更新优化
This commit is contained in:
parent
42ad72c0ca
commit
2f6ae2b404
20
Core.py
20
Core.py
@ -20,6 +20,7 @@ from spider.xianzhi import xianzhi_main
|
||||
from spider.sougou_wx import sougou_wx_main
|
||||
from spider.github import github_main, load_github_config
|
||||
from spider.baidu import baidu_main
|
||||
from spider.uni import uni_spider
|
||||
from GotoSend.M_4hou import Src_4hou
|
||||
from GotoSend.anquanke import Src_anquanke
|
||||
from GotoSend.doonsec import Src_doonsec
|
||||
@ -30,6 +31,7 @@ from GotoSend.seebug import Src_seebug
|
||||
from GotoSend.sougou_wx import Src_sougou_wx
|
||||
from GotoSend.github import Src_github
|
||||
from GotoSend.baidu import Src_baidu
|
||||
from GotoSend.uni_rss import Src_uni_rss
|
||||
from config.check_config import get_core_config, get_debug_config, get_keywords_config
|
||||
from loguru import logger
|
||||
|
||||
@ -87,6 +89,7 @@ def check_avaliable(info_long, info_short, title):
|
||||
|
||||
def send_job_RSS(time_1):
|
||||
Doonsec_switch, Doonsec = get_keywords_config('Doonsec')
|
||||
uni_switch, Unity = get_keywords_config('Unity')
|
||||
|
||||
# Seebug数据获取分发
|
||||
seebug_main()
|
||||
@ -154,6 +157,15 @@ def send_job_RSS(time_1):
|
||||
else:
|
||||
logger.info("洞见微信安全数据为空,跳过执行。")
|
||||
|
||||
# 聚合RSS数据获取分发
|
||||
uni_spider()
|
||||
rss_results = Src_uni_rss(uni_switch, Unity)
|
||||
if rss_results != False:
|
||||
result_rss_long, result_rss_short = rss_results
|
||||
check_avaliable(result_rss_long, result_rss_short, "聚合RSS资讯")
|
||||
else:
|
||||
logger.info("聚合RSS数据为空,跳过执行。")
|
||||
|
||||
def send_job_SX():
|
||||
Sogou_WX = get_keywords_config('Sogou-WX')
|
||||
sougou_wx_main(Sogou_WX)
|
||||
@ -161,6 +173,8 @@ def send_job_SX():
|
||||
if results != False:
|
||||
result_sx_long, result_sx_short = results
|
||||
check_avaliable(result_sx_long, result_sx_short, "微信公众号关键词相关内容")
|
||||
else:
|
||||
logger.info("微信公众号数据为空,跳过执行。")
|
||||
|
||||
def send_job_github(time_1):
|
||||
keyword_list, tool_list, user_list, black_words = load_github_config()
|
||||
@ -182,8 +196,12 @@ def send_job_github(time_1):
|
||||
def send_job_baidu():
|
||||
Baidu = get_keywords_config('Baidu')
|
||||
baidu_main(Baidu)
|
||||
result_baidu_long, result_baidu_short = Src_baidu()
|
||||
results = Src_baidu()
|
||||
if results != False:
|
||||
result_baidu_long, result_baidu_short = results
|
||||
check_avaliable(result_baidu_long, result_baidu_short, "百度搜索关键词相关内容")
|
||||
else:
|
||||
logger.info("百度搜索数据为空,跳过执行。")
|
||||
|
||||
# 探测rss源状态
|
||||
def check_rss_status(url):
|
||||
|
||||
@ -50,7 +50,7 @@ def get_4hou_json():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.load(file)
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个JSON对象的列表
|
||||
if not isinstance(data, list):
|
||||
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
BIN
GotoSend/__pycache__/uni_rss.cpython-312.pyc
Normal file
BIN
GotoSend/__pycache__/uni_rss.cpython-312.pyc
Normal file
Binary file not shown.
Binary file not shown.
@ -45,7 +45,7 @@ def get_anquanke_json():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.load(file)
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个JSON对象的列表
|
||||
if not isinstance(data, list):
|
||||
|
||||
@ -57,7 +57,7 @@ def get_json():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.load(file)
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个关键词的字典
|
||||
total_data = []
|
||||
|
||||
@ -57,7 +57,8 @@ def get_doonsec_json():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.load(file)
|
||||
# print(content)
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个JSON对象的列表
|
||||
if not isinstance(data, list):
|
||||
|
||||
@ -50,7 +50,7 @@ def get_freebuf_json():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.load(file)
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个JSON对象的列表
|
||||
if not isinstance(data, list):
|
||||
|
||||
@ -66,7 +66,7 @@ def insert_data():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data_keyword = json.load(file)
|
||||
data_keyword = json.loads(content)
|
||||
if not isinstance(data_keyword, list):
|
||||
raise ValueError("JSON文件格式错误,请检查爬取程序是否异常!")
|
||||
|
||||
@ -77,7 +77,7 @@ def insert_data():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data_repo = json.load(file)
|
||||
data_repo = json.loads(content)
|
||||
if not isinstance(data_repo, list):
|
||||
raise ValueError("JSON文件格式错误,请检查爬取程序是否异常!")
|
||||
|
||||
@ -88,7 +88,7 @@ def insert_data():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data_release = json.load(file)
|
||||
data_release = json.loads(content)
|
||||
if not isinstance(data_release, list):
|
||||
raise ValueError("JSON文件格式错误,请检查爬取程序是否异常!")
|
||||
|
||||
@ -99,7 +99,7 @@ def insert_data():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data_user = json.load(file)
|
||||
data_user = json.loads(content)
|
||||
if not isinstance(data_user, list):
|
||||
raise ValueError("JSON文件格式错误,请检查爬取程序是否异常!")
|
||||
|
||||
|
||||
@ -41,7 +41,7 @@ def get_qianxin_json():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.load(file)
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个JSON对象的列表
|
||||
if not isinstance(data, list):
|
||||
|
||||
@ -48,7 +48,7 @@ def get_seebug_json():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.load(file)
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个JSON对象的列表
|
||||
if not isinstance(data, list):
|
||||
|
||||
@ -56,7 +56,7 @@ def get_json():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.load(file)
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个关键词的字典
|
||||
total_data = []
|
||||
|
||||
233
GotoSend/uni_rss.py
Normal file
233
GotoSend/uni_rss.py
Normal file
@ -0,0 +1,233 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
import json
|
||||
import sqlite3
|
||||
import os
|
||||
from datetime import datetime, timedelta
|
||||
|
||||
|
||||
def create_database():
|
||||
conn = sqlite3.connect('./resources/db/uni_rss.db')
|
||||
cursor = conn.cursor()
|
||||
cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||
title TEXT,
|
||||
link TEXT,
|
||||
author TEXT,
|
||||
description TEXT,
|
||||
pubDate DATETIME,
|
||||
source TEXT,
|
||||
is_sended BOOLEAN
|
||||
)''')
|
||||
conn.commit()
|
||||
conn.close()
|
||||
|
||||
def insert_data(data):
|
||||
conn = sqlite3.connect('./resources/db/uni_rss.db')
|
||||
cursor = conn.cursor()
|
||||
for entry in data:
|
||||
cursor.execute('''
|
||||
SELECT 1 FROM articles WHERE title = ? AND author = ?
|
||||
''', (entry['title'], entry['author']))
|
||||
|
||||
if cursor.fetchone() is None:
|
||||
cursor.execute('''
|
||||
INSERT INTO articles (title, link, author, description, pubDate, source)
|
||||
VALUES (?, ?, ?, ?, ?, ?)
|
||||
''', (entry['title'], entry['link'], entry['author'], entry['description'], entry['published'], entry['source']))
|
||||
conn.commit()
|
||||
conn.close()
|
||||
|
||||
def get_uni_rss_json():
|
||||
# 检查文件是否存在
|
||||
if not os.path.exists('./resources/JSON/uni_rss.json'):
|
||||
raise FileNotFoundError(f"uni_rss.json文件不存在,请检查程序是否运行正常!")
|
||||
|
||||
# 打开并读取JSON文件
|
||||
with open('./resources/JSON/uni_rss.json', 'r', encoding='utf-8') as file:
|
||||
content = file.read()
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个JSON对象的列表
|
||||
if not isinstance(data, list):
|
||||
raise ValueError("JSON文件格式错误,请检查common.py是否异常!")
|
||||
|
||||
# 提取所需字段并编号
|
||||
total_data = []
|
||||
for index, item in enumerate(data, start=1):
|
||||
entry = {
|
||||
"id": index,
|
||||
"title": item.get("title", ""),
|
||||
"link": item.get("link", ""),
|
||||
"author": item.get("author", ""),
|
||||
"description": item.get("description", ""),
|
||||
"published": item.get("published", ""),
|
||||
"source": item.get("source", ""),
|
||||
}
|
||||
total_data.append(entry)
|
||||
|
||||
return total_data
|
||||
|
||||
def select_articles(uni_rss_switch, Unity):
|
||||
conn = sqlite3.connect('./resources/db/uni_rss.db')
|
||||
cursor = conn.cursor()
|
||||
|
||||
# 获取当前日期和时间
|
||||
now = datetime.now()
|
||||
two_days_ago = now - timedelta(days=2)
|
||||
|
||||
if uni_rss_switch == False:
|
||||
# 查询指定时间段内的数据
|
||||
cursor.execute('''
|
||||
SELECT * FROM articles
|
||||
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
|
||||
ORDER BY pubDate DESC
|
||||
''', (two_days_ago.strftime('%Y-%m-%d %H:%M:%S'), now.strftime('%Y-%m-%d %H:%M:%S')))
|
||||
elif uni_rss_switch == True:
|
||||
# 查询指定时间段内且title包含特定关键词的数据
|
||||
like_conditions = ' OR '.join([f"title LIKE ?"] * len(Unity))
|
||||
|
||||
# 完整的查询语句
|
||||
query = f'''
|
||||
SELECT * FROM articles
|
||||
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
|
||||
AND ({like_conditions})
|
||||
ORDER BY pubDate DESC
|
||||
'''
|
||||
|
||||
# 构建参数列表
|
||||
params = [
|
||||
two_days_ago.strftime('%Y-%m-%d %H:%M:%S'),
|
||||
now.strftime('%Y-%m-%d %H:%M:%S')
|
||||
] + [f'%{keyword}%' for keyword in Unity]
|
||||
|
||||
# 执行查询
|
||||
cursor.execute(query, params)
|
||||
|
||||
results = cursor.fetchall()
|
||||
if results:
|
||||
for row in results:
|
||||
user_id = row[0]
|
||||
cursor.execute('''
|
||||
UPDATE articles
|
||||
SET is_sended = True
|
||||
WHERE id = ?
|
||||
''', (user_id,))
|
||||
|
||||
conn.commit() # 提交事务
|
||||
|
||||
conn.close()
|
||||
return results
|
||||
|
||||
def clear_table():
|
||||
conn = sqlite3.connect('./resources/db/uni_rss.db')
|
||||
cursor = conn.cursor()
|
||||
cursor.execute('DELETE FROM articles')
|
||||
conn.commit()
|
||||
conn.close()
|
||||
|
||||
def record_md(result, filename="./resources/history/uni_passage.md"):
|
||||
# 读取现有内容
|
||||
if os.path.exists(filename):
|
||||
with open(filename, 'r', encoding='utf-8') as file:
|
||||
existing_content = file.read()
|
||||
else:
|
||||
existing_content = ""
|
||||
|
||||
# 将新内容插入到现有内容的开头
|
||||
new_content = result + existing_content
|
||||
|
||||
# 写回文件
|
||||
with open(filename, 'w', encoding='utf-8') as file:
|
||||
file.write(new_content)
|
||||
|
||||
def get_filtered_articles(entries):
|
||||
result_long = ""
|
||||
result_short = ""
|
||||
record = ""
|
||||
short_results = []
|
||||
|
||||
for entry in entries:
|
||||
# 构建长文本结果
|
||||
result_long += f"文章:[{entry[1]}]({entry[2]})\n"
|
||||
result_long += f"作者:{entry[3]}\n"
|
||||
result_long += f"描述:{entry[4]}\n"
|
||||
result_long += f"上传时间:{entry[5]}\n"
|
||||
result_long += f"来源:{entry[6]}\n"
|
||||
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
|
||||
|
||||
# 构建短文本结果并进行分块处理
|
||||
current_entry = (
|
||||
f"文章:[{entry[1]}]({entry[2]})\n"
|
||||
f"上传时间:{entry[5]}\n"
|
||||
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
|
||||
)
|
||||
temp_result = result_short + current_entry
|
||||
if len(temp_result.encode('utf-8')) > 4096:
|
||||
short_results.append(result_short)
|
||||
result_short = current_entry
|
||||
else:
|
||||
result_short = temp_result
|
||||
|
||||
record += f"#### 文章:[{entry[1]}]({entry[2]})\n"
|
||||
record += f"**作者**:{entry[3]}\n"
|
||||
record += f"**描述**:{entry[4]}\n"
|
||||
record += f"**上传时间**:{entry[5]}\n"
|
||||
record += f"**来源**:{entry[6]}\n"
|
||||
record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
|
||||
|
||||
# 处理最后一个结果
|
||||
if result_short:
|
||||
short_results.append(result_short)
|
||||
|
||||
record_md(record)
|
||||
|
||||
return result_long, short_results
|
||||
|
||||
|
||||
def Src_uni_rss(uni_rss_switch, Unity):
|
||||
if not os.path.exists('./resources/db/uni_rss.db'):
|
||||
# 创建数据库和表
|
||||
create_database()
|
||||
|
||||
# 清空表
|
||||
# clear_table()
|
||||
|
||||
# 获取 JSON 数据
|
||||
uni_rss_data = get_uni_rss_json()
|
||||
|
||||
# 插入数据到数据库
|
||||
insert_data(uni_rss_data)
|
||||
|
||||
# 查询指定时间段内的数据
|
||||
filtered_articles = select_articles(uni_rss_switch, Unity)
|
||||
# print(filtered_articles)
|
||||
|
||||
if filtered_articles:
|
||||
result_long, short_results = get_filtered_articles(filtered_articles)
|
||||
return result_long, short_results
|
||||
else:
|
||||
return False
|
||||
|
||||
if __name__ == "__main__":
|
||||
results = Src_uni_rss(False, ["webshell", "2000", "POC", "SQL", "XSS", "CSRF", "漏洞"])
|
||||
if results:
|
||||
result_long, short_results = results
|
||||
|
||||
# 写入长文本结果
|
||||
with open("./1.txt", "a", encoding="utf-8") as f:
|
||||
f.write(result_long)
|
||||
f.write("\n" + "-" * 40 + "\n")
|
||||
|
||||
# 写入分块的短文本结果
|
||||
for short_result in short_results:
|
||||
with open("./2.txt", "a", encoding="utf-8") as f:
|
||||
f.write(short_result)
|
||||
f.write("\n" + "-" * 40 + "\n")
|
||||
else:
|
||||
# 如果为空,则跳过执行
|
||||
print("-" * 40)
|
||||
print("聚合RSS数据为空,跳过执行。")
|
||||
@ -49,7 +49,7 @@ def get_xianzhi_json():
|
||||
if not content:
|
||||
pass
|
||||
else:
|
||||
data = json.load(file)
|
||||
data = json.loads(content)
|
||||
|
||||
# 假设data是一个包含多个JSON对象的列表
|
||||
if not isinstance(data, list):
|
||||
|
||||
0
SendCore/DocGeneBot.py
Normal file
0
SendCore/DocGeneBot.py
Normal file
@ -9,7 +9,6 @@
|
||||
`为系统添加性能限制模块`
|
||||
|
||||
### 下一步计划(待完成)
|
||||
- 添加更多RSS订阅源(持续进行中)
|
||||
- 添加更多推送方式,如邮件、微信等
|
||||
- 添加谷歌搜索等更多相关检测源,后续将支持谷歌语法
|
||||
|
||||
@ -50,3 +49,5 @@
|
||||
- 2025年01月15日早:优化并精简了web程序的代码
|
||||
- 2025年01月22日:完善短文本推送机制,现已可完美支持推送至企业微信、钉钉、蓝信、微信等,等待后续开发
|
||||
- 2025年01月24日早:修复了json文件为空时程序中断的问题并优化了报错逻辑
|
||||
- 2025年03月10日早:为程序添加了通用rss接口,可支持更多rss源
|
||||
- 2025年03月14日晚:为程序添加了通用rss发送程序,同时修复了一个神奇的bug,现可支持更多rss源
|
||||
Binary file not shown.
