rd checklist documentation rd_checklist documentation, v2.2 – * watcher 1.web •wireshark...

RD_Checklist Documentation V2.2
Knownsec Team
2014 03 11

Contents
1 1
2 3 2.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3 9 3.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 3.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 3.3 Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 3.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 3.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.7 1,2,3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
4 21
5 23
6 25 6.1 2.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 6.2 2.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 6.3

CHAPTER 1
•
• Tip
• Geek
•
• v2.2
1

RD_Checklist Documentation, V2.2
2 Chapter 1.

CHAPTER 2
2.1
•
•
• –
2.2
•
• –
– *
* QQ
*
•
• –
–
2.3
•
•
•
•
2.4
•
3

•
• /RSS
–
•
2.5
• – BT
–
•
• –
– * • –
–
• –
– http://www.wapm.cn/smart-questions/smart-questions-zh.html
• –
– //
–
–
• –
– *
*
*
*
* /
*
• –
–
– *
2.6
•
•
•
4 Chapter 2.
http://www.wapm.cn/smart-questions/smart-questions-zh.html

2.7
2.7.1 POC
1. Web
2. Python
3. HTTP
• HTTP
• HTTP
4.
5. •
•
6. •
•
7.
2.8
2.8.1 SQL
• SQL“”
• SQL
– MySQL
– MSSQL
– Oracle
– PostgreSQL
– Access
– SQLite
– ...
• – sqlmap
– ...
• –
– Paper
– /
–
• N
•
2.7. 5

2.9
2.9.1
•
•
• “”
2.9.2
• –
• –
•
•
•
•
•
•
•
•
•
•
•
•
IT
2.9.3
•
•
• 2
•
6 Chapter 2.

2.9.4
• Rework
– 37signals
• 45
2.9.5
•
•
2.9.6
•
•
•
2.9.7 ...
2.9. 7

8 Chapter 2.

CHAPTER 3
3.1
•
•
3.2
3.2.1 HTTP
• Firefox
– Firebug/Firecookie
*
– Tamper Data
*
– Live HTTP Headers
*
– HackBar
* /POST
– Modify Headers
–
• Fiddler
–
–
–
–
–
–
9

– * Watcher
1. Web
• Wireshark
–
• tcpdump
– Wireshark
• Python
– urllib2
* 1. urllib2do_openh.set_debuglevel
2. h.set_debuglevel(1)HTTPS
3.2.2
• 302
–
• 301
–
• u = urllib2.urlopen(url)u.url
– urllib2
–
•
– htmlparse
• location.href = “http://evilcos.me”;
– JS
3.2.3 Python
• PythonCodingRule.pdf
10 Chapter 3.
http://evilcos.me

Python2
• 4 Python
–
• 6.8 Unicode
–
• 8.11 iter()
–
• 9
–
• 10
–
• 11
–
• 12
–
• 14
–
• 15
–
• 18
–
• 20.2 PythonWebWeb
–
3.2.4 Office
• Word
• Excel
• PPTPPTGoogle...
• – yEd
– Visio
– Freemind
*
– Sphinx
* reStructuredText
3.2. 11

3.2.5 Vim
• 3http://coolshell.cn/articles/5426.html
3.2.6
•
•
3.2.7
• – Kodos
– RegexBuddy
*
*
– http://www.regexper.com/
*
• 30http://deerchao.net/tutorials/regex/regex.htm
• http://wiki.ubuntu.org.cn/Python
• regex/regularexpressions.pptx
• regex/.txt
3.2.8
• -> -> -> -> -> -> /
•
•
• Bugs
• –
• Bugs
• – * –
– Python
12 Chapter 3.
http://coolshell.cn/articles/5426.html http://www.regexper.com/ http://deerchao.net/tutorials/regex/regex.htm http://wiki.ubuntu.org.cn

* import pdb;pdb.set_trace()
* h
– print
•
•
• v1v1v1
• Wiki
3.2.9
• http://code.google.com/p/goagent/
• SSH
– http://www.ibm.com/developerworks/cn/linux/l-cn-sshforward/index.html
– * ssh -L ::
– *
* ssh -R ::
– * ssh -D
3.3 Web
3.3.1 Web
8+1:)
3.3. Web 13
http://code.google.com/p/goagent/ http://www.ibm.com/developerworks/cn/linux/l-cn-sshforward/index.html

• –
–
– http://www.zoomeye.org
•
3.3.2
•
•
•
3.3.3 Web
• OWASP
• WASC
• Wiki
14 Chapter 3.
http://www.zoomeye.org

3.3.4
XSS
• ks-xsslab_open
– * XSS
* CSRF
* ClickJacking
• http://xss-quiz.int21h.jp/
– xss/xss_quiz.txt
SQL
• https://github.com/Audi-1/sqli-labs
– SQLI-LABS is a platform to learn SQLI
500WSL
/BT5/Kali
•
3.3.5
• Web
• Web
• Web
– xisigr
• SQL
3.3.6 Papers
• http://www.exploit-db.com/papers/
• blackhat/defcon/Papers
3.4
3.4.1
• pip
• Vagrant
• tmux/screen
3.4. 15
http://xss-quiz.int21h.jp/ https://github.com/Audi-1/sqli-labs http://www.exploit-db.com/papers/

