Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/yaxingson/web-security-topics
https://github.com/yaxingson/web-security-topics
Last synced: 24 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/yaxingson/web-security-topics
- Owner: yaxingson
- License: mit
- Created: 2024-07-25T06:29:02.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2024-08-14T13:26:55.000Z (6 months ago)
- Last Synced: 2024-11-06T07:41:57.022Z (3 months ago)
- Size: 6.84 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# web-security-topics
## 站点漏洞
> TCP/IP协议族
```powershell
ipconfig
```
HTTP协议版本:
- [ ] 0.9
- [ ] 1.0
- [x] 1.1 (持续连接)
- [ ] 2.0
常见请求报文头字段:
- `X-Requested-With`
- `Rerferer`
- `Connection`
- `Cookie`
- `Origin`
- `X-Forwarded-For`
- `Content-Type`
- `Accept-Language`
- `User-Agent`
常见响应报文头字段:
- `Set-Cookie`
- `Content-Length`
- `Etag`
- `Location`
- `Allow`
```html
```
### XSS
> 木马和蠕虫
#### 反射型
#### 存储型
#### DOM型
### SQL注入
> SQL字段约束: 非空(NOT NULL)、默认值(DEFAULT)、主键(PRIMARY KEY)、唯一的(UNIQUE)和外键(FOREIGN KEY)
```sql
# ...
-- ...
/* ... */
CREATE DATABASE DB;
```
### CSRF
### 文件上传和包含
[获取本机外网IP](https://ip.900cha.com/)
### 网站攻击
#### DDOS攻击
## 渗透测试