@ -79,6 +79,10 @@ def get_keywords_config(item):
|
||||
elif item == 'Baidu':
|
||||
Baidu = config['Baidu']
|
||||
return Baidu
|
||||
elif item == 'Unity':
|
||||
uni_switch = config.get('uni-switch', False)
|
||||
Unity = config['Unity']
|
||||
return uni_switch, Unity
|
||||
else:
|
||||
logger.error("参数错误,请检查./config/keywords.yaml")
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
# 飞书相关配置信息
|
||||
# fs_activate: True
|
||||
fs_activate: False
|
||||
fs_activate: True
|
||||
fs_key: aa04a02f-d7bf-4279-bd48-44c4f28c8f74 # 此处填写token,记得冒号后空一格,如aa04a02f-d7bf-4279-bd48-44c4f28c8f74
|
||||
fs_secret: 4tq65T4jm1MO2IlxvHxBWe # 此处填写签名密钥,记得冒号后空一格,如4tq65T4jm1MO2IlxvHxBWe
|
||||
|
||||
# 企业微信相关配置信息
|
||||
wx_activate: True
|
||||
wx_activate: False
|
||||
wx_key: 9a3dd6ff-75d6-4208-bc4b-77724a5805d6 # 此处填写token,记得冒号后空一格,如9a3dd6ff-75d6-4208-bc4b-77724a5805d6
|
||||
|
||||
# 钉钉相关配置信息
|
||||
@ -27,7 +27,7 @@ e_hour: 4 # 程序运行时间间隔
|
||||
time_mode: 1
|
||||
# 0:定时运行模式,仅在指定时间运行(参照Core.py中设置)
|
||||
# 1:启用循环,一定间隔时间后运行
|
||||
mode: [0] # 运行模式,可多选
|
||||
mode: [1, 2, 3] # 运行模式,可多选
|
||||
# 0:启用RSS抓取模式
|
||||
# 1:启用搜狗-微信公众号文章监测
|
||||
# 2:启用github项目监测
|
||||
@ -37,4 +37,4 @@ mode: [0] # 运行模式,可多选
|
||||
url: https://info.masonliu.com/ # 请设置为您自己反代的域名,或者改为 http://127.0.0.1:5000 或者对应IP域名
|
||||
|
||||
# 调试模式
|
||||
debug: False
|
||||
debug: True
|
||||
@ -1,4 +1,6 @@
|
||||
Sogou-WX: ["银行测试", "APP逆向", "渗透测试", "手机银行漏洞", "银行漏洞", "支付漏洞"] # 基于搜狗引擎搜索特定关键词的微信公众号文章
|
||||
Doonsec-switch: False
|
||||
Doonsec: ["逆向", "解包", "POC"] # 洞见微信安全资讯关键词
|
||||
uni-switch: False
|
||||
Unity: ["逆向", "解包", "POC", "漏洞"] # 聚合RSS资讯关键词
|
||||
Sogou-WX: ["银行测试", "APP逆向", "渗透测试", "手机银行漏洞", "银行漏洞", "支付漏洞"] # 基于搜狗引擎搜索特定关键词的微信公众号文章
|
||||
Baidu: ["银行测试", "APP逆向", "渗透测试", "手机银行漏洞", "银行漏洞", "支付漏洞"] # 基于百度搜索特定关键词的文章
|
||||
8
config/uni_rss.yaml
Normal file
8
config/uni_rss.yaml
Normal file
@ -0,0 +1,8 @@
|
||||
link:
|
||||
- 美团技术团队|https://tech.meituan.com/feed
|
||||
- 360 Netlab Blog|https://blog.netlab.360.com/rss
|
||||
- 知道创宇404实验室|https://paper.seebug.org/rss
|
||||
- 腾讯安全响应中心|https://security.tencent.com/index.php/feed/blog
|
||||
|
||||
wechat:
|
||||
- 美团技术团队|https://wechat2rss.xlab.app/feed/294bc034c9941529cd86a8a4b8999d100186c04d.xml
|
||||
@ -6,3 +6,5 @@ requests
|
||||
python-dateutil
|
||||
loguru
|
||||
beautifulsoup4
|
||||
|
||||
feedparser
|
||||
File diff suppressed because one or more lines are too long
162
resources/JSON/anquanke.json
Normal file
162
resources/JSON/anquanke.json
Normal file
@ -0,0 +1,162 @@
|
||||
[
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305052",
|
||||
"title": "腾达 AC7 路由器漏洞:攻击者可借助恶意有效载荷获取 Root Shell 权限",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-14 11:32:33"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305049",
|
||||
"title": "GitLab警告:多个高危漏洞或致使攻击者可冒充有效用户登录",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-14 11:24:45"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305045",
|
||||
"title": "Siemens SINAMICS S200 陷安全危机,引导加载程序漏洞引攻击者觊觎",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-14 11:18:08"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305043",
|
||||
"title": "微软警示:ClickFix 通过虚假 Booking. com 邮件,对酒店业展开网络钓鱼行动",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "TheHackersNews",
|
||||
"pubDate": "2025-03-14 11:05:39"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305041",
|
||||
"title": "黑客滥用Microsoft Copilot进行复杂的网络钓鱼攻击",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-14 10:54:30"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305038",
|
||||
"title": "勒索软件攻击达到历史新高:2025年2月攻击数量激增126%",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "hackread",
|
||||
"pubDate": "2025-03-14 10:36:04"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305035",
|
||||
"title": "Medusa 勒索软件威胁:企业面临的持续挑战",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securitybrief",
|
||||
"pubDate": "2025-03-14 10:23:46"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305026",
|
||||
"title": "360预警:银狐木马又双叒变异,PDF文件成传播“帮凶”",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "360数字安全",
|
||||
"pubDate": "2025-03-14 10:08:25"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305023",
|
||||
"title": "ExHub 的 IDOR 漏洞可致攻击者篡改网站托管配置",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-13 14:50:25"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305020",
|
||||
"title": "施乐打印机漏洞可致攻击者从PDA和SMB捕获身份验证数据",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-13 14:39:42"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305015",
|
||||
"title": "瞻博网络成功修复 Session Smart Router 关键漏洞",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securityaffairs 2",
|
||||
"pubDate": "2025-03-13 11:38:18"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305013",
|
||||
"title": "Blind Eagle APT-C-36:快速利用补丁漏洞,借知名平台发动网络攻击",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-13 11:24:58"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305010",
|
||||
"title": "通过 YouTube 传播的 DCRat 恶意软件正攻击用户以窃取登录凭证",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-13 11:03:28"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305007",
|
||||
"title": "不断演变的分布式拒绝服务(DDoS)攻击策略:网络专家剖析社交媒体平台X的遭袭事件",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securitybrief",
|
||||
"pubDate": "2025-03-13 10:49:42"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305005",
|
||||
"title": "新型Anubis恶意软件:可完全躲避检测,让黑客得以执行远程命令",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-13 10:41:12"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/305002",
|
||||
"title": "Opentext推出人工智能网络安全解决方案抵御威胁",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securitybrief",
|
||||
"pubDate": "2025-03-13 10:23:40"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/304997",
|
||||
"title": "Nasuni 与 CrowdStrike 合作,大幅提升威胁检测效能",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "securitybrief",
|
||||
"pubDate": "2025-03-13 10:13:45"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/304995",
|
||||
"title": "360携手首都在线 拟推动DeepSeek一体机安全与服务落地合作",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "360数字安全",
|
||||
"pubDate": "2025-03-13 10:01:25"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/304990",
|
||||
"title": "紧急!CISA 警告苹果 iOS 漏洞正被恶意利用",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "cybersecuritynews",
|
||||
"pubDate": "2025-03-12 17:53:54"
|
||||
},
|
||||
{
|
||||
"guid": "https://www.anquanke.com/post/id/304988",
|
||||
"title": "360携手清微智能DeepSeek一体机 拟推动“国产算力+大模型安全+AI应用”协同发展",
|
||||
"author": " 安全客",
|
||||
"description": null,
|
||||
"source": "360数字安全",
|
||||
"pubDate": "2025-03-12 17:40:24"
|
||||
}
|
||||
]
|
||||
File diff suppressed because it is too large
Load Diff
@ -1,160 +1,162 @@
|
||||
[
|
||||
{
|
||||
"title": "新的AI安全在2025年正对CISO及其团队构成挑战",
|
||||
"link": "https://www.freebuf.com/news/420445.html",
|
||||
"description": "AI 创新步伐的加快、日益复杂的网络威胁和新的监管政策将要求首席信息安全官 (CISO) 驾驭更复杂的环境。",
|
||||
"body": "<p>安全团队总是必须适应变化,但2025年将出现的新发展可能会使变化特别具有挑战性。AI 创新步伐的加快、日益复杂的网络威胁和新的监管政策将要求首席信息安全官 (CISO) 驾驭更复杂的环境。</p><p><img src=\"https://image.3001.net/images/20250121/1737459264_678f8640703ee88fd4cf3.png!small\" wid",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 21 Jan 2025 19:29:51 +0800"
|
||||
"title": "人工智能聊天机器人DeepSeek R1可被操纵用于创建恶意软件",
|
||||
"link": "https://www.freebuf.com/articles/network/424572.html",
|
||||
"description": "DeepSeek R1可被操纵生成恶意软件,降低网络犯罪门槛,尽管仍需手动修正,但加速了恶意软件开发。",
|
||||
"body": "<p>网络安全公司Tenable Research的最新分析揭示,开源人工智能聊天机器人<strong>DeepSeek R1</strong>能够被操纵用于生成恶意软件,包括键盘记录器和勒索软件。Tenable的研究团队评估了DeepSeek生成有害代码的能力,重点测试了两种常见的恶意软件类型:键盘记录器和勒索软件。</p><p>尽管DeepSeek无法直接“开箱即用”生成完全可用的恶意软件,并",
|
||||
"category": "网络安全",
|
||||
"pubDate": "Fri, 14 Mar 2025 00:51:27 +0800"
|
||||
},
|
||||
{
|
||||
"title": "SUSE发布重要补丁:保护系统免受CVE-2025-21613攻击",
|
||||
"link": "https://www.freebuf.com/articles/420421.html",
|
||||
"description": "该漏洞可能允许攻击者在特定情况下篡改git-upload-pack标志。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250121/1737445957_678f524523c573d95d8eb.jpg!small\" width=\"690\" height=\"388\" alt=\"\" /></p><p>SUSE近日发布针对Amazon Systems Manager(SSM)Agent的重要安全更新,解决了“go-git”库中",
|
||||
"pubDate": "Tue, 21 Jan 2025 15:57:28 +0800"
|
||||
"title": "朝鲜威胁组织ScarCruft利用KoSpy恶意软件监控安卓用户",
|
||||
"link": "https://www.freebuf.com/articles/es/424540.html",
|
||||
"description": "朝鲜黑客组织ScarCruft通过伪装应用投放KoSpy恶意软件,监控安卓用户,攻击针对韩语和英语用户。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250313/1741878280398181_a226a43ddb394530a82c72add0dcff49.png!small\" alt=\"image\" /></p><p>据报道,与朝鲜有关的威胁组织ScarCruft开发了一种名为 <strong>KoSpy</strong>的安卓监控工具,专门针对韩",
|
||||
"category": "企业安全",
|
||||
"pubDate": "Thu, 13 Mar 2025 19:53:00 +0800"
|
||||
},
|
||||
{
|
||||
"title": "Shiro CVE-2020-17510 路径绕过",
|
||||
"link": "https://www.freebuf.com/vuls/420408.html",
|
||||
"description": "在使用 Apache Shiro 与 Spring 集成时,如果 Apache Shiro 的版本低于 1.7.0,经过精心构造的 HTTP 请求可能会导致身份验证绕过。",
|
||||
"body": "<h1>漏洞描述</h1><p>Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.</p><p>If you are NOT using Shiro’s Spring Boot Star",
|
||||
"title": "大模型越狱(通常)比你想象的容易——一种基于伪造对话历史的攻击算法",
|
||||
"link": "https://www.freebuf.com/vuls/424360.html",
|
||||
"description": "一种基于伪造会话历史的大模型对抗算法",
|
||||
"body": "<h1>1.摘要</h1><p>微软的研究团队提出了一种名为“上下文一致性攻击”(Context Compliance Attack,以下简称CCA算法)的大模型越狱攻击算法,这种攻击算法相对轻巧,既不需要复杂的提示词工程,也不要消耗大量算力来迭代优化恶意提示词。</p><p>CCA算法利用了目前大模型架构中一个漏洞——会话历史的无状态性。即用户可以伪造会话历史输入给大模型,而大模型在无法分辨该对",
|
||||
"category": "漏洞",
|
||||
"pubDate": "Tue, 21 Jan 2025 14:54:33 +0800"
|
||||
"pubDate": "Thu, 13 Mar 2025 16:37:29 +0800"
|
||||
},
|
||||
{
|
||||
"title": "梅赛德斯—奔驰信息娱乐系统漏洞详细信息披露",
|
||||
"link": "https://www.freebuf.com/articles/420410.html",
|
||||
"description": "卡巴斯基披露了在梅赛德斯-奔驰信息娱乐系统中发现的十多个漏洞的细节,但奔驰保证这些安全漏洞已经得到修复。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250121/1737443647_678f493f7ea13166686f8.jpeg!small\" alt=\"\" width=\"690\" height=\"388\" /><strong>卡巴斯基披露了在梅赛德斯—奔驰信息娱乐系统中发现的十多个漏洞的细节,但这家汽车制造商向客户保证,这些安全漏洞已经得到修复,",
|
||||
"pubDate": "Tue, 21 Jan 2025 14:50:19 +0800"
|
||||
"title": "CISA警告:苹果WebKit越界写入漏洞已被野外利用",
|
||||
"link": "https://www.freebuf.com/vuls/424562.html",
|
||||
"description": "苹果WebKit越界写入漏洞(CVE-2025-24201)已被野外利用,攻击者可执行未经授权的代码。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250314/1741889032347357_5c64ed0a88814dc4bc5fd233083566e8.webp!small\" alt=\"image\" /></p><p>美国网络安全和基础设施安全局(CISA)近日警告称,苹果WebKit浏览器引擎中存在一个被野外利用的零日漏洞,编号为CVE-202",
|
||||
"category": "漏洞",
|
||||
"pubDate": "Thu, 13 Mar 2025 16:21:31 +0800"
|
||||
},
|
||||
{
|
||||
"title": "FreeBuf早报 | 中国与多国联合解救7万电诈受害者;德国驻美大使密电遭到泄露",
|
||||
"link": "https://www.freebuf.com/news/420399.html",
|
||||
"description": "德国驻美国大使安德烈亚斯·米夏埃利斯的一份电报19日遭泄露,这令德国陷入外交旋涡。",
|
||||
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 网信部门严厉打击整治网络水军问题</h3><p>目前,网信部门已协调关闭爱××网、买××心等网络水军专门平台,指导应用商店对微××理、星×通等应用程序采取拦截或者下架等处置措施,累计协调关闭、下架相关违法违规网站平台400余家。 【<a href=\"https://www.cnii.com.cn/rmydb/20250",
|
||||
"title": "微信小程序测试技巧总结",
|
||||
"link": "https://www.freebuf.com/articles/web/424498.html",
|
||||
"description": "测试微信小程序跟web网站基本相同,抓包测试接口,逆向看小程序源码。",
|
||||
"body": "<h2 id=\"h2-1\">前言</h2><p>目前越来越多的企业都开始开发微信小程序,如果在web测试过程中没有结果,不如换个思路,去看看微信小程序是否有问题。</p><p>测试微信小程序跟web网站基本相同,抓包测试接口,逆向看小程序源码。本篇文章就来看看如何进行微信小程序抓包以及逆向。</p><p><br /></p><h2 id=\"h2-2\">微信小程序抓包</h2><p>要测试微信小程序",
|
||||
"category": "Web安全",
|
||||
"pubDate": "Thu, 13 Mar 2025 16:16:54 +0800"
|
||||
},
|
||||
{
|
||||
"title": "全美29州逾8.6万名医护人员信息因AWS S3存储桶配置错误遭泄露",
|
||||
"link": "https://www.freebuf.com/articles/database/424561.html",
|
||||
"description": "全美29州逾8.6万名医护人员信息因AWS S3存储桶配置错误遭泄露,包含敏感PII和医疗文件。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250314/1741889027627786_9dbc9c95718140af8ac0145800762e1c.webp!small\" alt=\"image\" /></p><p>近日,一起涉及医护人员敏感信息的大规模数据泄露事件被发现,总部位于新泽西州的健康科技公司ESHYFT的超过8.6万条记录被暴露。<",
|
||||
"category": "数据安全",
|
||||
"pubDate": "Thu, 13 Mar 2025 16:09:35 +0800"
|
||||
},
|
||||
{
|
||||
"title": "黑客滥用微软Copilot发动高仿钓鱼攻击",
|
||||
"link": "https://www.freebuf.com/news/424552.html",
|
||||
"description": "黑客利用微软Copilot发起高仿钓鱼攻击,通过伪造发票邮件和虚假登录页面窃取用户凭据,威胁企业安全。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250314/1741885485840984_47bf608e967345259deb66fcf48bec25.webp!small\" alt=\"image\" /></p><p>随着越来越多企业将微软Copilot集成到其日常工作中,网络犯罪分子瞄准了这一AI助手的用户,发起了高度复杂的钓鱼攻击。微软Cop",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 21 Jan 2025 14:22:30 +0800"
|
||||
"pubDate": "Thu, 13 Mar 2025 16:07:50 +0800"
|
||||
},
|
||||
{
|
||||
"title": "2024年近2亿人受影响,美国医疗成重点攻击目标",
|
||||
"link": "https://www.freebuf.com/news/420391.html",
|
||||
"description": "2024年期间,各组织向美国政府报告了720起医疗保健数据泄露事件,这些事件共影响1.86亿条用户记录。",
|
||||
"body": "<h2 id=\"h2-1\">2024年期间,各组织向美国政府报告了720起医疗保健数据泄露事件,这些事件共影响1.86亿条用户记录。</h2><p><img src=\"https://image.3001.net/images/20250121/1737430766_678f16ee2f76c506551fd.png!small\" alt=\"\" /></p><p>SecurityWeek对美国卫生",
|
||||
"title": "FreeBuf早报 | 特朗普提名Sean Plankey掌权CISA;勒索病毒袭美逾300关键机构",
|
||||
"link": "https://www.freebuf.com/news/424478.html",
|
||||
"description": "特朗普提名Sean Plankey掌权CISA;勒索病毒袭美逾300关键机构",
|
||||