• Vim
• zsh + oh-my-zsh
• Python2.7
• >Django1.4
– http://djangobook.py3k.cn/2.0/
• web.py
• node.js
• Ubuntu/Gentoo/CentOS
• IPython
• – Git/SVN
– GitLab
• Nginx + uWSGI
3.4.2 Python
• –
– Python. . . . . .
3.4.3 Linux
• – Bash.pdf
– Bash.pdf
• bash.txt
• screen.pdf
• crontab.pdf
3.4.4
• JavaScript DOM
DOM
•
16 Chapter 3.
http://djangobook.py3k.cn/2.0/

• jQuery
–
–
• ECharts
–
• Google API
• ZoomEye Map
– ZoomEye
• AngularJS
– Google
• Bootstrap
–
3.4.5
• –
• – wget/curl
– urllib2/httplib2/requests
– scrapy

rd checklist documentation rd_checklist documentation, v2.2 – * watcher 1.web •wireshark...

Documents

Tcpdump and Wireshark - Princeton University Computer Science · PDF fileTcpdump examples (Mac OS X) - Use “ifconfig” or “sudo tcpdump -D” to get a list of interfaces - “sudo

Packet Capture Wireshark - wiki. · PDF file# tcpdump–nnieth0 –s0 # tcpdump–nnieth0 not port 22 –s0 –c 1000 # tcpdump–nnieth0 not port 22 and dsthost 10.10.10.10 and not

Benchmarking de Herramientas Forenses para Móviles 1 TCPDUMP Wireshark Wireshark (As Root) Ingeneria en Reversa Androguard Antilvl APK Tool Baksmali Dex2Jar Jasmin JD-GUI Mercury

Packet Capture Wireshark - RGnet · PDF file# tcpdump –nni eth0 –s0 # tcpdump –nni eth0 not port 22 –s0 –c 1000 # tcpdump –nni eth0 not port 22 and dst host 10.10.10.10

Tcpdump Manual

Using tcpdump. tcpdump is a powerful tool that allows us to sniff network packets and make some statistical analysis out of those dumps. tcpdump operates

Het manipuleren van netwerkpakketten met potentie inzetbaar te zijn als vervanger voor tools als hping, arpspoof, wireshark, p0f, nmap, tcpdump, enzovoort. Deze tools zijn vaak gemaakt

Wireshark User’s Guide • Open files containing packet data captured with tcpdump/WinDump, Wireshark, and many other packet capture programs. • Import packets from text files

The Courier's Tragedy - 1010.co.uk · PDF file (gis)kismet, wireshark, airsnort?, tcpdump (tcpdump -i wlan1 -s 0 -w llog) , scapy (creation and usrp capture), ettercap (Ettercap is

Lab 1: Packet Sniffing and fy8421/19sp-csc5290/slides/lab1-slides.pdf – IP, TCP, HTTP headers • Wireshark, TCPDump Wayne State University Course: Cyber Security Practice 4 TCP/IP

Ditto Shark User Manual v1.3 - cru-inc.com · PDF file• Filter and capture network traffi c to a tcpdump/Wireshark-compatible PCAP fi le ... 5.6 Quick Start 19. 3 Protecting Your

Digital Industries Apprenticeship: Occupational Brief ... · PDF file Analyst can configure a packet analysis tool (e.g. TCPDump, Wireshark) to capture packets from an interface. Analyst

Using tcpdump

Tcpdump and Wireshark

Introduction to Networking and Systems Measurements · PDF file(tcpdump, tshark, wireshark, ) tcpdump (libpcap) ... 0,sackOK,eol], length 0 . Networking and Systems Measurements (L50)

UNIVERSIDADE TECNOLÓGICA FEDERAL DO PARANÁ CURSO DE ... · PDF file programas como Wireshark ® e a ferramenta de análise TCPDUMP, o que torna o processo lento devido à dimensão

Acquisizione della prova online - Paolo Dal Checco ... · PDF file Acquisire traffico di rete (Wireshark, tcpdump) Se possibile, non cifrato (SSL, Proxy) Salvare codice integrale Contattare

Geneve: What Is It and Why Is OVN Using It? · PDF file • Linux Debugging Tool: • Wireshark • tcpdump • libpcap NIC: • Intel XL710 • MellanoxConnectX-4 • BroadcomNetXtreme

Kubernetes Runtime Security with Falco and Sysdig - Cloud ... ... •2013 Linux kernel tracing tool •Evolution of tcpdump and Wireshark into the system •Easy to use (no code required),

o t i u TCPDUMP t a r G Alonso Eduardo Caballero Quezada r ... · PDF file TCPDump TCPDump permite realizar un volcado del tráfico de la red. TCPDump imprime la descripción del contenido