| 【云攻防系列】从攻击者视角聊聊K8S集群安全(上) | https://www.secpulse.com/archives/185847.html |
| 为什么传统的验证码不再安全 | https://www.freebuf.com/articles/neopoints/342399.html |
| 短播客是播客的未来吗? | https://sspai.com/post/75269 |
| 未更新固件,超八万台海康威视摄像机可能被利用 | https://www.freebuf.com/news/342613.html |
| 实战| 一次web登录通杀渗透测试 | http://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247575151&idx=1&sn=82592efd750c7ef197dbc27803902e95&chksm=ebebef42dc9c6654ec63cd2ced460c232b789d62f7181474dedac9c42f77e2b6abb896f92b28#rd |
| 一种新的Tomcat内存马 - Upgrade内存马 | https://tttang.com/archive/1709/ |
| “电子安眠药”,年轻人该戒了 | https://www.woshipm.com/it/5573589.html |
| B端产品经理如何掌握主动权,推荐你做好这三点 | https://www.woshipm.com/pmd/5573914.html |
| 双系统成为过去:Windows和Linux现在合二为一 | http://mp.weixin.qq.com/s?__biz=MzI4MDEwNzAzNg==&mid=2649458168&idx=1&sn=e06b83fd22a60ba1e3423fa06d920ea5&chksm=f3a2a48bc4d52d9d06e78283875f648c82eec752499757754f645275ebf63825a7aebe61bdf1#rd |
| Celer Network cBridge 跨链桥事故真相:BGP 劫持 | https://paper.seebug.org/1948/ |
| 恶意软件可绕过安卓13安全新特征 | https://www.4hou.com/posts/mXNr |
| 希腊天然气运营商遭到勒索软件攻击,数据泄露 | https://www.4hou.com/posts/q882 |
| XCon2022虽迟但到||开幕日官宣定档,创始人呆神向你发出参会邀请! | https://www.4hou.com/posts/xjj9 |
| 让我脱离旧管道中的沙箱 - CVE-2022-22715 Windows 脏管道 | http://whereisk0shl.top/post/break-me-out-of-sandbox-in-old-pipe-cve-2022-22715-windows-dirty-pipe |
| 希腊天然气运营商遭到勒索软件攻击,数据泄露 | http://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247548837&idx=3&sn=7a80c78e534592487217bd45bc986cbe&chksm=e915ef9fde626689e90db7d82215fc5254227e9e9a25ff9d64a11dd484eff5ce50cf35f2cc7c#rd |
| 恶意软件可绕过安卓13安全新特征 | http://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247548837&idx=2&sn=f3ed4cb459a296b4c604223be3ce2350&chksm=e915ef9fde6266890799e4a4d670466459e554a5695a8c1d3d47dadeb3649c3eff595b526869#rd |
| 派早报:抖音开始测试「发文助手」、沙特批准微软收购动视暴雪等 | https://sspai.com/post/75306 |
| 一种新的Tomcat内存马 - Upgrade内存马 | https://wiki.ioin.in/url/k4XV |
| 2021年,身份欺诈案例创下新记录 | https://www.freebuf.com/news/342245.html |
| 一种新的Tomcat内存马 - Upgrade内存马 | http://mp.weixin.qq.com/s?__biz=MzkxNDMxMTQyMg==&mid=2247493034&idx=1&sn=19da761e0945b563551d4187d174a194&chksm=c172f43bf6057d2d94affce2ed8e7c8c5f20ee5fbaa80f62ab0917851685e721eb74a5954fc6#rd |
| linux系统自动化应急响应工具 | http://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247490853&idx=1&sn=3634d926901d4533725ce673b3d5af5e&chksm=c175e08af602699c453b2782bace9176ddf0d61be57c27c85dd07faba55c8a4ef9b14f0f516c#rd |
| 蓝凌OA历史漏洞 | http://mp.weixin.qq.com/s?__biz=MzUzNDMyNjI3Mg==&mid=2247485512&idx=1&sn=07f6985b8c0181e171703ef15680e456&chksm=fa973527cde0bc31563ccfcb2a7822a74ea71cb8b3ecd600ade86f41c9f0f381f2b91173844e#rd |
| 洞见简报【2022/8/22】 | http://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247486091&idx=2&sn=b7b4d048ccc4a5b679de748a7ccaa91c&chksm=9bdf9aa9aca813bff3b38cb3edc5c4431a75b85ea6edbf0576a2528917c26b290228080a7255#rd |