"body": "<h2 id=\"h2-1\">全球网安事件速递</h2><h3 id=\"h3-1\">1. Win10 / Win11 装机镜像不再“裸奔”,微软发布 Defender 更新填补安全漏洞</h3><p>微软针对 Windows 10、Windows 11 和 Windows Server 安装镜像,发布了新版 Defender 更新,解决安装镜像中可能存在的旧版反恶意软件问题,提升系统安全性和性能。 ",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 21 Jan 2025 11:40:28 +0800"
|
||||
"pubDate": "Thu, 13 Mar 2025 14:10:05 +0800"
|
||||
},
|
||||
{
|
||||
"title": "2025 OWASP 十大安全漏洞",
|
||||
"link": "https://www.freebuf.com/news/420401.html",
|
||||
"description": "OWASP发布2025年智能合约十大漏洞报告,反映了不断演变的攻击向量,深入剖析了近年来的常见漏洞及缓解策略。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250121/1737440528_678f3d1025ec7982598b6.jpg!small\" width=\"690\" height=\"388\" alt=\"\" />随着去中心化金融(DeFi)和区块链技术的不断发展,智能合约安全的重要性愈发凸显。在此背景下,开放网络应用安全项目(OWASP)发布了备受期",
|
||||
"title": "新手友好,spring内存马学习篇二",
|
||||
"link": "https://www.freebuf.com/articles/web/424441.html",
|
||||
"description": "这是spring内存马第二篇,主要学习实战中如何打内存马",
|
||||
"body": "<h2 id=\"h2-1\">反序列化注入内存马</h2><h3 id=\"h3-1\">Fastjson靶场搭建</h3><p>我们在前面的springboot项目上引入fastjson,模拟一下漏洞环境</p><p><img src=\"https://image.3001.net/images/20250306/1741255427_67c97303619323cef3b85.png!small\" ",
|
||||
"category": "Web安全",
|
||||
"pubDate": "Thu, 13 Mar 2025 09:17:22 +0800"
|
||||
},
|
||||
{
|
||||
"title": "D-link: 轻量级正反向文件同步后渗透持久化控制",
|
||||
"link": "https://www.freebuf.com/sectool/424419.html",
|
||||
"description": "#后渗透 #文件同步 #轻量 #持久化 #正/反向隧道 #C++ #D-Link",
|
||||
"body": "<h1>D-link</h1><p>D-link 是一款用 C++ 编写的轻量级 Linux 文件同步工具。</p><ol><li><p>支持反向文件同步操作。</p></li><li><p>目录监控,实时更新。</p></li><li><p>访问控制:客户端只能自动上传和删除文件,无法从服务器下载敏感文件。就算同步的文件在服务器端被删掉,客户端还是会自动恢复。</p></li><li><p>客户",
|
||||
"category": "工具",
|
||||
"pubDate": "Thu, 13 Mar 2025 00:45:10 +0800"
|
||||
},
|
||||
{
|
||||
"title": "多视角解码大模型安全:以 AI 制衡 AI,突破安全困局",
|
||||
"link": "https://www.freebuf.com/fevents/424379.html",
|
||||
"description": "“模型有界、安全无疆”主题技术研讨会在西安圆满落幕。",
|
||||
"body": "<p>在人工智能快速发展的今天,大模型已经成为了推动各行业变革的核心技术之一,从医疗诊断到智能交通,从金融风险控制到教育个性化推荐,各行各业中都出现了大模型的身影。</p><p>根据Gartner的预测,2026年将有超过80%的企业部署启用生成式人工智能(GenAI)的应用,而2023年这一比例尚不足5%,可以说大模型正以前所未有的速度重塑着我们的世界。</p><p>技术突飞猛进的同时,也伴生着",
|
||||
"category": "活动",
|
||||
"pubDate": "Wed, 12 Mar 2025 17:31:35 +0800"
|
||||
},
|
||||
{
|
||||
"title": "超400个IP地址协同攻击,利用多个SSRF漏洞发起网络攻势",
|
||||
"link": "https://www.freebuf.com/vuls/424412.html",
|
||||
"description": "至少400个IP地址被发现同时利用多个SSRF漏洞,攻击尝试之间表现出显著的重叠。",
|
||||
"body": "\n<p><img src=\"https://image.3001.net/images/20250312/1741788137072942_62d5d71c105a40c7a1be5eeb33fbab11.png!small\" alt=\"image\"></p>\n<p>威胁情报公司GreyNoise发出警告称,近期针对多个平台的服务器端请求伪造(SSRF)漏洞利用活动出现了“协同激增”现象。</p>",
|
||||
"category": "漏洞",
|
||||
"pubDate": "Wed, 12 Mar 2025 17:26:00 +0800"
|
||||
},
|
||||
{
|
||||
"title": "AI会取代渗透测试工程师吗?",
|
||||
"link": "https://www.freebuf.com/articles/neopoints/424414.html",
|
||||
"description": "关于哪些职业会受到AI冲击的讨论从未停止,而渗透测试(Pentesting)最近也被推到了风口浪尖。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741788229145520_ea88f496d23c41d9b5a2c92b14a8910e.png!small\" alt=\"image\" /></p><p>多年来,我们一直在听到同样的说法:AI将会取代你的工作。事实上,2017年麦肯锡发布了一份报告《消失与新增的岗位:自动化时代下的劳动",
|
||||
"category": "观点",
|
||||
"pubDate": "Wed, 12 Mar 2025 15:55:00 +0800"
|
||||
},
|
||||
{
|
||||
"title": "FreeBuf早报 | 微软与VMware零日漏洞紧急修复指南;TP-Link漏洞感染超6000台设备",
|
||||
"link": "https://www.freebuf.com/news/424346.html",
|
||||
"description": "微软与VMware零日漏洞紧急修复指南;TP-Link漏洞感染超6000台设备",
|
||||
"body": "<h2 id=\"h2-1\">全球网安事件速递</h2><h3 id=\"h3-1\">1. Manus代码遭越狱,季逸超本人回应:“团队一直有开源传统”</h3><p>北京时间3月10日清晨,推特用户jianxliao发布推文称成功“越狱”了Manus AI的代码,据其透露,他只是简单地要求Manus提供\"/opt/.manus/\"目录下的文件,系统便直接提供了沙盒运行时代码,并揭示了Manus使用C",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 21 Jan 2025 11:30:01 +0800"
|
||||
"pubDate": "Wed, 12 Mar 2025 14:30:42 +0800"
|
||||
},
|
||||
{
|
||||
"title": "420万主机暴露,含VPN和路由器",
|
||||
"link": "https://www.freebuf.com/news/420386.html",
|
||||
"description": "新研究表明,多种隧道协议存在安全漏洞,这些漏洞可能让攻击者实施多种攻击。",
|
||||
"body": "<h2 id=\"h2-1\">新研究表明,多种隧道协议存在安全漏洞,这些漏洞可能让攻击者实施多种攻击。</h2><p>一项研究表明:“网络主机若接受隧道数据包却不验证发送者身份,就可能被劫持以执行匿名攻击并获得对其网络的访问权限。”该研究是与鲁汶大学(KU Leuven)的教授兼研究员马蒂·范霍夫(Mathy Vanhoef)合作开展的。</p><p><img src=\"https://image.",
|
||||
"title": "API攻击威胁加剧:2025年如何确保API安全",
|
||||
"link": "https://www.freebuf.com/articles/web/424399.html",
|
||||
"description": "API攻击威胁加剧:59%的组织开放API“写入”权限,黑客可未经授权访问,导致数据窃取、账户接管等重大风险。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741780939666956_d18f4fcfe4ab4b048c66f1169504989e.png!small\" alt=\"image\" /></p><p>API攻击正持续增加,<strong>一项令人担忧的研究</strong>显示,59%的组织为至少一半的API开放了“写入”权限,这",
|
||||
"category": "Web安全",
|
||||
"pubDate": "Wed, 12 Mar 2025 11:29:24 +0800"
|
||||
},
|
||||
{
|
||||
"title": "攻击者开始利用MFA漏洞在内的高级手段绕过多因素身份验证",
|
||||
"link": "https://www.freebuf.com/articles/web/424386.html",
|
||||
"description": "这些高级技术利用了身份验证工作流程中的漏洞,而非身份验证因素本身。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741773779537870_8402efd7d8fa46fa8d2f0067903712ee.webp!small\" alt=\"image\" /></p><p>研究人员最近发现了一种令人不安的攻击趋势,这些攻击专门设计来绕过多因素身份验证(MFA)的保护机制。这些高级技术利用了身份验证工作",
|
||||
"category": "Web安全",
|
||||
"pubDate": "Wed, 12 Mar 2025 09:53:49 +0800"
|
||||
},
|
||||
{
|
||||
"title": "Hessian反序列化原理到武器化利用",
|
||||
"link": "https://www.freebuf.com/articles/web/424308.html",
|
||||
"description": "今天和大家共同探讨Java安全领域中一种常见的安全威胁,也就是Hessian反序列化漏洞。",
|
||||
"body": "<p>今天和大家共同探讨Java安全领域中一种常见的安全威胁,也就是Hessian反序列化漏洞。作为贯穿Java生态的RPC通信基石,Hessian协议如同微服务架构的\"神经网络\",其安全风险直接影响多个Java核心组件的命脉,如近几年披露的一些Hessian协议相关的安全组件漏洞:Seata Hessian 反序列化漏洞、Nacos 集群 Hessian 反序列化漏洞、xxl-job Hessi",
|
||||
"category": "Web安全",
|
||||
"pubDate": "Wed, 12 Mar 2025 09:42:19 +0800"
|
||||
},
|
||||
{
|
||||
"title": "新型XCSSET恶意软件利用增强混淆技术攻击macOS用户",
|
||||
"link": "https://www.freebuf.com/articles/web/424375.html",
|
||||
"description": "新型XCSSET恶意软件利用增强混淆技术攻击macOS用户,感染Xcode项目,窃取敏感信息,采用复杂持久化机制,威胁开发者安全。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741770276931049_1ffd07215f97425f8ba4f5216c276ae5.webp!small\" alt=\"image\" /></p><p>微软威胁情报团队发现了一种新型的XCSSET变种,这是一种复杂的模块化macOS恶意软件,能够感染Xcode项目,并在开发者构建这",
|
||||
"category": "Web安全",
|
||||
"pubDate": "Wed, 12 Mar 2025 07:44:44 +0800"
|
||||
},
|
||||
{
|
||||
"title": "AI 辅助的虚假 GitHub 仓库窃取敏感数据,包括登录凭证",
|
||||
"link": "https://www.freebuf.com/articles/database/424374.html",
|
||||
"description": "AI 辅助的虚假 GitHub 仓库窃取敏感数据,伪装合法项目分发 Lumma Stealer 恶意软件。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741770262754508_969bbeb5d15b4a8795a84388a5078ab3.webp!small\" alt=\"image\" /></p><p>近期发现了一种复杂的恶意软件活动,该活动利用人工智能创建具有欺骗性的 GitHub 仓库,并分发 SmartLoader 负载,最",
|
||||
"category": "数据安全",
|
||||
"pubDate": "Wed, 12 Mar 2025 07:40:26 +0800"
|
||||
},
|
||||
{
|
||||
"title": "谷歌紧急警告:Chromecast用户切勿进行出厂重置",
|
||||
"link": "https://www.freebuf.com/news/424361.html",
|
||||
"description": "谷歌紧急警告:别对Chromecast进行出厂重置。过期证书导致2000万台设备无法正常运行,用户陷入“变砖”困境。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741766697560974_acdc23f708a34b058255dc1d9a0b0fcd.webp!small\" alt=\"image\" /></p><p>谷歌已向第二代Chromecast(2015年)和Chromecast Audio设备的所有者发出紧急通知,警告不要进行出厂重置,",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 21 Jan 2025 11:17:38 +0800"
|
||||
},
|
||||
{
|
||||
"title": "新型僵尸网络正对路由器、摄像头等设备发起大规模DDoS攻击",
|
||||
"link": "https://www.freebuf.com/news/420383.html",
|
||||
"description": "自 2024 年底以来,一个新发现的物联网 (IoT) 僵尸网络一直在全球策划大规模分布式拒绝服务 (DDoS) 攻击。",
|
||||
"body": "<p>趋势科技的一项新研究发现,自 2024 年底以来,一个新发现的物联网 (IoT) 僵尸网络一直利用路由器、IP 摄像头和其他连接设备等物联网设备中的漏洞,在全球策划大规模分布式拒绝服务 (DDoS) 攻击。</p><p><img src=\"https://image.3001.net/images/20250121/1737428755_678f0f130e34f01ede788.png!s",
|
||||
"category": "资讯",
|
||||
"pubDate": "Tue, 21 Jan 2025 11:04:23 +0800"
|
||||
},
|
||||
{
|
||||
"title": "新型Android恶意软件模仿聊天应用窃取敏感数据",
|
||||
"link": "https://www.freebuf.com/news/420346.html",
|
||||
"description": "Cyfirma 的网络安全研究人员最近发现了一个伪装成聊天应用,针对南亚用户的复杂 Android 恶意软件活动。",
|
||||
"body": "<p>据Cyber Security News消息,Cyfirma 的网络安全研究人员最近发现了一个针对南亚用户,尤其是印度克什米尔地区用户的复杂 Android 恶意软件活动,通过伪装成一款名为“Tanzeem” 的聊天应用程序以窃取目标设备中的敏感数据。</p><p>该恶意软件归因于臭名昭著的“DONOT”APT组织,具有印度国家背景。而“Tanzeem”在乌尔都语中意为“组织”,是一个经常与",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 20 Jan 2025 19:50:15 +0800"
|
||||
},
|
||||
{
|
||||
"title": "B站2025年第一个大瓜,“代码投毒”报复用户",
|
||||
"link": "https://www.freebuf.com/news/420334.html",
|
||||
"description": "这不仅暴露了B站在内部管理和技术安全方面的漏洞,也引发了大众对用户信息安全的担忧。",
|
||||
"body": "<p>最近的B站可以说是处于多事之秋,前面才有员工自曝操纵直播间抽奖概率,这几天又被曝出员工滥用职权,加载恶意代码攻击用户。这不仅暴露了B站在内部管理和技术安全方面的漏洞,也引发了大众对用户信息安全的担忧。</p><p>涉事员工倪袁成是B站网页端DanmakuX弹幕引擎的开发和优化负责人。根据B站网友“老变态了了了”发布的消息,2025年1月,倪袁成因为与两名用户在站内发生了口角,心生怨恨,随后利",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 20 Jan 2025 18:08:20 +0800"
|
||||
},
|
||||
{
|
||||
"title": "验证码对抗之殇:Clickfix最新钓鱼事件分析报告",
|
||||
"link": "https://www.freebuf.com/articles/paper/420320.html",
|
||||
"description": "腾讯云安全科恩实验室威胁情报中心捕获到了多起国外黑灰产团伙通过Clickfix社工钓鱼手法对windows系统用户进行攻击的事件。",
|
||||
"body": "<p><span style=\"color:#000000;\">曾几何时,验证码是横亘在人与机器之间的那道数字藩篱,以看似简单的交互,守护着虚拟世界的秩序。然而,当人工智能的浪潮席卷而来,昔日泾渭分明的界限开始变得模糊不清。黑产团伙敏锐地捕捉到这种变化带来的</span><span lang=\"en-us\" style=\"color:#000000;\" xml:lang=\"en-us\">“</sp",
|
||||
"category": "安全报告",
|
||||
"pubDate": "Mon, 20 Jan 2025 16:32:27 +0800"
|
||||
},
|
||||
{
|
||||
"title": "解读出国劳务:表面邀请拍戏,实则人口交易,走上小路,却是末路!",
|
||||
"link": "https://www.freebuf.com/news/420316.html",
|
||||
"description": "近日,中国演员王星赴泰拍戏失联一事引发网友广泛关注,好在几经周折,王星本人最终还是安然回国。",
|
||||
"body": "<p>近日,中国演员王星赴泰拍戏失联一事引发网友广泛关注,好在几经周折,王星本人最终还是安然回国。失联期间,元芳持续关注事件进展,其中一系列在网络上流传的有关“买卖王星”的TG聊天截图,引起了元芳的注意。</p><p>元芳从中提取出关键发言账号信息,通过 <strong>重明-网络犯罪情报分析平台</strong>搜索引擎对相应用户ID进行检索溯源,本来只是想找找看有没有什么有价值的线索,但实际的",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 20 Jan 2025 16:08:39 +0800"
|
||||
},
|
||||
{
|
||||
"title": "FreeBuf早报 | 网信办启动春节网络环境整治行动;美网络攻击我国某研究院细节公布",
|
||||
"link": "https://www.freebuf.com/news/420305.html",
|
||||
"description": "为了营造喜庆祥和的春节网络氛围,中央网信办决定即日起开展为期1个月的“清朗·2025年春节网络环境整治”专项行动。",
|
||||
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 中方对美情报机构对华网络攻击表示严重关切</h3><p>针对美国情报机构对中国企业机构进行网络攻击一事,中国外交部17日在例行记者会上指出,中方对此表示严重关切,敦促美方立即停止相关恶意活动。 【<a href=\"http://usa.people.com.cn/n1/2025/0120/c241376-4040529",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 20 Jan 2025 15:03:27 +0800"
|
||||
},
|
||||
{
|
||||
"title": "惠普被黑客入侵,机密数据在暗网出售",
|
||||
"link": "https://www.freebuf.com/news/420293.html",
|
||||
"description": "黑客IntelBroker宣称已经入侵惠普企业公司(HPE),公布了诸如源代码、证书和个人身份信息(PII)等敏感数据。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250120/1737354626_678ded82807f2e40cb1d3.png!small\" alt=\"\" /></p><p>黑客IntelBroker宣称已经入侵惠普企业公司(HPE),并公布了诸如源代码、证书和个人身份信息(PII)等敏感数据,这些数据如今可在线售卖。</p><p>声名狼藉的Int",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 20 Jan 2025 14:31:01 +0800"
|
||||
},
|
||||
{
|
||||
"title": "无需拆机!Windows 11 BitLocker加密文件被破解",
|
||||
"link": "https://www.freebuf.com/news/420297.html",
|
||||
"description": "“bitpixie”漏洞通过利用Windows启动管理器的降级攻击,使攻击者可以在不物理篡改设备的情况下绕过安全启动。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250120/1737355717_678df1c5a8f6825c9315b.jpg!small\" width=\"690\" height=\"388\" alt=\"\" /></p><p>混沌通信大会 (38C3)上,安全研究员Thomas Lambertz展示了一个名为“bitpixie”(CVE-2023-2",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 20 Jan 2025 14:10:38 +0800"
|
||||
},
|
||||
{
|
||||
"title": "黑客滥用微软VSCode 远程隧道绕过安全工具",
|
||||
"link": "https://www.freebuf.com/news/420277.html",
|
||||
"description": "微软VSCode 远程隧道功能正被攻击者利用,以绕过安全措施部署恶意脚本。",
|
||||
"body": "<p>据Cyber Security News消息,微软VSCode 远程隧道功能正被攻击者利用,以绕过安全措施部署恶意脚本。</p><p><img src=\"https://image.3001.net/images/20250120/1737345720_678dcab8e42523784e9ee.jpg!small\" alt=\"\" width=\"690\" height=\"388\" /></p",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 20 Jan 2025 11:54:14 +0800"
|
||||
},
|
||||
{
|
||||
"title": "《零日风暴》| 正式前导预告 | Netflix",
|
||||
"link": "https://www.freebuf.com/video/420267.html",
|
||||
"description": "一场重大网路攻击酿成灾难,下一波攻击又来势汹涌汹涌。",
|
||||
"body": "<p>一场重大网路攻击酿成灾难,下一波攻击又来势汹涌汹涌,前任总统(劳勃狄尼洛饰)必须查明幕后黑手、查清真相。然而,真正的威胁究竟是损害外部还是内部危险?</p><p>#劳勃狄尼洛首次亮相Netflix影集,全新迷你影集《零日风暴》2月20日首播。</p><p style=\"text-align:center;\"><iframe src=\"//player.bilibili.com/player.",
|
||||
"category": "视频",
|
||||
"pubDate": "Mon, 20 Jan 2025 10:46:28 +0800"
|
||||
},
|
||||
{
|
||||
"title": "ChatGPT被曝存在爬虫漏洞,OpenAI未公开承认",
|
||||
"link": "https://www.freebuf.com/news/420273.html",
|
||||
"description": "OpenAI的ChatGPT爬虫似乎能够对任意网站发起分布式拒绝服务(DDoS)攻击,而OpenAI尚未承认这一漏洞。",
|
||||
"body": "<p><img src=\"https://image.3001.net/images/20250120/1737353745_678dea1157e14e0eac4a5.jpg!small\" alt=\"\" width=\"690\" height=\"402\" /></p><p><strong>OpenAI的ChatGPT爬虫似乎能够对任意网站发起分布式拒绝服务(DDoS)攻击,而OpenAI尚未承认这",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 20 Jan 2025 10:40:16 +0800"
|
||||
},
|
||||
{
|
||||
"title": "网络安全领域研究人员遭遇假PoC专项攻击",
|
||||
"link": "https://www.freebuf.com/news/420252.html",
|
||||
"description": "这些假PoC攻击事件凸显了网络安全领域面临的严峻挑战。",
|
||||
"body": "<h2 id=\"h2-1\"><strong>一、事件概述</strong></h2><p>近期,网络安全领域接连曝出针对研究人员的假PoC(概念验证)攻击事件,引发业界高度关注。2024年12月,微软在当月的补丁星期二更新中修复了两个关键的LDAP漏洞,分别是CVE-2024-49112和CVE-2024-49113。其中,CVE-2024-49113是一个拒绝服务(DoS)漏洞。然而,就在漏洞修",
|
||||
"category": "资讯",
|
||||
"pubDate": "Mon, 20 Jan 2025 10:00:12 +0800"
|
||||
"pubDate": "Wed, 12 Mar 2025 07:10:20 +0800"
