update
This commit is contained in:
parent
d4d1acdb72
commit
247eaa5145
196
GotoSend/sougou-wx.py
Normal file
196
GotoSend/sougou-wx.py
Normal file
@ -0,0 +1,196 @@
|
||||
import os
|
||||
import json
|
||||
import sqlite3
|
||||
from datetime import datetime, timedelta
|
||||
|
||||
def clear_table():
|
||||
conn = sqlite3.connect('./db/sougou-wx.db')
|
||||
cursor = conn.cursor()
|
||||
cursor.execute('DELETE FROM articles')
|
||||
conn.commit()
|
||||
conn.close()
|
||||
|
||||
def create_database():
|
||||
conn = sqlite3.connect('./db/sougou-wx.db')
|
||||
cursor = conn.cursor()
|
||||
cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||
title TEXT,
|
||||
link TEXT,
|
||||
description TEXT,
|
||||
pubDate DATETIME,
|
||||
author TEXT,
|
||||
keyword TEXT,
|
||||
is_sended BOOLEAN
|
||||
)''')
|
||||
conn.commit()
|
||||
conn.close()
|
||||
|
||||
def insert_data(data):
|
||||
conn = sqlite3.connect('./db/sougou-wx.db')
|
||||
cursor = conn.cursor()
|
||||
for entry in data:
|
||||
# 检查是否存在相同 title 和 author 的记录
|
||||
cursor.execute('''
|
||||
SELECT 1 FROM articles WHERE title = ? AND author = ?
|
||||
''', (entry['title'], entry['author']))
|
||||
|
||||
if cursor.fetchone() is None:
|
||||
# 如果没有找到相同记录,则插入新记录
|
||||
cursor.execute('''
|
||||
INSERT INTO articles (title, link, description, pubDate, author, keyword)
|
||||
VALUES (?, ?, ?, ?, ?, ?)
|
||||
''', (entry['title'], entry['link'], entry['description'], entry['pubDate'], entry['author'], entry['keyword']))
|
||||
|
||||
conn.commit()
|
||||
conn.close()
|
||||
|
||||
def get_json():
|
||||
# 检查文件是否存在
|
||||
if not os.path.exists('./JSON/sougou-wx.json'):
|
||||
raise FileNotFoundError(f"sougou-wx.json文件不存在,请检查程序是否运行正常!")
|
||||
|
||||
# 打开并读取JSON文件
|
||||
with open('./JSON/sougou-wx.json', 'r', encoding='utf-8') as file:
|
||||
data = json.load(file)
|
||||
|
||||
# 假设data是一个包含多个关键词的字典
|
||||
total_data = []
|
||||
for keyword, keyword_data in data.items():
|
||||
# 检查关键词对应的数据是否为列表
|
||||
if not isinstance(keyword_data, list):
|
||||
raise ValueError(f"关键词 {keyword} 对应的数据格式错误,请检查common.py是否异常!")
|
||||
|
||||
# 提取所需字段并编号
|
||||
for index, item in enumerate(keyword_data, start=1):
|
||||
entry = {
|
||||
"id": index,
|
||||
"title": item.get("title", ""),
|
||||
"link": item.get("link", ""),
|
||||
"description": item.get("description", ""),
|
||||
"pubDate": item.get("pubDate", ""),
|
||||
"author": item.get("author", ""),
|
||||
"keyword": keyword
|
||||
}
|
||||
total_data.append(entry)
|
||||
|
||||
return total_data
|
||||
|
||||
def select_articles():
|
||||
conn = sqlite3.connect('./db/sougou-wx.db')
|
||||
cursor = conn.cursor()
|
||||
|
||||
# 获取当前日期和时间
|
||||
now = datetime.now()
|
||||
two_months_ago = now - timedelta(days=60) # 假设两个月大约60天
|
||||
|
||||
try:
|
||||
# 查询最近的3条未被标记为True的消息且发布时间不超过两个月
|
||||
cursor.execute('''
|
||||
SELECT * FROM articles
|
||||
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
|
||||
ORDER BY pubDate DESC
|
||||
LIMIT 3
|
||||
''', (two_months_ago.strftime('%Y-%m-%d %H:%M:%S'), now.strftime('%Y-%m-%d %H:%M:%S')))
|
||||
|
||||
# 查询最近的3条未被标记为True的消息
|
||||
# cursor.execute('''
|
||||
# SELECT * FROM articles
|
||||
# WHERE is_sended IS NULL
|
||||
# ORDER BY pubDate DESC
|
||||
# LIMIT 3
|
||||
# ''')
|
||||
|
||||
results = cursor.fetchall()
|
||||
# print(results)
|
||||
|
||||
if results:
|
||||
for row in results:
|
||||
article_id = row[0]
|
||||
cursor.execute('''
|
||||
UPDATE articles
|
||||
SET is_sended = True
|
||||
WHERE id = ?
|
||||
''', (article_id,))
|
||||
|
||||
conn.commit() # 提交事务
|
||||
|
||||
except Exception as e:
|
||||
conn.rollback() # 回滚事务
|
||||
print(f"Error: {e}")
|
||||
finally:
|
||||
cursor.close()
|
||||
conn.close()
|
||||
|
||||
return results
|
||||
|
||||
def record_md(result, filename="./history/wx_news.md"):
|
||||
# 读取现有内容
|
||||
if os.path.exists(filename):
|
||||
with open(filename, 'r', encoding='utf-8') as file:
|
||||
existing_content = file.read()
|
||||
else:
|
||||
existing_content = ""
|
||||
|
||||
# 将新内容插入到现有内容的开头
|
||||
new_content = result + existing_content
|
||||
|
||||
# 写回文件
|
||||
with open(filename, 'w', encoding='utf-8') as file:
|
||||
file.write(new_content)
|
||||
|
||||
def get_filtered_articles(entries, Is_short):
|
||||
result = ""
|
||||
record = ""
|
||||
for entry in entries:
|
||||
if Is_short == False:
|
||||
result += f"文章:[{entry[1]}]({entry[2]})\n描述:{entry[3]}\n"
|
||||
result += f"上传时间:{entry[4]}\n"
|
||||
result += f"作者:{entry[5]}\n"
|
||||
result += f"关键词:{entry[6]}\n"
|
||||
result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
|
||||
if Is_short == True:
|
||||
result += f"文章:[{entry[1]}]({entry[2]})"
|
||||
result += f"上传时间:{entry[4]}\n"
|
||||
result += "\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
|
||||
|
||||
record += f"#### 文章:[{entry[1]}]({entry[2]})\n描述:{entry[3]}\n"
|
||||
record += f"**上传时间**:{entry[4]}\n"
|
||||
record += f"**作者**:{entry[5]}\n"
|
||||
record += f"**关键词**:{entry[6]}\n"
|
||||
record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
|
||||
record_md(record)
|
||||
return result
|
||||
|
||||
def Src_sougou_wx(Is_short):
|
||||
if not os.path.exists('./db/sougou-wx.db'):
|
||||
# 创建数据库和表
|
||||
create_database()
|
||||
|
||||
# 清空表
|
||||
# clear_table()
|
||||
|
||||
# 获取 JSON 数据
|
||||
sougou_wx_data = get_json()
|
||||
|
||||
# 插入数据到数据库
|
||||
insert_data(sougou_wx_data)
|
||||
|
||||
# 查询指定时间段内的数据
|
||||
filtered_articles = select_articles()
|
||||
# print(filtered_articles)
|
||||
|
||||
if filtered_articles:
|
||||
results = get_filtered_articles(filtered_articles, Is_short)
|
||||
return results
|
||||
else:
|
||||
return False
|
||||
|
||||
if __name__ == "__main__":
|
||||
reslts = Src_sougou_wx(False)
|
||||
if reslts != False:
|
||||
print(reslts)
|
||||
else:
|
||||
# 如果为空,则跳过执行
|
||||
print("-" * 40)
|
||||
print("微信公众号数据为空,跳过执行。")
|
142
JSON/4hou.json
142
JSON/4hou.json
File diff suppressed because one or more lines are too long
@ -1,162 +0,0 @@
|
||||
[
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/303018",
|
||||
"title": "A股震荡走强 金融证券公司如何保证业务安全稳定?",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "微信",
|
