1.基础模块(html/js/php/java/mysql/redis/linux相关/shell/iptables/awk)
2.web漏洞模块(xss/sql inject/include/CSRF/WAF绕过)
3.内网渗透(黄金白银票据/NTML RELAY/在域下委派攻击非委派/横向渗透/代理/)
4.应急响应(windows/Linux响应)
5.高级知识点(python编写一些简单安全工具/java/php反序列化,木马免杀)
6.中间件漏洞(apache/nginx/tomcat/docker/k8s)