Shulou(Shulou.com)06/01 Report--

At the earliest, I just wanted to do more research on sqlmap. Later, I did a more and more in-depth research. I did a practical column on sqlmap security. Later, I thought that the content of the column would be 30 + articles. I conceived it last night and thought it could be sorted out into a book, which can be regarded as the research result of this year. If I don't work hard, I will never have a chance to succeed. If I work hard, I will probably succeed.

"Network Security practice-sqlmap from entry to mastery" directory

Chapter 1 installation and Construction of Test platform for sqlmap

1.1 install sqlmap on windows

1.2 install sqlmap on centos

1.3 install and use sqlmap in the kali virtual machine

1.4 build a dvwa test platform on kali

1.5 build a sqlab test platform on windows

Chapter 2 fundamentals and use of sqlmap

2.1 configure sqlmap

2.2sqlmap directory and structure

Strategies and techniques for using 2.3SQLMap-completed

Chapter 3 using sqlmap for injection Security

3.1Using sqlmap for asp site injection-completed

3.2 aspx website injection using sqlmap-completed

3.3Using sqlmap for php site injection-completed

3.4Using sqlmap for jsp site injection-completed

Chapter 4 using sqlmap to get webshell

4.1 obtaining webshell- using sqlmap direct connection MySQL database has been completed

4.2 use sqlmap direct connection mssql to obtain webshell or permissions-completed

Research on obtaining Webshell and system permissions by 4.3SQLmap injection-completed

4.4sqlmap database export strategy-completed

Chapter 5 using sqlmap for database injection × ×

5.1 access injection using sqlmap-completed

5.2 mssql database injection using sqlmap-completed

5.3 MySQL injection using sqlmap and * * a server-has been completed

5.4 oracle database injection using sqlmap-completed

Chapter 6 using sqlmap for Security practice

6.1burpsuite grab package to cooperate with sqlmap to implement SQL injection-completed

6.2Using sqlmap for X-Forwarded header injection-completed

6.3 use of sqlmap × × a website-completed

6.4 use sqlmap zigzag * * a server-has been completed

6.5. automatic injection of sqlmap with SQLiPy-completed

6.6sqlamp uses the search engine to obtain the target address for injection-completed

Comprehensive exploitation of vulnerabilities by 6.7sqlmap and other security tools-completed

6.8sqlmap implements batch url injection-completed

6.9 use sqlmap to inject burpsuite packet capture log

6.10 cookiee injection using sqlmap

6.11 pseudo-static SQL injection using sqlmap

Chapter 7 using sqlmap to bypass the waf firewall

7.1SQLmap bypassing waf for access injection-completed

Interpretation of 7.2sqlmap bypassing waf File

7.3sqlmap 's skill of bypassing waf

Chapter 8 sql injection Security Prevention and Log Security check

8.1 SQLmap check of internal security

8.2windowsIIS log analysis-completed

8.3linux log analysis

8.4 an emergency * * processing and log analysis-completed

8.5 clue tracking of a fishing fraud 800000 case-completed

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.