最近公司项目需要进行web安全测试,网上的资料又太多,故收集一下资料:
基础知识
安全招聘中,如何招到优秀的Web渗透测试人员?https://cloud.tencent.com/developer/article/1039856
web安全浅析 https://cloud.tencent.com/developer/article/1074735
web安全测试 https://blog.csdn.net/qq_38684504/article/details/103270484
初识网络安全 https://testerhome.com/topics/20134
物联网安全测试指南 https://cloud.tencent.com/developer/article/1439146
安全测试之 “十万个为什么?” https://cloud.tencent.com/developer/article/1523815
Web安全漏洞及测试方法 https://cloud.tencent.com/developer/article/1553049
菜鸟浅谈——web安全测试 https://blog.csdn.net/u010559128/article/details/79394056
XSS攻击的原理 https://www.2cto.com/article/201209/156182.html
web安全之XSS攻击原理及防范 https://www.cnblogs.com/tugenhua0707/p/10909284.html
浅谈CSRF攻击方式 https://www.cnblogs.com/hyddd/archive/2009/04/09/1432744.html
url跳转漏洞的危害 https://blog.csdn.net/change518/article/details/53997509
利用SQL注入漏洞登录后台 https://www.cnblogs.com/sdya/p/4568548.html
软件安全测试(来源:腾讯云用户6517667-小老鼠的专栏)
(一)https://cloud.tencent.com/developer/article/1552639
(二)https://cloud.tencent.com/developer/article/1552835
(三)https://cloud.tencent.com/developer/article/1552843
(四)https://cloud.tencent.com/developer/article/1558166
(五)https://cloud.tencent.com/developer/article/1558169
(六)https://cloud.tencent.com/developer/article/1558173
(七)https://cloud.tencent.com/developer/article/1558184
(八)https://cloud.tencent.com/developer/article/1558189
(九)暂未找到
(十)https://cloud.tencent.com/developer/article/1559871
安全测试工具
安全测试者偏爱的安全测试工具 https://cloud.tencent.com/developer/article/1043922
11款常用的安全测试工具 https://cloud.tencent.com/developer/article/1506310
安全测试工具 (来源:腾讯云用户6517667-小老鼠的专栏)
(一) https://cloud.tencent.com/developer/article/1552986
(二)https://cloud.tencent.com/developer/article/1552990
(三)https://cloud.tencent.com/developer/article/1552994
(四)https://cloud.tencent.com/developer/article/1552997
(五)https://cloud.tencent.com/developer/article/1552998
(六)https://cloud.tencent.com/developer/article/1553002
(七)https://cloud.tencent.com/developer/article/1553003
(八)https://cloud.tencent.com/developer/article/1553008
(九)https://cloud.tencent.com/developer/article/1553009
(十)https://cloud.tencent.com/developer/article/1553011
安全测试工具(SQLMap) https://cloud.tencent.com/developer/article/1549031
实际案例
公司web安全等级提升 https://cloud.tencent.com/developer/article/1345661
浅谈开源web程序后台的安全性 https://cloud.tencent.com/developer/article/1035091
一次关于WEB的URL安全测试 https://cloud.tencent.com/developer/article/1503495
渗透测试
渗透测试入门 https://cloud.tencent.com/developer/article/1552932
渗透测试 https://cloud.tencent.com/developer/article/1196543
搭建测试环境 https://cloud.tencent.com/developer/article/1552936
MSF渗透测试 https://cloud.tencent.com/developer/article/1552980
渗透安全测试的靶场 https://cloud.tencent.com/developer/article/1483728