{"id":5858,"date":"2024-04-09T22:20:21","date_gmt":"2024-04-09T14:20:21","guid":{"rendered":"https:\/\/aict.nkust.edu.tw\/digitrans\/?p=5858"},"modified":"2024-12-13T20:39:43","modified_gmt":"2024-12-13T12:39:43","slug":"6%e6%ac%be%e8%bc%83%e6%b5%81%e8%a1%8c%e7%9a%84%e9%96%8b%e6%ba%90%e6%bc%8f%e6%b4%9e%e6%8e%83%e6%8f%8f%e5%b7%a5%e5%85%b7%e6%8e%a8%e8%96%a6%e5%8f%8a%e7%89%b9%e9%bb%9e%e5%88%86%e6%9e%90","status":"publish","type":"post","link":"https:\/\/aict.nkust.edu.tw\/digitrans\/?p=5858","title":{"rendered":"6\u6b3e\u8f03\u6d41\u884c\u7684\u958b\u6e90\u6f0f\u6d1e\u6383\u63cf\u5de5\u5177\u63a8\u85a6\u53ca\u7279\u9ede\u5206\u6790"},"content":{"rendered":"\n<p>2024-04-09 | \u5b89\u5168\u725b<\/p>\n\n\n\n<p>\u672a\u4fee\u88dc\u7684\u6f0f\u6d1e\u662f\u7db2\u8def\u72af\u7f6a\u5206\u5b50\u6700\u5bb9\u6613\u653b\u64ca\u7684\u76ee\u6a19\u4e4b\u4e00\u3002\u4f01\u696d\u4e2d\u5f88\u591a\u7684\u8cc7\u6599\u5b89\u5168\u4e8b\u4ef6\u5f80\u5f80\u7531\u65bc\u5df2\u77e5\u7684\u6f0f\u6d1e\u9020\u6210\u7684\uff0c\u5118\u7ba1\u76f8\u95dc\u7684\u5b89\u5168\u88dc\u4e01\u5df2\u7d93\u767c\u5e03\uff0c\u4f46\u8a31\u591a\u4f01\u696d\u7531\u65bc\u7a2e\u7a2e\u539f\u56e0\u4e26\u4e0d\u80fd\u53ca\u6642\u767c\u73fe\u4e26\u4fee\u88dc\u9019\u4e9b\u6f0f\u6d1e\u3002<\/p>\n\n\n\n<p>\u7576\u7d44\u7e54\u60f3\u8981\u958b\u5c55\u5168\u9762\u4e14\u6301\u7e8c\u7684\u6f0f\u6d1e\u6383\u63cf\u5de5\u4f5c\u6642\uff0c\u901a\u5e38\u9700\u8981\u5f97\u5230\u5ee3\u6cdb\u7684\u5b89\u5168\u793e\u5340\u652f\u6301\u3002\u5728\u6b64\u904e\u7a0b\u4e2d\uff0c\u5b89\u5168\u4eba\u54e1\u53ef\u4ee5\u85c9\u52a9\u4e00\u4e9b\u7684\u6d41\u884c\u958b\u6e90\u6f0f\u6d1e\u6383\u63cf\u5de5\u5177\u3002\u7531\u65bc\u5b83\u5011\u5177\u6709\u958b\u653e\u6e90\u7a0b\u5f0f\u78bc\u7684\u7279\u6027\uff0c\u4f7f\u7528\u8005\u53ef\u4ee5\u81ea\u7531\u5730\u67e5\u770b\u3001\u4fee\u6539\u548c\u5b9a\u88fd\u9019\u4e9b\u5de5\u5177\uff0c\u4ee5\u6eff\u8db3\u81ea\u8eab\u7684\u5b89\u5168\u9700\u6c42\u3002\u6b64\u5916\uff0c\u9019\u4e9b\u5de5\u5177\u6703\u7d93\u5e38\u66f4\u65b0\u548c\u6539\u9032\u4ee5\u9069\u61c9\u4e0d\u65b7\u8b8a\u5316\u7684\u6f0f\u6d1e\u5a01\u8105\u3002\u672c\u6587\u6536\u96c6\u4e866\u6b3e\u76ee\u524d\u8f03\u71b1\u9580\u7684\u958b\u6e90\u6f0f\u6d1e\u6383\u63cf\u5de5\u5177\uff08\u8a73\u898b\u4e0b\u8868\uff09\uff0c\u4e26\u5f9e\u529f\u80fd\u6027\u3001\u517c\u5bb9\u6027\u548c\u53ef\u64f4\u5c55\u6027\u7b49\u65b9\u9762\u5c0d\u5176\u61c9\u7528\u7279\u9ede\u9032\u884c\u4e86\u5206\u6790\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/img5.vitomag.com\/83\/b9\/83b913660f2e8afef3854294ff9e56dbdcf465dc.jpg?w=640&#038;ssl=1\" alt=\"1\u3001Nmap\"\/><\/figure>\n\n\n\n<p><strong>1\u3001