[TOC]
四步思考法:
- 放大影响面,如何快速响应修复(横向放大,广度)
- 影响深入了,如何处理(纵向深入,深入)
- 如何防止再次发生(本质思考)
- 是否能形成产品或者防御链(输出)
举个例子:
- 假定某个漏洞的影响面很广,有100万台内外网服务器受影响,无法及时迭代,如何防护?
- 某些服务器已被入侵,如何在数万台服务器中快速区分出沦陷的服务器?
- 如何防止再次发生同样的事情?
- 能否输出点产品或者思考?
-
Obfuscated code
-
Information Leak Monitor
-
Code Auidt (Dangerout API, demo, Exploit)
- PHP
- Java
- Python
- Go
- CVEs
- Privilege Escalation
- Windows
- Linux
-
Shell Managers
- Cknife
- antSword
- chopper
- Hatchet
- Altman
-
Web Shell
- PHP
- Java(JSP)
- Python
- Asp
-
Reverse Malware Analysis
- IDA Pro
- Android
- jd-gui
-
Information Gather
- Brute Force Path
- Domain Scanner
- Domain certificate
- Dictonary
- username
- password
- webpath
- middle software info
- common ports
-
Port Forward
- Lcx
- nc
- ncat
- socat
-
Proxy Tools
-
BurpSuite
-
Fiddler
-
MITM Proxy
-
Wireshark
-
Tcpdump & ssldump
-
-
Post Exploit
- Metasploit
- CobaltStrike
- Empire
- mimikatz
- BrowserPasswordDump
- CEH
- CISP
- CISSP
- OSCP
- OSCE
- OSEE
- Security +
- ISO 27001