||||
"pubDate": "2024-12-25 15:03:29"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/303009",
|
||||
"title": "CVE-2024-45387 (CVSS 9.9):在 Apache Traffic Control 中发现严重 SQL 注入漏洞",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securityonline",
|
||||
"pubDate": "2024-12-25 14:57:38"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/303006",
|
||||
"title": "Rspack 供应链攻击向 npm 生态系统注入加密劫持恶意软件",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securityonline",
|
||||
"pubDate": "2024-12-25 11:35:37"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/303003",
|
||||
"title": "CVE-2024-56334: 命令注入漏洞使数百万 Node.js 系统遭受攻击",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securityonline",
|
||||
"pubDate": "2024-12-25 11:27:03"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/303000",
|
||||
"title": "CISA 在积极利用中将 Acclaim USAHERDS 漏洞添加到 KEV 目录",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "TheHackersNews",
|
||||
"pubDate": "2024-12-25 11:20:21"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302997",
|
||||
"title": "通过 Discord Bot 运行的 RAT 恶意软件",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "CN-SEC",
|
||||
"pubDate": "2024-12-25 11:14:05"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302991",
|
||||
"title": "Adobe 意识到 ColdFusion 漏洞 CVE-2024-53961 有已知的 PoC 漏洞利用代码",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securityaffairs",
|
||||
"pubDate": "2024-12-25 11:02:52"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302988",
|
||||
"title": "Postman Workspaces 泄露 30000 个 API 密钥和敏感令牌",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "hackread",
|
||||
"pubDate": "2024-12-25 10:45:19"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302985",
|
||||
"title": "黑客入侵 15 个 X 账户,利用假 Memecoins 赚取 50 万美元: ZachXBT",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "Cointelegraph.com News",
|
||||
"pubDate": "2024-12-25 10:36:21"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302982",
|
||||
"title": "CVE-2024-23945: Apache Hive 和 Spark 中的严重漏洞可能导致漏洞利用",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securityonline",
|
||||
"pubDate": "2024-12-25 10:29:13"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302977",
|
||||
"title": "NDSS 2025|抖音集团安全研究团队提出机密沙箱内存管理方案WAVEN",
|
||||
"author": " 字节跳动安全中心",
|
||||
"description": null,
|
||||
"source": null,
|
||||
"pubDate": "2024-12-24 13:01:55"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302974",
|
||||
"title": "呈贡区政府携手360,共绘昆明市数字经济发展新蓝图!",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "微信",
|
||||
"pubDate": "2024-12-24 11:26:19"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302971",
|
||||
"title": "CVE-2024-53552 (CVSS 9.8): CrushFTP 漏洞使用户面临账户接管风险",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securityonline",
|
||||
"pubDate": "2024-12-24 11:23:02"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302968",
|
||||
"title": "CVE-2024-12828 (CVSS 9.9): Webmin 漏洞导致数百万台服务器暴露于 RCE",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securityonline",
|
||||
"pubDate": "2024-12-24 11:16:49"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302963",
|
||||
"title": "针对 CVE-2024-30085:Windows 权限提升漏洞发布 PoC 漏洞利用程序",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securityonline",
|
||||
"pubDate": "2024-12-24 11:09:25"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302960",
|
||||
"title": "Aave 考虑整合 Chainlink,将 MEV 费用返还给用户",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "Cointelegraph.com News",
|
||||
"pubDate": "2024-12-24 11:04:04"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302957",
|
||||
"title": "勒索软件攻击暴露了 560 万 Ascension 患者的数据",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "infosecurity",
|
||||
"pubDate": "2024-12-24 10:53:52"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302954",
|
||||
"title": "黑客利用 Fortinet EMS 的关键漏洞部署远程访问工具",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "TheHackersNews",
|
||||
"pubDate": "2024-12-24 10:46:09"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302951",
|
||||
"title": "供应链攻击攻击 Rspack、Vant 使用 Monero Miner 的 npm 包",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "hackread",
|
||||
"pubDate": "2024-12-24 10:21:25"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/302948",
|
||||
"title": "Lazarus Group 使用 CookiePlus 恶意软件以核工业为目标",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "hackread",
|
||||
"pubDate": "2024-12-24 10:08:26"
|
||||
}
|
||||
]
|
1602
JSON/doonsec.json
1602
JSON/doonsec.json
File diff suppressed because it is too large
Load Diff
@ -1,160 +0,0 @@
|
||||
[
|
||||
{
|
||||
"title": "特朗普政府2.0:网安政策重大转向,CISA收缩,减少监管",
|
||||
"link": "https://www.freebuf.com/news/418508.html",
|
||||
"description": "随着CISA的变革、公私合作的加强以及放松管制的承诺,新政府可能会彻底改变联邦政府在网络安全领域的角色。",
|
||||
"body": "<p>随着CISA(网络安全和基础设施安全局)的变革、公私合作的加强以及放松管制的承诺,新政府可能会彻底改变美国联邦政府在网络安全领域的角色。</p><p><img src=\"https://image.3001.net/images/20241225/1735112088_676bb598dda6c14ca9d00.png!small\" alt=\"\" width=\"690\" height=\"41",
|
||||
"category": "资讯",
|
||||
"pubDate": "Wed, 25 Dec 2024 15:35:13 +0800"
|
||||
},
|
||||
{
|
||||
"title": "僵尸网络利用漏洞攻击网络录像机及TP-Link路由器",
|
||||
"link": "https://www.freebuf.com/news/418486.html",
|
||||
"description": "一个基于Mirai的新型僵尸网络正在积极利用DigiEver网络录像机中的一个远程代码执行漏洞,该漏洞尚未获得编号,也暂无修复补丁。",
|
||||
"body": "<p>据BleepingComputer消息,一个基于Mirai的新型僵尸网络正在积极利用DigiEver网络录像机中的一个远程代码执行漏洞,该漏洞尚未获得编号,也暂无修复补丁。</p><p><img src=\"https://image.3001.net/images/20241225/1735104782_676b990ec6e4209f904ac.png!small\" alt=\"\" /></",
|
||||
"category": "资讯",
|
||||
"pubDate": "Wed, 25 Dec 2024 11:44:29 +0800"
|
||||
},
|
||||
{
|
||||
"title": "欧洲航天局被黑客入侵了,部署JavaScript代码",
|
||||
"link": "https://www.freebuf.com/news/418474.html",
|
||||
"description": "ESA的官方网络商店遭遇黑客入侵,加载用于生成虚假Stripe支付页面的JavaScript代码。",
|
||||
"body": "<p>欧洲航天局(ESA)的官方网络商店遭遇黑客入侵,加载用于生成虚假Stripe支付页面的JavaScript代码。</p><p>欧洲航天局每年的预算超过100亿欧元,其主要任务是通过培训宇航员以及建造火箭和卫星来探索宇宙奥秘,进而拓展太空活动的边界。目前,获准销售的ESA商品网络商店已无法使用,页面显示的信息是“暂时失去轨道”。</p><p>就在昨天,这段恶意脚本出现在欧洲航天局的网站上,并开",
|
||||
"category": "资讯",
|
||||
"pubDate": "Wed, 25 Dec 2024 11:06:38 +0800"
|
||||
},
|
||||
{
|
||||
"title": "曹县黑客2024年“营收”超13亿美元,单笔最高3亿美元",
|
||||