Nmap<\/strong><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/img5.vitomag.com\/65\/63\/6563fab27ed04fa182035267c6ac1369bf1530f6.jpg?w=640&#038;ssl=1\" alt=\"1\u3001Nmap\"\/><\/figure>\n<\/div>\n\n\n<p>Nmap\u662f\u4e00\u6b3e\u975e\u5e38\u6d41\u884c\u7684\u81ea\u52d5\u5316\u5b89\u5168\u6e2c\u8a66\u5de5\u5177\u3002\u5b83\u53ef\u4ee5\u5728\u5404\u7a2e\u4e3b\u6d41\u4f5c\u696d\u7cfb\u7d71\u4e0a\u904b\u884c\uff0c\u4e26\u5feb\u901f\u6383\u63cf\u5927\u578b\u7db2\u8def\u3002\u5b83\u901a\u5e38\u6703\u6aa2\u6e2c\u4ee5\u4e0b\u8cc7\u8a0a\uff1a\u7db2\u8def\u4e0a\u6709\u54ea\u4e9b\u4e3b\u6a5f\u53ef\u7528\uff0c\u4e3b\u6a5f\u5728\u904b\u884c\u4ec0\u9ebc\u670d\u52d9\uff0c\u4e3b\u6a5f\u5728\u904b\u884c\u54ea\u4e9b\u4f5c\u696d\u7cfb\u7d71\u7248\u672c\uff0c\u4f7f\u7528\u54ea\u7a2e\u985e\u578b\u7684\u8cc7\u6599\u5305\u904e\u6ffe\u5668\u548c\u9632\u706b\u7246\uff0c\u4ee5\u53ca\u767c\u52d5\u653b\u64ca\u4e4b\u524d\u9700\u8981\u7684\u5176\u4ed6\u6709\u7528\u60c5\u5831\u3002\u6b64\u5916\uff0cNmap\u7684\u8aaa\u660e\u6587\u4ef6\u4e5f\u5f88\u5168\u9762\uff0c\u9084\u6709\u91dd\u5c0d\u547d\u4ee4\u5217\u548cGUI\uff08\u5716\u5f62\u5316\u64cd\u4f5c\u754c\u9762\uff09\u7248\u672c\u7684\u773e\u591a\u6559\u7a0b\uff0c\u5f88\u5bb9\u6613\u4e0a\u624b\u3002<\/p>\n\n\n\n<p><strong>\u4e3b\u8981\u7279\u9ede<\/strong><\/p>\n\n\n\n<p>\u318d\u5feb\u901f\u67e5\u8a62\u958b\u653e\u57e0\uff0c\u57fa\u65bc\u53ef\u7528\u7684 TCP \u548c UDP \u670d\u52d9\u5206\u6790\u5354\u8b70\u3001\u61c9\u7528\u7a0b\u5e8f\u548c\u4f5c\u696d\u7cfb\u7d71\u3002<\/p>\n\n\n\n<p>\u318d\u64c1\u6709\u9f90\u5927\u7684\u6d3b\u8e8d\u4f7f\u7528\u8005\u7fa4\uff0c\u4e5f\u88ab\u5927\u591a\u6578\u7db2\u8def\u548c\u7db2\u8def\u5b89\u5168\u8a8d\u8b49\u8a08\u5283\u6240\u63a5\u53d7\u3002<\/p>\n\n\n\n<p>\u318d\u5c0d\u4f7f\u7528\u8005\u53cb\u597d\uff0c\u4f7f\u7528\u547d\u4ee4\u5217\u63a7\u5236\u5143\u4ef6\u81ea\u52d5\u57f7\u884c\u6f0f\u6d1e\u6383\u63cf\u6216\u5c07\u7d50\u679c\u532f\u51fa\u5230\u7968\u8b49\u7cfb\u7d71\u6216\u5b89\u5168\u5de5\u5177\u4e2d\u3002<\/p>\n\n\n\n<p>\u318d\u5305\u542b\u4e00\u500b\u4e0d\u65b7\u589e\u9577\u7684\u6aa2\u6e2c\u8173\u672c\u5eab\uff0c\u53ef\u7528\u65bc\u589e\u5f37\u7db2\u8def\u767c\u73fe\u548c\u6f0f\u6d1e\u8a55\u4f30\u7684\u529f\u80fd\u3002<\/p>\n\n\n\n<p>\u318d\u53ef\u57fa\u65bc\u5354\u8b70\u8acb\u6c42\u7684\u57e0\u97ff\u61c9\u9032\u884c\u6383\u63cf\uff0c\u9069\u7528\u65bc\u6240\u6709\u5177\u6709\u958b\u653e\u57e0\u7684\u8a08\u7b97\u6a5f\u3001\u7269\u806f\u7db2\u8a2d\u5099\u3001\u7db2\u7ad9\u3001\u96f2\u7cfb\u7d71\u548c\u7db2\u8def\u8a2d\u5099\u3002<\/p>\n\n\n\n<p><strong>\u4e0d\u8db3<\/strong><\/p>\n\n\n\n<p>\u318d\u6c92\u6709\u6b63\u5f0f\u7684\u5ba2\u6236\u652f\u6301\u9078\u9805<\/p>\n\n\n\n<p>\u318d\u4f7f\u7528\u6642\u9700\u8981\u4e00\u5b9a\u7684\u7d93\u9a57\u6216\u7a0b\u5f0f\u8a2d\u8a08\u80fd\u529b<\/p>\n\n\n\n<p>\u318d\u4e26\u975e\u6240\u6709\u9078\u9805\u5728 