最近公司項目需要進行web安全測試,網上的資料又太多,故收集一下資料:
基礎知識
安全招聘中,如何招到優秀的Web滲透測試人員?https://cloud.tencent.com/developer/article/1039856
web安全淺析 https://cloud.tencent.com/developer/article/1074735
web安全測試 https://blog.csdn.net/qq_38684504/article/details/103270484
初識網絡安全 https://testerhome.com/topics/20134
物聯網安全測試指南 https://cloud.tencent.com/developer/article/1439146
安全測試之 “十萬個爲什麼?” https://cloud.tencent.com/developer/article/1523815
Web安全漏洞及測試方法 https://cloud.tencent.com/developer/article/1553049
菜鳥淺談——web安全測試 https://blog.csdn.net/u010559128/article/details/79394056
XSS攻擊的原理 https://www.2cto.com/article/201209/156182.html
web安全之XSS攻擊原理及防範 https://www.cnblogs.com/tugenhua0707/p/10909284.html
淺談CSRF攻擊方式 https://www.cnblogs.com/hyddd/archive/2009/04/09/1432744.html
url跳轉漏洞的危害 https://blog.csdn.net/change518/article/details/53997509
利用SQL注入漏洞登錄後臺 https://www.cnblogs.com/sdya/p/4568548.html
軟件安全測試(來源:騰訊雲用戶6517667-小老鼠的專欄)
(一)https://cloud.tencent.com/developer/article/1552639
(二)https://cloud.tencent.com/developer/article/1552835
(三)https://cloud.tencent.com/developer/article/1552843
(四)https://cloud.tencent.com/developer/article/1558166
(五)https://cloud.tencent.com/developer/article/1558169
(六)https://cloud.tencent.com/developer/article/1558173
(七)https://cloud.tencent.com/developer/article/1558184
(八)https://cloud.tencent.com/developer/article/1558189
(九)暫未找到
(十)https://cloud.tencent.com/developer/article/1559871
安全測試工具
安全測試者偏愛的安全測試工具 https://cloud.tencent.com/developer/article/1043922
11款常用的安全測試工具 https://cloud.tencent.com/developer/article/1506310
安全測試工具 (來源:騰訊雲用戶6517667-小老鼠的專欄)
(一) https://cloud.tencent.com/developer/article/1552986
(二)https://cloud.tencent.com/developer/article/1552990
(三)https://cloud.tencent.com/developer/article/1552994
(四)https://cloud.tencent.com/developer/article/1552997
(五)https://cloud.tencent.com/developer/article/1552998
(六)https://cloud.tencent.com/developer/article/1553002
(七)https://cloud.tencent.com/developer/article/1553003
(八)https://cloud.tencent.com/developer/article/1553008
(九)https://cloud.tencent.com/developer/article/1553009
(十)https://cloud.tencent.com/developer/article/1553011
安全測試工具(SQLMap) https://cloud.tencent.com/developer/article/1549031
實際案例
公司web安全等級提升 https://cloud.tencent.com/developer/article/1345661
淺談開源web程序後臺的安全性 https://cloud.tencent.com/developer/article/1035091
一次關於WEB的URL安全測試 https://cloud.tencent.com/developer/article/1503495
滲透測試
滲透測試入門 https://cloud.tencent.com/developer/article/1552932
滲透測試 https://cloud.tencent.com/developer/article/1196543
搭建測試環境 https://cloud.tencent.com/developer/article/1552936
MSF滲透測試 https://cloud.tencent.com/developer/article/1552980
滲透安全測試的靶場 https://cloud.tencent.com/developer/article/1483728