{"id":938,"date":"2014-08-10T11:13:41","date_gmt":"2014-08-10T03:13:41","guid":{"rendered":"http:\/\/ixyzero.com\/blog\/?p=938"},"modified":"2017-10-15T22:29:24","modified_gmt":"2017-10-15T14:29:24","slug":"tools%e4%b8%80%e4%ba%9b%e5%ae%89%e5%85%a8%e5%b7%a5%e5%85%b7","status":"publish","type":"post","link":"https:\/\/ixyzero.com\/blog\/archives\/938.html","title":{"rendered":"[tools]\u4e00\u4e9b\u5b89\u5168\u5de5\u5177"},"content":{"rendered":"<p>\u4e00\u76f4\u4ee5\u6765\u5c31\u60f3\u8fc7\u8981\u603b\u7ed3\u4e00\u4e0b\u6709\u54ea\u4e9b\u5e38\u89c1\u7684\u5b89\u5168\u5de5\u5177\uff0c\u4f46\u7ecf\u9a8c\u3001\u6c34\u5e73\u6709\u9650\u4e5f\u5c31\u65e0\u6cd5\u6210\u6587\uff0c\u4e0d\u8fc7\u540e\u6765\u9646\u7eed\u770b\u5230\u4e86<a href=\"http:\/\/sectools.org\/\" target=\"_blank\" rel=\"noopener\">SecTools.Org Top Network Security Tools<\/a>\u00a0\u548c \u4f59\u5f26\u5199\u7684\u201c<a href=\"http:\/\/zhuanlan.zhihu.com\/evilcos\/19578244\" target=\"_blank\" rel=\"noopener\">\u6211\u7684\u6e17\u900f\u5229\u5668<\/a>\u201d\u00a0\u7b49\u6280\u672f\/\u5de5\u5177\u79d1\u666e\u6027\u6587\u7ae0\u4e4b\u540e\uff0c\u52a0\u4e0a\u81ea\u5df1\u4e4b\u524d\u4f7f\u7528\u5176\u4e2d\u7684\u4e00\u4e9b\u8f6f\u4ef6\/\u5de5\u5177\u7684\u7ecf\u9a8c\uff0c\u8fd8\u662f\u53ef\u4ee5\u5728\u4ed6\u4eec\u7684\u6587\u7ae0\u4e4b\u4e0a\u505a\u4e00\u4e9b\u4fee\u6539\uff0c\u7136\u540e\u4f9b\u81ea\u5df1\u4ee5\u540e\u53c2\u8003\u7684\u3002<\/p>\n<hr \/>\n<h6>\u5de5\u5177<\/h6>\n<ul>\n<li>Wireshark<\/li>\n<li>Metasploit<\/li>\n<li>Nessus<\/li>\n<li>Aircrack\/Reaver<\/li>\n<li>Snort<\/li>\n<li>AWVS<\/li>\n<li>Hydra\/Medusa<\/li>\n<li>Cain and Abel\uff08\u6682\u65f6\u8fd8\u6ca1\u7528\u8fc7\uff09<\/li>\n<li>Netcat\/lcx<\/li>\n<li>tcpdump<\/li>\n<li>John the Ripper<\/li>\n<li>BurpSuite\/Fiddler<\/li>\n<li>Nikto<\/li>\n<li>Ettercap<\/li>\n<li>Sysinternals<\/li>\n<li>w3af<\/li>\n<li>wwwscan<\/li>\n<li>\u2026\u2026<\/li>\n<\/ul>\n<h6>\u641c\u7d22\u5f15\u64ce\/\u5e73\u53f0<\/h6>\n<ul>\n<li>Shodan<\/li>\n<li>Exploit-db<\/li>\n<li>ZoomEye<\/li>\n<li>\u2026\u2026<\/li>\n<\/ul>\n<hr \/>\n<p style=\"color: #414243;\">by \u4f59\u5f26 2013<\/p>\n<p style=\"color: #414243;\">\u4e0d\u65ad\u6269\u5145\u6269\u5145\uff0c\u60f3\u5230\u54ea\u6269\u5145\u5230\u54ea\u3002<\/p>\n<p style=\"color: #414243;\"><span style=\"font-weight: bold;\">Firefox\u4e0b<\/span><\/p>\n<ol style=\"color: #414243;\">\n<li>Firebug\uff0c\u8c03\u8bd5js\uff0cHTTP\u8bf7\u6c42\u54cd\u5e94\u89c2\u5bdf\uff0cCookie\uff0cDOM\u6811\u89c2\u5bdf\u7b49\uff1b<\/li>\n<li>GreaseMonkey\uff0c\u81ea\u5df1\u6539\u4e86\u4e2aCookie\u4fee\u6539\u811a\u672c\uff0c\u5176\u4ed6\u540c\u5b66\u53ef\u4ee5\u7528\u8fd9\u6b3e\uff1a<a class=\" wrap external\" style=\"color: #225d99;\" href=\"http:\/\/userscripts.org\/scripts\/show\/119798\" target=\"_blank\" rel=\"nofollow