灰客服務 grey service

這是針對 wordpress偵測 wpscan _______________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_| WordPress Security Scanner by the WPScan Team Version 2.9.1 Sponsored by Sucuri - https://sucuri.net @ _ WPScan _ , @ethicalhack3r, @erwan_lr, pvdl, @ _ FireFart _ _______________________________________________________________ Examples : -Further help ... ruby ./wpscan.rb --help -Do 'non-intrusive' checks ... ruby ./wpscan.rb --url www.example.com -Do wordlist password brute force on enumerated users using 50 threads ... ruby ./wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50 -Do wordl

CMS( C ontent  M anagement  S ystem ) 說明: 共用與修改與版本規畫 但這也最常見用於  wordpress 透過這樣去偵測漏洞,...這就是 joomscan ,... 指令:   joomscan -u http://www.xxxx.com.tw 說明: joomscan ..|''|| '|| '||' '|' | .|'''.| '||''|. .|' || '|. '|. .' ||| ||.. ' || || || || || || | | || ''|||. ||...|' '|. || ||| ||| .''''|. . '|| || ''|...|' | | .|. .||. |'....|' .||. ================================================================= OWASP Joomla! Vulnerability Scanner v0.0.4 (c) Aung Khant, aungkhant]at[yehg.net YGN Ethical Hacker Group, Myanmar, http://yehg.net/lab Update by: Web-Center, http://web-center.si (2011) ================================================================= Vulnerability Entries: 611 Last update: February 2, 2012 Usage: ./joomscan.pl -u <strin

用來偵測 網站漏洞,... 並非使用常見漏洞偵測方式 sudo apt autoremove sudo apt-get install skipfish 例如:  skipfish -o  /usr/bin/temp/  https://tw.yahoo.com https://code.google.com/p/skipfish/ sudo skipfish -h                                          1 ⨯ skipfish web application scanner - version 2.10b Usage: skipfish [ options ... ] -W wordlist -o output_dir start_url [ start_url2 ... ] Authentication and access options:   -A user:pass      - use specified HTTP authentication credentials   -F host=IP        - pretend that 'host' resolves to 'IP'   -C name=val       - append a custom cookie to all requests   -H name=val       - append a custom HTTP header to all requests   -b (i|f|p)        - use headers consistent with MSIE / Firefox / iPhone   -N                - do not accept any new cookies   --auth-form url   - form authentication URL   --auth-user user  - form authentication user   --auth-pass pass  - form authentication password   --auth-verify-url -  URL for in-session dete