|
||||
}
|
||||
]
|
||||
@ -1,20 +1,11 @@
|
||||
[
|
||||
{
|
||||
"link": "https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main",
|
||||
"name": "WebFrameworkTools-5.1-main",
|
||||
"created_at": "2023-01-08T05:21:26Z",
|
||||
"description": "本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更...",
|
||||
"author": "peiqiF4ck",
|
||||
"language": "C#",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/1024-lab/smart-admin",
|
||||
"name": "smart-admin",
|
||||
"created_at": "2019-11-16T02:30:31Z",
|
||||
"description": "SmartAdmin国内首个以「高质量代码」为核心,「简洁、高效、安全」快速开发平台;基于SpringBoot2/3 + Sa-Token + Mybatis-Plus 和 Vue3 + Vite5 + Ant Design Vue 4.x (同时支持JavaScript和TypeScript双版本);满足国家三级等保要求、支持登录限制、接...",
|
||||
"author": "1024-lab",
|
||||
"language": "Java",
|
||||
"link": "https://github.com/wujun728/jun_api_service",
|
||||
"name": "jun_api_service",
|
||||
"created_at": "2021-07-01T14:43:39Z",
|
||||
"description": "jun_api_service是一个基于我另外一个自定义的starter的动态API框架。项目本身使用技术有SpringBoot+字节码生成执行+动态脚本+动态SQL,可以实时动态生成RESTAPI并动态发布或者热加载。且发布后可动态执行java源码、groovy脚本及SQL脚本...",
|
||||
"author": "wujun728",
|
||||
"language": "JavaScript",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
@ -26,6 +17,15 @@
|
||||
"language": "Java",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/1024-lab/smart-admin",
|
||||
"name": "smart-admin",
|
||||
"created_at": "2019-11-16T02:30:31Z",
|
||||
"description": "SmartAdmin国内首个以「高质量代码」为核心,「简洁、高效、安全」快速开发平台;基于SpringBoot2/3 + Sa-Token + Mybatis-Plus 和 Vue3 + Vite5 + Ant Design Vue 4.x (同时支持JavaScript和TypeScript双版本);满足国家三级等保要求、支持登录限制、接...",
|
||||
"author": "1024-lab",
|
||||
"language": "Java",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/JaveleyQAQ/SQL-Injection-Scout",
|
||||
"name": "SQL-Injection-Scout",
|
||||
@ -36,23 +36,41 @@
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/xiangyuecn/AreaCity-JsSpider-StatsGov",
|
||||
"name": "AreaCity-JsSpider-StatsGov",
|
||||
"created_at": "2018-11-28T05:11:35Z",
|
||||
"description": "省市区县乡镇三级或四级城市数据,带拼音标注、坐标、行政区域边界范围;2025年01月14日最新采集,提供csv格式文件,支持在线转成多级联动js代码、通用json格式,提供软件转成shp、geojson、sql、导入数据库;带浏览器里面运...",
|
||||
"author": "xiangyuecn",
|
||||
"link": "https://github.com/henryxm/autumn",
|
||||
"name": "autumn",
|
||||
"created_at": "2018-10-08T12:12:12Z",
|
||||
"description": "采用Spring、Spring Boot、Redis、MyBatis、Shiro、Druid框架开发,搭载mysql数据。 如果你厌烦了MyBatis中需要手动创建表的事情,这个项目非常适合你,自动为你生成表。 从此你不在需要导入sql文件了,项目初始化变得异常简单,结构清...",
|
||||
"author": "henryxm",
|
||||
"language": "JavaScript",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/zlt2000/microservices-platform",
|
||||
"name": "microservices-platform",
|
||||
"created_at": "2019-03-07T07:13:37Z",
|
||||
"description": "基于SpringBoot2.x、SpringCloud和SpringCloudAlibaba并采用前后端分离的企业级微服务多租户系统架构。并引入组件化的思想实现高内聚低耦合,项目代码简洁注释丰富上手容易,适合学习和企业中使用。真正实现了基于RBAC、jwt和oauth2的...",
|
||||
"author": "zlt2000",
|
||||
"link": "https://github.com/ProbiusOfficial/ssrf-labs",
|
||||
"name": "ssrf-labs",
|
||||
"created_at": "2025-02-17T16:28:50Z",
|
||||
"description": "一个ssrf的综合靶场,包含RCE,SQL注入,Tomcat,Redis,MySQL提权等ssrf攻击场景",
|
||||
"author": "ProbiusOfficial",
|
||||
"language": "Shell",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/suqianjue/sqlmap_gui",
|
||||
"name": "sqlmap_gui",
|
||||
"created_at": "2025-02-18T08:52:30Z",
|
||||
"description": "sqlmap_gui是一款图形界面化的 SQL 注入漏洞测试工具",
|
||||
"author": "suqianjue",
|
||||
"language": "Java",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/Aki-1038/MySQL",
|
||||
"name": "MySQL",
|
||||
"created_at": "2025-03-03T01:22:07Z",
|
||||
"description": "這個頁面展示了 MySQL 的基本功能,包括 QUERY、INSERT、UPDATE 和 DELETE 等 SQL 操作。 請在下方輸入 SQL 查詢,然後點擊「執行」按鈕,查看結果。 注意:這個頁面僅供測試使用,請勿在正式環境中使用。",
|
||||
"author": "Aki-1038",
|
||||
"language": "HTML",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/saoshao/DetSql",
|
||||
"name": "DetSql",
|
||||
@ -63,119 +81,92 @@
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/ClearloveLA/sql-injection-defense",
|
||||
"name": "sql-injection-defense",
|
||||
"created_at": "2025-01-04T10:42:03Z",
|
||||
"description": "基于Node.js和Vue3技术栈,结合MySQL数据库,设计并实现了一个Web应用SQL注入防护系统,旨在解决MySQL数据库在Web应用中面临的SQL注入安全威胁。",
|
||||
"author": "ClearloveLA",
|
||||
"language": "Vue",
|
||||
"link": "https://github.com/toolgood/ToolGood.SQLFirewall",
|
||||
"name": "ToolGood.SQLFirewall",
|
||||
"created_at": "2024-06-21T06:31:42Z",
|
||||
"description": "SQL Firewall, Prevent SQL injection, 防sql注入",
|
||||
"author": "toolgood",
|
||||
"language": "C#",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/henryxm/autumn",
|
||||
"name": "autumn",
|
||||
"created_at": "2018-10-08T12:12:12Z",
|
||||
"description": "采用Spring、Spring Boot、Redis、MyBatis、Shiro、Druid框架开发,搭载mysql数据。 如果你厌烦了MyBatis中需要手动创建表的事情,这个项目非常适合你,自动为你生成表。 从此你不在需要导入sql文件了,项目初始化变得异常简单,结构清...",
|
||||
"author": "henryxm",
|
||||
"link": "https://github.com/gege-circle/.github",
|
||||
"name": ".github",
|
||||
"created_at": "2020-09-20T04:47:25Z",
|
||||
"description": "这里是GitHub的草场,也是戈戈圈爱好者的交流地,主要讨论动漫、游戏、科技、人文、生活等所有话题,欢迎各位小伙伴们在此讨论趣事。This is GitHub grassland, and the community place for Gege circle lovers, mainly discusses anime, games, technology,...",
|
||||
"author": "gege-circle",
|
||||
"language": null,
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/yuqingfang2004/AriaDB-for-SDCs-",
|
||||
"name": "AriaDB-for-SDCs-",
|
||||
"created_at": "2024-12-11T08:17:34Z",
|
||||
"description": "本仓库来自确定性执行数据库AriaDB,在此基础上进行修改,实现了SDC注入(SQL层面)",
|
||||
"author": "yuqingfang2004",
|
||||
"language": "C++",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/steveopen1/ruoyi_vulnscan",
|
||||
"name": "ruoyi_vulnscan",
|
||||
"created_at": "2025-02-23T07:15:22Z",
|
||||
"description": "ruuoyi_vulnscan 是一款基于 Python 和 Tkinter 开发的图形化界面工具,用于检测若依 Vue 框架应用程序中的常见漏洞。该工具提供了多种漏洞检测模块,包括 Swagger 检测、Druid 检测、文件下载漏洞检测、SQL 注入检测、定时任务漏洞检...",
|
||||
"author": "steveopen1",
|
||||
"language": "Python",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/LtmThink/SQLRecorder",
|
||||
"name": "SQLRecorder",
|
||||
"created_at": "2025-02-13T12:20:51Z",
|
||||
"description": "SQLRecorder是一个能够实时记录SQL语句的工具,方便代码审计时对SQL注入的实时关注。(A proxy to record all passing SQL statements.)",
|
||||
"author": "LtmThink",
|
||||
"language": "Go",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/DDL08/directory",
|
||||
"name": "directory",
|
||||
"created_at": "2025-02-10T05:44:39Z",
|
||||
"description": "sql注入或rce或者其他的爆破字典,模糊测试fuzz字典",
|
||||
"author": "DDL08",
|
||||
"language": null,
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main",
|
||||
"name": "WebFrameworkTools-5.1-main",
|
||||
"created_at": "2023-01-08T05:21:26Z",
|
||||
"description": "本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更...",
|
||||
"author": "peiqiF4ck",
|
||||
"language": "C#",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/xiangyuecn/AreaCity-JsSpider-StatsGov",
|
||||
"name": "AreaCity-JsSpider-StatsGov",
|
||||
"created_at": "2018-11-28T05:11:35Z",
|
||||
"description": "省市区县乡镇三级或四级城市数据,带拼音标注、坐标、行政区域边界范围;2025年01月14日最新采集,提供csv格式文件,支持在线转成多级联动js代码、通用json格式,提供软件转成shp、geojson、sql、导入数据库;带浏览器里面运...",
|
||||
"author": "xiangyuecn",
|
||||
"language": "JavaScript",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/AndyWannaSing/trace-canvas",
|
||||
"name": "trace-canvas",
|
||||
"created_at": "2024-12-29T10:39:59Z",
|
||||
"description": "TraceCanvas 是一款专注于基础链路追踪功能的工具,旨在帮助开发者全面监控和分析系统性能。其主要功能包括方法执行树的可视化展示、SQL 操作追踪、HTTP 请求追踪、Redis 操作追踪,以及消息队列(MQ)操作追踪等。此外,TraceC...",
|
||||
"author": "AndyWannaSing",
|
||||
"language": null,
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/Sanandd/---doAction-SQL-",
|
||||
"name": "---doAction-SQL-",
|
||||
"created_at": "2024-12-21T09:39:42Z",
|
||||
"description": "秒优科技-供应链管理系统doAction存在SQL注入漏洞",
|
||||
"author": "Sanandd",
|
||||
"language": null,
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/Sanandd/yongyou",
|
||||
"name": "yongyou",
|
||||
"created_at": "2024-12-21T09:28:22Z",
|
||||
"description": "SQL注入",
|
||||
"author": "Sanandd",
|
||||
"language": "Python",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/jiaqiwang8/wjq-goods",
|
||||
"name": "wjq-goods",
|
||||
"created_at": "2024-12-21T09:03:52Z",
|
||||
"description": "微商城系统 goods.php SQL注入漏洞",
|
||||
"author": "jiaqiwang8",
|
||||
"language": null,
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/zhang-nan666/-HCM-LoadOtherTreeServlet-SQL-",
|
||||
"name": "-HCM-LoadOtherTreeServlet-SQL-",
|
||||
"created_at": "2024-12-21T08:49:32Z",
|
||||
"description": "宏景HCM-LoadOtherTreeServlet SQL注入检测",
|
||||
"author": "zhang-nan666",
|
||||
"language": null,
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/zhang-nan666/-FE-apprvaddNew.jsp-SQL-",
|
||||
"name": "-FE-apprvaddNew.jsp-SQL-",
|
||||
"created_at": "2024-12-21T08:48:44Z",
|
||||
"description": "某远互联FE协作办公平台 apprvaddNew.jsp SQL注入漏洞",
|
||||
"author": "zhang-nan666",
|
||||
"language": null,
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/ayy138/SpringBlade_Sql",
|
||||
"name": "SpringBlade_Sql",
|
||||
"created_at": "2024-12-21T08:34:10Z",
|
||||
"description": "SpringBlade tenant/list SQL 注入漏洞复现及POC",
|
||||
"author": "ayy138",
|
||||
"language": "Python",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/Ning-0223/-HCM-LoadOtherTreeServlet-SQL-",
|
||||
"name": "-HCM-LoadOtherTreeServlet-SQL-",
|
||||
"created_at": "2024-12-21T07:54:40Z",
|
||||
"description": "宏景HCM-LoadOtherTreeServlet SQL注入 ",
|
||||
"author": "Ning-0223",
|
||||
"language": "Python",
|
||||
"keyword": "sql注入"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/20142995/wxvl",
|
||||
"name": "wxvl",
|
||||
"created_at": "2024-11-16T11:21:28Z",
|
||||
"description": "复现|漏洞|CVE|CNVD|POC|EXP|0day|1day|nday等相关微信文章收集",
|
||||
"author": "20142995",
|
||||
"link": "https://github.com/PstarSec/AI-Ollama",
|
||||
"name": "AI-Ollama",
|
||||
"created_at": "2025-03-07T04:46:28Z",
|
||||
"description": "Ollama 未授权访问【CNVD-2025-04094】验证脚本",
|
||||
"author": "PstarSec",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/20142995/CNVD_crawler",
|
||||
"name": "CNVD_crawler",
|
||||
"created_at": "2024-09-02T10:54:53Z",
|
||||
"description": null,
|
||||
"author": "20142995",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/liuguolong139/CNVD-2024-33023",
|
||||
"name": "CNVD-2024-33023",
|
||||
"created_at": "2025-01-16T04:46:44Z",
|
||||
"description": "CNVD-2024-33023 Python poc",
|
||||
"author": "liuguolong139",
|
||||
"link": "https://github.com/KzNight/CNVD-2025-04094-ollama_unauth",
|
||||
"name": "CNVD-2025-04094-ollama_unauth",
|
||||
"created_at": "2025-03-04T07:06:13Z",
|
||||
"description": "国家信息安全漏洞共享平台(CNVD)收录了Ollama未授权访问漏洞(CNVD-2025-04094)。未经授权的攻击者可以远程访问Ollama服务接口执行敏感资产获取、虚假信息投喂、拒绝服务等恶意操作",
|
||||
"author": "KzNight",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
@ -188,6 +179,51 @@
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/Ellison-zhang/cnvd_spider",
|
||||
"name": "cnvd_spider",
|
||||
"created_at": "2025-02-12T05:59:31Z",
|
||||
"description": null,
|
||||
"author": "Ellison-zhang",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/phtcloud-dev/CVE-2024-36837",
|
||||
"name": "CVE-2024-36837",
|
||||
"created_at": "2024-06-15T16:44:51Z",
|
||||
"description": "CVE-2024-36837 | CNVD-2024-30128 POC",
|
||||
"author": "phtcloud-dev",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/phtcloud-dev/CVE-2024-39199",
|
||||
"name": "CVE-2024-39199",
|
||||
"created_at": "2024-06-18T16:36:12Z",
|
||||
"description": "CVE-2024-39119 | CNVD-2024-31551 POC",
|
||||
"author": "phtcloud-dev",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/shagongz/CNVD_Crawler",
|
||||
"name": "CNVD_Crawler",
|
||||
"created_at": "2025-02-05T07:28:32Z",
|
||||
"description": "CNVD的简单爬虫",
|
||||
"author": "shagongz",
|
||||
"language": null,
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/liuguolong139/CNVD-2024-33023",
|
||||
"name": "CNVD-2024-33023",
|
||||
"created_at": "2025-01-16T04:46:44Z",
|
||||
"description": "CNVD-2024-33023 Python poc",
|
||||
"author": "liuguolong139",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/j8agent/CNVD-2024-15077--AJ-Report-RCE--",
|
||||
"name": "CNVD-2024-15077--AJ-Report-RCE--",
|
||||
@ -295,41 +331,5 @@
|
||||
"author": "youxox",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/mesyedjunaidali/cnvdetection",
|
||||
"name": "cnvdetection",
|
||||
"created_at": "2024-07-16T05:57:09Z",
|
||||
"description": null,
|
||||
"author": "mesyedjunaidali",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/bxxiaoxiong/cnvd_fofa_assets",
|
||||
"name": "cnvd_fofa_assets",
|
||||
"created_at": "2024-07-12T15:22:03Z",
|
||||
"description": "通过爱企查和FOFA接口获取注册资本大于5000w公司的公网通用系统,方便获得CNVD证书 在搜索公网资产数量的基础上增加使用fid参数查询,结果更精准",
|
||||
"author": "bxxiaoxiong",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/rtwen/cnvdst",
|
||||
"name": "cnvdst",
|
||||
"created_at": "2018-12-01T08:36:53Z",
|
||||
"description": "Copy number variant detection softawre",
|
||||
"author": "rtwen",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/RowtonSD/cnvdb",
|
||||