GUI \u7248\u672c\u4e2d\u90fd\u53ef\u7528<\/p>\n\n\n\n<p><strong>2\u3001OpenVAS<\/strong><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter is-resized\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/img5.vitomag.com\/70\/29\/7029f987ecb2f423e8171e320d11b63a94046757.jpg?w=640&#038;ssl=1\" alt=\"2\u3001OpenVAS\" style=\"width:421px;height:auto\"\/><\/figure>\n<\/div>\n\n\n<p>OpenVAS\u662f\u4e00\u500b\u8f03\u5168\u9762\u7684\u958b\u6e90\u6ef2\u900f\u6e2c\u8a66\u8edf\u9ad4\u3002\u5728\u4e16\u754c\u5404\u5730\u7684\u6ef2\u900f\u6e2c\u8a66\u5c08\u5bb6\u7684\u5e6b\u52a9\u4e0b\uff0c\u5b83\u5f97\u5230\u4e86\u4e0d\u65b7\u7684\u652f\u6301\u548c\u66f4\u65b0\uff0c\u5f9e\u800c\u4f7f\u5176\u4fdd\u6301\u6700\u65b0\u72c0\u614b\u3002OpenVAS\u7684\u5176\u4ed6\u7279\u6027\u9084\u5305\u62ec\u63d0\u4f9b\u672a\u7d93\u8eab\u4efd\u9a57\u8b49\u7684\u6e2c\u8a66\u3001\u76ee\u6a19\u6383\u63cf\u548cweb\u6f0f\u6d1e\u6383\u63cf\u3002\u9700\u8981\u8aaa\u660e\u7684\u662f\uff0cOpenVAS\u5de5\u5177\u7684\u6f0f\u6d1e\u6383\u63cf\u80fd\u529b\u6700\u521d\u662f\u5f9eNessus\u7522\u54c1\u6d3e\u751f\u800c\u4f86\uff0c\u5f8c\u8005\u73fe\u5728\u662fTenable\u516c\u53f8\u7684\u975e\u958b\u6e90\u5546\u696d\u5316\u7522\u54c1\u3002<\/p>\n\n\n\n<p><strong>\u4e3b\u8981\u7279\u9ede<\/strong><\/p>\n\n\n\n<p>\u318d\u5e7e\u4e4e\u6bcf\u5929\u90fd\u6703\u66f4\u65b0\u5a01\u8105\u8cc7\u8a0a\u6e90\uff0c\u4e26\u5b9a\u671f\u63d0\u4f9b\u7522\u54c1\u66f4\u65b0\u548c\u529f\u80fd\u66f4\u65b0\u3002<\/p>\n\n\n\n<p>\u318d\u514d\u8cbb\u7248\u672c\u7684\u529f\u80fd\u5c31\u975e\u5e38\u5168\u9762\uff0c\u4e26\u5728\u4f01\u696d\u7248\u672c\u4e2d\u63d0\u4f9b\u66f4\u591a\u529f\u80fd\u548c\u7279\u6027\uff0c\u540c\u6642\u63d0\u4f9b\u5ba2\u6236\u652f\u6301\u3002<\/p>\n\n\n\n<p>\u318d\u80fd\u5920\u5c0d\u7d42\u7aef\u3001\u4f3a\u670d\u5668\u548c\u96f2\u7b49\u591a\u7a2e\u7cfb\u7d71\u9032\u884c\u5e38\u898b\u6f0f\u6d1e\u548c\u66dd\u5149\uff08CVE\uff09\u7684\u6383\u63cf\u3002<\/p>\n\n\n\n<p>\u318d\u7522\u54c1\u5f97\u5230\u4e3b\u6d41\u7db2\u8def\u5b89\u5168\u793e\u5340\u7684\u652f\u6301\uff0c\u80fd\u5920\u5728\u8a31\u591a\u4e0d\u540c\u7684\u8a8d\u8b49\u8ab2\u7a0b\u4e2d\u6559\u6388\u3002<\/p>\n\n\n\n<p>\u318d\u53ef\u4ee5\u70ba\u6bcf\u500b\u6f0f\u6d1e\u63d0\u4f9b\u984d\u5916\u7684\u4e0a\u4e0b\u6587\u8cc7\u8a0a\uff0c\u7528\u65bc\u6f0f\u6d1e\u4fee\u5fa9\u6216\u653b\u64ca\u8def\u5f91\u89e3\u91cb\u3002<\/p>\n\n\n\n<p><strong>\u4e0d\u8db3<\/strong><\/p>\n\n\n\n<p>\