June 2020
Intermediate to advanced
423 pages
7h 58m
Chinese
Content preview from Kali Linux学习手册
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
侦察
|
117
OrgTechPhone: +1-650-253-0000
OrgTechEmail: arin-contact@google.com
OrgTechRef: https://whois.arin.net/rest/poc/ZG39-ARIN
我们使用它的方法是获取一个已定位的
IP
地址,比如
Web
服务器或电子邮件
服务器,然后确定谁拥有整个网络块。在某些情况下,比如
O
’
Reilly
的
Web
服务器,该网络块属于服务提供商,因此我们将无法从该网络块获取其他目标。
但是,当你找到属于特定公司的网络块时,你拥有目标的若干
IP
地址。当我
们开始进一步侦察时,这些
IP
地址块在后续工作中将会非常有用。在此期间,
你还可以使用
dig
或
nslookup
查找与
IP
地址有关的主机名。
通过
IP
地址查找主机名需要目标组织拥有一个预定义的反向区域。要根据
IP
地址查找主机名,需要为主机名有关的网络块中的每个
IP
地址创建指针记录
(
pointer records
,
PTR
)。但请注意,反向查找和正向查找之间并不一定存
在必然的联系。如果
www.foo.com
解析为
1.2.3.42
,那么并不意味着
1.2.3.42
必须反向解析为
www.foo.com
。
IP
地址可能指向具有多种用途,并具有多个
名称匹配这些用途的系统。
被动侦察
通常,侦察工作都会涉及与目标有关的基础设施。但是这并不意味着你必须
主动探测目标网络。我们稍后介绍的端口扫描这类主动探测可能会产生噪声,
从而让他人对你的行为产生警觉。在准备好真正发动攻击之前,你可能并不 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.