"name": "cnvdb",
|
||||
"created_at": "2024-03-14T08:17:22Z",
|
||||
"description": "Handles conversion between XLS, DB2, and external SQL DB sources via python dataframes",
|
||||
"author": "RowtonSD",
|
||||
"language": "Python",
|
||||
"keyword": "cnvd"
|
||||
}
|
||||
]
|
||||
@ -4,11 +4,5 @@
|
||||
"published_at": "2021-11-01T08:54:13Z",
|
||||
"author": "BeichenDream",
|
||||
"keyword": "BeichenDream/Godzilla"
|
||||
},
|
||||
{
|
||||
"link": "https://github.com/wy876/POC/releases/tag/POC20241228",
|
||||
"published_at": "2024-12-29T09:00:56Z",
|
||||
"author": "wy876",
|
||||
"keyword": "wy876/POC"
|
||||
}
|
||||
]
|
||||
@ -7,14 +7,5 @@
|
||||
"author": "beichen",
|
||||
"link_2": "https://github.com/BeichenDream/Godzilla/commit/a5558e6c37139ebb0b7b4491dc3ea7ce8d8f9e49",
|
||||
"keyword": "BeichenDream/Godzilla"
|
||||
},
|
||||
{
|
||||
"link": "https://api.github.com/wy876/POC",
|
||||
"name": "wy876/POC",
|
||||
"updated_at": "2025-01-07T07:14:02Z",
|
||||
"description": "Update README.md",
|
||||
"author": "wy876",
|
||||
"link_2": "https://github.com/wy876/POC/commit/9eefec0a4c311a412a86ab83bef3a25d3cb1766d",
|
||||
"keyword": "wy876/POC"
|
||||
}
|
||||
]
|
||||
@ -0,0 +1,11 @@
|
||||
[
|
||||
{
|
||||
"link": "https://github.com/su18/POC",
|
||||
"name": "POC",
|
||||
"created_at": "2023-01-08T01:56:47Z",
|
||||
"description": "收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1400多个poc/exp,长期更新。",
|
||||
"author": "su18",
|
||||
"language": null,
|
||||
"keyword": "su18"
|
||||
}
|
||||
]
|
||||
@ -1,72 +1,72 @@
|
||||
[
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4063",
|
||||
"title": "2.35版本以下堆沙盒绕过模板总结带例题",
|
||||
"description": "总结了2.35版本以下堆沙盒绕过的各种模板,包括2.27,2.29,2.31的原理和模板还有对应例题",
|
||||
"guid": "https://forum.butian.net/share/4191",
|
||||
"title": "从域认证协议以及密码凭据机制的角度来看内网渗透",
|
||||
"description": "本文记录了内网渗透中主机之间的认证以及横向,域渗透相关的协议以及思路的多种方式,",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-22 10:00:02"
|
||||
"pubDate": "2025-03-14 09:00:00"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4062",
|
||||
"title": "巧用Chrome-CDP远程调用Debug突破JS逆向",
|
||||
"description": "CDP远程调用非常方便,他允许我们直接可以通过代码来操作浏览器完成一系列行为,希望通过我的这篇文章让师傅们对其有一定了解,学习并赋能与我们的渗透测试与安全研究工作之中,提升效率!",
|
||||
"guid": "https://forum.butian.net/share/4181",
|
||||
"title": "XSS防御-揭秘Unicode溢出与CSP Bypass",
|
||||
"description": "Unicode溢出与CSP Bypass",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-22 09:00:01"
|
||||
"pubDate": "2025-03-13 09:00:01"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4060",
|
||||
"title": "windows com组件模糊测试入门",
|
||||
"description": "windows com组件模糊测试入门\r\n什么是windows com组件\r\ncom全称是Component Object Model,即组件对象模型。按照微软官方的说法,COM 是一个平台无关的、分布式的、面向对象的系统,用于创建可交...",
|
||||
"guid": "https://forum.butian.net/share/4170",
|
||||
"title": "一次渗透过程中的CVE-2022-45460撞洞RCE",
|
||||
"description": "在一次渗透中我们遇到了雄迈(XiongMai)的uc-httpd,这是一款被全球无数网络摄像机使用的轻量级Web服务器。根据Shodan的数据,大约有7万个该软件的实例在互联网上公开暴露。尽管这款软件存在严...",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-21 10:00:02"
|
||||
"pubDate": "2025-03-12 09:00:02"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4055",
|
||||
"title": "实战 | 微信小程序EDUSRC渗透漏洞复盘",
|
||||
"description": "这里给师傅们总结下我们在进行漏洞挖掘过程中需要注意的细节,比如我们在看到一个功能点多个数据包的时候,我们需要去挨个分析里面的数据包构造,进而分析数据包的走向,去了解数据包的一个业务逻辑,特别是微信小程序",
|
||||
"guid": "https://forum.butian.net/share/4190",
|
||||
"title": "记一次某大厂csrf漏洞通过蠕虫从低危到高危",
|
||||
"description": "本文记载了笔者src漏洞挖掘的经历,如何将一个简单的csrf提高至高危的程度",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-21 08:00:02"
|
||||
"pubDate": "2025-03-11 09:00:00"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4050",
|
||||
"title": "浅谈恶意样本の反沙箱分析",
|
||||
"description": "说实话单纯的静态免杀其实不是很难,只要通过足够新颖的加壳手段就能够成功将木马加载到内存中,但是抵御不了蓝队(比如微步云沙箱)使用沙箱的动态分析,所以通常只能够免杀小一天就上传了病毒库,从而免杀失效了。\r\n\r\n本文就是来介绍几种反沙箱的思路来帮助红队搞出耐得住沙箱考验的payload",
|
||||
"guid": "https://forum.butian.net/share/4168",
|
||||
"title": "掌握Django隐秘漏洞:构建内存马,实现命令执行",
|
||||
"description": "内存马作为一种常见的攻击与权限维持手段,往往多见于Java Web应用中,Django在日常开发中使用频率较高的框架,今天来探寻在Python Web场景下的内存马",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-20 10:00:00"
|
||||
"pubDate": "2025-03-10 17:38:25"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4053",
|
||||
"title": "在 JSP 中优雅的注入 Spring 内存马",
|
||||
"description": "JSP 下注入 Spring 内存马 & Spring Hack 无条件的一种方法",
|
||||
"guid": "https://forum.butian.net/share/4134",
|
||||
"title": "使用分支对抗进行webshell bypass",
|
||||
"description": "使用分支对抗进行webshell bypass",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-20 09:00:00"
|
||||
"pubDate": "2025-03-10 11:17:55"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4048",
|
||||
"title": "探寻Bottle框架内存马",
|
||||
"description": "在某次测试时候 碰见了一个叫bottle的框架 于是探寻了下在实际中可应用的注入内存马的方法",
|
||||
"guid": "https://forum.butian.net/share/4162",
|
||||
"title": "论如何从发现者视角看 apache solr 的 js 代码执行漏洞",
|
||||
"description": "平时分析和复现了很多 cve,但是一遇到逻辑稍微复杂的,漏洞通告给的位置不是很详细的,代码 diff 很冗杂的,分析起来就会很困难,然后这时候其实就是需要耐心和思维逻辑了,这次花了接近一周的时间来了解这个漏洞,其实这个漏洞倒是不重要,就是逼着自己去锻炼思维和看官方文档的能力,让自己尽量接近发现者的视角,虽然这个漏洞很老,但是我还是感觉发现它的人真的很厉害,前后的分析过程也是花费了整整一周",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-17 10:00:01"
|
||||
"pubDate": "2025-03-10 10:00:01"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4046",
|
||||
"title": "使用汇编代码实现反向shell",
|
||||
"description": "本章为笔者在学习过程中的学习记录,其目的是使用python的keystone引擎来一步步实现一个完整的反向shell,这种方法相对麻烦,但主要是为了理解汇编代码的运行过程。",
|
||||
"guid": "https://forum.butian.net/share/4171",
|
||||
"title": "vaadin反序列化链挖掘:tabby静态分析实践",
|
||||
"description": "在学习前面几条链子的基础上,结合静态分析工具在前面的基础上的一些小发现,包括vaadin的新利用方式以及对tabby的检测缺陷的总结",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-17 09:00:00"
|
||||
"pubDate": "2025-03-07 09:00:01"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4041",
|
||||
"title": "Pipe管道利用",
|
||||
"description": "关于Pipe管道的安全技术分享",
|
||||
"guid": "https://forum.butian.net/share/4178",
|
||||
"title": "Tomcat内存马之Upgrade构建调试分析",
|
||||
"description": "在现今攻防演练日趋常态化和网络安全检测设备检测技术越来越成熟的大环境下,传统的以文件形式驻留的后门文件极其容易检测查杀到,随之\"内存马\"技术开始登上历史的舞台。在JAVA安全知识体系中JAVA内存马也是必须要学习的一个关键板块,本篇文章主要介绍Tomcat-Upgrade型内存马",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-16 09:30:00"
|
||||
"pubDate": "2025-03-06 09:00:02"
|
||||
},
|
||||
{
|
||||
"guid": "https://forum.butian.net/share/4045",
|
||||
"title": "x86_shellcode的一些总结",
|
||||
"description": "本文章会涉及到各种shellcode的原理和撰写,然后还有可见字符串漏洞的撰写和原理,以及工具梭哈和 一些针对不同orw情况的模板shellcode",
|
||||
"guid": "https://forum.butian.net/share/4173",
|
||||
"title": ".Net Core下的内存马",
|
||||
"description": "在审计了一套.net core的CMS后的扩展延伸",
|
||||
"source": "subject",
|
||||
"pubDate": "2025-01-16 09:00:00"
|
||||
"pubDate": "2025-03-05 09:00:00"
|
||||
}
|
||||
]
|
||||
@ -1,122 +1,122 @@
|
||||
[
|
||||
{
|
||||
"title": "盘点 2024 年备受关注的那些高风险漏洞\n",
|
||||
"link": "https://paper.seebug.org/3268/",
|
||||
"description": "作者:知道创宇404实验室\n2024年,网络安全领域接连曝出了一系列高危漏洞,这些漏洞不仅影响范围广泛,而且破坏力极大,对全球的网络安全构成了严峻挑战。以下是我们从今年的安全漏洞应急中总结出的一些颇具危害性和影响力的网络安全漏洞,排名不分先后,当然,我们也从Seebug漏洞平台访问数据和ZoomEye网络空间搜索引擎对应搜索出来的受影响量级中筛选出了排名相对靠前的漏洞,附在文末供大家参考。通...\n",
|
||||
"pubDate": "Tue, 21 Jan 2025 07:17:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3268/",
|
||||
"category": "404专栏"
|
||||
},
|
||||
{
|
||||
"title": "Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military - related bait to launch attacks on Russia\n",
|
||||
"link": "https://paper.seebug.org/3270/",
|
||||
"description": "Author:Knownsec 404 Advanced Threat Intelligence team\nDate: January 21, 2025\n中文版:https://paper.seebug.org/3269\nRecently, our team discovered attack samples targeting Russian-speaking targets during...\n",
|
||||
"pubDate": "Tue, 21 Jan 2025 02:17:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3270/",
|
||||
"category": "威胁情报"
|
||||
},
|
||||
{
|
||||
"title": "战争下的相爱相杀,疑似GamaCopy组织利用军事诱饵对俄发起攻击\n",
|
||||
"link": "https://paper.seebug.org/3269/",
|
||||
"description": "作者:知道创宇404高级威胁情报团队\n英文版:https://paper.seebug.org/3270\n近期,团队在威胁狩猎过程中,发现了针对俄语区目标的攻击样本。团队还关联到另外一个样本,两个样本在运行流程是一致的,并且使用的诱饵主题也是相同的。\n通过对样本的分析和关联,本次样本具备以下特点:\n\n利用军事设施相关内容为诱饵发起攻击。\n使用7z自解压程序(SFX)释放和加载后续载荷。\n利用...\n",
|
||||
"pubDate": "Mon, 20 Jan 2025 09:25:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3269/",
|
||||
"category": "威胁情报"
|
||||
},
|
||||
{
|
||||
"title": "探索大型语言模型在Android恶意软件语义分析与分类中的应用\n",
|
||||
"link": "https://paper.seebug.org/3267/",
|
||||
"description": "作者:Brandon J Walton, Mst Eshita Khatun, James M Ghawaly, Aisha Ali-Gombe.\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/abs/2501.04848\n摘要\n恶意软件分析是一项复杂的过程,涉及对恶意软件功能、来源和潜在影响的检查与评估。通常,这一艰巨的任务需要对软件进行详细剖析,以理解其...\n",
|
||||
"pubDate": "Tue, 14 Jan 2025 06:48:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3267/",
|
||||
"title": "机器学习的逻辑回归模型\n",
|
||||
"link": "https://paper.seebug.org/3303/",
|
||||
"description": "\n\n\n .katex img {\n display: block;\n position: absolute;\n width: 100%;\n height: inherit;\n }\n\n作者:0x7F@知道创宇404实验室\n日期:2025年2月28日\n1. 前言\n在「机器学习的线性回归模型」文章中,我们学习了监督学习中如何使用线性回归模型拟合连...\n",
|
||||
"pubDate": "Thu, 13 Mar 2025 07:37:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3303/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "Self-changing Data Type - CVE-2024-40676 漏洞分析\n",
|
||||
"link": "https://paper.seebug.org/3266/",
|
||||
"description": "作者:canyie\n原文链接:https://blog.canyie.top/2024/11/07/self-changing-data-type/\n今年 10 月份的时候,Android 安全公告用 CVE-2024-40676 的编号公布了一个很奇怪的 patch。 \nAccountManagerService checkKeyIntent() 负责检查 account authent...\n",
|
||||
"pubDate": "Fri, 10 Jan 2025 08:46:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3266/",
|
||||
"title": "「深蓝洞察」2024年度最憋屈的漏洞披露\n",
|
||||
"link": "https://paper.seebug.org/3304/",
|
||||
"description": "作者:DARKNAVY\n原文链接:https://mp.weixin.qq.com/s/Y8-wT88VnLeMUiD-HssPyw\n在网络安全领域,漏洞披露一直被视为保护用户的重要环节,但在现实中,这一过程却充满了争议和矛盾。究竟什么才算得上“负责任的披露”?当厂商在信息公开和补丁发布上占据主导地位,而安全研究者则需要耗费大量精力进行沟通与博弈,这一模式是否还能真正实现保护用户安全的初衷?...\n",
|
||||
"pubDate": "Wed, 12 Mar 2025 08:28:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3304/",
|
||||
"category": "经验心得"
|
||||
},
|
||||
{
|
||||
"title": "「深蓝洞察」2024年度最“安全”的防线\n",
|
||||
"link": "https://paper.seebug.org/3302/",
|
||||
"description": "作者:DARKNAVY\n原文链接:https://mp.weixin.qq.com/s/LaM5iz_EKbAK_lkaAcBshw\n在攻防对抗日益激烈的2024年,安全软件一直被视为企业安全防线的重要基石。然而,这些安全软件本身也可能存在漏洞,甚至被攻击者利用作为入侵的跳板来对用户造成危害。多年来,因为安全软件而导致的事故不禁让人产生一个疑问——安全软件真的可信吗?\n安全软件被滥用为攻击工...\n",
|
||||
"pubDate": "Tue, 11 Mar 2025 08:39:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3302/",
|
||||
"category": "经验心得"
|
||||
},
|
||||
{
|
||||
"title": "「深蓝洞察」2024年度最难以阻挡的攻防趋势\n",
|
||||
"link": "https://paper.seebug.org/3301/",
|
||||
"description": "作者:DARKNAVY\n原文链接:https://mp.weixin.qq.com/s/lUA03YjBiCAatcJh-bUHEQ\n近年来,漏洞攻防不断演进。从多年前仅需一个栈溢出就能攻破系统,到如今需要运用各种精妙的手法来突破系统的层层防御。“盾”与“矛”始终处于动态对抗:每当新的防御措施出现,新的攻击手段随之而来。防御机制的升级促使攻击者寻找新的突破口,而攻击方法的创新又推动着防御技术...\n",
|
||||
"pubDate": "Mon, 10 Mar 2025 08:19:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3301/",
|
||||
"category": "经验心得"
|
||||
},
|
||||
{
|
||||
"title": "机器学习的线性回归模型\n",
|
||||
"link": "https://paper.seebug.org/3300/",
|
||||
"description": "\n\n\n .katex img {\n display: block;\n position: absolute;\n width: 100%;\n height: inherit;\n }\n\n作者:0x7F@知道创宇404实验室\n日期:2025年2月28日 \n1. 前言\n跟随着 ChatGPT 等大语言模型掀起的人工智能的浪潮,在这个时间点学习 A...\n",
|
||||
"pubDate": "Fri, 07 Mar 2025 07:22:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3300/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "Llama 的悖论:深入探索 Llama.cpp 的堆迷宫,从堆溢出到远程代码执行\n",
|
||||
"link": "https://paper.seebug.org/3299/",
|
||||
"description": "作者:Patrick Peng \n译者:知道创宇404实验室翻译组\n原文链接:https://retr0.blog/blog/llama-rpc-rce\n我一直对 Llama.cpp 情有独钟,它堪称我在人工智能与机器学习研究领域孜孜以求的“终极目标”。不仅如此,能在如此复杂且成熟的人工智能项目中挖掘出堆栈/堆溢出导致的远程代码执行漏洞,听起来就格外酷炫。当然,我内心深处渴望在人工智能项目中...\n",
|
||||
"pubDate": "Thu, 06 Mar 2025 06:27:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3299/",
|
||||
"category": "漏洞分析"
|
||||
},
|
||||
{
|
||||
"title": "基于差分隐私的检索增强生成\n",
|
||||
"link": "https://paper.seebug.org/3265/",
|
||||
"description": "作者:Nicolas Grislain\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/html/2412.19291v1#Sx4\n摘要\n检索增强生成(Retrieval-Augmented Generation, RAG)已成为为大型语言模型(Large Language Models, LLM)提供最新且相关上下文的主流技术。这一技术可以缓解模型生成不准确...\n",
|
||||
"pubDate": "Thu, 02 Jan 2025 07:44:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3265/",
|
||||
"title": "Emoji攻击:增强针对Judge LLMs检测的越狱攻击\n",
|
||||
"link": "https://paper.seebug.org/3297/",
|
||||
"description": "作者:Zhipeng Wei, Yuqi Liu, N. Benjamin Erichson\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/html/2411.01077v2\n摘要\n越狱(Jailbreaking)技术可以欺骗大型语言模型(LLMs),使其生成受限制的输出,从而构成严重威胁。其中一种防御方法是使用另一个 LLM 作为 Judge(裁判)来评估...\n",
|
||||
"pubDate": "Tue, 04 Mar 2025 09:37:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3297/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "Qemu重入漏洞梳理 & CVE-2024-3446分析\n",
|
||||
"link": "https://paper.seebug.org/3264/",
|
||||
"description": "作者:华为安全应急响应中心\n原文链接:https://mp.weixin.qq.com/s/gWK5JwzLz8qdfG4VUJqVhA\n1 简介\n主要是分析CVE-2024-3446漏洞的成因和漏洞的补丁,以及之前的补丁为何失效,顺便对Qemu历史重入漏洞进行了分析梳理\n2 时间线\n\n\n2020/07/21 e1000e重入导致的UAF(还没归为重入问题)\n\n\n2021/08/23 重入漏...\n",
|