noopener\">Original Cookie Injector for Greasemonkey<i class=\"icon-external\"><\/i><\/a>\uff1b<\/li>\n<li>Noscript\uff0c\u8fdb\u884c\u4e00\u4e9bjs\u7684\u963b\u65ad\uff1b<\/li>\n<li>AutoProxy\uff0c\u7ffb\u5899\u5fc5\u5907\uff1b<\/li>\n<\/ol>\n<p style=\"color: #414243;\"><span style=\"font-weight: bold;\">Chrome\u4e0b<\/span><\/p>\n<ol style=\"color: #414243;\">\n<li>F12\u6253\u5f00\u5f00\u53d1\u8005\u5de5\u5177\uff0c\u529f\u80fd==Firebug+\u672c\u5730\u5b58\u50a8\u89c2\u5bdf\u7b49\uff1b<\/li>\n<li>SwichySharp\uff0c\u7ffb\u5899\u5fc5\u5907\uff1b<\/li>\n<li>Cookie\u4fee\u6539\u811a\u672c\uff0c\u81ea\u5df1\u5199\u4e86\u4e00\u4e2aChrome\u6269\u5c55\uff08\u5df2\u5f00\u6e90\uff1a<a class=\" wrap external\" style=\"color: #225d99;\" href=\"http:\/\/evilcos.me\/?p=366\" target=\"_blank\" rel=\"nofollow noopener\">Cookie\u5229\u7528\u795e\u5668\uff1aCookieHacker<i class=\"icon-external\"><\/i><\/a>\uff09\uff0c\u5176\u4ed6\u540c\u5b66\u53ef\u4ee5\u81ea\u5df1\u5230Chrome\u6269\u5c55\u641c\u4e2a\u597d\u7528\u7684\uff1b<\/li>\n<\/ol>\n<p style=\"color: #414243;\"><span style=\"font-weight: bold;\">\u524d\u7aef\u6e17\u900f\u5de5\u5177<\/span><\/p>\n<ol style=\"color: #414243;\">\n<li><a class=\" wrap external\" style=\"color: #225d99;\" href=\"http:\/\/evilcos.me\/lab\/xssor\/\" target=\"_blank\" rel=\"nofollow noopener\">XSS\u2019OR<i class=\"icon-external\"><\/i><\/a>\uff0c\u6211\u5f00\u53d1\u7684\uff0c\u5e38\u7528\u5176\u4e2d\u52a0\u89e3\u5bc6\u4e0e\u4ee3\u7801\u751f\u6210\uff0c\u6e90\u7801\u653e\u5230\u4e86\u8fd9\uff1a<a class=\" wrap external\" style=\"color: #225d99;\" href=\"https:\/\/github.com\/evilcos\/xssor\" target=\"_blank\" rel=\"nofollow noopener\">evilcos\/xssor \u00b7 GitHub<i class=\"icon-external\"><\/i><\/a>\uff1b<\/li>\n<li><a class=\" wrap external\" style=\"color: #225d99;\" href=\"http:\/\/evilcos.me\/lab\/xssee\/\" target=\"_blank\" rel=\"nofollow noopener\">XSSEE 3.0 Beta<i class=\"icon-external\"><\/i><\/a>\uff0cMonyer\u5f00\u53d1\u7684\uff0c\u52a0\u89e3\u5bc6\u6700\u597d\u7528\u795e\u5668\uff1b<\/li>\n<li><a class=\" wrap external\" style=\"color: #225d99;\" href=\"http:\/\/jsbeautifier.org\/\" target=\"_blank\" rel=\"nofollow noopener\">Online JavaScript beautifier<i class=\"icon-external\"><\/i><\/a>\uff0cjs\u7f8e\u5316\u5de5\u5177\uff0c\u5206\u6790js\u5e38\u7528\uff1b<\/li>\n<li>\u524d\u7aef\u653b\u51fb\u6846\u67b6\uff0c\u63a8\u8350BeEF\u53ca\u4e00\u4e9b\u5c0f\u4f19\u4f34\u5f00\u53d1\u7684XSS\u76f2\u6253\u5de5\u5177\uff0c\u6211\u81ea\u5df1\u4e5f\u6709\u6b3e\uff0c\u4e0d\u8fc7\u4e0d\u8f7b\u6613\u793a\u4eba\uff1b<\/li>\n<\/ol>\n<p style=\"color: #414243;\"><span style=\"font-weight: bold;\">HTTP\u4ee3\u7406\u5de5\u5177<\/span><\/p>\n<ol style=\"color: #414243;\">\n<li>Fiddler\uff0c\u5373\u53ef\uff0c\u4e0d\u7528\u518d\u5bfb\u627e\u5176\u4ed6\u7684\u4e86\uff0c\u5176\u4e2d\u7684watcher\u63d2\u4ef6\u53ef\u4ee5\u73a9\u73a9\uff0c\u627e\u6f0f\u6d1e\u7684\uff1b<\/li>\n<li>Burp Suite\uff0c\u795e\u5668\uff0c\u4e0d\u4ec5HTTP\u4ee3\u7406\uff0c\u8fd8\u6709\u722c\u866b\u3001\u6f0f\u6d1e\u626b\u63cf\u3001\u6e17\u900f\u3001\u7206\u7834\u7b49\u529f\u80fd\uff1b<\/li>\n<\/ol>\n<p style=\"color: #414243;\"><span style=\"font-weight: bold;\">\u6f0f\u6d1e\u626b\u63cf\u5de5\u5177<\/span><\/p>\n<ol style=\"color: #414243;\">\n<li>AWVS\uff0c\u4e0d\u4ec5\u6f0f\u626b\u65b9\u4fbf\uff0c\u81ea\u5e26\u7684\u4e00\u4e9b\u5c0f\u5de5\u5177\u4e5f\u597d\u7528\uff1b<\/li>\n<li>Python\u81ea\u5199\u811a\u672c\/\u5de5\u5177\uff0c\u597d\u6f0f\u6d1e\u662f\u4f60\u7528AWVS\u7b49\u5c31\u80fd\u53d1\u73b0\u7684\uff1f\u6d17\u6d17\u7761\u5427\uff1b<\/li>\n<li>Nmap\uff0c\u7edd\u5bf9\u4e0d\u4ec5\u4ec5\u662f\u7aef\u53e3\u626b\u63cf\uff01\u51e0\u767e\u4e2a\u811a\u672c\uff1b<\/li>\n<\/ol>\n<p style=\"color: #414243;\"><span style=\"font-weight: bold;\">\u6f0f\u6d1e\u5229\u7528<\/span><\/p>\n<ol style=\"color: #414243;\">\n<li>sqlmap\uff0cSQL\u6ce8\u5165\u5229\u7528\u6700\u725b\u795e\u5668\uff0c\u6ca1\u6709\u4e4b\u4e00\uff1b<\/li>\n<li>Metasploit\uff0c\u4e3b\u673a\u6e17\u900f\u6846\u67b6\uff0c\u800cWeb\u5c42\u9762\u4e0a\u7684\u5c31\u662f\u77e5\u9053\u521b\u5b87\u91cc\u7684\u4e00\u4e9b\u597d\u73a9\u610f\u4e86\uff08\u6211\u53ef\u80fd\u5728\u5439\u725b\uff09\uff1b<\/li>\n<li>\u4e00\u4e9b\u793e\u5de5\u5e73\u53f0\uff0c\u597d\u7684\u90fd\u533f\u4e86\uff1b<\/li>\n<li>Hydra\uff0c\u7206\u7834\u5fc5\u5907\uff1b<\/li>\n<\/ol>\n<p style=\"color: #414243;\"><span style=\"font-weight: bold;\">\u6293\u5305\u5de5\u5177<\/span><\/p>\n<ol style=\"color: #414243;\">\n<li>Wireshark\uff0c\u6293\u5305\u5fc5\u5907\uff1b<\/li>\n<li>tcpdump\uff0cLinux\u4e0b\u547d\u4ee4\u884c\u6293\u5305\uff0c\u7ed3\u679c\u53ef\u4ee5\u7ed9Wireshark\u5206\u6790\uff1b<\/li>\n<\/ol>\n<p style=\"color: #414243;\"><span style=\"font-weight: bold;\">\u5927\u6570\u636e\u5e73\u53f0<\/span><\/p>\n<ol style=\"color: #414243;\">\n<li>ZoomEye\uff0c\u77e5\u9053\u521b\u5b87\u5f00\u653e\u7684\u4e00\u4e2a\u7f51\u7edc\u7a7a\u95f4\u641c\u7d22\u5f15\u64ce\uff0c\u641c\u641c\u7ec4\u4ef6\u5c31\u77e5\u9053\uff1a<a class=\" wrap external\" style=\"color: #225d99;\" href=\"http:\/\/www.zoomeye.org\/\" target=\"_blank\" rel=\"nofollow noopener\">ZoomEye\uff08\u949f\u9997\u4e4b\u773c\uff09<i class=\"icon-external\"><\/i><\/a>\uff0c\u53ef\u4ee5\u8ba4\u4e3a\u6211\u5728\u5e7f\u544a\uff1b<\/li>\n<li>SHODAN\uff0c \u8001\u5916\u5f00\u653e\u7684\u4e00\u4e2a\u7f51\u7edc\u7a7a\u95f4\u641c\u7d22\u5f15\u64ce\uff0c\u641c\u641c\u4e3b\u673a\u8bbe\u5907\u5c31\u77e5\u9053\uff1a<a class=\" wrap external\" style=\"color: #225d99;\" href=\"http:\/\/www.shodanhq.com\/\" target=\"_blank\" rel=\"nofollow