u318d\u5c0d\u65bc\u521d\u5b78\u8005\u4f86\u8aaa\u5c08\u696d\u9580\u6abb\u8f03\u9ad8<\/p>\n\n\n\n<p>\u318d\u5728\u540c\u6642\u9032\u884c\u591a\u500b\u6383\u63cf\u4efb\u52d9\u6642\uff0c\u53ef\u80fd\u6703\u5c0e\u81f4\u7a0b\u5e8f\u5d29\u6f70<\/p>\n\n\n\n<p>\u318d\u4e00\u4e9b\u9ad8\u7d1a\u6383\u63cf\u529f\u80fd\u9700\u8981\u4f7f\u7528\u4ed8\u8cbb\u7248\u672c<\/p>\n\n\n\n<p><strong>3\u3001ZAP<\/strong><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter is-resized\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/img5.vitomag.com\/d4\/2d\/d42d690d432ffa3d979661aa2d5b92f7702a010c.jpg?w=640&#038;ssl=1\" alt=\"3\u3001ZAP\" style=\"width:420px;height:auto\"\/><\/figure>\n<\/div>\n\n\n<p>Zed Attack Proxy (ZAP)\u662f\u4e00\u6b3e\u4f7f\u7528\u8005\u53cb\u597d\u7684\u6ef2\u900f\u6e2c\u8a66\u5de5\u5177\uff0c\u80fd\u627e\u51fa\u7db2\u8def\u61c9\u7528\u4e2d\u7684\u6f0f\u6d1e\u3002\u5b83\u4e0d\u50c5\u63d0\u4f9b\u81ea\u52d5\u5316\u6383\u63cf\u5668\uff0c\u4e5f\u70ba\u60f3\u8981\u624b\u52d5\u67e5\u627e\u6f0f\u6d1e\u7684\u4f7f\u7528\u8005\u63d0\u4f9b\u4e86\u4e00\u5957\u5de5\u5177\u3002ZAP\u901a\u5e38\u9810\u88dd\u5728Kali Linux\u4e0a\uff0c\u5b83\u80fd\u5920\u5c07\u81ea\u8eab\u7f6e\u65bc\u6e2c\u8a66\u4eba\u54e1\u7684\u700f\u89bd\u5668\u548cWeb\u61c9\u7528\u7a0b\u5e8f\u4e4b\u9593\uff0c\u6514\u622a\u8acb\u6c42\u4ee5\u5145\u7576\u201d\u4ee3\u7406\u201d\u3002\u901a\u904e\u4fee\u6539\u5167\u5bb9\u3001\u8f49\u767c\u8cc7\u6599\u5305\u548c\u6a21\u64ec\u5176\u4ed6\u4f7f\u7528\u8005\u884c\u70ba\uff0cZAP\u4e5f\u53ef\u4ee5\u5c0d\u61c9\u7528\u7a0b\u5e8f\u9032\u884c\u6f0f\u6d1e\u6383\u63cf\u6e2c\u8a66\u3002<\/p>\n\n\n\n<p><strong>\u4e3b\u8981\u7279\u9ede<\/strong><\/p>\n\n\n\n<p>\u318d\u53ef\u57f7\u884c\u5e38\u898b\u7684\u52d5\u614b\u61c9\u7528\u7a0b\u5e8f\u5b89\u5168\u6e2c\u8a66 \uff08DAST\uff09\uff0c\u7279\u5225\u662f\u91dd\u5c0d\u8de8\u7ad9\u9ede\u8173\u672c \uff08XSS\uff09 \u6f0f\u6d1e\uff0c\u9084\u80fd\u5920\u57f7\u884c\u4e00\u4e9b\u65b0\u578b\u7684\u6e2c\u8a66\u5de5\u4f5c\uff0c\u4f8b\u5982\u6a21\u7cca\u6e2c\u8a66\uff1b<\/p>\n\n\n\n<p>\u318d\u53ef\u63d0\u4f9b API \u548c docker \u96c6\u6210\u4ee5\u5be6\u73fe\u5feb\u901f\u90e8\u7f72\uff0c\u4e26\u8207 DevSecOp \u5de5\u5177\u96c6\u6210\uff0c\u5be6\u73fe\u5c0d\u958b\u767c\u5718\u968a\u7684\u81ea\u52d5\u5316\u5de5\u55ae\u7ba1\u7406\uff1b<\/p>\n\n\n\n<p>\u318d\u901a\u904eCrash