daily Programming: 帆哥 OWASP 資安分享!

September 19, 2019 less than 1 minute read

Tags: daily-programming, owasp, 讀書會

OWASP

OWASP Prevention Cheet Sheet

XSS 類別

XSS 攻擊可分三類型
XSS cheat sheet

Stored XSS attacks
- Type-I XSS
- 存在 database 裡面
Reflected XSS attacks
- 不用進資料庫
- 網頁有些參數
- 網頁抓 params，塞到 inner html
DOM XSS attacks
- 幾乎都在前端發生

滲透測試好棒棒的網站

Docker hub DVWA
- DVWA
```
 docker run --rm -it -p 80:80 vulnerables/web-dvwa
```
- 帳號密碼
  - admin
  - passwoed
- DVWA Security
Metasplotable
- Metasplotable
- 帳號密碼
  - msfadmin
  - msfadmin
Mutillidae
- Mutillidae
Kali linux

Twitter Facebook LinkedIn

You May Also Enjoy

daily Programming: 寶哥出場品質保證又見 GitHub Copilot!

October 25, 2024 1 minute read

又見面拉～～～

daily Programming: Azure AI Search

September 27, 2024 less than 1 minute read

Github:azure-search-openai-demo

當你覺得對方很Ｇ8討厭的時候，放面鏡子照照自己剛剛的行為先吧！

December 14, 2023 less than 1 minute read

控制你的情緒＆語氣

daily Programming: 寶哥出場品質保證 GitHub Copilot

December 13, 2023 less than 1 minute read

GitHub Copilot 協作開發實戰 - 學員課前注意事項