white hats how would you go about penetration testing from outside the network?

Penetration Testing

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

教程

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云智能顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云AI代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

功能1上新10个字符

功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符功能2描述100个字符。

功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符功能2上新100个字符。

功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符功能5描述100个字符

功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符功能5上新100个字符

功能4上新

文章&问答评论现已支持表情

全新交互，全新视觉，新增快捷键、悬浮工具栏、高亮块等功能并同时优化现有功能，全面提升创作效率和体验

社区富文本编辑器全新改版！诚邀体验～ 

精选全网热门MCP server，让你的AI更好用 🚀

💥开发者 MCP广场重磅上线！

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

聚焦“写作效率、视觉美观与运行性能”三方面进行全面升级，为您提供更高效、稳定的创作环境

社区富文本&Markdown编辑器全新改版上线，欢迎大家体验!

诚挚邀请您参与本次调研，分享您的真实使用感受与建议。您的反馈至关重要，感谢您的支持与参与！

社区新版编辑器体验调研

我们正在部署一个新的网站，我们自己托管。除了进入白帽之外，你将如何从网络之外进行渗透测试？

问渗透试验
EN

回答 10

Server Fault用户

Server Fault用户

Server Fault用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问渗透试验EN

回答 10

Server Fault用户

Server Fault用户

Server Fault用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问渗透试验
EN