动态 新闻 政策 课程 介绍 综合 问答



中国教育在线  |  2022-06-01 首页-综合-常用工具


尼克托 (Nikto)

Nikto is an open-source tool that is capable of performing extensive web server scans. Nikto can help you scan for harmful files, misconfigurations, outdated software installations, and so on.

Nikto是一种开源工具,能够执行广泛的Web服务器扫描。 Nikto可以帮助您扫描有害文件,配置错误,软件安装过时等等。

It also checks for the presence of multiple index files, HTTP server configurations, and the installed web server software.


Nikto is the preferred tool for general web server security audits. Nikto is fast, but not quiet. You can scan a large web server pretty quickly but intrusion detection systems will easily pick up these scans. However, there is support for anti-IDS plugins in case you want to perform stealthy scans.

Nikto是常规Web服务器安全性审核的首选工具。 Nikto速度很快,但并不安静。 您可以相当快地扫描大型Web服务器,但是入侵检测系统可以轻松进行这些扫描。 但是,如果您要执行隐形扫描,则支持反IDS插件。

打p套房 (Burp Suite)

When it comes to pen-testing web applications, Burpsuite has all the answers for you. BurpSuite aims to be an all in one set of tools for a variety of web application pen-testing use cases. It is also a popular tool among professional web app security researchers and bug bounty hunters.

当涉及笔测试Web应用程序时,Burpsuite可以为您提供所有答案。 BurpSuite旨在成为针对各种Web应用程序笔测试用例的多功能工具。 在专业的Web应用程序安全研究人员和错误赏金猎人中,它也是一种流行的工具。

Burpsuite’s tools work together to support the entire web application testing lifecycle. From scanning to exploitation, Burpsuite offers all the tools you need for breaking into web applications.

Burpsuite的工具可以协同工作,以支持整个Web应用程序测试生命周期。 从扫描到开发,Burpsuite提供了进入Web应用程序所需的所有工具。

One of Burp Suite’s main features is its ability to intercept HTTP requests. HTTP requests usually go from your browser to a web server and then the web server sends a response back. With Burp Suite, you can perform Man-in-the-middle operations to manipulate the request and response.

Burp Suite的主要功能之一是能够拦截HTTP请求。 HTTP请求通常从浏览器发送到Web服务器,然后Web服务器将响应发送回去。 使用Burp Suite,您可以执行中间人操作来操纵请求和响应。

Burpusite has an excellent user interface. Burpsuite also has tools for automation to make your work faster and more efficient.

Burpusite具有出色的用户界面。 Burpsuite还具有自动化工具,可以使您的工作更快,更高效。

In addition to its default features, Burpsuite is extensible by adding plugins called BApps.








