在扫描阶段，攻击者可能会利用路径遍历和跨站点脚本；在攻击阶段，黑客可能会利用SQL注入或远程文件包含进行攻击。

An attacker may use directory traversal and cross-site ccripting during a scan phase and then hit it with an SQL injection or an RFI in the exploit phase.

youdao

一种好做法是把要远程连接的所有主机包含在一个文件中。

A good practice is to have all the hosts you want to connect to remotely contained a file.

youdao

当要安全地连接远程系统时，首先打开包含 SSH 密钥的秘密部分的 PPK 文件。

When you want to connect securely to a remote system, first open the PPK file that contains the secret part of the SSH key.

youdao