Override\u958b\u6e90\u734e\u5b78\u91d1\u7684\u652f\u6301\uff0cZAP\u64c1\u6709\u591a\u540d\u5168\u8077\u958b\u767c\u4eba\u54e1\uff0c\u4e0d\u518d\u8207OWASP\u6709\u95dc\u806f\uff1b<\/p>\n\n\n\n<p>\u318d\u7d93\u5e38\u88ab\u6ef2\u900f\u6e2c\u8a66\u4eba\u54e1\u4f7f\u7528\uff0c\u53ef\u4ee5\u5f88\u597d\u5730\u4e86\u89e3\u99ed\u5ba2\u53ef\u80fd\u767c\u73fe\u7684\u6f0f\u6d1e\u3002<\/p>\n\n\n\n<p><strong>\u4e0d\u8db3<\/strong><\/p>\n\n\n\n<p>\u318d\u67d0\u4e9b\u6383\u63cf\u529f\u80fd\u9700\u8981\u984d\u5916\u7684\u5916\u639b<\/p>\n\n\n\n<p>\u318d\u9700\u8981\u4e00\u4e9b\u5c08\u696d\u77e5\u8b58\u624d\u80fd\u4f7f\u7528<\/p>\n\n\n\n<p>\u318d\u76f8\u6bd4\u5176\u4ed6\u5de5\u5177\uff0c\u8aa4\u5831\u7387\u8f03\u9ad8<\/p>\n\n\n\n<p><strong>4\u3001OSV-Scanner<\/strong><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter is-resized\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/img5.vitomag.com\/93\/cf\/93cfa32d4dd5fe1b5c4c78f9ca3169939a259e23.jpg?w=640&#038;ssl=1\" alt=\"4\u3001OSV-Scanner\" style=\"width:627px;height:auto\"\/><\/figure>\n<\/div>\n\n\n<p>OSV-Scanner\u662f\u4e00\u6b3e\u7531Google\u516c\u53f8\u958b\u767c\u7684\u958b\u6e90\u6f0f\u6d1e\u6383\u63cf\u5de5\u5177\uff0c\u63d0\u4f9b\u5c08\u9580\u7684\u8edf\u9ad4\u7d44\u6210\u5206\u6790\uff08SCA\uff09\uff0c\u53ef\u7528\u65bc\u6383\u63cf\u975c\u614b\u8edf\u9ad4\uff0c\u4ee5\u78ba\u4fdd\u958b\u6e90\u8edf\u9ad4\u7684\u7a0b\u5f0f\u8a2d\u8a08\u7a0b\u5f0f\u78bc\u5b89\u5168\u6f0f\u6d1e\uff0c\u4e26\u4fdd\u8b77\u958b\u6e90\u8edf\u9ad4\u6e05\u55ae\uff08SBOM\uff09\u3002\u5728\u6383\u63cf\u9805\u76ee\u6642\uff0cOSV-Scanner \u9996\u5148\u901a\u904e\u5206\u6790\u6e05\u55ae\u3001\u8edf\u9ad4\u6750\u6599\u6e05\u55ae\uff08SBOM\uff09\u548c\u7a0b\u5f0f\u78bc\u63d0\u4ea4\u54c8\u5e0c\u503c\u4f86\u78ba\u5b9a\u6b63\u5728\u4f7f\u7528\u7684\u6240\u6709\u4f9d\u8cf4\u9805\u3002\u9019\u4e9b\u8cc7\u8a0a\u7528\u65bc\u67e5\u8a62 OSV \u8cc7\u6599\u5eab\uff0c\u4e26\u5831\u544a\u8207\u9805\u76ee\u76f8\u95dc\u7684\u6f0f\u6d1e\u3002\u6f0f\u6d1e\u901a\u904e\u8868\u683c\u7684\u5f62\u5f0f\u6216\u57fa\u65bc JSON \u7684 OSV \u683c\u5f0f\uff08\u53ef\u9078\uff09\u9032\u884c\u5831\u544a\u3002<\/p>\n\n\n\n<p><strong>\u4e3b\u8981\u7279\u9ede<\/strong><\/p>\n\n\n\n<p>\u318d\u80fd\u5920\u5b9a\u671f\u64f4\u5c55\u652f\u6301\u7684\u7a0b\u5f0f\u8a9e\u8a00\u5217\u8868\uff0c\u5305\u62ecC\/C++\u3001Dart\u3001Elixir\u3001Go\u3001Java\u3001JavaScript\u3001PHP\u3001Python\u3001R\u3001Ruby\u548cRust\u3002<\/p>\n\n\n\n<p>\u318d\u53ef\u4ee5\u5f9e\u5927\u91cf\u8cc7\u8a0a\u6e90\u4e2d\u7372\u53d6\u6f0f\u6d1e\uff0c\u5305\u62ecDebian\u3001Linux\u3001Maven\u3001npm\u3001NuGet\u3001OSS-Fuzz\u3001Packagist\u3001PyPl\u548cRubyGems\u3002<\/p>\n\n\n\n<p>\u318d\u5141\u8a31API\u3001\u53ef\u8173\u672c\u5316\u548c\u8207GitHub\u96c6\u6210\u7684\u8abf\u7528\uff0c\u4ee5\u5be6\u73fe\u6f0f\u6d1e\u6383\u63cf\u81ea\u52d5\u5316\u3002<\/p>\n\n\n\n<p>\u318d\u4f7f\u7528JSON\u5132\u5b58\u6709\u95dc\u53d7\u5f71\u97ff\u7248\u672c\u7684