"link": "https://www.freebuf.com/news/418468.html",
|
||||
"description": "最新报告,曹县黑客在2024年通过47次网络攻击,窃取了价值13.4亿美元的加密货币。",
|
||||
"body": "<p>根据区块链分析公司Chainalysis的最新报告,曹县黑客在2024年通过47次网络攻击,窃取了价值13.4亿美元的加密货币。</p><p>这一数字占年度被盗资金总额的61%,相较于2023年增加了21%。尽管2024年的事件总数达到了创纪录的303起,但总损失金额并未创下新高,因为2022年的损失仍然最为严重,达到了37亿美元。</p><p><img src=\"https://image",
|
||||
"category": "资讯",
|
||||
"pubDate": "Wed, 25 Dec 2024 10:46:58 +0800"
|
||||
},
|
||||
{
|
||||
"title": "ATT&CK 2024更新内容简介",
|
||||
"link": "https://www.freebuf.com/articles/418467.html",
|
||||
"description": "笔者跟踪了这一年的ATT&CK的进展以及刚结束的ATT&CKcon 5.0中各个内容。提炼了主要的更新内容和主要的更新方向。",
|
||||
"body": "<h2 id=\"h2-1\">引言</h2><h3 id=\"h3-1\">主要更新内容</h3><blockquote>ATT&CK继续延续每年更新两个大版本的状态,今年迎来的ATT&CK 的第16个版本。笔者跟踪了这一年的ATT&CK的进展以及刚结束的ATT&CKcon 5.0中各个内容。提炼了主要的更新内容和主要的更新方向。</blockquote><h2 id=\"",
|
||||
"pubDate": "Wed, 25 Dec 2024 10:37:45 +0800"
|
||||
},
|
||||
{
|
||||
"title": "FreeBuf早报 | 美西方募资7亿欧元支持乌克兰网络安全;“银狐”木马新变种开始传播",
|
||||
"link": "https://www.freebuf.com/news/418431.html",
|
||||
"description": "支持乌克兰的美西方国家正在通过“信息技术联盟”和“塔林机制”协调和促进对乌克兰的军事和民事网络安全援助和支持。",
|
||||
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 信通院发布信息通信业 (ICT) 十大趋势</h3><p>2024年12月23日,中国信息通信研究院(简称“中国信通院”)主办的“2025中国信通院深度观察报告会”主论坛在京举办,中国信通院副院长王志勤以“ICT技术引领创新前沿,为新质生产力蓄势赋能”为题发布了2025信息通信业(ICT)十大趋势。 【<a href=",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 24 Dec 2024 17:44:46 +0800"
|
||||
},
|
||||
{
|
||||
"title": "Adobe最新漏洞被披露,已有PoC代码流出",
|
||||
"link": "https://www.freebuf.com/news/418426.html",
|
||||
"description": "Adobe近期发布了紧急安全更新,针对ColdFusion中的一个关键漏洞,该漏洞已有概念验证(PoC)代码流出。",
|
||||
"body": "<p>Adobe近期发布了紧急安全更新,针对ColdFusion中的一个关键漏洞,该漏洞已有概念验证(PoC)代码流出。根据周一的公告,这个编号为CVE-2024-53961的漏洞源于路径遍历弱点,影响了Adobe ColdFusion 2023和2021版本,攻击者可借此读取易受攻击服务器上的任意文件。</p><p><img src=\"https://image.3001.net/images/",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 24 Dec 2024 17:11:37 +0800"
|
||||
},
|
||||
{
|
||||
"title": "附原文 |《2024年漏洞与威胁趋势报告》深度解读",
|
||||
"link": "https://www.freebuf.com/vuls/418381.html",
|
||||
"description": "新发现漏洞的数量出现了前所未有的增长态势,其中高危或严重级别的漏洞占比高达一半,漏洞利用的时间线显著缩短。",
|
||||
"body": "<p>在信息技术飞速发展的当下,网络安全已然成为全球瞩目的焦点。<strong>安全极客社区</strong>精心译制的<strong>《2024 年漏洞与威胁趋势报告》</strong>明确指出,2023 年堪称网络安全领域的重要分水岭。这一年,新发现漏洞的数量出现了前所未有的增长态势,其中高危或严重级别的漏洞占比高达一半,漏洞利用的时间线显著缩短,然而平均修复时间却过长。金融服务、制造业以及公",
|
||||
"category": "漏洞",
|
||||
"pubDate": "Tue, 24 Dec 2024 11:41:51 +0800"
|
||||
},
|
||||
{
|
||||
"title": "看不到的尽头,回顾与展望哈以冲突以来的中东网络战",
|
||||
"link": "https://www.freebuf.com/news/418373.html",
|
||||
"description": "自 2023 年 10 月以来,以色列和哈马斯之间爆发的冲突助长了中东国家之间的网络攻击,并在全球范围内将多个国家卷入其中。",
|
||||
"body": "<blockquote><p>自 2023 年 10 月以来,以色列和哈马斯之间爆发的冲突助长了中东国家之间的网络攻击,并在全球范围内将多个国家卷入其中。</p></blockquote><p><img src=\"https://image.3001.net/images/20241224/1735010904_676a2a5813f06e7c26f0e.jpg!small\" width=\"690",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 24 Dec 2024 11:16:59 +0800"
|
||||
},
|
||||
{
|
||||
"title": "AI可一键生成上万种恶意软件变体,88%能规避检测",
|
||||
"link": "https://www.freebuf.com/news/418362.html",
|
||||
"description": "通过大量转换,这种方法可能降低恶意软件分类系统的性能,甚至使其误判恶意代码为良性。",
|
||||
"body": "<p>网络安全研究人员发现,借助大型语言模型(LLMs),可以大规模生成新型恶意的JavaScript代码变体,这些变体将更难被安全防护设备检测。</p><p><img src=\"https://image.3001.net/images/20241224/1735007590_676a1d6669e16b1a72d60.png!small\" alt=\"\" /></p><p>Palo Alto N",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 24 Dec 2024 10:26:42 +0800"
|
||||
},
|
||||
{
|
||||
"title": "广州标品软件有限公司招聘啦!",
|
||||
"link": "https://www.freebuf.com/jobs/418341.html",
|
||||
"description": "岗位多多,待遇丰厚,想要换工作的老师傅别错过。",
|
||||
"body": "<h2 id=\"h2-1\">职位描述</h2><p>1. 负责产品的黑白盒安全测试,挖掘通用web安全漏洞和业务逻辑漏洞并推进修复;<br />2. 负责产品的架构安全评审,能识别产品安全风险,并提供安全解决方案并推进落地;<br />3. 负责产品线的安全应急响应工作,能组织产品设计和研发团队,协同其它相关职能团队,完成安全入侵事件、安全漏洞的应急处置</p><h2 id=\"h2-2\"><str",
|
||||
"category": "安全招聘",
|
||||
"pubDate": "Mon, 23 Dec 2024 17:47:00 +0800"
|
||||
},
|
||||
{
|
||||
"title": "Sa7mon-S3scanner:一款针对S3 Bucket的错误配置扫描工具",
|
||||
"link": "https://www.freebuf.com/sectool/418337.html",
|
||||
"description": "Sa7mon-S3scanner是一款针对S3 Bucket的错误配置扫描工具,该工具兼容S3 API,可以扫描开放S3 Bucket中潜在的错误配置信息。",
|
||||
"body": "<h2 id=\"h2-1\">关于Sa7mon-S3scanner</h2><p>Sa7mon-S3scanner是一款针对S3 Bucket的错误配置扫描工具,该工具兼容S3 API,可以帮助广大研究人员轻松扫描开放S3 Bucket中潜在的错误配置信息。</p><p><img src=\"https://image.3001.net/images/20241223/1734945812_67692",
|
||||
"category": "工具",
|
||||
"pubDate": "Mon, 23 Dec 2024 17:26:36 +0800"
|
||||
},
|
||||
{
|
||||
"title": "FreeBuf早报 | 中国网民网络安全感满意度指数6连升;印度麦当劳漏洞开启“零元购”",
|
||||
"link": "https://www.freebuf.com/news/418324.html",
|
||||
"description": "报告显示,2024年网民网络安全感满意度指数为75.179,与2023年相比上升了2.665,指数上升幅度明显,实现连续6年上升。",
|
||||
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 连续6年上升!2024年网民网络安全感满意度指数在京发布</h3><p>报告显示,2024年网民网络安全感满意度指数为75.179,迈上75分台阶,为较好偏好的水平。与2023年相比上升了2.665,指数上升幅度明显,实现连续6年上升。 【<a href=\"https://baijiahao.baidu.com/s?i",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 23 Dec 2024 16:13:01 +0800"
|
||||
},
|
||||
{
|
||||
"title": "热门npm包被植入加密挖矿软件,感染目标涉及中国",
|
||||
"link": "https://www.freebuf.com/news/418283.html",
|
||||
"description": "一些热门的npm包遭到入侵,攻击者利用窃取到的令牌将带有加密挖矿恶意软件的版本发布到了官方包注册表中。",
|
||||
"body": "<p>近日,有研究人员发现,一些热门的npm包遭到入侵,攻击者利用窃取到的令牌将带有加密挖矿恶意软件的版本发布到了官方包注册表中。</p><p><img src=\"https://image.3001.net/images/20241223/1734923188_6768d3b43b4aef9d56e84.png!small\" alt=\"\" /></p><p>Rspack 的开发人员透露,他们的两",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 23 Dec 2024 10:56:23 +0800"
|
||||
},
|
||||
{
|
||||
"title": "账号和密钥明文存储,AI平台1.29T数据库裸奔",
|
||||
"link": "https://www.freebuf.com/news/418279.html",
|
||||
"description": "Builder.ai由于数据库配置错误,该平台遭遇了重大数据泄露事件,共计泄露数据超过300万条,1.29TB。",
|
||||
"body": "<h3 id=\"h3-1\">核心摘要</h3><ul><li>未加密数据库泄露:Builder.ai 一个未加密的数据库被公开访问,包含超过300万条记录,总计1.29TB,导致客户和内部数据泄露。</li><li>敏感信息外泄:泄露信息包括发票、保密协议、税务文件、电子邮件截图和云存储密钥,使客户个人信息和公司内部运作面临风险。</li><li>潜在攻击风险:泄露可能导致钓鱼攻击、伪造发票欺诈、",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 23 Dec 2024 10:49:05 +0800"
|
||||
},
|
||||
{
|
||||
"title": "FreeBuf早报 | npm包供应链攻击来袭;LockBit4.0发布倒计时",
|
||||
"link": "https://www.freebuf.com/news/418224.html",
|
||||
"description": "Rspack的开发人员透露,他们的两个npm包在一场软件供应链攻击中,被攻击者在官方包注册表中植入挖矿病毒。",
|
||||
