实验环境：metasploitable

工具：httrack

目的：在渗透测试准备阶段对目标网站进行侦察，但是对目标网站嗅探多了容易引起目标服务器的某些安全机制的怀疑，于是防止自己的ip被目标服务器封了，就用到httrack将目标网站复制一份到本地（在目标侦察阶段尽量减少和目标服务器的交互）

举个栗子：

kali：192.168.217.132

msf：192.168.217.135

在命令行中：

root@quedgee:/# httrack

Welcome to HTTrack Website Copier (Offline Browser) 3.49-2
Copyright (C) 1998-2017 Xavier Roche and other contributors
To see the option list, enter a blank line or try httrack --help

Enter project name :dvwa

Base path (return=/root/websites/) :/root/dvwa

Enter URLs (separated by commas or blank spaces) :http://192.168.217.135/dvwa

Action:
(enter) 1   Mirror Web Site(s)
2   Mirror Web Site(s) with Wizard
3   Just Get Files Indicated
4   Mirror ALL links in URLs (Multiple Mirror)
5   Test Links In URLs (Bookmark Test)
0   Quit
: 2

Proxy (return=none) :

You can define wildcards, like: -*.gif +www.*.com/*.zip -*img_*.zip
Wildcards (return=none) :*

You can define additional options, such as recurse level (-r<number>), separated by blank spaces
To see the option list, type help
Additional options (return=none) :

---> Wizard command line: httrack http://192.168.217.135/dvwa -W -O "/root/dvwa/dvwa" -%v *

Ready to launch the mirror? (Y/n) :

WARNING! You are running this program as root!
It might be a good idea to run as a different user
Mirror launched on Sat, 17 Mar 2018 09:42:49 by HTTrack Website Copier/3.49-2 [XR&CO'2014]
mirroring http://192.168.217.135/dvwa * with the wizard help..

1先打开httrack

2给创建的文件起个名字（我这里就叫dvwa）

3然后输入project的路径（我这里是根目录下的dvwa /root/dvwa）

4选择各种模式，是1直接镜像，还是2向导来完成镜像，3还是仅仅克隆网站中的某种文件，4当前镜像下的所有的链接，5只测试在当前url下的链接，并不真正下载（我这里选择2）

5让你选择像.gif之类的文件要不要克隆进去（我这里*，即全部复制）

6可以选择一些参数选项

7是否开始