| ISRC中秋众测,让你乐不思蜀 | http://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247486091&idx=1&sn=258321b4d752a443153f801db7a939a0&chksm=9bdf9aa9aca813bfe6f8fc27a798bf61fdde150c47017331b490b9d7f2f15d307f4832c468d4#rd |
| 零基础精通Java代码审计,这个终身学习的机会你确定不要? | http://mp.weixin.qq.com/s?__biz=MzU1NjgzOTAyMg==&mid=2247502683&idx=1&sn=1fffc657e17fc76f86e75db9015f260f&chksm=fc3c725acb4bfb4c64898040da4e1a822c582e16cc2d88cd0ca5360f1ca0cadbcb8860e33509#rd |
| 漏洞挖掘典型场景和思路 | http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650548798&idx=4&sn=53cd784e8c0b37d0ddede3ddd9f9a8d6&chksm=83bd4fdab4cac6ccc5e4de109b74cb2fdc0123f4bfc2019188472c91ee3b27cf0da43d0962d2#rd |
| 记一次web登录通杀渗透测试 | http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650548798&idx=3&sn=095eff3dcc8718034b20df852179c0ad&chksm=83bd4fdab4cac6cc2417ab9cbbe4482e37baad36bdf98856139b1c50ec5216d43848991d61a7#rd |
| 亚马逊Ring安卓app漏洞可窃取个人信息 | http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650548798&idx=2&sn=a880c6a96a3d8aa11e5374c3b404fe56&chksm=83bd4fdab4cac6cce9e58684c2f97180fb70887ffcba8f88392bb139eb1067669d07ca398347#rd |
| 网络犯罪组织 TA558 针对酒店、宾馆和旅游机构展开攻击 | http://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652246179&idx=1&sn=76cfb9969d8786e137c2765d176b8d93&chksm=8cfa5348bb8dda5ea5cfd8a324c0b0fff66beca40f0a59fb160a0e2f1b61c8c821b58dd3a0bb#rd |
| 隐雾安全招生啦!!! | http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247493160&idx=2&sn=dc745e55c6d23121fdab08aeef150b87&chksm=c09a9578f7ed1c6e859f7519bb23703138c15d9fad0c1df405a777756209b450db8e8782dc3c#rd |
| 记一次简单的EDU通杀挖掘 | http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247493160&idx=1&sn=330be74cb79e5e812bbcfdfcbbd6010c&chksm=c09a9578f7ed1c6ec3fee88f2c632cff06e7278cda49c326dd691e4cbd720f6e13e561c18268#rd |
| 黑客大会:白帽黑客演示远程控制退役卫星 | http://mp.weixin.qq.com/s?__biz=Mzg5NzU1MzM5Mw==&mid=2247509204&idx=1&sn=9572dee0107bba5534f2fdb222373e4d&chksm=c072e24af7056b5c72b79f08eb97c4f91a9e3c183b1dc6665f68ac03559a477be4080603a4ce#rd |
| 挖到这个高危SSRF漏洞,小伙伴们都惊呆了! | http://mp.weixin.qq.com/s?__biz=Mzg2NDY1MDc2Mg==&mid=2247493898&idx=2&sn=ba563a14cbae07708845f85083f5d029&chksm=ce64ba6ff9133379fce6b6f0a1f73e49e61cff3478d10a48bb9b69467a261084a161e5d2e918#rd |
| 一次简单的渗透测试记录 | http://mp.weixin.qq.com/s?__biz=Mzg2NDY1MDc2Mg==&mid=2247493898&idx=1&sn=3c6cf97fac2d61e7624ba0ee8e2a01cd&chksm=ce64ba6ff91333794c57cfc7c73a1ada50a2ffb628b0230c46bafc6a807d59a71442a58b2ae3#rd |
| 安全一周(8 月 15 日 - 8 月 21 日) | https://www.malwarebytes.com/blog/news/2022/08/a-week-in-security-august-15-august-21 |
| 加密劫持者的数量和复杂程度都在增长 | https://www.malwarebytes.com/blog/news/2022/08/cryptojackers-are-growth-in-numbers-and-sophistication |
