现在说到安全,web渗透测试的攻击面和攻击角度会和以前的静态web有很大的不同。以前只是针对web服务器,现在是为了发现应用本身代码中的一些漏洞。目前的web攻击类型有数百种,本课程重点介绍其中的典型。当前的 Web 极其复杂,而且其范围还在不断扩大。它的难度和复杂性没有二进制和逆向工程那么复杂,但是涵盖的东西却很多。因此,如果你想非常全面和成熟地掌握Web,并不像学习二进制那么难。 .
(Now when it comes to security, the attack surface and attack angle of web penetration testing will be very different from the previous static web. In the past, it was only for web servers, but now it is to find some loopholes in the code of the application itself. There are hundreds of types of web attacks, and this course focuses on typical ones. Today's Web is incredibly complex, and its scope continues to grow. It's less difficult and complex than binary and reverse engineering, but covers a lot. Therefore, if you want to master the Web very comprehensively and maturely, it is not as difficult as learning binary. .)