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 安卓间谍软件“BMI CalculationVsn”在亚马逊应用商店被发现</h3><p>一款名为“BMI CalculationVsn”的恶意安卓间谍软件在亚马逊应用商店被发现,该软件伪装成一个简单的健康工具,但在后台窃取感染设备的数据。【外刊-<a href=\"https://www.bleepingcompute",
|
||||
"category": "资讯",
|
||||
"pubDate": "Fri, 20 Dec 2024 20:02:14 +0800"
|
||||
},
|
||||
{
|
||||
"title": "一周网安优质PDF资源推荐丨FreeBuf知识大陆",
|
||||
"link": "https://www.freebuf.com/articles/418216.html",
|
||||
"description": "我们精选了本周知识大陆公开发布的10条优质资源,让我们一起看看吧。",
|
||||
"body": "<p>各位读者周末好,以下是本周「FreeBuf知识大陆一周优质资源推荐」,我们精选了本周知识大陆公开发布的10条优质资源,让我们一起看看吧。</p><p><img src=\"https://image.3001.net/images/20241220/1734685626_676533ba7e10dc35a755b.png!small\" width=\"690\" height=\"1200\" alt",
|
||||
"pubDate": "Fri, 20 Dec 2024 17:28:54 +0800"
|
||||
},
|
||||
{
|
||||
"title": "FreeBuf周报 | 间谍软件Paragon被美国私募收购;攻击者窃取39万个WordPress凭证",
|
||||
"link": "https://www.freebuf.com/news/418196.html",
|
||||
"description": "总结推荐本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!",
|
||||
"body": "<p>各位 Buffer 周末好,以下是本周「FreeBuf周报」,我们总结推荐了本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!<img src=\"https://image.3001.net/images/20220923/1663923572_632d7574ead5a97f52086.jpg!small\" alt=\"\" /></p><h2 id=\"h2-1\">",
|
||||
"category": "资讯",
|
||||
"pubDate": "Fri, 20 Dec 2024 15:18:00 +0800"
|
||||
},
|
||||
{
|
||||
"title": "实战攻防 | 针对JS路径的泄露和Webpack漏洞的初探",
|
||||
"link": "https://www.freebuf.com/defense/418171.html",
|
||||
"description": "0x1前言浅谈这篇文章给师傅们分享下前段时间跟其他师傅学习和交流的Webpack相关漏洞,这个漏洞相对来说比较冷门,在web漏洞中不是那么的热度高,但是平常去挖掘和发现这个漏洞相对来说还是不难的。后面要是有机会可以给师傅们分享下油猴的相关脚本去找Webpack漏洞泄露的js敏感路径,然后打一波Webpack漏洞。在企业src和众测中有些平台还是收的,不收的话就当学习了,收了咱们就赚了哈![upl-",
|
||||
"body": "<h2 id=\"h2-1\">0x1前言</h2><h3 id=\"h3-1\">浅谈</h3><p>这篇文章给师傅们分享下前段时间跟其他师傅学习和交流的Webpack相关漏洞,这个漏洞相对来说比较冷门,在web漏洞中不是那么的热度高,但是平常去挖掘和发现这个漏洞相对来说还是不难的。</p><p>后面要是有机会可以给师傅们分享下油猴的相关脚本去找Webpack漏洞泄露的js敏感路径,然后打一波Webpa",
|
||||
"category": "攻防演练",
|
||||
"pubDate": "Fri, 20 Dec 2024 13:07:19 +0800"
|
||||
},
|
||||
{
|
||||
"title": "浅谈src挖掘中——文件上传和XSS漏洞的组合拳",
|
||||
"link": "https://www.freebuf.com/vuls/418170.html",
|
||||
"description": "给师傅们整理了下pdf木马制作的过程以及最后面分享下我一次在测文件上传最后也是getshell了。",
|
||||
"body": "<h2 id=\"h2-1\">0x1 前言</h2><p>哈喽,师傅们好!<br />这次打算给师弟们分享的是XSS之Flash弹窗钓鱼和文件上传getshell各种姿势的内容,然后先是给小白师傅们简单介绍下XSS漏洞和文件上传漏洞。然后后面给师傅们简单演示了XSS之Flash弹窗钓鱼,然后后面很详细的介绍了文件上传和XSS漏洞的组合拳的好几种方式,后面也是通过对一个站点的测试,给师傅们演示了一波。",
|
||||
"category": "漏洞",
|
||||
"pubDate": "Fri, 20 Dec 2024 13:05:57 +0800"
|
||||
}
|
||||
]
|
122
JSON/huawei.json
122
JSON/huawei.json
@ -1,122 +0,0 @@
|
||||
[
|
||||
{
|
||||
"title": "安全通告 - 涉及华为全屋音乐系统产品的路径穿越漏洞",
|
||||
"pubDate": "2024-12-11T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-ptvihhms-91f7c6fa-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 华为全屋音乐系统路径穿越漏洞",
|
||||
"pubDate": "2024-06-19T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-ptvihhms-20747ba3-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及部分华为家庭路由器的连接劫持漏洞",
|
||||
"pubDate": "2024-06-19T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-chvishhr-d616b19e-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为部分家庭路由产品的连接劫持漏洞",
|
||||
"pubDate": "2024-04-24T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-chvishhr-d50dedde-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为智能音箱部分产品的内存溢出漏洞",
|
||||
"pubDate": "2024-04-17T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-samovishss-28e21e39-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为PC部分产品的内存缓冲区边界操作限制不当漏洞",
|
||||
"pubDate": "2024-04-17T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-hppvtiroowtboamb-bb3261bd-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为终端PC部分产品接口权限控制不当的漏洞",
|
||||
"pubDate": "2024-04-17T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-iiacviahpp-71ce77ee-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为终端PC部分产品异常条件检查不当的漏洞",
|
||||
"pubDate": "2024-04-17T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-hppvticfuoec-8ffde288-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为终端PC部分产品对参数长度不一致的处理不当漏洞",
|
||||
"pubDate": "2024-04-17T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-iholpiiahpp-0ab7d6db-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为终端PC部分产品接口权限控制不当的漏洞",
|
||||
"pubDate": "2024-04-17T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-voiiaciahpp-6376e0c7-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为终端智慧屏部分产品的身份认证绕过漏洞",
|
||||
"pubDate": "2023-12-06T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2023/huawei-sa-ibvishssp-4bf951d4-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为路由器产品的流量劫持漏洞",
|
||||
"pubDate": "2023-05-17T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2023/huawei-sa-thvihr-7015cbae-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为某打印机产品的系统命令注入漏洞",
|
||||
"pubDate": "2023-04-26T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2023/huawei-sa-sciviahpp-6bcddec5-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为HiLink AI Life产品的身份认证绕过漏洞",
|
||||
"pubDate": "2023-04-26T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2023/huawei-sa-iabvihhalp-ea34d670-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为某打印机产品的对输入的错误解析类漏洞",
|
||||
"pubDate": "2023-04-26T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2023/huawei-sa-moivihp-2f201af9-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为某打印机产品的对输入的错误解析类漏洞",
|
||||
"pubDate": "2023-04-26T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2023/huawei-sa-moivihp-73cabdde-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为某音箱产品的越界写入漏洞",
|
||||
"pubDate": "2023-03-01T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2023/huawei-sa-oobwviatp-89e403d4-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "关于E5573Cs-322产品存在拒绝服务漏洞的声明",
|
||||
"pubDate": "2023-02-10T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-notices/2021/huawei-sn-20230210-01-dos-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为儿童智能手表(Simba-AL00)的身份认证绕过漏洞",
|
||||
"pubDate": "2023-02-08T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2023/huawei-sa-iabvithcswsa-c385b2dc-cn",
|
||||
"description": null
|
||||
},
|
||||
{
|
||||
"title": "安全通告 - 涉及华为全屋智能某软件的不正确的权限分配漏洞",
|
||||
"pubDate": "2023-02-01T00:00:00",
