# Security - [Pentest](https://gitbook.toki.plus/security/pentest.md) - [Web渗透](https://gitbook.toki.plus/security/pentest/web-shen-tou.md) - [初识网安](https://gitbook.toki.plus/security/pentest/web-shen-tou/chu-shi-wang-an.md) - [Web 信息收集](https://gitbook.toki.plus/security/pentest/web-shen-tou/web-xin-xi-shou-ji.md) - [SQL 注入漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/sql-zhu-ru-lou-dong.md) - [文件包含漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/wen-jian-bao-han-lou-dong.md) - [文件上传漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/wen-jian-shang-chuan-lou-dong.md) - [XSS 漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/xss-lou-dong.md) - [CSRF 漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/csrf-lou-dong.md) - [SSRF 漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/ssrf-lou-dong.md) - [XXE 漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/xxe-lou-dong.md) - [CRE 漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/cre-lou-dong.md) - [反序列化漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/fan-xu-lie-hua-lou-dong.md) - [业务逻辑漏洞](https://gitbook.toki.plus/security/pentest/web-shen-tou/ye-wu-luo-ji-lou-dong.md) - [Payload 总结](https://gitbook.toki.plus/security/pentest/web-shen-tou/payload-zong-jie.md) - [渗透测试流程](https://gitbook.toki.plus/security/pentest/web-shen-tou/shen-tou-ce-shi-liu-cheng.md) - [内网渗透](https://gitbook.toki.plus/security/pentest/nei-wang-shen-tou.md) - [内网基础](https://gitbook.toki.plus/security/pentest/nei-wang-shen-tou/nei-wang-ji-chu.md) - [内网信息收集](https://gitbook.toki.plus/security/pentest/nei-wang-shen-tou/nei-wang-xin-xi-shou-ji.md) - [通信隧道](https://gitbook.toki.plus/security/pentest/nei-wang-shen-tou/tong-xin-sui-dao.md) - [权限提升](https://gitbook.toki.plus/security/pentest/nei-wang-shen-tou/quan-xian-ti-sheng.md) - [权限维持](https://gitbook.toki.plus/security/pentest/nei-wang-shen-tou/quan-xian-wei-chi.md) - [横向移动](https://gitbook.toki.plus/security/pentest/nei-wang-shen-tou/heng-xiang-yi-dong.md) - [清理痕迹](https://gitbook.toki.plus/security/pentest/nei-wang-shen-tou/qing-li-hen-ji.md) - [Database](https://gitbook.toki.plus/security/pentest/database.md) - [MySQL](https://gitbook.toki.plus/security/pentest/database/mysql.md) - [MySQL 思维导图](https://gitbook.toki.plus/security/pentest/database/mysql/mysql-si-wei-dao-tu.md) - [MsSQL](https://gitbook.toki.plus/security/pentest/database/mssql.md) - [MsSQL 学习](https://gitbook.toki.plus/security/pentest/database/mssql/mssql-xue-xi.md) - [Oracle](https://gitbook.toki.plus/security/pentest/database/oracle.md) - [Oracle 学习](https://gitbook.toki.plus/security/pentest/database/oracle/oracle-xue-xi.md) - [Redis](https://gitbook.toki.plus/security/pentest/database/redis.md) - [Redis 学习](https://gitbook.toki.plus/security/pentest/database/redis/redis-xue-xi.md) - [MongoDB](https://gitbook.toki.plus/security/pentest/database/mongodb.md) - [MongoDB 学习](https://gitbook.toki.plus/security/pentest/database/mongodb/mongodb-xue-xi.md) - [Middleware](https://gitbook.toki.plus/security/pentest/middleware.md) - [IIS](https://gitbook.toki.plus/security/pentest/middleware/iis.md) - [Apache](https://gitbook.toki.plus/security/pentest/middleware/apache.md) - [Nginx](https://gitbook.toki.plus/security/pentest/middleware/nginx.md) - [JBoss](https://gitbook.toki.plus/security/pentest/middleware/jboss.md) - [Tomcat](https://gitbook.toki.plus/security/pentest/middleware/tomcat.md) - [Weblogic](https://gitbook.toki.plus/security/pentest/middleware/weblogic.md) - [GlassFish](https://gitbook.toki.plus/security/pentest/middleware/glassfish.md) - [WebSphere](https://gitbook.toki.plus/security/pentest/middleware/websphere.md) - [Framework](https://gitbook.toki.plus/security/pentest/framework.md) - [Struts2](https://gitbook.toki.plus/security/pentest/framework/struts2.md) - [Thinkphp](https://gitbook.toki.plus/security/pentest/framework/thinkphp.md) - [Shiro](https://gitbook.toki.plus/security/pentest/framework/shiro.md) - [Spring](https://gitbook.toki.plus/security/pentest/framework/spring.md) - [Fastjson](https://gitbook.toki.plus/security/pentest/framework/fastjson.md) - [Tools Manual](https://gitbook.toki.plus/security/pentest/tools-manual.md) - [密码爆破](https://gitbook.toki.plus/security/pentest/tools-manual/mi-ma-bao-po.md) - [搜索语法](https://gitbook.toki.plus/security/pentest/tools-manual/sou-suo-yu-fa.md) - [Sqlmap](https://gitbook.toki.plus/security/pentest/tools-manual/sqlmap.md) - [Nmap](https://gitbook.toki.plus/security/pentest/tools-manual/nmap.md) - [Metasploit](https://gitbook.toki.plus/security/pentest/tools-manual/metasploit.md) - [Reverse](https://gitbook.toki.plus/security/reverse.md) - [Crypto](https://gitbook.toki.plus/security/crypto.md) - [Blockchain](https://gitbook.toki.plus/security/blockchain.md) - [区块链黑暗森林自救手册](https://gitbook.toki.plus/security/blockchain/qu-kuai-lian-hei-an-sen-lin-zi-jiu-shou-ce.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://gitbook.toki.plus/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.