随心笔客

mitmproxy 是一个命令行下的强大抓包工具，可以在命令行下抓取 HTTP(S) 数据包并加以分析；对于 HTTPS 抓包，首先要在本地添加 mitmproxy 的根证书，然后 mitmproxy 通过以下方式进行抓包

自建内网可用 JRebel 激活服务器，主要采用 JrebelLicenseServerforJava，部署于服务器上的 Tomcat 中提供服务。

服务器地址，打开后有使用说明：http://niuniu.hicp.net/jrebel

Recently I wanted to start my standalone Java Application on Tomcat Startup. Also found so many other related questions on net. i.e.

• I need to run an application that can run automatically that when the Tomcat starts..? any suggestions…?
• how can I start my application by default on Tomcat server start/restart?
• Is it possible to edit Tomcat startup services?
• How to Start a service automatically when the Tomcat starts
  

The Web Server is a crucial part of web-based applications. Apache Web Server is often placed at the edge of the network hence it becomes one of the most vulnerable services to attack.

Having default configuration supply much sensitive information which may help hacker to prepare for an attack the Web server.

The majority of Web application attacks are through XSS, Info Leakage, Session Management and PHP Injection attacks which are due to weak programming code and failure to sanitize Web application infrastructure.