|
||||
"link": "//www.huawei.com/cn/psirt/security-advisories/2023/huawei-sa-ipavihwhis-1556afc2-cn",
|
||||
"description": null
|
||||
}
|
||||
]
|
@ -1,72 +0,0 @@
|
||||
[
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4089",
|
||||
"title": "【2024补天白帽黑客年度盛典】Windows服务进程漏洞挖掘",
|
||||
"description": "演讲议题:Windows服务进程漏洞挖掘",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-25 17:39:57"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4088",
|
||||
"title": "【2024补天白帽黑客年度盛典】大模型越狱攻击与评测",
|
||||
"description": "演讲议题:大模型越狱攻击与评测",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-25 17:33:43"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4087",
|
||||
"title": "【2024补天白帽黑客年度盛典】当今勒索病毒的攻与防",
|
||||
"description": "演讲议题:当今勒索病毒的攻与防",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-25 17:26:49"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4000",
|
||||
"title": ".Net Remoting 系列三:Veeam Backup RCE (CVE-2024-40711)",
|
||||
"description": "本次带来一个相对完整的分析案例",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-25 10:42:01"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/3942",
|
||||
"title": "AsyncRAT基于RAM运行的轻量级远程访问木马分析",
|
||||
"description": "样本\n这是一个轻量且隐蔽性高的远程访问木马,从github上开源下载的。经过编译后得到,所以没有加载程序。它可以完全运行在RAM中,避免被检测。\n内存转储\n该项目是用VB .NET开发的,占用44 KB的...",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-25 10:00:03"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/3998",
|
||||
"title": ".Net Remoting 系列二:Solarwinds ARM 漏洞分析",
|
||||
"description": "本篇主要是以Solarwinds Arm产品介绍自定义ServerChanel的场景,漏洞分析利用是其次,事实上是去年挖的没有详细记录,后续写的,勿怪哈哈哈",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-24 10:11:30"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/3989",
|
||||
"title": ".Net Remoting 系列一",
|
||||
"description": "前言:笔者在代码审计时碰到许多以.Net Remoting技术开发的应用如SolarWinds、VeeamBackup、Ivanti等产品,尽管随着 WCF 和 gRPC 等更现代化技术的兴起,.NET Remoting 已逐渐淡出主流,但是依然有其研究的价值,本次主要以TcpChannel为主分析其工作原理、应用场景,后续会通过两个漏洞介绍.Net Remoting在不同场景下的利用姿势和挖掘思路",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-24 10:11:20"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/3940",
|
||||
"title": "样本分析:CyberVolk勒索软件浅析",
|
||||
"description": "样本\n该样本是CyberVolk黑客组织使用的,该组织是一个印度网络犯罪组织,成立于2024 年 3 月 28 日,最初名为 GLORIAMIST India,后来更名为 Cybervolk。\n该勒索样本原本同大多数勒索软件一样,...",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-23 10:00:02"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/3949",
|
||||
"title": "关于加强防范钓鱼邮件的通知",
|
||||
"description": "一封以“关于加强防范钓鱼邮件的通知”为主题的邮件引起的故事",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-23 09:39:07"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/3922",
|
||||
"title": "go-pwn中的protobuf",
|
||||
"description": "本文总结了go pwn中有关protobuf的相关内容,一种要手动分析,另一种可以通过pbtk工具提取,并分析了两个经典题目",
|
||||
"source": "subject",
|
||||
"pubDate": "2024-12-20 10:06:26"
|
||||
}
|
||||
]
|
122
JSON/seebug.json
122
JSON/seebug.json
@ -1,122 +0,0 @@
|
||||
[
|
||||
{
|
||||
"title": "卡巴斯基禁令之后的影响\n",
|
||||
"link": "https://paper.seebug.org/3260/",
|
||||
"description": "作者:Pedro Umbelino, Jake Olcott\n译者:知道创宇404实验室翻译组\n原文链接:https://www.bitsight.com/blog/aftermath-kaspersky-ban\n在2024年春,全球对供应链风险的担忧日益加剧,对技术供应商的信任和可靠性问题也愈发凸显。在这样的背景下,美国对俄罗斯的杀毒软件巨头卡巴斯基实验室下了禁令,禁止其产品进入美国市场。...\n",
|
||||
"pubDate": "Wed, 25 Dec 2024 02:52:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3260/",
|
||||
"category": "情报分析"
|
||||
},
|
||||
{
|
||||
"title": "以大模型为目标的威胁攻击与安全思考\n",
|
||||
"link": "https://paper.seebug.org/3259/",
|
||||
"description": "作者:启明星辰ADLab\n原文链接:https://mp.weixin.qq.com/s/YL37d_PjiFJkarEjcrTdiA\n一、概 述\n自2023年以来,以ChatGPT为代表的大语言模型(LLM)向人们展现出了人工智能所具有的无限潜力,为各行业带来了全新的发展模式和生产力提升。以大语言模型为基础的智能平台及系统也逐渐成为国家和企业的一种重要的基础设施,面对这样一种全新的基础设施...\n",
|
||||
"pubDate": "Mon, 23 Dec 2024 08:21:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3259/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "趋利避害的大模型行为:伪对齐\n",
|
||||
"link": "https://paper.seebug.org/3258/",
|
||||
"description": "作者:Ryan Greenblatt, Carson Denison等\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/abs/2412.14093v1\n摘要\n我们在此呈现了一项关于大型语言模型在训练过程中进行“对齐伪装”行为的演示:该模型有选择地遵从其训练目标,以防止其行为在训练之外被改变。具体来说,我们首先向Claude 3 Opus模型提供了一个系统提示...\n",
|
||||
"pubDate": "Mon, 23 Dec 2024 03:06:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3258/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "找出披着羊皮的狼:通过文本摘要技术破解对抗性文本到图像提示\n",
|
||||
"link": "https://paper.seebug.org/3257/",
|
||||
"description": "作者:Portia Cooper, Harshita Narnoli, Mihai Surdeanu\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/pdf/2412.12212\n摘要\n文本到图像模型常常遭受一种称为“分而治之攻击”(DACA)的逐步攻击,该攻击通过大型语言模型将敏感文本包装在看似无害的叙述中,以隐藏不当内容。为了有效抵御这种逐步DACA攻击,...\n",
|
||||
"pubDate": "Fri, 20 Dec 2024 07:43:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3257/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "探索 AI 驱动的网络安全框架:深度学习技术、GPU 支持和未来增强\n",
|
||||
"link": "https://paper.seebug.org/3255/",
|
||||
"description": "作者:Tobias Becher, Simon Torka\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/pdf/2412.12648\n摘要\n传统的基于规则的网络安全系统在防御已知恶意软件方面表现出色,但面对新型威胁,它们却显得力不从心。为应对这一挑战,新一代网络安全系统开始融合人工智能技术,尤其是深度学习算法,以提升其识别事件、分析警报和响应安全事件的能力...\n",
|
||||
"pubDate": "Fri, 20 Dec 2024 01:14:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3255/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "Apache Struts2 文件上传逻辑绕过(CVE-2024-53677)(S2-067)\n",
|
||||
"link": "https://paper.seebug.org/3256/",
|
||||
"description": "作者:y4tacker\n原文链接:https://y4tacker.github.io/2024/12/16/year/2024/12/Apache-Struts2-文件上传逻辑绕过-CVE-2024-53677-S2-067/\n前言\nApache官方公告又更新了一个Struts2的漏洞,考虑到很久没有发无密码的博客了,再加上漏洞的影响并不严重,因此公开分享利用的思路。\n分析\n影响版本\nSt...\n",
|
||||
"pubDate": "Thu, 19 Dec 2024 08:37:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3256/",
|
||||
"category": "漏洞分析"
|
||||
},
|
||||
{
|
||||
"title": "越狱破解马斯克最新AI-Grok2揭秘:特朗普赢得大选背后,AI的推波助澜\n",
|
||||
"link": "https://paper.seebug.org/3254/",
|
||||
"description": "作者:洺熙(米斯特Ai安全组核心成员)\n原文链接:https://mp.weixin.qq.com/s/thSJwKA7RbEueQ7iYsThFQ\n序言\n你可曾想过,马斯克的Ai Grok2大脑里究竟藏着什么秘密?\n本文将带你潜入X平台最新AI模型Grok2的“大脑”,通过对其核心指令——系统Prompt的深度解码,揭开马斯克打造的这款AI的神秘面纱\n我们将一起探索:\n\n从越狱谷歌Gemi...\n",
|
||||