||||
"pubDate": "Mon, 30 Dec 2024 07:35:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3264/",
|
||||
"category": "漏洞分析"
|
||||
},
|
||||
{
|
||||
"title": "使用开源大语言模型将安全通告与易受攻击的函数配对\n",
|
||||
"link": "https://paper.seebug.org/3263/",
|
||||
"description": "作者:Trevor Dunlap, John Speed Meyers, Bradley Reaves, and William Enck.\n译者:知道创宇404实验室翻译组\n原文链接:https://www.enck.org/pubs/dunlap-dimva24.pdf\n摘要\n随着对开源软件依赖性的需求不断增加,管理这些依赖中的安全漏洞变得愈加复杂。当前最先进的工业工具通过代码的可达性分...\n",
|
||||
"pubDate": "Mon, 30 Dec 2024 06:34:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3263/",
|
||||
"title": "模型序列化攻击\n",
|
||||
"link": "https://paper.seebug.org/3298/",
|
||||
"description": "译者:知道创宇404实验室翻译组\n原文链接:https://github.com/protectai/modelscan/blob/main/docs/model_serialization_attacks.md\n机器学习(ML)模型是基于机器学习的应用程序的核心资产。安全地存储和检索模型对成功至关重要。根据使用的机器学习库,模型可以以多种常见格式保存。流行的选择包括:Pickle、HDF5...\n",
|
||||
"pubDate": "Tue, 04 Mar 2025 07:09:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3298/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "假 Zoom 会议钓鱼分析\n",
|
||||
"link": "https://paper.seebug.org/3262/",
|
||||
"description": "作者:Reborn, Lisa@慢雾安全团队\n原文链接:https://mp.weixin.qq.com/s/bPGbEdTCKaM9uJhaRXlO6A\n背景\n近期,X 上多位用户报告了一种伪装成 Zoom 会议链接的钓鱼攻击手法,其中一受害者在点击恶意 Zoom 会议链接后安装了恶意软件,导致加密资产被盗,损失规模达百万美元。在此背景下,慢雾安全团队对这类钓鱼事件和攻击手法展开分析,并追...\n",
|
||||
"pubDate": "Fri, 27 Dec 2024 07:08:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3262/",
|
||||
"category": "情报分析"
|
||||
},
|
||||
{
|
||||
"title": "[Agent]WKM:在智能代理中注入世界知识\n",
|
||||
"link": "https://paper.seebug.org/3261/",
|
||||
"description": "作者:简单的机器学习\n原文链接:https://mp.weixin.qq.com/s/2pn3QGLWWbG5yW-G2Ap9Yg\n在面对特定任务时,人们往往会首先利用丰富的先验知识在大脑中简要演练整个过程,然后再执行无意识的动作。称这种知识为全局任务知识(也称为环境/任务常识)。此外,在任务过程中,心智世界知识模型会不断维持一种局部状态知识,代表人类对当前世界状态的认知。例如,想象你在一个...\n",
|
||||
"pubDate": "Thu, 26 Dec 2024 07:28:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3261/",
|
||||
"title": "关于 Chat Template 注入方式的学习\n",
|
||||
"link": "https://paper.seebug.org/3296/",
|
||||
"description": "作者: dawu@知道创宇404实验室\n日期: 2025年2月28日 \n1. 前言\n伴随着年后 DeepSeek R1 模型的火热,号称能运行 DeepSeek R1 “满血版” 的 Ktransformers 框架也受到了大量关注。在使用该框架和阅读相关源码时,我发现框架在借助聊天模版(chat template) 将用户输入转化为输入模型的 token 列表的过程中,可能会存在类似于拼...\n",
|
||||
"pubDate": "Mon, 03 Mar 2025 06:35:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3296/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "卡巴斯基禁令之后的影响\n",
|
||||
"link": "https://paper.seebug.org/3260/",
|
||||
"description": "作者:Pedro Umbelino, Jake Olcott\n译者:知道创宇404实验室翻译组\n原文链接:https://www.bitsight.com/blog/aftermath-kaspersky-ban\n在2024年春,全球对供应链风险的担忧日益加剧,对技术供应商的信任和可靠性问题也愈发凸显。在这样的背景下,美国对俄罗斯的杀毒软件巨头卡巴斯基实验室下了禁令,禁止其产品进入美国市场。...\n",
|
||||
"pubDate": "Wed, 25 Dec 2024 02:52:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3260/",
|
||||
"category": "情报分析"
|
||||
},
|
||||
{
|
||||
"title": "以大模型为目标的威胁攻击与安全思考\n",
|
||||
"link": "https://paper.seebug.org/3259/",
|
||||
"description": "作者:启明星辰ADLab\n原文链接:https://mp.weixin.qq.com/s/YL37d_PjiFJkarEjcrTdiA\n一、概 述\n自2023年以来,以ChatGPT为代表的大语言模型(LLM)向人们展现出了人工智能所具有的无限潜力,为各行业带来了全新的发展模式和生产力提升。以大语言模型为基础的智能平台及系统也逐渐成为国家和企业的一种重要的基础设施,面对这样一种全新的基础设施...\n",
|
||||
"pubDate": "Mon, 23 Dec 2024 08:21:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3259/",
|
||||
"title": "从零开始搭建:基于本地 DeepSeek 的 Web 蜜罐自动化识别\n",
|
||||
"link": "https://paper.seebug.org/3295/",
|
||||
"description": "作者:wh0am1i@知道创宇404实验室\n日期:2025年2月28日 \n1. 前言\npocsuite3 框架可以通过 --dork 或 --dork-zoomeye 参数获取 ZoomEye 网络空间测绘平台的搜索引擎数据。但随着近几年网络空间领域的攻防对抗升级,导致网络空间中存在大量的蜜罐。为了过滤掉这些蜜罐,ZoomEye 中加入了自动标注蜜罐的识别算法, 同时 pocsuite3 ...\n",
|
||||
"pubDate": "Fri, 28 Feb 2025 06:18:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3295/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "趋利避害的大模型行为:伪对齐\n",
|
||||
"link": "https://paper.seebug.org/3258/",
|
||||
"description": "作者:Ryan Greenblatt, Carson Denison等\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/abs/2412.14093v1\n摘要\n我们在此呈现了一项关于大型语言模型在训练过程中进行“对齐伪装”行为的演示:该模型有选择地遵从其训练目标,以防止其行为在训练之外被改变。具体来说,我们首先向Claude 3 Opus模型提供了一个系统提示...\n",
|
||||
"pubDate": "Mon, 23 Dec 2024 03:06:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3258/",
|
||||
"title": "DeepSeek 启示:深度揭秘基于 PTX 的 GPU 底层优化技术\n",
|
||||
"link": "https://paper.seebug.org/3294/",
|
||||
"description": "作者:启明星辰ADLab\n原文链接:https://mp.weixin.qq.com/s/FVVes7UIK_OORUk3fXy9mQ\n一、概述\n近日,DeepSeek连续不断地开源了多个项目,一时间引发了关于GPU底层优化的热潮,这在如今国内算力被广泛打压的背景下,给我国在现代高性能计算(HPC)和人工智能(AI)领域带来了希望,其中尤其引人瞩目的是关于底层PTX优化技术引入,这在一定程度...\n",
|
||||
"pubDate": "Thu, 27 Feb 2025 07:24:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3294/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "找出披着羊皮的狼:通过文本摘要技术破解对抗性文本到图像提示\n",
|
||||
"link": "https://paper.seebug.org/3257/",
|
||||
"description": "作者:Portia Cooper, Harshita Narnoli, Mihai Surdeanu\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/pdf/2412.12212\n摘要\n文本到图像模型常常遭受一种称为“分而治之攻击”(DACA)的逐步攻击,该攻击通过大型语言模型将敏感文本包装在看似无害的叙述中,以隐藏不当内容。为了有效抵御这种逐步DACA攻击,...\n",
|
||||
"pubDate": "Fri, 20 Dec 2024 07:43:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3257/",
|
||||
"title": "银狐突袭!DeepSeek本地化部署暗藏“致命陷阱”\n",
|
||||
"link": "https://paper.seebug.org/3293/",
|
||||
"description": "作者:启明星辰ADLab\n原文链接:https://mp.weixin.qq.com/s/VUzwaR7eti2YoNebGFz80A\n一、前言\n近期,国产大模型DeepSeek凭借其高效的推理能力、创新性的优化技术、低门槛本地化部署能力、灵活的开源商业授权等,迅速成为开源生态中的“现象级选手”。然而,技术普及的加速期往往伴随着网络安全攻防对抗的升级。当前,大量政府、企业和个人开发者在基于D...\n",
|
||||
"pubDate": "Thu, 27 Feb 2025 02:47:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3293/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "探索 AI 驱动的网络安全框架:深度学习技术、GPU 支持和未来增强\n",
|
||||
"link": "https://paper.seebug.org/3255/",
|
||||
"description": "作者:Tobias Becher, Simon Torka\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/pdf/2412.12648\n摘要\n传统的基于规则的网络安全系统在防御已知恶意软件方面表现出色,但面对新型威胁,它们却显得力不从心。为应对这一挑战,新一代网络安全系统开始融合人工智能技术,尤其是深度学习算法,以提升其识别事件、分析警报和响应安全事件的能力...\n",
|
||||
"pubDate": "Fri, 20 Dec 2024 01:14:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3255/",
|
||||
"title": "使用 DeepSeek-R1 在固件漏洞挖掘领域的新实践\n",
|
||||
"link": "https://paper.seebug.org/3292/",
|
||||
"description": "作者:启明星辰ADLab\n原文链接:https://mp.weixin.qq.com/s/rZ4iGXs2O_xYD1yEOyu3CQ\n1. 前言\n在数字化时代,固件是硬件设备的核心软件组件,直接控制着硬件的运行状态和功能,其安全性至关重要。一旦固件存在安全漏洞,黑客即可利用来攻击设备的运行或者控制设备发起其它网络攻击,典型有Mirai病毒利用设备固件漏洞发起大规模的分布式拒绝服务。因此,挖...\n",
|
||||
"pubDate": "Wed, 26 Feb 2025 07:20:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3292/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "Fuzz 工作流解析与 AI 引入方案分享\n",
|
||||
"link": "https://paper.seebug.org/3291/",
|
||||
"description": "作者:ghost461@知道创宇404实验室\n时间:2025年2月26日\n本文为知道创宇404实验室内部分享沙龙“404 Open Day”的议题内容,作为目前团队AI安全研究系列的一部分,分享出来与大家一同交流学习。\n1. 概述\n本文受 Google 安全博客的《Leveling Up Fuzzing: Finding more vulnerabilities with AI》启发,结合自...\n",
|
||||
"pubDate": "Wed, 26 Feb 2025 06:10:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3291/",
|
||||
"category": "AI安全"
|
||||
},
|
||||
{
|
||||
"title": "「深蓝洞察」2024年度最悲剧的后门\n",
|
||||
"link": "https://paper.seebug.org/3290/",
|
||||
"description": "作者:DARKNAVY\n原文链接:https://mp.weixin.qq.com/s/BZtSTpTQbNiAY_KDhnqc8Q\n“看到了软件的源码,就意味着没有后门吗?”\n1983年的图灵奖颁奖仪式上,Ken Thompson抛出了这个问题。作为历史上唯三在40岁以下获得图灵奖的传奇之一,他在获奖演讲中向听众展示了如何通过在编译器中植入后门来骇入由无害源码编译得到的Unix系统。Ken...\n",
|
||||
"pubDate": "Tue, 25 Feb 2025 09:17:00 +0000",
|
||||
"guid": "https://paper.seebug.org/3290/",
|
||||
"category": "经验心得"
|
||||
}
|
||||
]
|
||||
@ -1,434 +1,413 @@
|
||||
{
|
||||
"银行测试": [
|
||||
{
|
||||
"title": "一周内连续三家美国银行“爆雷”!会否演变成金融危机?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-31xeF5tPKwMYK6EhXVOSA6VqXa8Fplpd9eGY9uACgt2whpM3uArsKJhtPcW3yngI2os4opoqkJ3CVlyQRDaV_HvuZGgEiqH5qWVyu8f-CdizGGuzUBaUw7bsimoDXdO0tkjwoWmP-IR9FiZxR7Rc1qNIqBowcxeVnIZeM8ubsGmWg6T-TWZRp5hMz8sMk5-v1orwBepw7bhs5eBgmN3LoYQ..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=4B41706ADC842F9947407703731705C747D32AAD67D3A540",
|
||||
"description": "“压力测试本是帮助银行评估资产风险的有效手段,这(监管“松绑”)为硅谷银行的关闭埋下了伏笔.”新加坡国立大学客座教授白...",
|
||||
"author": "新华网思客",
|
||||
"pubDate": "2023-03-16 10:44:22"
|
||||
},
|
||||
{
|
||||
"title": "工商银行福建自贸试验区平潭片区分行、福州分行、福州鼓楼支行被处罚 累计罚款130万元",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZVJ2ZZBTou4bOqv7z--_GAlqXa8Fplpd9zHGYqlalT_VJfHDwO02w2ubGj6ACF2k2sCzsIsgR4GhI4L_qnp_v4V9Ua596Obr-lOwJLzSFD4EOMu9ZMumPtDHSwDplYMtaBqrGxdbQjGnA7ARKXsg7FmoJfE-U2yV7ggUz3yBpaUr9EVYC2DfmvqhJLZUOsMufJoKUtO8QUTmq3X8EKMKOIA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-31xeF5tPKwMYK6EhXVOSA6VqXa8Fplpd9_kxI_VvZmKgIBPWuqWqxGjP3L13Sx5Z8ue1Bt6fMWTNbF8uHcSw7yotWKb45hPYOaO6s4gjlb4BSJWEIov6vVWlkKRxOU5zRnkoYXaXVF4CL4XDiNBnzLCkPG3h6guywoth2eDg90PDqC7YyxYWm08OGcMk1MyMvIg8f5XKwm5pFH6In5Ei3zg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=4B41706ADC842F9947407703731705C747D32AAD67D3A540",
|
||||
"description": "近日,福建省银保监局对工商银行福建自贸试验区平潭片区分行、福州分行、福州鼓楼支行开出罚单,罚款合计130万元,4名当事人被...",
|
||||
"author": "观八闽",
|
||||
"pubDate": "2022-02-22 15:30:56"
|
||||
},
|
||||
{
|
||||
"title": "央行出手!支付宝们正式被“收编”了!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZVJ2ZZBTou4bOqv7z--_GAlqXa8Fplpd9vCKR6_KOD86weyJtyDXvuPB2ZkUaGIyQwRDv-oue22VJrJW-WjJWbZAu6cad5tPelPzLtv1Lwxu4iyHDCcmcabpXC1X0WaaA4xln6MP2dgarr0xpk5odhX1kWStfnfvj4Z6Z2lq8I1TrmwZ3NjM7mICVKVuf8hXbSgXZgprj6MUY-UZGbO56rA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"description": "根据央行要求,目前,已有20余家支付机构和银行完成了接入网联平台的工作.央行副行长范一飞此前曾强调,网联平台的目的即提高...",
|
||||
"author": "人民网",
|
||||
"pubDate": "2017-10-17 11:43:30"
|
||||
},
|
||||
{
|
||||
"title": "美联储最新消息!要求银行多备“家底”,特别是→",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZVJ2ZZBTou4bOqv7z--_GAlqXa8Fplpd9ss8CigRbhT_yMa4YqOu96E7Xh0U9c0BAbvoB6c3I3c4DAEyT01f-1lIvf8U9cDwz9LOCmyYK9mK7kheh35rpjQG2Usw7E-63flovrxorx8E1VfWiFHJPhYv-iLgGfd_7OU18FY5YCIbcgrAOAqCmwLrc-SQ9N9bqrXoyjzescGQNGbbB75bUeA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"description": "扩大美联储年度银行压力测试范围等. 美国银行业游说团体:更高的资本要求将推升借贷成本今年3月以来,美国硅谷银行、签名银行...",
|
||||
"author": "央视财经",
|
||||
"pubDate": "2023-07-12 16:15:05"
|
||||
},
|
||||
{
|
||||
"title": "平安银行、宁波银行等试水支付宝信用卡取现功能,缘何引发舆论争议?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZVJ2ZZBTou4bOqv7z--_GAlqXa8Fplpd9aPDFhYC8n_PNja9JhuLl9kxF6yapTbed5HRMDTnDwzN9XVcW1w1wQeH3VmAIy6GBJWowvMxfjekqshLLGAuai8aOcmULjtXq1IIkfngfrEGt_F4mQS3hxgxZAyaKanzRGibtH4X2P47JDWNOs6bkOr3BzwJ2E4sc4ALha0IAQRlQL0Hr9Gyd3Q..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"description": "话题#微信支付宝测试信用卡取现#与#有银行试水信用卡取现:年利率超18%#分别登上微博、头条热搜榜.(来源:人民众云)(来源...",
|
||||
"author": "人民网舆情数据中心",
|
||||
"pubDate": "2022-08-31 19:55:10"
|
||||
},
|
||||
{
|
||||
"title": "支付宝微信拉响警报!40多家银行联合起来,要“抢”你手机",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZVJ2ZZBTou4bOqv7z--_GAlqXa8Fplpd9vCKR6_KOD86weyJtyDXvuPB2ZkUaGIyQwRDv-oue22VJrJW-WjJWbTdGRMwa_653aBQyU47D6FlkqSKzl6e1ffSkU6QpugmafsejFJCUl6__wiHN6alHh_wMDl4D0BPCjsCgkLkk-CpBfsOHm55Uy61fWckpbRhi-ejLc7uOxLENGbbB75bUeA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"description": "招商银行等全国性商业银行,另有近60家商业银行正在加紧测试并即将开通,年内其他主要银行也将基本实现全部开通.受理方面,全...",
|
||||
"author": "人民网",
|
||||
"pubDate": "2017-05-29 08:02:43"
|
||||
},
|
||||
{
|
||||
"title": "美国又一银行倒闭!美联储怎么办?中国受影响大吗?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZVJ2ZZBTou4bOqv7z--_GAlqXa8Fplpd9WymiMDeKO_fhN5VvStj6hFNGQmFzkNC4cwOup0nFvpXtmPIGjThDzS-G0i2LhVkycd4R8o7iwhRBidlSIpHl1qod-Q5Cnb-oZeztTQ1lTy3D-dIUyWmCORYm4hDqgjGm8AfEntrJp45Wcvwwy4Gr1L0wxV0sO3jAIwv9_HXHgvde0WC6Sbi7DA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"description": "规定资产超过500亿美元的银行必须参加美联储年度压力测试,旨在通过更严格监管避免2008年国际金融危机重演.特朗普上台后,将...",
|
||||
"author": "新华网思客",
|
||||
"pubDate": "2023-05-05 13:51:35"
|
||||
},
|
||||
{
|
||||
"title": "银行月榜:大行拼命玩“七夕”,微博为何失宠了?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZVJ2ZZBTou4bOqv7z--_GAlqXa8Fplpd9aPDFhYC8n_PNja9JhuLl9kxF6yapTbed5HRMDTnDwzN9XVcW1w1wQSjIVyN3uhxTqStfkC2YdJd5CLbtO2v1Ikx8fybmPaKjraVlKeXJyyEUNOiMClRHotBpj9olJy2-MNz2AI--yTLVfD86FkCU7guPnCx4CAO9oRRg5ZuiETsHpHkoPMgL3A..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-31xeF5tPKwMYK6EhXVOSA6VqXa8Fplpd9IchiyQiq6LeEKaAPMU9juA1bCFHqCk42rdC7dGu5J0TJV_TSWviegeqZ9YXMeCE_1wsqouY29bLxCPTCe8uqEk8CV1BaKlRyHJGOUCh3xLg9XozB208ctDIH93tc2FnHL_p4NJMsWg5LVTThT-sYBgI8wmJ55I-ygjm-qJq0CU9flztgI7RZ1g..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=4B41706ADC842F9947407703731705C747D32AAD67D3A540",
|
||||
"description": "新媒体管家中国银行业新媒体8月排行榜,进入总榜TOP10的银行分别是:中国工商银行、中国银行、中国建设银行、上海浦东发展银...",
|
||||
"author": "人民网舆情数据中心",
|
||||
"pubDate": "2017-09-14 08:16:46"
|
||||
},
|
||||
{
|
||||
"title": "【月榜】12月银行新媒体:工行成功问鼎 上海银行挤进前10",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4YUzE4CSGQjeVgrFeYQugDlpmUNjkvxgvOqXyesYm_zYIpLvlCDM0AmAb0chvsD2fNyhCa8My6Bb-qjlExxIFttyhUQaZsCVtv3xb71Sa6r9ZTma9nR-jBnBcq7_vYLV53c1tpARGY_wMmV95nnREF-XH7MSZGz6MxI276v7hj8etuA22uSlmmQLGdQeR7pI3LQ2q4RtFD6M1s0Dc4LpO5wy8KM5mA5n8tAOlWETac2080W518x-5tm7Ax68ZBx0KiZqwg0yoRFw.&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAvgZg6-4mCHKVgrFeYQugDlpmUNjkvxgvOqXyesYm_zYIpLvlCDM0AmAb0chvsD2fNyhCa8My6Bb-qjlExxIFttyhUQaZsCVtv3xb71Sa6r9ZTma9nR-jBnBcq7_vYLV53c1tpARGY_wMmV95nnREF-XH7MSZGz6MxI276v7hj8etuA22uSlmmQLGdQeR7pI3fwC5XTKkq9kDNJdxFew8RNmF5J1xVuqKMCAHGR_7TST1Ck-cB6ZhGHapdNWZDDb-iZqwg0yoRFw.&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=4B41706ADC842F9947407703731705C747D32AAD67D3A540",
