2025-01-06 14:26:37 +08:00
|
|
|
|
[
|
2025-01-06 17:06:15 +08:00
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/4011",
|
|
|
|
|
|
"title": "结合阿里云通义灵码辅助新手小白快速代码审计的最佳实践",
|
|
|
|
|
|
"description": "本文介绍了作者在数据安全比赛中遇到的一个开源框架的代码审计过程。作者使用了多种工具,特别是“通义灵码”,帮助发现了多个高危漏洞,包括路径遍历、文件上传、目录删除、SQL注入和XSS漏洞。文章详细描述了如何利用这些工具进行漏洞定位和验证,并分享了使用“通义灵码”的心得和体验。最后,作者总结了AI在代码审计中的优势和不足,并展望了未来的发展方向。",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2025-01-06 10:00:00"
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/4002",
|
|
|
|
|
|
"title": "Windows进程",
|
|
|
|
|
|
"description": "进程这个观念我们现在都已经很熟悉了,进程是一个程序的运行实例,进程我们可以看做是操作系统为应用程序提供的资源容器,比如内存空间,文件句柄,设备以及网络连接等等。",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2025-01-06 09:00:02"
|
|
|
|
|
|
},
|
2025-01-06 14:26:37 +08:00
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/3992",
|
|
|
|
|
|
"title": "一次窃取程序的恶意样本分析",
|
|
|
|
|
|
"description": "一次窃取程序的恶意样本分析",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2025-01-03 10:00:00"
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/3993",
|
|
|
|
|
|
"title": "Sodinokibi详细分析",
|
|
|
|
|
|
"description": "一、基本信息\r\nREvil,也被称为Sodinokibi或简称Sodin,它在2019年4月被首次发现。这种恶意软件会在感染了用户的电脑后加密文件,并删除任何留下的赎金提示信息。这些消息会告知受害者必须支付一...",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2025-01-03 09:00:00"
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/4006",
|
|
|
|
|
|
"title": "代码审计 - MCMS v5.4.1 0day挖掘",
|
|
|
|
|
|
"description": "记一次 MCMS v5.4.1 代码审计,编号为 CVE-2024-42990&CVE-2024-42991。本文由笔者首发于先知社区的技术文章板块:https://xz.aliyun.com/t/16630",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2025-01-02 10:00:00"
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/3991",
|
|
|
|
|
|
"title": "lighttpd溢出漏洞构造ROP链",
|
|
|
|
|
|
"description": "前几天打了下强网杯决赛,想着分享一下思路",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2025-01-02 09:00:01"
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/4017",
|
|
|
|
|
|
"title": "文件读取漏洞实战利用",
|
|
|
|
|
|
"description": "实战场景下的两个任意文件读取漏洞利用。",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2024-12-31 10:00:02"
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/3970",
|
|
|
|
|
|
"title": "挖矿病毒处置总结",
|
|
|
|
|
|
"description": "处理过的挖矿病毒隐藏自身的方式总结及处置方法总结",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2024-12-31 09:00:00"
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/3968",
|
|
|
|
|
|
"title": "一些vmpwn的详细总结",
|
|
|
|
|
|
"description": "总结一些常见vmpwn题的打法,数据越界泄露libc,通过偏移数据处理来得到危险函数地址等常见漏洞,会结合两道例题来进行讲解",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2024-12-30 10:00:01"
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"guid": "https://forum.butian.net/share/3955",
|
|
|
|
|
|
"title": "样本分析:formbook 恶意软件浅析",
|
|
|
|
|
|
"description": "样本\r\nIOC\r\nMD5:749dfc8bf52422ce77ed59a60c2f395e\r\nSHA1:d0593187a473a19564a67819050023c9144b30c2\r\nSHA256: 5c205cffc83f7be274773fb1c3aa356b29d97e4d62a83e79c5fd52eadc3ed695\r\n概述\r\n语言:C...",
|
|
|
|
|
|
"source": "subject",
|
|
|
|
|
|
"pubDate": "2024-12-30 09:00:01"
|
|
|
|
|
|
}
|
|
|
|
|
|
]
|
