web安全系列 环境准备Brute Force(暴力(破解)Command Injection(命令行注入)CSRF(跨站请求伪造)File Inclusion(文件包含)File Upload(文件上传)Insecure CAPTCHA (不安全的验证码)SQL Injection(SQL注入)SQL Injection(Blind)(SQL盲注)XSS(Reflected)(反射型跨站脚本)XSS(Stored)(存储型跨站脚本)