| CISA 希望您在 9 月 8 日之前修补这些被积极利用的漏洞 | https://www.malwarebytes.com/blog/news/2022/08/cisa-wants-you-to-patch-these-actively-exploited-vulnerabilities-before-september-8 |
| Reddit 用户众包显式图像和身份 | https://www.malwarebytes.com/blog/news/2022/08/reddit-users-crowdsourcing-explicit-images-and-identities |
| 犯罪分子使用伪造的逮捕令通过社会工程手段获取银行详细信息 | https://www.malwarebytes.com/blog/news/2022/08/criminals-socially-engineer-their-way-to-bank-details-with-fake-arrest-warrants |
| 攻防经验和能力如何沉淀到日常安全防护?| FreeBuf甲方社群直播回顾 | https://www.freebuf.com/articles/342569.html |
| 实战 | 记一次对某企业的一次内网渗透总结 | http://mp.weixin.qq.com/s?__biz=MzI5MDU1NDk2MA==&mid=2247507675&idx=1&sn=bb676876d60f2615e75dd7b5f74c4bcf&chksm=ec1c8be4db6b02f2b0d719c089ebc2fab0a72b89ff087503412d4e3b094a228272ae1116b06e#rd |
| 分享 | .NET cshtml特殊的全局文件利用场景 | http://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247486049&idx=1&sn=55c10828655695ec9e889df78eabcd07&chksm=fa5aa48ccd2d2d9a46d5bd40cf56f032efd373064b1798364b9e40bf92ab7df33c77e878353d#rd |
| 网络安全风险收敛与安全加固实战经验 | http://mp.weixin.qq.com/s?__biz=MzUxMzQ2NTM2Nw==&mid=2247488834&idx=1&sn=decd1c6a32e4ed0f0dcc13b61cddd9f5&chksm=f955983ace22112c74f4ecd5ff8ff6f6f01331bfa8af0cb30bca9a7ff601711fe8bb2b986738#rd |
| Go:负载均衡原理分析与源码解读 | http://mp.weixin.qq.com/s?__biz=MzAxMTA4Njc0OQ==&mid=2651453338&idx=1&sn=444269b428aab2b002e42b3dc1d7fd11&chksm=80bb2968b7cca07ed1ca028a23d997d71d36b33cd23d66c70de86e75e547c4ed01c4d968ab07#rd |
| 如何选择手机 | http://mp.weixin.qq.com/s?__biz=Mzg2NzUzNzk1Mw==&mid=2247493791&idx=2&sn=d74d7fc1a00fd15c9b027dd68f4abad4&chksm=ceb8add1f9cf24c7d917813b10d79ccd9427046819be9f1733fea497ab5d93be43cce6d4bacd#rd |
| Android中webview的安全风险 | http://mp.weixin.qq.com/s?__biz=Mzg2NzUzNzk1Mw==&mid=2247493791&idx=1&sn=5bd506302a4732b6800f4fd75c91f207&chksm=ceb8add1f9cf24c76ea87a883ba121ef3a7f401c1f9e5f0303d6913b55c1e736cf1ccaa093a2#rd |
| 处暑 | http://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247484978&idx=1&sn=37a8eb365bca680656a8af0a1052a84c&chksm=cf3e2602f849af140fd121a2bded74620439ee62865c693045c6d63f36b58389aa5adf3df162#rd |
| 敏感信息遍历工具 -- lazfinderu200b | http://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247503827&idx=2&sn=82a92e162979f60a6fdfd884a35dc61f&chksm=ebb520d0dcc2a9c667f3e7fd2e6a4592c548cfa41329c73216b0d05d28f6a415a7ba8d238297#rd |
| 零基础学黑客,该如何学习?附带教程 | http://mp.weixin.qq.com/s?__biz=Mzg2NDM2MTE5Mw==&mid=2247494867&idx=1&sn=f52d7be2a1fcd652a35f17b488f195f5&chksm=ce682355f91faa436d28dd02c1313d4b81ba58581226f0e5348961e549f82448d24486b1510d#rd |
| 白帽网安攻防实战+漏洞挖掘,3天入门! | http://mp.weixin.qq.com/s?__biz=Mzg4NTUwMzM1Ng==&mid=2247497692&idx=1&sn=467f8b0fa829d92d236559067bc476b8&chksm=cfa553cff8d2dad9b24ae6e2886ec95ff4cf7f3eb593b540c5967ded9f36913beb2294d46097#rd |