"pubDate": "Wed, 18 Dec 2024 06:02:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3254/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "AI 作为新型黑客:开发进攻性安全代理\n",
|
||||
"link": "https://paper.seebug.org/3253/",
|
||||
"description": "作者:Leroy Jacob Valencia\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/pdf/2406.07561\n摘要\n在网络安全这一宏大领域内,由防御性措施向主动防御的转变对于守护数字基础设施的安全至关重要。本文深入探讨了AI在主动防御网络安全中的角色,尤其是通过研发一个名为ReaperAI的独立AI代理,该代理被设计来模拟和实施网络攻击。借助于...\n",
|
||||
"pubDate": "Fri, 13 Dec 2024 07:50:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3253/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "Qwen2.5-Coder 技术报告\n",
|
||||
"link": "https://paper.seebug.org/3252/",
|
||||
"description": "公众号:简单的机器学习\n原文链接:https://mp.weixin.qq.com/s/EiV7x403sVqVcABo_qd2kg\n引言\nQwen2.5-Coder 系列是阿里巴巴团队推出的一款重要的代码生成模型,相比其前代 CodeQwen1.5,该系列在多个方面进行了显著的升级。Qwen2.5-Coder 系列包括两个模型:Qwen2.5-Coder-1.5B 和 Qwen2.5-Co...\n",
|
||||
"pubDate": "Wed, 11 Dec 2024 16:46:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3252/",
|
||||
"category": "经验心得"
|
||||
},
|
||||
{
|
||||
"title": "Qwen2 源码阅读——核心代码跟读\n",
|
||||
"link": "https://paper.seebug.org/3251/",
|
||||
"description": "公众号:简单的机器学习\n原文链接:https://mp.weixin.qq.com/s/PVSPNfv0I8_cxgPTmOes5w\n我们继续使用上一节使用的样例文本:\n[&quot;你好啊&quot;, &quot;简单的机器学习是为了让机器学习变得更简单而存在的&quot;]\n\n\n这个样例产生的tokens结果为:\n{'input_ids': tensor([[108386, 10392...\n",
|
||||
"pubDate": "Wed, 11 Dec 2024 16:45:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3251/",
|
||||
"category": "经验心得"
|
||||
},
|
||||
{
|
||||
"title": "Qwen2 源码阅读——环境准备和说明\n",
|
||||
"link": "https://paper.seebug.org/3250/",
|
||||
"description": "公众号:简单的机器学习\n原文链接:https://mp.weixin.qq.com/s/kxrc50ZumITVaTE1wtinlg\n下面的源码内容来自transformers代码库中:transformers-4.45.2/src/transformers/models/qwen2/modeling_qwen2.py。\n实验准备\n首先我们下载一些Qwen2需要的配置数据。下载地址:http...\n",
|
||||
"pubDate": "Wed, 11 Dec 2024 16:24:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3250/",
|
||||
"category": "经验心得"
|
||||
},
|
||||
{
|
||||
"title": "揭秘暗黑系网络服务运营商——防弹主机网络\n",
|
||||
"link": "https://paper.seebug.org/3248/",
|
||||
"description": "作者:知道创宇404实验室\n日期:2024年12月9日\nEnglish version: https://paper.seebug.org/3249/\n一.摘要\n防弹主机(Bulletproof hosting)托管服务为网络犯罪活动提供基础设施,允许犯罪分子规避法律约束,经常被用于恶意软件、黑客攻击、欺诈网站、垃圾邮件等。防弹主机网络,堪称暗黑系网络服务运营商,是专为网络犯罪活动提供恶意基...\n",
|
||||
"pubDate": "Wed, 11 Dec 2024 08:06:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3248/",
|
||||
"category": "专题报告"
|
||||
},
|
||||
{
|
||||
"title": "Unveiling Dark Internet Service Providers: Bulletproof Hosting\n",
|
||||
"link": "https://paper.seebug.org/3249/",
|
||||
"description": "Author: Knownsec 404 team\nDate: Dec 9, 2024\n中文版:https://paper.seebug.org/3248/\n1. Abstract\nBulletproof hosting services provide the infrastructure for cybercriminal activities, enabling criminals t...\n",
|
||||
"pubDate": "Mon, 09 Dec 2024 04:14:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3249/",
|
||||
"category": "404 English Paper"
|
||||
},
|
||||
{
|
||||
"title": "基于 InternLM 和 LangChain 搭建私人知识库\n",
|
||||
"link": "https://paper.seebug.org/3247/",
|
||||
"description": "作者:Jinzhong Xu\n原文链接:https://xujinzh.github.io/2024/01/08/ai-Interlm-langchain-RAG/index.html\n本篇介绍基于 InternLM 和 LangChain 搭建私人知识库。\npython!conda create --name internlm_langchain --clone=/root/share/c...\n",
|
||||
"pubDate": "Thu, 05 Dec 2024 11:34:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3247/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "书生·浦语大模型使用\n",
|
||||
"link": "https://paper.seebug.org/3246/",
|
||||
"description": "作者:Jinzhong Xu\n原文链接:https://xujinzh.github.io/2024/01/06/ai-internlm-useage/\n本篇介绍书生·浦语大模型的使用,包括智能对话、智能体工具调用和图文理解创作等。\n环境配置\npython!conda create --name internlm-chat --clone=/root/share/conda_envs/int...\n",
|
||||
"pubDate": "Thu, 05 Dec 2024 10:27:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3246/",
|
||||
"category": "AI安全"
|
||||
}
|
||||
]
|
@ -1,7 +1,3 @@
|
||||
# github相关配置信息
|
||||
github_token: xxxxxx # 此处填写github-token,在高速率获取github资源时有效防止403封禁
|
||||
translate: False # 是否开启翻译
|
||||
|
||||
# 飞书相关配置信息
|
||||
fs_activate: True
|
||||
fs_key: aa04a02f-d7bf-4279-bd48-44c4f28c8f74 # 此处填写token,记得冒号后空一格,如aa04a02f-d7bf-4279-bd48-44c4f28c8f74
|
||||
|
46
config/github_config.yaml
Normal file
46
config/github_config.yaml
Normal file
@ -0,0 +1,46 @@
|
||||
# github相关配置信息
|
||||
github_token: xxxxxx # 此处填写github-token,在高速率获取github资源时有效防止403封禁
|
||||
translate: False # 是否开启翻译
|
||||
|
||||
# 监控列表
|
||||
tool_list: # 监控已创建的仓库是否更新
|
||||
- https://api.github.com/repos/BeichenDream/Godzilla
|
||||
- https://api.github.com/repos/rebeyond/Behinder
|
||||
- https://api.github.com/repos/AntSwordProject/antSword
|
||||
- https://api.github.com/repos/j1anFen/shiro_attack
|
||||
- https://api.github.com/repos/yhy0/github-cve-monitor
|
||||
- https://api.github.com/repos/gentilkiwi/mimikatz
|
||||
- https://api.github.com/repos/ehang-io/nps
|
||||
- https://api.github.com/repos/chaitin/xray
|
||||
- https://api.github.com/repos/FunnyWolf/pystinger
|
||||
- https://api.github.com/repos/L-codes/Neo-reGeorg
|
||||
- https://api.github.com/repos/shadow1ng/fscan
|
||||
- https://api.github.com/repos/SafeGroceryStore/MDUT
|
||||
- https://api.github.com/repos/EdgeSecurityTeam/Vulnerability
|
||||
- https://api.github.com/repos/wy876/POC
|
||||
- https://api.github.com/Vme18000yuan/FreePOC
|
||||
|
||||
keyword_list: # 监控关键词
|
||||
- sql注入
|
||||
- cnvd
|
||||
- 未授权
|
||||
- 漏洞POC
|
||||
- RCE
|
||||
- 渗透测试
|
||||
- 反序列化
|
||||
- 攻防
|
||||
- webshell
|
||||
- 红队
|
||||
- redteam
|
||||
- 信息收集
|
||||
- 绕过
|
||||
- bypass av
|
||||
|
||||
user_list: # 监控用户
|
||||
- su18
|
||||
- BeichenDream
|
||||
- phith0n
|
||||
- zhzyker
|
||||
- lijiejie
|
||||
- projectdiscovery
|
||||
- HavocFramework
|
1
config/keywords.yaml
Normal file
1
config/keywords.yaml
Normal file
@ -0,0 +1 @@
|
||||
Sogou-WX: ["中国银行", "APP逆向", "渗透测试"] # 基于搜狗引擎搜索特定关键词的微信公众号文章
|
BIN
db/4hou.db
BIN
db/4hou.db
Binary file not shown.
BIN
db/anquanke.db
BIN
db/anquanke.db
Binary file not shown.
BIN
db/doonsec.db
BIN
db/doonsec.db
Binary file not shown.
BIN
db/freebuf.db
BIN
db/freebuf.db
Binary file not shown.
BIN
db/qianxin.db
BIN
db/qianxin.db
Binary file not shown.
