###### tags: `1111` 第五次社課: === :::success 簽到: B093012033 王勤 M113140001 連昱婷 M113140003 林哲緯 M113140005 王歆硯 M113140010 羅子聘 M114020033 李庭瑋 B103021042 王翊瑋 B112040003 張景旭 B113040016 蔡俊驊 B102040045 曾新惟 B084012023 鄭鈺丞 B093040044 蔡明軒 M104810002 高佳瑋 ::: Discord: https://discord.gg/TBeQr8CB77 大家認領一下下面連線檔案 https://ppt.cc/f1MdIx ``` sudo apt install openvpn sudo openvpn --config 檔案.ovpn ``` # 測試 ``` nmap 10.8.0.2 nmap 10.8.0.4 -Pn -vv nmap 10.8.0.5 sudo nmap 10.8.0.6 -sN -Pn -p22 -vv ``` ## What is Web Peneatration Test Tools to use + Metasploit? + Cobalt Strike? + Cyber Kill Chain ## Web Vulnerabilities Study OWASP: https://owasp.org/ 1. Sensitive Data Exposure 3. Vulnerable Web Application 4. Security Misconfiguration 5. Known Vulnerabilities port 554 real time stream control protocol ## Useful Discovery Tools ### dirb 練習 ![](https://i.imgur.com/gMnpzfm.png) ![](https://i.imgur.com/SBBroRq.png) ### zap 安裝: sudo apt install zaproxy ### nmap target: 10.8.0.2:8081 ## Web Penatration ## Advanced Pentest Lab ## Other Resources