| 白帽网安攻防实战+漏洞挖掘 | http://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247503827&idx=1&sn=e93651e9c2962898938ea2c5c16aaa58&chksm=ebb520d0dcc2a9c6ff5ab9c3ccf713d2959c09bed0ac0cbd0dd56ace99e4ea33dbe8e850ef1c#rd |
| 记一次内部红蓝对抗 | http://mp.weixin.qq.com/s?__biz=Mzk0NjE0NDc5OQ==&mid=2247508443&idx=3&sn=659223aed35794760444600536fd89f1&chksm=c30872abf47ffbbdfef1e388cc31858f99e0650f67911a1260223f7d74616d34925bd59164af#rd |
| 集成各种漏洞组件的扫描器 | http://mp.weixin.qq.com/s?__biz=Mzk0NjE0NDc5OQ==&mid=2247508443&idx=2&sn=02ed5189e607b79a385626b406085f45&chksm=c30872abf47ffbbd722870630156658112697443b114d45c481dafe7c900add24e8ee14b0bf4#rd |
| 360首次公开网安工程师内训课程,速领! | http://mp.weixin.qq.com/s?__biz=Mzk0NjE0NDc5OQ==&mid=2247508443&idx=1&sn=71856e741dc1bcec2a0557795c2f4c2e&chksm=c30872abf47ffbbd66c7ed9c0290c083afe2a2f8accb198e00a3a58f69530024ebd141d3b550#rd |
| 整理-常用的工具集 | http://mp.weixin.qq.com/s?__biz=MzIxMTcyMjg2MA==&mid=2247491866&idx=1&sn=051eb8a4c3a67af4c0977dd92514ca23&chksm=97525619a025df0f568f0a2872975d8eaec92893690cf94ae4cfa9eb8773729b9c6d52d86a05#rd |
| 呼吁国家严厉打击:当医生拿起手术刀抢劫,病人无从还手 | http://mp.weixin.qq.com/s?__biz=MzI5ODYwNTE4Nw==&mid=2247487125&idx=1&sn=95d83391fcf93e56185bc0eb0eaaef03&chksm=eca20179dbd5886fdb9855af5749d253ac973adf46f4fe2b04896f0719400ae04f4ec60f0c5d#rd |
| 【转载】贝宁猫(Bellingcat)开源情报调查指南 | http://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651131585&idx=1&sn=2f93befa6bf693114d495512239ded50&chksm=f1af79fbc6d8f0ed1c28df5361d7480a0ace6328be646165a340e4b09af5499d4463c4c186ee#rd |
| 在 RTL-SDR 加密狗的帮助下解决我卡车的 TPMS 传感器问题 | https://www.reddit.com/r/ReverseEngineering/comments/wv6f3n/solving_my_trucks_tpms_sensor_problem_with_the/ |
| 第 1 部分:勒索软件 - 支付或不支付 | https://www.atredis.com/blog/2022/5/10/part-1-ransomware-to-pay-or-not-to-pay |
| 常用渗透脚本的特征免杀方式 | http://mp.weixin.qq.com/s?__biz=MjM5MTYxNjQxOA==&mid=2652890426&idx=1&sn=75bac3c903ebe10deca34f5fd540695a&chksm=bd5999f78a2e10e10bd2733da199d470945ee4d7e3f77a42a4da25468d88940f777dcab9ef5f#rd |
| 抖音淘宝化,淘宝抖音化的底层逻辑 | https://www.woshipm.com/it/5573405.html |
| XCSSET 恶意软件更新 | macOS 威胁行为者为没有 Python 的生活做好准备 | https://www.sentinelone.com/blog/xcsset-malware-update-macos-threat-actors-prepare-for-life-without-python/ |
| 利用CVE-2022-36446提取Webmin权限 | http://mp.weixin.qq.com/s?__biz=Mzg2MjYxODQ4Mw==&mid=2247484252&idx=1&sn=98f2b22d246df1d442fc962ee73fba74&chksm=ce045540f973dc560d6c7db7cb5fb3c76a002f3e6e2820db43f3266fbb7206f02f4a77d7b6f7#rd |
| 渗透工程师常用命令速查手册 | http://mp.weixin.qq.com/s?__biz=Mzg5OTY2NjUxMw==&mid=2247497194&idx=2&sn=1ecb7294b9380300af12a64ba410d2b0&chksm=c04d72d4f73afbc20650ffbc38c3e7216fc5bd431b520494fbe3ec6850aed709a82ad261d52f#rd |
| CVE-2020-1472复现及漏洞防护 | http://mp.weixin.qq.com/s?__biz=MzAwMDQwNTE5MA==&mid=2650246306&idx=1&sn=c5f94305805228ba1fb116bd427a416f&chksm=82ea570bb59dde1d247e41f7e05f740a00e106844a6b23668852c4d67110e56c52841bfef9a1#rd |
还没有评论,来说两句吧...