\u8cc7\u8a0a\uff0c\u4ee5\u4fbf\u8207\u958b\u767c\u4eba\u54e1\u5de5\u5177\u5305\u9032\u884c\u96c6\u6210\u3002<\/p>\n\n\n\n<p>\u318d\u6aa2\u67e5\u76ee\u9304\u3001\u8edf\u9ad4\u6e05\u55ae\uff08SBOM\uff09\u3001\u9396\u5b9a\u6a94\u6848\u3001\u57fa\u65bcDebian\u7684Docker\u6620\u8c61\u6216\u5728Docker\u5bb9\u5668\u4e2d\u904b\u884c\u7684\u8edf\u9ad4\u3002<\/p>\n\n\n\n<p><strong>\u4e0d\u8db3<\/strong><\/p>\n\n\n\n<p>\u318d\u53ea\u6aa2\u67e5\u958b\u6e90\u5eab\u4e2d\u6709\u7684\u6f0f\u6d1e<\/p>\n\n\n\n<p>\u318d\u7522\u54c1\u8f03\u65b0\uff0c\u5c1a\u672a\u88ab\u7d0d\u5165\u5230\u4e3b\u6d41\u7684\u8a8d\u8b49\u6559\u80b2\u4e2d<\/p>\n\n\n\n<p><strong>5\u3001CloudSploit<\/strong><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter is-resized\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/img5.vitomag.com\/18\/0a\/180a62350cc240c66b1a2d4761dc9c63da11c87b.jpg?w=640&#038;ssl=1\" alt=\"5\u3001CloudSploit\" style=\"width:443px;height:auto\"\/><\/figure>\n<\/div>\n\n\n<p>CloudSploit\u662f\u4e00\u6b3e\u958b\u6e90\u7684\u96f2\u57fa\u790e\u8a2d\u65bd\u6383\u63cf\u5f15\u64ce\uff0c\u76ee\u524d\u88abAqua\u516c\u53f8\u6536\u8cfc\u4f75\u7e7c\u7e8c\u5c0d\u5176\u9032\u884c\u7dad\u8b77\uff0c\u4ee5\u4f7f\u4f7f\u7528\u8005\u80fd\u5920\u4e0b\u8f09\u3001\u4fee\u6539\u4e26\u4eab\u53d7\u9019\u500b\u5c08\u696d\u5de5\u5177\u7684\u597d\u8655\u3002CloudSploit\u53ef\u4ee5\u6839\u64da\u4f7f\u7528\u8005\u9700\u6c42\u9032\u884c\u6383\u63cf\uff0c\u4e5f\u53ef\u4ee5\u914d\u7f6e\u70ba\u6301\u7e8c\u904b\u884c\uff0c\u4e26\u5411\u5b89\u5168\u548cDevOps\u5718\u968a\u767c\u9001\u6f0f\u6d1e\u8b66\u5831\u3002\u8a72\u5de5\u5177\u4e0d\u50c5\u6aa2\u67e5\u5df2\u77e5\u7684\u96f2\u548c\u5bb9\u5668\u90e8\u7f72\u6f0f\u6d1e\uff0c\u9084\u80fd\u5920\u6aa2\u67e5\u5e38\u898b\u7684\u914d\u7f6e\u932f\u8aa4\u554f\u984c\u3002<\/p>\n\n\n\n<p><strong>\u4e3b\u8981\u7279\u9ede<\/strong><\/p>\n\n\n\n<p>\u318d\u53ef\u6301\u7e8c\u6383\u63cfAWS\u3001Azure\u3001Google Cloud\u3001Oracle Cloud\u7b49\u74b0\u5883\uff0c\u4ee5\u4fbf\u5c0d\u96f2\u57fa\u790e\u8a2d\u65bd\u7684\u66f4\u6539\u9032\u884c\u8b66\u5831\u3002<\/p>\n\n\n\n<p>\u318d\u901a\u904e\u5b89\u5168\u4eba\u54e1\u5e38\u7528\u7684\u5de5\u5177\uff08\u5982Slack\u3001Splunk\u3001OpsGenie\u3001Amazon SNS\u7b49\uff09\u767c\u9001\u5be6\u6642\u8b66\u5831\u548c\u7d50\u679c\u3002<\/p>\n\n\n\n<p>\u318d\u53ef\u5f9e\u547d\u4ee4\u5217\u3001\u8173\u672c\u6216\u69cb\u5efa\u7cfb\u7d71\uff08Jenkins\u3001CircleCL\u3001AWS CodeBuild \u7b49\uff09\u8abf\u7528 API\u3002<\/p>\n\n\n\n<p>\u318d\u63d0\u4f9b\u4e86\u5ee3\u6cdb\u7684\u96f2\u652f\u6301\uff0c\u5305\u62ec\u91dd\u5c0d\u4e3b\u8981\u516c\u5171\u96f2\u5e73\u81fa\uff08\u963f\u91cc\u96f2\u3001AWS\u3001Azure\u3001Google