|
||||
"description": "本榜单共对部分国内银行12月份的新媒体综合能力进行考核,涵盖包括政策性银行、邮政储蓄银行、国有商业银行、股份制商业银行、...",
|
||||
"author": "人民网舆情数据中心",
|
||||
"pubDate": "2017-01-12 17:06:08"
|
||||
},
|
||||
{
|
||||
"title": "警惕 犯罪分子用美容卡到ATM机就能提走你银行卡里的钱 还有这事?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4YUzE4CSGQjeVgrFeYQugDhBEf4EF8oKrfbCgxSgKqyUQcR05EK0k2hs0mar4IMdiYNuh71rRq0c8vtA-WXRH5TNIk2koF_4gcbjtzha5D27Z5Ex1_ZWZybngqsDxgDgrhQ7fIpmsTTEAmms046vdata00huqHG2Z4m7y8WmQnSlissa5-yfF6Tcjc8o-otmMknVSjThfxnakac6hZ0A51m0h56Yfltd8X6KlCWe4r0J4pBP9nxXGmYam4HSJrIuNiZqwg0yoRFw.&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"description": "近日,广西玉林警方破获了一起银行卡系列诈骗案,打掉了一个专门伪造银行卡的犯罪团伙.直到案件破获时,很多受害者还不知道自...",
|
||||
"author": "央视新闻",
|
||||
"pubDate": "2017-01-14 16:40:10"
|
||||
"title": "美国又一银行倒闭!美联储怎么办?中国受影响大吗?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-31xeF5tPKwMYK6EhXVOSA6VqXa8Fplpd9eGY9uACgt2whpM3uArsKJhtPcW3yngI2os4opoqkJ3CVlyQRDaV_Hro8hmfPwsD9irSLU7ZTXQZPusXiTVPor0eS9LIJKhnse38AsvaT-nG6hJL6b8Kzeyje4PArh_xRW1V5Suf8pEzooHBWUQT7cxZpbLyIjptUldFTpL_yObZ6VKrzu_4XKA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=4B41706ADC842F9947407703731705C747D32AAD67D3A540",
|
||||
"description": "规定资产超过500亿美元的银行必须参加美联储年度压力测试,旨在通过更严格监管避免2008年国际金融危机重演.特朗普上台后,将...",
|
||||
"author": "新华网思客",
|
||||
"pubDate": "2023-05-05 13:51:35"
|
||||
},
|
||||
{
|
||||
"title": "一周内连续三家美国银行“爆雷”!会否演变成金融危机?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZVJ2ZZBTou4bOqv7z--_GAlqXa8Fplpd9WymiMDeKO_fhN5VvStj6hFNGQmFzkNC4cwOup0nFvpXtmPIGjThDzaTe_eog5sBzSEl3tdM79uSHkuSjXbbqihWrrzzdCtGEmiKJVgV5NHj24_6PNylGMIPQe1bPP6Ynl4Oq84MGlr6luCEmXPxpghF6t7hyWboeVTPjuaZtZDR5LU3lqtPw9g..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=D1AF7B42106647D6A6A18BE4E83B9D57A73D275C6790698D",
|
||||
"description": "“压力测试本是帮助银行评估资产风险的有效手段,这(监管“松绑”)为硅谷银行的关闭埋下了伏笔.”新加坡国立大学客座教授白...",
|
||||
"author": "新华网思客",
|
||||
"pubDate": "2023-03-16 10:44:22"
|
||||
"title": "支付宝微信拉响警报!40多家银行联合起来,要“抢”你手机",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-31xeF5tPKwMYK6EhXVOSA6VqXa8Fplpd9-0BJzlLy1eTjFD1JRuvsfpVuBnJzdO4GM_We8LBGBZfzv5nkrpRBB0MErXwD6mYx_6V1D09fTT_5d3JnQMhdgHrYwSoI_oc0AiMVx1lwOJ1rVNI_Jhpps3az_iRjW0e4QuAW_QYdi8_rH0mz8XQ2U0luG9iCLg784j_DiAYpueDYl_Q5RRZQjg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=4B41706ADC842F9947407703731705C747D32AAD67D3A540",
|
||||
"description": "招商银行等全国性商业银行,另有近60家商业银行正在加紧测试并即将开通,年内其他主要银行也将基本实现全部开通.受理方面,全...",
|
||||
"author": "人民网",
|
||||
"pubDate": "2017-05-29 08:02:43"
|
||||
},
|
||||
{
|
||||
"title": "一家银行最多8个APP!功能交叉重叠,是时候该瘦身了……",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-31xeF5tPKwMYK6EhXVOSA6VqXa8Fplpd994RykCd99wpOEkXvzxCBzIVUS1LA4FKRqdNCxaFpwnfejFPgpux26ggsJHZMa7xJ7gsX7ZN6JdPWaYdBoLjRwY9SIttIWfKJ4tvsU0VTsoST1rCBrLSNNpFWMnV6TSSUZZaKVHYlDmU51kteFU4c75kSP8zcYxYIrJ-Xg-ls-jvzAjcIGepUqA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=4B41706ADC842F9947407703731705C747D32AAD67D3A540",
|
||||
"description": "“你想买理财产品的话,请先下载注册我们银行的APP.”每当走进银行,这样的场景极为常见.近年来,为了增加获客,手机APP成...",
|
||||
"author": "中国网财经",
|
||||
"pubDate": "2019-06-14 17:18:12"
|
||||
},
|
||||
{
|
||||
"title": "今年银行保险业监管工作14大要点:坚决落实“房住不炒”要求 深入推进网络借贷专项整治……",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-31xeF5tPKwMYK6EhXVOSA6VqXa8Fplpd994RykCd99wpOEkXvzxCBzIVUS1LA4FKRqdNCxaFpwnfejFPgpux26sA3XGUDtx3axmAHlXnZgn7rN8UZh4aW0K-vLb1GPNhF2FXQ3glcrc5YLGgLbZ69GCWpbNclo9q8uWawWGL3Do-Kq9tdkvf-V7gbltH5y0CEk6ESiMI9-6w89kyxDwoXvg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=4B41706ADC842F9947407703731705C747D32AAD67D3A540",
|
||||
"description": "稳妥处置高风险机构,压实各方责任,全力做好协调、配合和政策指导.继续拆解影子银行,特别要大力压降高风险影子银行业务,防止死灰复燃.坚决落实“房住不炒”要求,严格执行授信集中度等监管规则,严防信贷资金违规流入房地产领域.",
|
||||
"author": "中国网财经",
|
||||
"pubDate": "2020-01-12 13:33:01"
|
||||
},
|
||||
{
|
||||
"title": "惊人 | 手机这样充电严重泄露隐私 1秒操控你的银行账户",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAvgZg6-4mCHKVgrFeYQugDhBEf4EF8oKrfbCgxSgKqyUQcR05EK0k2hs0mar4IMdiYNuh71rRq0eFifmgfhkzbK3MsPyC4ya4w3uOr8wpkTZe-rcwPrNFQINVjsV5vJ1wOlHEOuNWsLsxmGHQK1jyCZ6MwAG9p7EODSTxKXCJbgrpZDj-zG_ndQ3GsP0o8f2FtAn0-35eJ8OzP63VZ-EaTF4-aXtL55m17xploZKyLyaRGHxSWNMLU7g3Ftgn3b4uiZqwg0yoRFw.&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=4B41706ADC842F9947407703731705C747D32AAD67D3A540",
|
||||
"description": "但你要小心了,如果不谨慎,一秒就可能控制你的银行账户!测试:手机用充电桩可被操控央视记者做了一个测试,曝光了不法分子通...",
|
||||
"author": "央视新闻",
|
||||
"pubDate": "2017-04-16 13:37:16"
|
||||
}
|
||||
],
|
||||
"APP逆向": [
|
||||
{
|
||||
"title": "AndroidApp常见逆向工具和使用技巧",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4wKz3c_ko8DGVgrFeYQugDrGFFTyF4j-fIHKmKiWmh_gT1RIk9nIJTomqza81rARJOjZaCXpGyzZr8ZRNe7_PnoyTi_CaSvQnwfm9fgyvvBMGMaUdyBm9-rIkYKlAX-Dj9vW8_i_qrPyk_5Ok-VIGL8Puv9ti7dcGDU1CviXYnFzuSNq_fyLpgrGOxwXysI1AyC_nS3wnZj0iNsJLywZ6RbaykOSlSwU4dYRZMjPjPFpirNjC3rXHVWm7P7BUaCMkiZqwg0yoRFw.&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAnkQk5xkE8zWVgrFeYQugDrGFFTyF4j-fIHKmKiWmh_gT1RIk9nIJTomqza81rARJOjZaCXpGyzZr8ZRNe7_PnoyTi_CaSvQnwfm9fgyvvBMGMaUdyBm9-rIkYKlAX-Dj9vW8_i_qrPyk_5Ok-VIGL8Puv9ti7dcGDU1CviXYnFzuSNq_fyLpgrGOxwXysI1AR0NI7jhJYTMVcz7PJUxIxodsB_IuTowGyZv6b-_QmuEJE4oYD-Hd2y51bNkKRyRNiZqwg0yoRFw.&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "前言本文将主要介绍个人在AndroidApp逆向分析时常用到的一些工具和小技巧.说起Android 逆向,就不得不提到常用的逆向分析神...",
|
||||
"author": "黑白之道",
|
||||
"pubDate": "2016-10-26 10:17:15"
|
||||
},
|
||||
{
|
||||
"title": "一文了解安卓APP逆向分析与保护机制",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZK5YZrY9O7_nOqv7z--_GAlqXa8Fplpd9Fh3XIYrMAGv8DFrr22hvP7lXc8UxwhPrmt35a3KpBu6ny2zYHVUy0SsOJjskydDvO3wLOPnpaQCaSR8p2UO7B9BkbwobdSIikD8FDX-9J0O3kPWJiNfaiEAGC8U7o5bKP7YigLRNhrAshrUjZ0KgzMPkolrcIHbL_lGqUy072-WrCDCayYmfpA..&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"description": "安卓APP逆向保护作为开发工作中的重要内容,一直是网易云易盾致力于提供的应用服务.“后续,我们将在SO加密保护方面进行更...",
|
||||
"author": "FreeBuf",
|
||||
"pubDate": "2018-03-31 18:12:34"
|
||||
},
|
||||
{
|
||||
"title": "记某APP登录逆向解密过程",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZK5YZrY9O7_nOqv7z--_GAlqXa8Fplpd9-x80KM2ExBnuTLaCGHND4pnodWQPfS713l4o4wsrc482IPoKr1Um2HzgvxA0EybWw16OdaRSypMDI0pnF6VUUW1g0c3Gfij7f-NC6j_yPRVOfC1THeHO8UiywAE1Cgs6g6myVY3KoX_zVVm4Sy_n5-_QV12l5zpNEdNaBfgoAUzyPfCoem7FzA..&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-37YKXPxKcstoK6EhXVOSA6VqXa8Fplpd9dW5oQAMZhc7ZBqfiMFLXG0GQTv2lk_XvxV5bo6L_2VOd4t-r5x3pbI1Gx3EPaC8OJkaDwKAihuibfqYjIBScgTBgSQR65GHD1ovgvuYrz1SLBPf7pGpZz4oa7gW5DCyVlBmNg_TQcN2-Xhwn-8fSxrOrI95WfXBN3EzZ8pTvy0INGbbB75bUeA..&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "0x00 前言最近在学习APP逆向相关的知识,刚好拿到了一个APP目标,该APP登录过程存在加密,所以记录下逆向破解的过程.0x01 ...",
|
||||
"author": "黑白之道",
|
||||
"pubDate": "2024-05-03 08:36:47"
|
||||
},
|
||||
{
|
||||
"title": "FlutterAPP逆向实践",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZK5YZrY9O7_nOqv7z--_GAlqXa8Fplpd92U8oVlW74XCy_hT5Z6fd3wg-E2l-K3Eibp5tKtnEOT7Ai4Lo9w2wJqnCwd5sG8uHKKIVqSswHQv9WTr8JgCIA3Va7QM70SQPj1a_JGOrOlB-nr_k7Ye9gelIGGR6XqpSVCz9r6uIzM_J9_ojCoSIG0pdsdNo8Zink5oRK5NLzTjI3OTRHYU2og..&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-37YKXPxKcstoK6EhXVOSA6VqXa8Fplpd9J_zVaWw2uFg686rt6ZvNVl60K0aBaZDqdFQVXjiv0XhcM1gIerRkPxIxT4lKFS5XT7GwdtE9H4nLgwu6ohgaLTmGcpSyTO8mBlZ-8ML7pptw4tAT8AJhUJTN8HLoTdsqo5mo5LofbMG1GVImin52YaRs1GYXibKaKgMw5X68IbItPujwwRB2Pw..&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "本文为看雪论坛优秀文章看雪论坛作者ID:Imyang很长一段时间对于Flutter的app逆向都比较头疼,它不像纯Java app那样可以使用jadx-...",
|
||||
"author": "看雪学苑",
|
||||
"pubDate": "2022-07-21 17:59:03"
|
||||
},
|
||||
{
|
||||
"title": "一文了解安卓APP逆向分析与保护机制",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-37YKXPxKcstoK6EhXVOSA6VqXa8Fplpd9PohLElZHBTPQonqCfZ0TtAmg5tVFTq0IqC9Rtf6vksxuBUsHWIRCh-UHGD48L7-I7DWkXnEsIObYXDBg3HYEMXqu0K6h8xhcc62DSq_lv4XrzZVrB48gYRCjyCMepFYVz4yijIGRhQ0g40xftK4fVFS2KAtKzPeWCeu4Cz_SU18tPujwwRB2Pw..&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "安卓APP逆向保护作为开发工作中的重要内容,一直是网易云易盾致力于提供的应用服务.“后续,我们将在SO加密保护方面进行更...",
|
||||
"author": "FreeBuf",
|
||||
"pubDate": "2018-03-31 18:12:34"
|
||||
},
|
||||
{
|
||||
"title": "鸿蒙APP逆向分析工具和方法",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-37YKXPxKcstoK6EhXVOSA6VqXa8Fplpd96k-G4vgcspPLYU-OdVbivgE_1CqqMF6EOxcfbY4fKS8ON2lobS7MG9GkIaxxwqKhQfj3i8aWjoLflkGcsoJz5Yx2qNurMgWx40Et_0YV0tuvMTeUdWc2sGljxh1T3xgl7amCkbHc5mEEEJl7le_KnBGLfqHxFcxgZqH1DD98IO654z_tGSZTqA..&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "鸿蒙APP逆向分析工具和方法需要结合专用工具与开发环境特性,以下从工具选择、分析流程及注意事项进行详细说明一、逆向分析工...",
|
||||
"author": "哆啦安全",
|
||||
"pubDate": "2025-03-03 07:03:21"
|
||||
},
|
||||
{
|
||||
"title": "APP逆向神器之Frida【Android初级篇】",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZK5YZrY9O7_nOqv7z--_GAlqXa8Fplpd9MLT0_HWdfepul4uZd1-sqYjPkDJOBTX5ScPMk3ZLze1YYmLdlbLd9YCQywu7Xx_1aUhDbwM6kCW1mdmmd62zqOC1HFgIx7CyM88tmpkmbLYRTF_uAp4oOyGfhJfYCbzPACNT3uQyHhHKzZ8SL37ZftbXDnx54uXZtynVfH9EJNny08OLTBhW0A..&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-37YKXPxKcstoK6EhXVOSA6VqXa8Fplpd9c9ru1dp7EGcNRWc7m9Vto2jfuvCS_Mpc9MSOn0VU2l0FC8Zx3aXpX0UJ2-YXO-jeeL7GMcDHdlao26PENFpEby4g9Zv-Q3ZdqXO1gHmfrrNnzI8NoDM7cHXc_aYfqQL-sRWvLKG59mTHAJVAOjd33gOjee0gAZukCiuzuct1FnhhWLv6O878UA..&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "说到逆向APP,很多人首先想到的都是反编译,但是单看反编译出来的代码很难得知某个函数在被调用时所传入的参数和它返回的值,...",
|
||||
"author": "NightTeam",
|
||||
"pubDate": "2019-07-03 09:00:11"
|
||||
},
|
||||
{
|
||||
"title": "某文APP逆向抓取分析",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZK5YZrY9O7_nOqv7z--_GAlqXa8Fplpd9A2w6H1-L671_cpd7DIwb6HxM8Tg2skDofI5uP0eqZVyT-ZKz1dMK-N9zbOh5JytwuQMI9Iw1eklR9NU_YschWd8WuSVWZGneifUlgUO0DdmQZj7acxftXS57wN0R3gkTLGLP4v_ZS9l8vkYgT1vinXbGqACn98KJShDScdzRj9TYl_Q5RRZQjg..&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"description": "逆向app一定要多练习,这样才能在实践中找到自己的不懂之处,才能够成长.好啦,今天的逆向小文章就到此结束啦,童鞋们下篇文...",
|
||||
"author": "猿人学Python",
|
||||
"pubDate": "2020-05-07 20:19:43"
|
||||
"title": "对某数藏类app逆向安全分析",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-37YKXPxKcstoK6EhXVOSA6VqXa8Fplpd9lXcNX9AOOoTm4CBrpf0a-sBoRZk4Hd4NMf3NFX_hTnPUBFDO-H4INSEcbjxWPpdnBn-AZglZbicNTigYbg2H7qdRL4o9ns-lYIMjPuIxF33xHcrOROK0Ryt7VpTw8LTTZmvGGaQd2pfwj2ErCUI2wmyPNzVj_SyltmhBVT1n_jDm0CtGSSkZQQ..&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "对uni-app开发的某app逆向分析不过今天这个app有点不同,我感觉是值得记录的,所以准备再写一篇有关这个的分析首先,打开这个...",
|
||||
"author": "编角料",
|
||||
"pubDate": "2023-03-10 18:32:22"
|
||||
},
|
||||
{
|
||||
"title": "APP逆向系列(一)",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZK5YZrY9O7_nOqv7z--_GAlqXa8Fplpd9lKEFNQl0rrlenp4wiJ8SXvf80-YxmieIEjsgWR3J5xNlBAk-V1FIXL1qCf8pITgwKB66yt9Sj5cdNFS7YUvPcOjBqWON9It4wh94ZyOOgTSe1t7XJPgtKizTsNmaXttc6IEvnYYYefYytHrekPzji63WAkJb4HNnNRzgBtY_RGZ5LU3lqtPw9g..&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-37YKXPxKcstoK6EhXVOSA6VqXa8Fplpd9tUUp5U1amv6rVz_XTmtn0mdOmyG1nqM9oBM4n5C4uAvylPx-49SZoEBhA0b-zBpJsQFk04s6KlDA8AmsqNP4xzefHWP558a5M8BSkLIq_ZaLBrBb6kiIh2RwFHCc_BXVZFugczBJ9VuB_J4lMJKtsrqe2XulivXNeVfmKyOIKAl5LU3lqtPw9g..&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "APP逆向系列(一)最近在解决APP逆向问题,之前都是不系统的学习,知道工具,知道hook,但是跟某些金融比起来还是差点意思...",
|
||||
"author": "呼啦啦安全",
|
||||
"pubDate": "2024-04-14 11:12:10"
|
||||
},
|
||||
{
|
||||
"title": "APP逆向之SO必备分析手法",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZK5YZrY9O7_nOqv7z--_GAlqXa8Fplpd93QJZ_u6DtVBLCm5tIS1c4tgwdDeovk5qtt-Bk3ddgLhihS-O339CSoz3v5anw9Ye_G7S6Q3N8uYjNsyO--xiYd-3e_pv-8Dg_nq8TS6llOg-7aLr_T2yfgg65zCaHguXgFkG_6yja0R3-pvL3sGSyABm_ux1OvssSOHWu61Gkb7FcvUoAZZH7Q..&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"description": "APP逆向过程中,需要对dex文件和elf文件进行分析,又因现在各APP都有各种代码保护手法,因此都需要进行动态分析.今天就分享...",
|
||||
"author": "编码安全",
|
||||
"pubDate": "2023-04-07 08:31:00"
|
||||
"pubDate": "2024-04-17 21:59:21"
|
||||
},
|
||||
{
|
||||
"title": "好用的APP逆向工具",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZK5YZrY9O7_nOqv7z--_GAlqXa8Fplpd9z3opM6K7omYoqQdItmBEbfQ0WnB_BhFgbn949veAQ7OzJoMWhEd-66EQQaxs_c2buizi4n44NhKmIOewTtBrR96f_CAhpxvjVdenCun64ZB1eWbkaXAGcDTZJqPyBYuYGIBcuTawofZ0jrgkBmbFPrCriDDeVxgOKgjoYz2pRmtAe0f8bRARvQ..&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-37YKXPxKcstoK6EhXVOSA6VqXa8Fplpd9uOgbmr5Xs6SFGTkWWTq1dNh66X-qAb5cKLOT1QvVslrpp4a4I0-m6j9v9f8cIyfgBPGHNfUgAPQE7f2t1-x9mZihVVB2ngV9kemhL-3At65I3PA5-zIKti84ioUpdJtGEgNkWYF66san6mCWt711PMRU6aMXJ2QQ0uW6HRm-x3UHpHkoPMgL3A..&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "从此APP逆向快人一步Apkdb概述《Android APK+Dex文件反编译及回编译工具》 简称:APKDB.是一款,针对Android OS系统APK...",
|
||||
"author": "素人一鸣",
|
||||
"pubDate": "2025-01-16 15:58:50"
|
||||
},
|
||||
{
|
||||
"title": "对某数藏类app逆向安全分析",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZK5YZrY9O7_nOqv7z--_GAlqXa8Fplpd9pDYDmo_6WbPmVpOz58Jw8jKLqWBpDx5FF2Gs-FMfbVxtEvJOilYPIgFYzPK4vkVky_nV98DTRup51rNXBda2oKmU7oWltoViI84BiKP-Dy-lIv1Wj5vGjLX9zGBlOR_UE5meSB4JJfkodeosb-nPKPrjwV6QzPrMUKFnD6TBUESfxjh3za6jWA..&type=2&query=APP%E9%80%86%E5%90%91&token=D1AFA70D740323B2C3C5EE808C330A53C3796D7A67906993",
|
||||
"description": "对uni-app开发的某app逆向分析不过今天这个app有点不同,我感觉是值得记录的,所以准备再写一篇有关这个的分析首先,打开这个...",
|
||||
"author": "编角料",
|
||||
"pubDate": "2023-03-10 18:32:22"
|
