Having a solid foundation in Networking is essential to becoming a good penetration tester. After all, the internet is a bunch of complex networks that communicate with each other. If you are new to Networking, I recommend this playlist by Network Direction.
扎实的网络基础对于成为一名优秀的渗透测试人员至关重要。 毕竟,互联网是一堆相互通信的复杂网络。 如果您不熟悉网络,建议通过Network Direction推荐此播放列表 。
Wireshark is the world’s best network analyzer tool. It is an open-source software that enables you to inspect real-time data on a live network.
Wireshark是世界上最好的网络分析器工具。 它是一个开源软件,使您可以检查实时网络上的实时数据。
Wireshark can dissect packets of data into frames and segments giving you detailed information about the bits and bytes in a packet.
Wireshark supports all major network protocols and media types. Wireshark can also be used as a packet sniffing tool if you are in a public network. Wireshark will have access to the entire network connected to a router.
Wireshark支持所有主要的网络协议和媒体类型。 如果您在公共网络中,也可以将Wireshark用作数据包嗅探工具。 Wireshark将有权访问连接到路由器的整个网络。
Sites like Facebook and Twitter are encrypted now, thanks to HTTPS. This means that even though you can capture packets from a victim computer in transit to Facebook, those packets will be encrypted.
借助HTTPS,现在可以对诸如Facebook和Twitter之类的网站进行加密。 这意味着,即使您可以捕获从受害者计算机传输到Facebook的数据包,这些数据包也将被加密。
Still, being able to capture data packets in realtime is an important utility for a penetration tester.
Nmap is the first tool you will come across when you begin your career as a penetration tester. It is a fantastic network scanning tool that can give you detailed information about a target. This includes open ports, services, and the operating system running on the victim’s computer.
Nmap是您作为渗透测试员开始职业时会遇到的第一个工具。 这是一个了不起的网络扫描工具,可以为您提供有关目标的详细信息。 这包括打开的端口,服务以及在受害者计算机上运行的操作系统。
Nmap is popular among penetration testers for many reasons. It is simple, flexible, and extensible. It offers a simple command-line interface where you can add a few flags to choose different types of scans.
Nmap在渗透测试人员中很受欢迎,原因有很多。 它简单,灵活且可扩展。 它提供了一个简单的命令行界面,您可以在其中添加一些标志来选择不同类型的扫描。
Nmap also offers simple ping scans all the way up to aggressive scans that provide detailed ports and service information.
Nmap also provides a GUI tool called Zenmap with added utilities. You can build visual network maps and choose scans via dropdowns. Zenmap is a great place to start playing with Nmap commands if you are a beginner.
Nmap还提供了一个名为Zenmap的GUI工具,其中添加了实用程序。 您可以构建可视网络图并通过下拉菜单选择扫描。 如果您是初学者,Zenmap是开始使用Nmap命令的好地方。
I recently wrote a detailed article on Nmap that you can read here.
我最近在Nmap上写了一篇详细的文章, 您可以在这里阅读。