Category: Technique

Web Debugging Fiddler 0

Advanced Web Debugging with Fiddler

On this post, I will introduce a penetration of the web test development industry. It is more popular a web traffic capture package analysis tool. Fiddler’s function here is not to say, a simple...

Session mechanism 0

Session mechanism in the details

Session mechanism In addition to using cookies, Web applications often use Session to record client status. A session is a mechanism used by the server to record the status of the client. It is simpler...

Cookie mechanism 0

Cookie mechanism in the details

Cookie mechanism In the program, session tracking is a very important thing. In theory, all request operations of a user should belong to the same session, and all the request operations of another user should belong...

Shodan command line 0

Using Shodan command line

Shodan, the official definition of himself Computer Search Engine (Computer Resource Search Engine), is American man John Mase Li spent nearly 10 years to build a search engine that can search almost all US...

OWASP Top 10 2017 0

OWASP Top 10 2017 final version has been released!

In recent years, cloud, API, and other technologies widely used, the software development process to introduce agile development and DevOps to achieve the development of operation and maintenance work automation, version of the rapid...

Penetration Testing 0

Penetration Testing concept for beginner

Penetration Testing is a completely simulated attack technology and vulnerability discovery technology that hackers may use to deeply probe the security of the target system and discover the most vulnerable part of the system. Penetration...

0

Introduction to Memory Addressing Mode

In the memory addressing principle article, i introduced the basic knowledge of memory addressing , the memory addressing mode to look at IA-32-bit system addressing mode. Article Content 3. IA-32-bit system addressing mode 3.1...

CSRF Simple Example 0

What are CSRF tokens and how do they work?

Understanding CSRF The Express team’s csrf and csurf modules frequently have issues popping up concerned about our usage of cryptographic functions. These concerns are unwarranted due to a misunderstanding of how CSRF tokens work. So here’s a quick...