noopener\">SHODAN \u2013 Computer Search Engine\uff1b<i class=\"icon-external\"><\/i><\/a><\/li>\n<li>Google\uff0c\uff1a\uff09<\/li>\n<\/ol>\n<p style=\"color: #414243;\">\u66f4\u591a\u81ea\u5df1\u770b\u770bKali Linux\uff08\u8001\u7684\u662f\uff1aBackTrack\uff09\u3002<\/p>\n<p style=\"color: #414243;\">\u8282\u7701\u751f\u547d\u63a8\u8350\uff1a\u719f\u7ec3Linux\u4f17\u591a\u547d\u4ee4+Vim\u3002<\/p>\n<hr \/>\n<h6>\u4e00\u4e9b\u53c2\u8003\u6027\u6587\u7ae0\/\u8d44\u6599\uff1a<\/h6>\n<ul>\n<li><a href=\"http:\/\/zhuanlan.zhihu.com\/Evi1m0\/19706178\" target=\"_blank\" rel=\"noopener\">Evi1m0: \u4e66\u7c4d\u63a8\u8350<\/a><\/li>\n<li><a href=\"http:\/\/zhuanlan.zhihu.com\/Evi1m0\/19739835\" target=\"_blank\" rel=\"noopener\">Evi1m0: \u5b89\u5168\u7c7b\u7f51\u7ad9\u63a8\u8350<\/a><\/li>\n<li><a href=\"http:\/\/www.zhihu.com\/question\/22802099\" target=\"_blank\" rel=\"noopener\">\u73b0\u5728\u5927\u90e8\u5206\u7f51\u7ad9\u5bb9\u6613\u88ab\u5165\u4fb5\u5417\uff1f &#8211; \u77e5\u4e4e<\/a><\/li>\n<li><a href=\"http:\/\/blog.knownsec.com\/Knownsec_RD_Checklist\/v2.2.html\" target=\"_blank\" rel=\"noopener\">\u77e5\u9053\u521b\u5b87\u7814\u53d1\u6280\u80fd\u8868v2.2 2014\/3\/9<\/a><\/li>\n<li><a href=\"http:\/\/resources.infosecinstitute.com\/\" target=\"_blank\" rel=\"noopener\">IT Security Training &amp; Resources by InfoSec Institute<\/a><\/li>\n<li><a href=\"http:\/\/www.reddit.com\/r\/netsec\/\" target=\"_blank\" rel=\"noopener\">\/r\/netsec &#8211; Information Security News &amp; Discussion<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>\u4e00\u76f4\u4ee5\u6765\u5c31\u60f3\u8fc7\u8981\u603b\u7ed3\u4e00\u4e0b\u6709\u54ea\u4e9b\u5e38\u89c1\u7684\u5b89\u5168\u5de5\u5177\uff0c\u4f46\u7ecf\u9a8c\u3001\u6c34\u5e73\u6709\u9650\u4e5f\u5c31\u65e0\u6cd5\u6210\u6587\uff0c\u4e0d\u8fc7\u540e\u6765\u9646\u7eed\u770b\u5230\u4e86SecTools [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,25,12],"tags":[37,71],"class_list":["post-938","post","type-post","status-publish","format-standard","hentry","category-knowledgebase-2","category-security","category-tools","tag-security","tag-tools"],"views":8718,"_links":{"self":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/938","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/comments?post=938"}],"version-history":[{"count":1,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/938\/revisions"}],"predecessor-version":[{"id":3538,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/938\/revisions\/3538"}],"wp:attachment":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/media?parent=938"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/categories?post=938"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/tags?post=938"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}