BIN
db/seebug.db
BIN
db/seebug.db
Binary file not shown.
BIN
db/xianzhi.db
BIN
db/xianzhi.db
Binary file not shown.
143
github开发文档.md
Normal file
143
github开发文档.md
Normal file
@ -0,0 +1,143 @@
|
||||
### 设计思路
|
||||
前情提要:GitHub的API接口为json格式,极其方便于使用python进行提取分析
|
||||
api地址:
|
||||
获取关键词下更新的最新仓库源:https://api.github.com/search/repositories?q={Keyword}&sort=updated&per_page=30
|
||||
- sort=updated:按更新时间排序
|
||||
- per_page=30:查询数量,建议设置为30
|
||||
- page=1:指定查询页数
|
||||
获取指定用户的仓库更新情况:https://api.github.com/users/{user}/repos
|
||||
获取指定仓库commit情况:https://api.github.com/repos/{user}/{repo}
|
||||
|
||||
### 速率限制
|
||||
headers ={ "Authorization": " token OAUTH-TOKEN"}
|
||||
OAUTH-TOKEN:github个人账号设置->开发者设置->个人token。创建一个新token时,可以选择具体的权限,创建成功时一定要复制到本地哪里保存,只会让你看见一次,如果忘记的话就需要重新生成。
|
||||
|
||||
### 使用技术
|
||||
- python-json解析
|
||||
- python-sqlite联动
|
||||
- python-request爬虫
|
||||
- sqlite筛选
|
||||
|
||||
### 参考Json源格式
|
||||
所需部分:
|
||||
- html_url
|
||||
- created_at:仓库创建时间
|
||||
- updated_at:仓库最近更新时间
|
||||
- pushed_at:仓库最近推送时间(参考此元素进行设计)
|
||||
- description:仓库描述
|
||||
|
||||
{
|
||||
"id": 511095846,
|
||||
"node_id": "R_kgDOHna0Jg",
|
||||
"name": "TestnetProtocol",
|
||||
"full_name": "exorde-labs/TestnetProtocol",
|
||||
"private": false,
|
||||
"owner": {
|
||||
"login": "exorde-labs",
|
||||
"id": 64810085,
|
||||
"node_id": "MDEyOk9yZ2FuaXphdGlvbjY0ODEwMDg1",
|
||||
"avatar_url": "https://avatars.githubusercontent.com/u/64810085?v=4",
|
||||
"gravatar_id": "",
|
||||
"url": "https://api.github.com/users/exorde-labs",
|
||||
"html_url": "https://github.com/exorde-labs",
|
||||
"followers_url": "https://api.github.com/users/exorde-labs/followers",
|
||||
"following_url": "https://api.github.com/users/exorde-labs/following{/other_user}",
|
||||
"gists_url": "https://api.github.com/users/exorde-labs/gists{/gist_id}",
|
||||
"starred_url": "https://api.github.com/users/exorde-labs/starred{/owner}{/repo}",
|
||||
"subscriptions_url": "https://api.github.com/users/exorde-labs/subscriptions",
|
||||
"organizations_url": "https://api.github.com/users/exorde-labs/orgs",
|
||||
"repos_url": "https://api.github.com/users/exorde-labs/repos",
|
||||
"events_url": "https://api.github.com/users/exorde-labs/events{/privacy}",
|
||||
"received_events_url": "https://api.github.com/users/exorde-labs/received_events",
|
||||
"type": "Organization",
|
||||
"user_view_type": "public",
|
||||
"site_admin": false
|
||||
},
|
||||
"html_url": "https://github.com/exorde-labs/TestnetProtocol",
|
||||
"description": null,
|
||||
"fork": false,
|
||||
"url": "https://api.github.com/repos/exorde-labs/TestnetProtocol",
|
||||
"forks_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/forks",
|
||||
"keys_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/keys{/key_id}",
|
||||
"collaborators_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/collaborators{/collaborator}",
|
||||
"teams_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/teams",
|
||||
"hooks_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/hooks",
|
||||
"issue_events_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/issues/events{/number}",
|
||||
"events_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/events",
|
||||
"assignees_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/assignees{/user}",
|
||||
"branches_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/branches{/branch}",
|
||||
"tags_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/tags",
|
||||
"blobs_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/git/blobs{/sha}",
|
||||
"git_tags_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/git/tags{/sha}",
|
||||
"git_refs_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/git/refs{/sha}",
|
||||
"trees_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/git/trees{/sha}",
|
||||
"statuses_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/statuses/{sha}",
|
||||
"languages_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/languages",
|
||||
"stargazers_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/stargazers",
|
||||
"contributors_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/contributors",
|
||||
"subscribers_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/subscribers",
|
||||
"subscription_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/subscription",
|
||||
"commits_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/commits{/sha}",
|
||||
"git_commits_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/git/commits{/sha}",
|
||||
"comments_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/comments{/number}",
|
||||
"issue_comment_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/issues/comments{/number}",
|
||||
"contents_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/contents/{+path}",
|
||||
"compare_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/compare/{base}...{head}",
|
||||
"merges_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/merges",
|
||||
"archive_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/{archive_format}{/ref}",
|
||||
"downloads_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/downloads",
|
||||
"issues_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/issues{/number}",
|
||||
"pulls_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/pulls{/number}",
|
||||
"milestones_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/milestones{/number}",
|
||||
"notifications_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/notifications{?since,all,participating}",
|
||||
"labels_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/labels{/name}",
|
||||
"releases_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/releases{/id}",
|
||||
"deployments_url": "https://api.github.com/repos/exorde-labs/TestnetProtocol/deployments",
|
||||
"created_at": "2022-07-06T10:44:29Z",
|
||||
"updated_at": "2024-12-27T02:20:32Z",
|
||||
"pushed_at": "2024-12-27T02:20:28Z",
|
||||
"git_url": "git://github.com/exorde-labs/TestnetProtocol.git",
|
||||
"ssh_url": "git@github.com:exorde-labs/TestnetProtocol.git",
|
||||
"clone_url": "https://github.com/exorde-labs/TestnetProtocol.git",
|
||||
"svn_url": "https://github.com/exorde-labs/TestnetProtocol",
|
||||
"homepage": null,
|
||||
"size": 1918317,
|
||||
"stargazers_count": 16,
|
||||
"watchers_count": 16,
|
||||
"language": "Solidity",
|
||||
"has_issues": true,
|
||||
"has_projects": true,
|
||||
"has_downloads": true,
|
||||
"has_wiki": true,
|
||||
"has_pages": false,
|
||||
"has_discussions": false,
|
||||
"forks_count": 20,
|
||||
"mirror_url": null,
|
||||
"archived": false,
|
||||
"disabled": false,
|
||||
"open_issues_count": 0,
|
||||
"license": {
|
||||
"key": "mit",
|
||||
"name": "MIT License",
|
||||
"spdx_id": "MIT",
|
||||
"url": "https://api.github.com/licenses/mit",
|
||||
"node_id": "MDc6TGljZW5zZTEz"
|
||||
},
|
||||
"allow_forking": true,
|
||||
"is_template": false,
|
||||
"web_commit_signoff_required": false,
|
||||
"topics": [
|
||||
|
||||
],
|
||||
"visibility": "public",
|
||||
"forks": 20,
|
||||
"open_issues": 0,
|
||||
"watchers": 16,
|
||||
"default_branch": "main",
|
||||
"score": 1.0
|
||||
}
|
||||
|
||||
### 参考代码
|
||||
year = datetime.datetime.now().year
|
||||
api = "https://api.github.com/search/repositories?q=CVE-{}&sort=updated".format(year)
|
||||
json_str = requests.get(api, headers=github_headers, timeout=10).json()
|
0
history/wx_news.md
Normal file
0
history/wx_news.md
Normal file
24
log/core.log
24
log/core.log
@ -1,24 +0,0 @@
|
||||
2024-12-25 20:48:22 - DEBUG - config.check_config:get_core_config:20 - Loaded config: {'github_token': 'xxxxxx', 'translate': False, 'fs_activate': True, 'fs_key': 'aa04a02f-d7bf-4279-bd48-44c4f28c8f74', 'fs_secret': '4tq65T4jm1MO2IlxvHxBWe', 'wx_activate': False, 'wx_key': None, 'ding_activate': False, 'ding_key': None, 'lx_activate': False, 'lx_key': None, 'mail_host': 'smtp.masonliu.com', 'mail_user': 'test@masonliu.com', 'mail_pass': 'Test123456', 'sender': 'test@masonliu.com', 'receivers': ['2857911564@qq.com'], 'e_hour': 4, 'circle': 1, 'url': 'https://info.masonliu.com/', 'debug': True}
|
||||
2024-12-25 20:48:22 - INFO - __main__:<module>:223 - 程序正在运行当中。
|
||||
2024-12-25 20:48:40 - INFO - __main__:send_first_message:207 - 飞书发送 程序信息 成功
|
||||
2024-12-25 20:48:41 - INFO - __main__:send_first_message:210 - 飞书发送 RSS源状态 成功
|
||||
2024-12-25 20:48:41 - INFO - __main__:send_job:85 - 发送程序启动,当前时间为:2024-12-25 20:48:41
|
||||
2024-12-25 20:48:41 - INFO - __main__:send_job:86 - 正在启动各爬虫并获取资源中...