Cloud \u7b49\uff09\u7684\u5916\u639b\u56b4\u91cd\u7a0b\u5ea6\u3002<\/p>\n\n\n\n<p><strong>\u4e0d\u8db3<\/strong><\/p>\n\n\n\n<p>\u318d\u67d0\u4e9b\u529f\u80fd\u9700\u8981\u4ed8\u8cbb\u4f7f\u7528<\/p>\n\n\n\n<p>\u318d\u5fc5\u9808\u8207\u5176\u4ed6\u5b89\u5168\u5de5\u5177\u4e00\u8d77\u4f7f\u7528<\/p>\n\n\n\n<p>\u318d\u5c08\u6ce8\u65bc\u516c\u6709\u4e91\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u6027<\/p>\n\n\n\n<p><strong>6\u3001sqlmap<\/strong><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter is-resized\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/img5.vitomag.com\/c9\/a5\/c9a59c82ed86128cb260c6e3d647900863ebc4f1.jpg?w=640&#038;ssl=1\" alt=\"6\u3001sqlmap\" style=\"width:452px;height:auto\"\/><\/figure>\n<\/div>\n\n\n<p>sqlmap\u662f\u4e00\u6b3e\u5c08\u6ce8\u4f46\u529f\u80fd\u5f37\u5927\u7684\u514d\u8cbb\u8cc7\u6599\u5eab\u6f0f\u6d1e\u6383\u63cf\u5de5\u5177\u3002\u5118\u7ba1\u5176\u9069\u7528\u7bc4\u570d\u6709\u9650\uff0c\u4f46\u5728\u4e00\u4e9b\u9700\u8981\u9032\u884c\u56b4\u683c\u5408\u898f\u548c\u5b89\u5168\u6e2c\u8a66\u7684\u6578\u5b57\u5316\u696d\u52d9\u5834\u666f\u4e2d\uff0c\u8cc7\u6599\u5eab\u6f0f\u6d1e\u6e2c\u8a66\u5f80\u5f80\u662f\u81f3\u95dc\u91cd\u8981\u7684\u7d44\u6210\u90e8\u5206\u3002SQLmap\u80fd\u5920\u81ea\u52d5\u5316\u67e5\u627e\u8207SQL\u96b1\u78bc\u653b\u64ca\u76f8\u95dc\u7684\u5a01\u8105\u548c\u653b\u64ca\u7684\u904e\u7a0b\u3002\u76f8\u6bd4\u5176\u4ed6\u7684web\u61c9\u7528\u7a0b\u5e8f\u6ef2\u900f\u6e2c\u8a66\u5de5\u5177\uff0cSQLmap\u5177\u6709\u8f03\u5f37\u5927\u7684\u6e2c\u8a66\u5f15\u64ce\u548c\u591a\u7a2e\u6ce8\u5165\u653b\u64ca\u8b58\u5225\u80fd\u529b\uff0c\u4e26\u652f\u6301\u591a\u7a2e\u8cc7\u6599\u5eab\u4f3a\u670d\u5668\uff0c\u5982MySQL\u3001Microsoft Access\u3001IBM DB2\u548cSQLite\u3002<\/p>\n\n\n\n<p><strong>\u4e3b\u8981\u7279\u9ede<\/strong><\/p>\n\n\n\n<p>\u318d\u53ef\u901a\u904eDBMS\u6191\u64da\u3001IP\u5730\u5740\u3001\u57e0\u548c\u8cc7\u6599\u5eab\u540d\u7a31\u76f4\u63a5\u9023\u63a5\u5230\u8cc7\u6599\u5eab\u9032\u884c\u6f0f\u6d1e\u6383\u63cf\u6e2c\u8a66\u3002<\/p>\n\n\n\n<p>\u318d\u652f\u6301\u53ef\u8abf\u7528\u7684\uff08\u7a0b\u5f0f\u78bc\u6216GitHub\uff09\u96c6\u6210\uff0c\u53ef\u57f7\u884c\u4efb\u610f\u547d\u4ee4\uff0c\u6aa2\u7d22\u6a19\u6e96\u8f38\u51fa\u4e26\u751f\u6210\u5831\u544a\u3002<\/p>\n\n\n\n<p>\u318d\u53ef\u6383\u63cf\u591a\u7a2e\u985e\u578b\u7684SQL\u96b1\u78bc\u653b\u64ca\uff0c\u5305\u62ec\uff1a\u57fa\u65bc\u5e03\u723e\u7684\u76f2\u6ce8\u3001\u57fa\u65bc\u6642\u9593\u7684\u76f2\u6ce8\u3001\u57fa\u65bc\u932f\u8aa4\u7684\u6ce8\u5165\u3001\u57fa\u65bcUNION\u67e5\u8a62\u7684\u6ce8\u5165\u3001