1.3 KiB
1.3 KiB
授权验证样例
LAB ONLY|AUTHORIZED TARGETS ONLY
以下命令仅用于自有资产、测试环境或已明确授权的目标。
HTTP 注入最小化验证
python3 /Users/x/websafe/01-sql-injection/tools/sqli-scanner.py \
-u "https://owned-lab.example.test/search?id=1"
XSS 上下文与回显验证
python3 /Users/x/websafe/02-xss/tools/xss-fuzzer.py \
-u "https://owned-lab.example.test/search?q=test"
TLS 与头部检查
python3 /Users/x/websafe/04-server-security/tls/tools/tls-scanner.py \
-u https://owned-lab.example.test
最小端口暴露验证
python3 /Users/x/websafe/04-server-security/scanning/tools/port-scanner.py \
-H owned-lab.example.test --top-ports 20
同 IP / 同证书关联分析
python3 /Users/x/websafe/04-server-security/infrastructure/tools/site-scope-mapper.py \
--target owned-lab.example.test --ack-authorized
手工检查 CSP / 响应头
curl -I https://owned-lab.example.test