|
||||
2024-12-25 20:48:41 - INFO - media.common:seebug_main:80 - 数据已保存到 ./JSON/seebug.json!
|
||||
2024-12-25 20:48:42 - INFO - media.common:anquanke_main:116 - 数据已保存到 ./JSON/anquanke.json!
|
||||
2024-12-25 20:48:42 - INFO - media.common:huawei_main:152 - 数据已保存到 ./JSON/huawei.json!
|
||||
2024-12-25 20:48:45 - INFO - media.common:doonsec_main:170 - 数据已保存到 ./JSON/doonsec.json!
|
||||
2024-12-25 20:48:47 - INFO - media.common:qianxin_main:188 - 数据已保存到 ./JSON/qianxin.json!
|
||||
2024-12-25 20:48:48 - INFO - media.freebuf:freebuf_main:69 - 数据已保存到 ./JSON/freebuf.json!
|
||||
2024-12-25 20:48:49 - INFO - media.xianzhi:xianzhi_main:67 - 数据已保存到 ./JSON/xianzhi.json!
|
||||
2024-12-25 20:48:49 - INFO - media.common:M_4hou_main:98 - 数据已保存到 ./JSON/4hou.json!
|
||||
2024-12-25 20:48:50 - INFO - __main__:check_avaliable:58 - 飞书发送 嘶吼资讯 成功
|
||||
2024-12-25 20:49:05 - INFO - __main__:check_avaliable:81 - 安全客资讯数据为空,跳过执行。
|
||||
2024-12-25 20:49:05 - INFO - __main__:check_avaliable:58 - 飞书发送 洞见微信安全资讯 成功
|
||||
2024-12-25 20:49:20 - INFO - __main__:check_avaliable:81 - 先知社区资讯数据为空,跳过执行。
|
||||
2024-12-25 20:49:20 - INFO - __main__:check_avaliable:81 - FreeBuf资讯数据为空,跳过执行。
|
||||
2024-12-25 20:49:20 - INFO - __main__:check_avaliable:58 - 飞书发送 奇安信攻防社区资讯 成功
|
||||
2024-12-25 20:49:35 - INFO - __main__:check_avaliable:81 - Seebug社区资讯数据为空,跳过执行。
|
||||
2024-12-25 20:49:36 - INFO - __main__:send_job:125 - 飞书发送 单次运行结束 成功
|
||||
2024-12-25 20:49:36 - INFO - __main__:send_job:133 - 执行完毕,等待下一次执行...
|
||||
2024-12-25 20:49:52 - INFO - __main__:signal_handler:45 - 接收到退出信号,程序即将退出...
|
118
media/sougou-wx.py
Normal file
118
media/sougou-wx.py
Normal file
@ -0,0 +1,118 @@
|
||||
import requests
|
||||
from bs4 import BeautifulSoup
|
||||
import json
|
||||
import time
|
||||
import os
|
||||
import datetime
|
||||
from requests.exceptions import RequestException
|
||||
from loguru import logger
|
||||
|
||||
headers = {
|
||||
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0",
|
||||
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
|
||||
"Accept-Language": "zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2",
|
||||
"Accept-Encoding": "gzip, deflate, br",
|
||||
"Upgrade-Insecure-Requests": "1",
|
||||
"Sec-Fetch-Dest": "document",
|
||||
"Sec-Fetch-Mode": "navigate",
|
||||
"Sec-Fetch-Site": "none",
|
||||
"Sec-Fetch-User": "?1",
|
||||
"Priority": "u=0, i",
|
||||
"Te": "trailers",
|
||||
"Connection": "keep-alive"
|
||||
}
|
||||
|
||||
def fetch_html(url, headers=headers, timeout=10):
|
||||
try:
|
||||
response = requests.get(url, headers=headers, timeout=timeout)
|
||||
response.raise_for_status()
|
||||
return response.text
|
||||
except requests.exceptions.RequestException as e:
|
||||
print(f"请求出错: {e}")
|
||||
return None
|
||||
|
||||
def parse_html(html_content):
|
||||
soup = BeautifulSoup(html_content, 'html.parser')
|
||||
|
||||
# 提取所有符合条件的<li>标签
|
||||
items = soup.find_all('li', id=lambda x: x and x.startswith('sogou_vr_11002601_box_'))
|
||||
|
||||
results = []
|
||||
|
||||
for item in items:
|
||||
# 提取标题和链接
|
||||
title_tag = item.find('h3')
|
||||
if title_tag:
|
||||
a_tag = title_tag.find('a')
|
||||
title = title_tag.get_text(strip=True) if title_tag else "No title found"
|
||||
link = a_tag['href'] if a_tag else "No link found"
|
||||
if link and not link.startswith('http'):
|
||||
link = "https://weixin.sogou.com" + link
|
||||
else:
|
||||
title = "No title found"
|
||||
link = "No link found"
|
||||
|
||||
# 提取摘要
|
||||
summary_tag = item.find('p', class_='txt-info')
|
||||
summary = summary_tag.get_text(strip=True) if summary_tag else "No summary found"
|
||||
|
||||
# 提取发布者
|
||||
publisher_tag = item.find('span', class_='all-time-y2')
|
||||
publisher = publisher_tag.get_text(strip=True) if publisher_tag else "No publisher found"
|
||||
|
||||
# 提取时间戳并转换为标准时间格式
|
||||
timestamp_script = item.find('script', string=lambda text: 'document.write(timeConvert' in text)
|
||||
if timestamp_script:
|
||||
timestamp_str = timestamp_script.string.split("'")[1]
|
||||
timestamp = int(timestamp_str)
|
||||
standard_time = datetime.datetime.fromtimestamp(timestamp).strftime('%Y-%m-%d %H:%M:%S')
|
||||
else:
|
||||
standard_time = "No timestamp found"
|
||||
|
||||
results.append({
|
||||
"title": title,
|
||||
"link": link,
|
||||
"description": summary,
|
||||
"author": publisher,
|
||||
"pubDate": standard_time
|
||||
})
|
||||
|
||||
return results
|
||||
|
||||
def remove_surrogates(text):
|
||||
"""移除非法代理对"""
|
||||
return text.encode('utf-8', 'ignore').decode('utf-8')
|
||||
|
||||
def sougou_wx_main(keywords):
|
||||
all_results = {} # 用于存储所有关键词的结果
|
||||
|
||||
for keyword in keywords:
|
||||
url = f"https://weixin.sogou.com/weixin?type=2&s_from=input&ie=utf8&query={keyword}"
|
||||
html_content = fetch_html(url)
|
||||
# print(html_content)
|
||||
|
||||
if html_content is None:
|
||||
logger.warning(f"无法获取微信公众号-Sogou搜索内容,跳过保存操作。关键词: {keyword}")
|
||||
continue
|
||||
|
||||
results = parse_html(html_content)
|
||||
# 移除非法代理对
|
||||
cleaned_results = [{k: remove_surrogates(v) for k, v in item.items()} for item in results]
|
||||
logger.warning(f"关键词【{keyword}】的微信公众号-Sogou搜索内容保存成功。")
|
||||
all_results[keyword] = cleaned_results # 将结果存储在字典中,以关键词为键
|
||||
time.sleep(5)
|
||||
|
||||
# 将所有结果转换为JSON格式
|
||||
json_results = json.dumps(all_results, ensure_ascii=False, indent=4)
|
||||
# print(json_results)
|
||||
|
||||
# 确保目录存在
|
||||
os.makedirs(os.path.dirname('./JSON/sougou-wx.json'), exist_ok=True)
|
||||
|
||||
# 将解析后的数据保存到 JSON 文件
|
||||
with open('./JSON/sougou-wx.json', 'w', encoding='utf-8') as f:
|
||||
f.write(json_results)
|
||||
|
||||
if __name__ == "__main__":
|
||||
keywords = ["齐鲁银行", "APP逆向", "渗透测试"]
|
||||
sougou_wx_main(keywords)
|
Loading…
Reference in New Issue
Block a user