\u5806\u758a\u67e5\u8a62\u548c\u5e36\u5916\u6ce8\u5165\u7b49\u3002<\/p>\n\n\n\n<p>\u318d\u81ea\u52d5\u8b58\u5225\u548c\u4f7f\u7528\u5bc6\u78bc\u54c8\u5e0c\u9032\u884c\u5177\u6709\u8a31\u53ef\u8a2a\u554f\u8a31\u53ef\u6b0a\u7684\u6e2c\u8a66\uff0c\u9084\u53ef\u4ee5\u9032\u884c\u5bc6\u78bc\u7834\u89e3\u3002<\/p>\n\n\n\n<p>\u318d\u652f\u6301\u8d85\u904e30\u500b\u8cc7\u6599\u5eab\u7ba1\u7406\u7cfb\u7d71\u3002<\/p>\n\n\n\n<p><strong>\u4e0d\u8db3<\/strong><\/p>\n\n\n\n<p>\u318d\u6c92\u6709\u5716\u5f62\u4f7f\u7528\u8005\u754c\u9762\uff0c\u9700\u8981\u901a\u904e\u547d\u4ee4\u5217<\/p>\n\n\n\n<p>\u318d\u53ea\u91dd\u5c0d\u8cc7\u6599\u5eab\u4e2d\u7684\u6f0f\u6d1e<\/p>\n\n\n\n<p>\u318d\u9700\u8981\u4e00\u5b9a\u7684\u8cc7\u6599\u5eab\u5c08\u696d\u77e5\u8b58\u624d\u80fd\u6709\u6548\u4f7f\u7528<\/p>\n\n\n\n<p>\u8cc7\u6599\u4f86\u6e90:<a href=\"https:\/\/vitomag.com\/code\/d0vr1\" data-type=\"link\" data-id=\"https:\/\/vitomag.com\/code\/d0vr1\">https:\/\/vitomag.com\/code\/d0vr1<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>2024-04-09 | \u5b89\u5168\u725b \u672a\u4fee\u88dc\u7684\u6f0f\u6d1e\u662f\u7db2\u8def\u72af\u7f6a\u5206\u5b50\u6700\u5bb9\u6613\u653b\u64ca\u7684\u76ee\u6a19\u4e4b\u4e00\u3002\u4f01\u696d\u4e2d\u5f88\u591a\u7684\u8cc7\u6599\u5b89\u5168\u4e8b\u4ef6\u5f80\u5f80\u7531\u65bc\u5df2\u77e5\u7684\u6f0f\u6d1e\u9020\u6210\u7684\uff0c\u5118\u7ba1\u76f8\u95dc\u7684\u5b89\u5168\u88dc\u4e01\u5df2\u7d93\u767c\u5e03\uff0c\u4f46\u8a31\u591a\u4f01\u696d\u7531\u65bc\u7a2e\u7a2e\u539f&hellip;<\/p>\n","protected":false},"author":4,"featured_media":5859,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[579,4],"tags":[204],"class_list":["post-5858","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-579","category-industry-news","tag-204"],"gutentor_comment":0,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/aict.nkust.edu.tw\/digitrans\/wp-content\/uploads\/2024\/05\/b2b678a1bead43f63d426c59baacf24ee898e2a8.jpg?fit=1080%2C608&ssl=1","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/posts\/5858","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5858"}],"version-history":[{"count":1,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/posts\/5858\/revisions"}],"predecessor-version":[{"id":5860,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/posts\/5858\/revisions\/5860"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/media\/5859"}],"wp:attachment":[{"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5858"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5858"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5858"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}