Httrack

DVWA　

DVWA是用PHP+Mysql編寫的一套用於常規WEB漏洞教學和檢測的WEB脆弱性測試程序。包含了SQL注入、XSS、盲注等常見的一些安全漏洞。

能夠設置不一樣難度的演練模式，low，medium，hight，low模式下的漏洞較多而且容易發現。

Httrack

HTTrack Website Copier是一個免費並易於使用的線下瀏覽器工具,它可以讓你從互聯網上下載整個網站進行線下瀏覽。瀏覽線下站點和線上並無什麼不一樣。HTTrack一樣能夠進行線下線上站點同步,支持斷點續傳。使用Httrack能夠將一個網站拷貝下來，以此進行下線的探測發現，以此減小對目標網站的直接交互。Httrack的使用很簡單，只須要根據其嚮導按步驟進行就行了。

root@kali:~# httrack

Welcome to HTTrack Website Copier (Offline Browser) 3.48-21
Copyright (C) 1998-2015 Xavier Roche and other contributors
To see the option list, enter a blank line or try httrack --help

Enter project name :Dvwa
#工程名稱
Base path (return=/root/websites/) :/root/httrackWeb
#這是一個大的目錄，全部httrackcopy網將會根據域名或者ip分爲不一樣的小路徑
Enter URLs (separated by commas or blank spaces) :http:192.168.86.130/dvwa/
#要copy的網站地址
Action:
(enter) 1   Mirror Web Site(s)#直接鏡像
        2   Mirror Web Site(s) with Wizard#在嚮導指示下進行鏡像
        3   Just Get Files Indicated#得到特定文件的格式文件好比doc，pdf
        4   Mirror ALL links in URLs (Multiple Mirror)#驚醒當前url下的全部鏈接
        5   Test Links In URLs (Bookmark Test)#測試鏈接
        0   Quit

:2

Proxy (return=none) :
#代理地址
You can define wildcards, like: -*.gif +www.*.com/*.zip -*img_*.zip
Wildcards (return=none) :

You can define additional options, such as recurse level (-r<number>), separed by blank spaces
To see the option list, type help
Additional options (return=none) :

---> Wizard command line: httrack http:192.168.86.130/dvwa/ -W -O "/root/httrackWeb/Dvwa"  -%v  

Ready to launch the mirror? (Y/n) :y

WARNING! You are running this program as root!
It might be a good idea to run as a different user
Mirror launched on Sun, 31 Jul 2016 05:12:03 by HTTrack Website Copier/3.48-21 [XR&CO'2014]
mirroring http:192.168.86.130/dvwa/ with the wizard help..
Done.
Thanks for using HTTrack!
*