||||
"title": "【APP逆向】某某租车app逆向分析",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-37YKXPxKcstoK6EhXVOSA6VqXa8Fplpd9WI9MBCWBS0I03fDVYwvSJS7gdYQF3g4s1UKXr8nlM8auXXxFDSEuay2Em97i5hnc2dq6Tx8sa55G6iNoA0zIqXpVSeLn19g1yVT4VUQfUVuda8fN42zql4tEBXYdBMqVO6TiiJTVB3N5_Zy45rSzdXDOat6dFjV5Zas3Dyx4RGjy08OLTBhW0A..&type=2&query=APP%E9%80%86%E5%90%91&token=4B41960A4215BF07D8D1E792E3746110D815985C67D3A546",
|
||||
"description": "【APP逆向】某某租车app逆向分析 背景 之前了解了fartext 魔改版的功能用法,但是一直没有合适的app用来测试,这次正好拿来练练...",
|
||||
"author": "EternalBlue",
|
||||
"pubDate": "2025-03-12 00:11:48"
|
||||
}
|
||||
],
|
||||
"渗透测试": [
|
||||
{
|
||||
"title": "200万年薪!人民网这个岗位等你来!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd9vCKR6_KOD86weyJtyDXvuPB2ZkUaGIyQwRDv-oue22VJrJW-WjJWbW7umqEKhc-ffZiOymcpZuwFEdV2co-OaYS1WW8r2sRfpdIz1lnDH_S0pCw2N5saCbBkrHJFsNuFEELa-zoRJad9ORg0w6ALekOupoSt0ok0-Ybc4yPGCcpS6t2rFt2rnA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3BsRBkcbDQRgK6EhXVOSA6VqXa8Fplpd9-0BJzlLy1eTjFD1JRuvsfpVuBnJzdO4GM_We8LBGBZfzv5nkrpRBB2zJSH-XHxJYGg2BRycObnfKc6vqPrRScVijf9WWtRq_tjWUSCTqHZ_zcgr_WXE-m8ZMwKxJ1Y2clHKXN6HAQHSrXT6lBa2GicuNmqm54Rw3bHFnoxEXkhNflztgI7RZ1g..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=4B41BBA12A73D96FB0B680F58546CCA8B1C360E167D3A54B",
|
||||
"description": "服务器及应用进行渗透测试等信息安全相关工作;3、关注最新的安全动态和漏洞信息,及时修复业务系统相关漏洞.任职资格:1、全...",
|
||||
"author": "人民网",
|
||||
"pubDate": "2018-08-03 15:22:17"
|
||||
},
|
||||
{
|
||||
"title": "人社部拟新增10个新职业,看看自己能干点啥",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd9M5KIC-0rGvxrKrOE4yeaVB6jc9d8AW15FEbXjOLlcPp1-EZxVpENWkfxV-10Mav2T78uXAmjVAOefeDuF4cLKoC8Fu_b3bij_cQT4ySRNEffksrd64MBextydOvCsxoiSM-jGcEWUUNroyU4YeFsDHNwt-TxIhSa2NrUqYy87xv1AfaFW2DefQ..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"description": "直播销售员信息安全测试员通过对评测目标的网络和系统进行渗透测试,发现安全问题并提出改进建议,使网络和系统免受恶意攻击的...",
|
||||
"author": "人民网海南频道",
|
||||
"pubDate": "2020-05-13 14:27:12"
|
||||
},
|
||||
{
|
||||
"title": "“徐玉玉案”涉案19岁黑客杜天禹受审 获刑6年",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd9RsusdENeiGVElJrChdjvPNX1fkjozfz_F6fy-DJlS_RvnZqWbCJpksJoA15S_Hqd_3i-kL4Xs7KDzA7X8A4xhqmfzh63-HT6s1HZXbR-HRAxbf8_sK0eg67RHN2IMxYAwECVfhiGanzUmM23iMTlqTss7K9PXKpbMOArGZaJ9_fy08OLTBhW0A..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"description": "他成为了一家公司的渗透测试程序技术员,“职责就是测试网站的漏洞,提出修复建议”,每月工资六七千元. 杜天禹业余时间经常...",
|
||||
"author": "新华网",
|
||||
"pubDate": "2017-08-24 14:13:15"
|
||||
},
|
||||
{
|
||||
"title": "中新网招新了!打工人,速来!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd95OuhsEbLC57Qio8rhMngNxQ-vEVsbkF8HGScjeHMoX_Tn9cetiQ3iOxnV3ZC6M71ljIugnocwRayxpiw6-7WPdrgNjMAjrCos7tQ0kHdbHCRQJxwta5mDqc8mVlULy3snI5CoAaHnbJTB0wznThx5-ADm-EoU4hRZyl7oZWhCAzs46dn8Efgxg..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3BsRBkcbDQRgK6EhXVOSA6VqXa8Fplpd9m7yv2ccEJ4i5LYy3cPhwUIIrJBaPxbEK8anG_cAz9D5mdEFw6KfCJfNhbADYC1DSHZAO02gCXMIVXr3HxQG1tMPNRm05JJ8Xxu7DlEG3gq69BuoSdIny0WRCDHOB3UXzmb_wXn0lhZVVY7Wc_RgQhKchioy7-HtvNyC4S4f3mI3S-e4Yz84xMA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=4B41BBA12A73D96FB0B680F58546CCA8B1C360E167D3A54B",
|
||||
"description": "具备独立开展渗透测试的能力;2、熟悉常见Web和移动安全漏洞分析与防范,包括SQL注入、XSS、CSRF等OWASPTOP10 安全风...",
|
||||
"author": "中国新闻网",
|
||||
"pubDate": "2020-11-03 15:52:39"
|
||||
},
|
||||
{
|
||||
"title": "人社部拟新增10个新职业,网友疯狂@李佳琦",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd98TDUbjC5H1Xa1oN67VNw5rKFcsG1D03eqW3KUFdUcHzSEUqMq_A9nQjTPsVZZPiOkE8Uyh-K_oDDeDuTbGUUgo2Uh0zUDlMVW01FkZthHOGXVHwjGiiDmIZLXsyprFWWShIhG_j9OdrQY6vQivX-QFzw0F0SW5PbJqKX1p1OtVKE8RsmObDbtQ..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"description": "信息安全测试员通过对评测目标的网络和系统进行渗透测试,发现安全问题并提出改进建议,使网络和系统免受恶意攻击的人员.社群...",
|
||||
"author": "光明网",
|
||||
"pubDate": "2020-05-12 18:12:17"
|
||||
"title": "“徐玉玉案”涉案19岁黑客杜天禹受审 获刑6年",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3BsRBkcbDQRgK6EhXVOSA6VqXa8Fplpd9fP4Xj1QflXiE_uUOtgLs-VC7viQvoqUsNljU1prUHdABMu2hSav0LVZ6cZODAmDPnpDumn6Oge4o9xNUzx7burEBVHUFMhkKFEA_qutuCH-2qxk2BJAF6mCQ45mOP0TZd6VZUnHC8jSEQwYN7mKykz41OOAXs8rxyikQyIhN7BcC2Qmj7RgGwQ..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=4B41BBA12A73D96FB0B680F58546CCA8B1C360E167D3A54B",
|
||||
"description": "他成为了一家公司的渗透测试程序技术员,“职责就是测试网站的漏洞,提出修复建议”,每月工资六七千元. 杜天禹业余时间经常...",
|
||||
"author": "新华网",
|
||||
"pubDate": "2017-08-24 14:13:15"
|
||||
},
|
||||
{
|
||||
"title": "柠檬“上海户口、百万房补”?你也不是没有机会!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd9vCKR6_KOD86weyJtyDXvuPB2ZkUaGIyQwRDv-oue22VJrJW-WjJWbXg7rMz4y5aCaGmAduDd8oYEnsCJNxnouw4DA67TrJ5lR-ReEQdsMnsrDpqQKM7mlH0I-dw6uGhTiCRo4ksSdJC8-UPAd_nwGVR54YceD_PJHlAKZvz3U9iq3X8EKMKOIA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"description": "信息安全攻防渗透测试和信息审核评估成为网络安全维护的关键环节,此次发布的5个工种里,信息安全测试员、互联网信息审核员的...",
|
||||
"author": "人民网",
|
||||
"pubDate": "2020-07-10 19:38:53"
|
||||
},
|
||||
{
|
||||
"title": "撒贝宁惊现滑雪场!硬核测评来了→",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd9ss8CigRbhT_yMa4YqOu96E7Xh0U9c0BAbvoB6c3I3c4DAEyT01f-1gAJPi-uLeSDzVgAoUbeHg5gjJ8qIpcAuNaYTmSEVnsi0pBXrOagW8PQ2oVD18D68aHEfYSD-nvnlTuFDMsuvXFUkS99sCyYQxV3fwgwckp-gyadaqMUOxGq3X8EKMKOIA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"description": "试纸放入衣服内并进入淋水装置水珠在衣服面料表层滑过却始终无法渗透入小撒身上的羽绒服实验结束测验试纸整洁如新严苛如撒贝宁...",
|
||||
"author": "央视财经",
|
||||
"pubDate": "2022-12-30 15:14:23"
|
||||
},
|
||||
{
|
||||
"title": "【提醒】妹子们注意!上海消保委测试了40款知名面膜,结果...",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd9ss8CigRbhT_yMa4YqOu96E7Xh0U9c0BAbvoB6c3I3c4DAEyT01f-1nxS5zk00z-gYcdUc7sC_gsl8k3sY0WMXy_tFbdEzgy7re0AEItUNr3TvhcYwUKidcWsIsO2z3qtWLgjL0szXxp0M0cXL-cSasncT6xJbOKBAwrO_AWNp0U89kyxDwoXvg..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"description": "4小时保湿功效分别进行了测试.全部样品均通过激素筛查今年6月国家药品监督管理局通告了27批次不合格化妆品,其中多批次为面膜...",
|
||||
"author": "央视财经",
|
||||
"pubDate": "2018-10-09 06:45:24"
|
||||
"title": "人社部拟新增10个新职业,看看自己能干点啥",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3BsRBkcbDQRgK6EhXVOSA6VqXa8Fplpd938XWbZVit1p12c7HjlKcxc0ct2UIRuW2IuQFNtwlOSwNBnqV_XFalJfWH0Fo0sqI2jXtkJpMFXtkJT5spcScNNd43EJRTZQXbKiB8gxe8MmhclEVHlHGuBTdGJnjDE6p1BPfoFHvxLSJhVaPMnaKR4dqv2GDzseij7f4Zuod9ya00NVofL2iDw..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=4B41BBA12A73D96FB0B680F58546CCA8B1C360E167D3A54B",
|
||||
"description": "直播销售员信息安全测试员通过对评测目标的网络和系统进行渗透测试,发现安全问题并提出改进建议,使网络和系统免受恶意攻击的...",
|
||||
"author": "人民网海南频道",
|
||||
"pubDate": "2020-05-13 14:27:12"
|
||||
},
|
||||
{
|
||||
"title": "李佳琦们要“转正”了!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd9vCKR6_KOD86weyJtyDXvuPB2ZkUaGIyQwRDv-oue22VJrJW-WjJWbX7E2NUksseVecS-zPq5ZTCt4te3nn8ZvRtGHaptLJqZehPm-aPT1g3cmt-ohWYPzeLbEWLZMNkoCNZesFuC6f6D_MPj9g3s6FE8O854_8gbjFAGKEsUIEHs46dn8Efgxg..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3BsRBkcbDQRgK6EhXVOSA6VqXa8Fplpd9-0BJzlLy1eTjFD1JRuvsfpVuBnJzdO4GM_We8LBGBZfzv5nkrpRBB0DGECEe9GlcaW9mi2MBmXkLrK2aNKTXvdf2gz9sGguY4io2BKEILJvDOwOoWOamJKwz921jTlhuvjn-9H-nyaoEKqCVj_tYRROprp6YKqkfJpE-dnQJNFFr1dbZWbKUeQ..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=4B41BBA12A73D96FB0B680F58546CCA8B1C360E167D3A54B",
|
||||
"description": "信息安全测试员通过对评测目标的网络和系统进行渗透测试,发现安全问题并提出改进建议,使网络和系统免受恶意攻击的人员.社群...",
|
||||
"author": "人民网",
|
||||
"pubDate": "2020-05-12 19:02:37"
|
||||
},
|
||||
{
|
||||
"title": "撒贝宁现身滑雪场,硬核测评“小汉堡”",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ7sSphQ4AIV3Oqv7z--_GAlqXa8Fplpd9QpRxgAL8K-_aNOjyfTqUYlJdh9QhUpbZ7Kpi_SUbwriq-KaDJqTyqcw4tiPHZ4UC0GWLHS215zl9h32uDsgIxFXHZLUhpd0VR55OSD50G3QsViD8bQlYchdDEM8CQDgaTo_75KW9Ywp26ZajvA3iP5B8_mq_hXaJDuFJ98ETRJbzAjcIGepUqA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=D1AFD20E7A0C2BBCCCCAE78884885C33CC24DC6167906998",
|
||||
"description": "层滑过却始终无法渗透入小撒身上的羽绒服实验结束测验试纸整洁如新严苛如小撒也对极光小汉堡的防水性能刮目相看防水测试100分...",
|
||||
"author": "央视新闻",
|
||||
"pubDate": "2022-12-30 18:03:44"
|
||||
"title": "李佳琦们“转正”了!又一波新职业发布…",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3BsRBkcbDQRgK6EhXVOSA6VqXa8Fplpd9-0BJzlLy1eTjFD1JRuvsfpVuBnJzdO4GM_We8LBGBZfzv5nkrpRBB9EW3vvazU96ZKEnoo_JS3x0BzzWn10ximMuBWlT_5O9I0gqXal3SA9xAkmK__NeNaHmTzIKlvgdHMgV46VOYCkU-z-LXgKpny54VryVnWHIeu_sCOlTFyHvzHZXxeLdyg..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=4B41BBA12A73D96FB0B680F58546CCA8B1C360E167D3A54B",
|
||||
"description": "信息安全攻防渗透测试和信息审核评估成为网络安全维护的关键环节,信息安全测试员、互联网信息审核员的工作将越来越重要.据悉...",
|
||||
"author": "人民网",
|
||||
"pubDate": "2020-07-06 15:08:14"
|
||||
},
|
||||
{
|
||||
"title": "妹子们注意!上海消保委测试了40款知名面膜,结果是……",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3BsRBkcbDQRgK6EhXVOSA6VqXa8Fplpd9fP4Xj1QflXiE_uUOtgLs-VC7viQvoqUsNljU1prUHdABMu2hSav0LXFjP6OboT1q_s_i8-oAShCeQ64qo3_4eMPkTSLPrW7GJxBLlQI_Hx1QeXc9ertFCkSjXIGyr7pYJSgLTFHAd537rsyfHp4-1t3va3n34Gw05SG_XagNHQZe0WC6Sbi7DA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=4B41BBA12A73D96FB0B680F58546CCA8B1C360E167D3A54B",
|
||||
"description": "4小时保湿功效分别进行了测试.1全部样品均通过激素筛查今年6月国家药品监督管理局通告了27批次不合格化妆品,其中多批次为面...",
|
||||
"author": "新华网",
|
||||
"pubDate": "2018-10-06 16:53:48"
|
||||
},
|
||||
{
|
||||
"title": "柠檬“上海户口、百万房补”?你也不是没有机会!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3BsRBkcbDQRgK6EhXVOSA6VqXa8Fplpd9-0BJzlLy1eTjFD1JRuvsfpVuBnJzdO4GM_We8LBGBZfzv5nkrpRBB3Gf0crth1REpM7pnCtDQFICq64oviefEZ1vGp75hB_-VyPVdkkH4f88ejvmAzB97n9kx5vRkDJvVUmqh55kw-oFE23pG3T_Kpijfgr5UyMHkJlsOtybC6uFW6cwuUnkdA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=4B41BBA12A73D96FB0B680F58546CCA8B1C360E167D3A54B",
|
||||
"description": "信息安全攻防渗透测试和信息审核评估成为网络安全维护的关键环节,此次发布的5个工种里,信息安全测试员、互联网信息审核员的...",
|
||||
"author": "人民网",
|
||||
"pubDate": "2020-07-10 19:38:53"
|
||||
}
|
||||
],
|
||||
"手机银行漏洞": [
|
||||
{
|
||||
"title": "什么操作?一男子发现银行网银端漏洞,存50元取50万,收获3000万",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ-Z2P9BxIW8LOqv7z--_GAlqXa8Fplpd9R5a3JsIKJZgohq3m8v5mGn3xEkC39-vENPW3M3YN-eUvl6CkFrfa2YxCDykRjos_xCwMyfJqsBGlPGGieaXpOKRjzA1GSaD3bhJ0lPEpY9m8AJTLcp-zaFBEv86chIYsoF2gd_e3GVlfQt2ozXteZVFCdmtvTd03cLj3HU9H0ij0OK9DLfgmPA..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"description": "他发现上海某银行的网银有漏洞,可以修改定期存单金额和贷款金额,比如存款改成50元,贷款改成50万,就能套现50万.半年内他...",
|
||||
"author": "木火通明",
|
||||
"pubDate": "2019-04-23 21:42:11"
|
||||
},
|
||||
{
|
||||
"title": "银行手机app存重大漏洞,用户分166笔套取资金300万未被发现",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ-Z2P9BxIW8LOqv7z--_GAlqXa8Fplpd9xVhy9OTbkCfriOx6asm8OI0Zz7zB6S7h4PmspIX-ELXRRItnAoXMaVMjEDe1G_Ojv_8j88Xqbi37bAXfnoUNgvAugLu5xkEKGujoejbOJVsv66nKI4YHqZ7YvEarDPBdQQ5Un8-YwKE1jSlPSqOMqt8HOeSXtI5mix5-w7cf1-Z535pjGOOjYg..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3RBfDGcuhAcYK6EhXVOSA6VqXa8Fplpd9NFACt4r9XtAYsMhQto1wHGOTujEotFi8vSykO0Z07Xs9-tfxZkeUpY6iBgpIAt2qlcUFBr4NqlmxP_WAkDDHwxeCu0zsfNpcT2AjinmY7IFW1HgYGZhghgZJSXbhsdjNLtVmEDjiEeZ0w2BEIqo-WgT7-0TtL-1jEEemsV1E7q_f3q8uRDTfkw..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "银行app存重大漏洞判决书显示,朱某系平顶山银行用户,为了更方便的使用各类业务,朱某在手机上下载了平顶山银行app,绑定了...",
|
||||
"author": "支付百科",
|
||||
"pubDate": "2020-03-19 19:33:50"
|
||||
},
|
||||
{
|
||||
"title": "手机银行漏洞:五行代码可转走银行250亿美元存款",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4ccluG6pWZhOVgrFeYQugDkbox_qHQILDSiF38SaauBfqy2K3HYei7upHkg-JUbg6cdKGl9uj14eWOwHcT_M6tCJqbi9mD7ihv-AKW45ZJaJjKVEYPEpjr3vMz_imG_YfMjZ6IcYXkYeyysg7Ep5txHE-1kFTdXu0k1i_7a7Piw-SzdHavYB6ZE67RWhLBFYsdolrzjXqj1pLnD8uWvrudhCMWot8BieLb2RzJwWX9iT4VrhNhgA8kVVaS2qYQBl8iZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"description": "一名安全研究员发现印度一家大银行手机应用存在漏洞,可使他轻松偷走250亿美元.去年年末,安全研究员萨提亚·普拉卡什在一家...",
|
||||
"author": "安全牛",
|
||||
"pubDate": "2016-05-19 11:48:56"
|
||||
},
|
||||
{
|
||||
"title": "黑客攻击发现:多家手机银行APP存漏洞",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4ccluG6pWZhOVgrFeYQugDpII3pXlhB4cu4QQVVNjVmAappCK6q5S16c49JwWaZSxh6K1ZbFnBuvxOAGz10wsWDCGOVaVbb4pV_vNEfPvSlDh69B_ygeCeHyP2pP4-9OYzmM9EgVrwn3UJ9paHwZeQ8yY46If-pFETSS-0YEV8fETpKlqv5RkewRoBiPd-aG9gDwTTMmZuzjcwzyFhPO2nRAyjp6FV9VZanb98rO0XSjUwzGKY80HLV0Gx6COKz_hiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"description": "手机银行存在的漏洞让人担忧.参赛队伍介绍说,通过对国内20家银行提供给消费者的、基于安卓系统的20个手机银行APP进行攻击...",
|
||||
"author": "E安全",
|
||||
"pubDate": "2016-09-05 11:36:23"
|
||||
},
|
||||
{
|
||||
"title": "某银行手机APP现支付漏洞3天被盗刷40多万",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4ccluG6pWZhOVgrFeYQugDt6m0Zx5D-v1Rwjk3P2iLUhEZ-LRrvFkVfsvQ7RvizarNGtYcShVf1nwcLufi6L-Gk7jKfOPejPKPrq1E8X8xtcLtMuSAR7jeYn91RFWK5aCBjj3TewmabqUEL84ZxANtI9op8YjndHKzRF4Q4i9YVEPKrHFAjjttHYqLtFFSwSzyes-Ge369j3Co-sFbQAhKsPTEcOyYNKnZjXr3PeMRzDc1aFCsg8rsLC0brfg2qmeiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"description": "银行手机APP新上线的支付功能被人发现了漏洞,3天内数十名客户的信用卡遭盗刷,共损失40余万元!银行立即停止这项支付功能,...",
|
||||
"author": "支付界",
|
||||
"pubDate": "2016-06-16 09:00:18"
|
||||
},
|
||||
{
|
||||
"title": "警惕!手机银行APP也会存在高危漏洞",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4ccluG6pWZhOVgrFeYQugDtWJbbJ5gmKdyIb1BwsnXrNcyHcjzrvJNVi8JqrNdaI95E24oXpjz7s0tde0UUnVQU2wSvBGSiqEcBJf6JtGOEEuTsHBXh_3zfXPq_UwJRT6DOmgAA8E1-31epqYloXWzrX1ue8j2gDrpYPwWiONnLh_fKqELnf6cslD4qCPNdksQkoh1Sh9dJgKapgqEmlMlCvUs-o76bFk2D-dM70XIA9Cfc4SXbgsSam1TvQpJGHbiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAxH-o62u-IsyVgrFeYQugDtWJbbJ5gmKdyIb1BwsnXrNcyHcjzrvJNVi8JqrNdaI95E24oXpjz7s0tde0UUnVQU2wSvBGSiqEcBJf6JtGOEEuTsHBXh_3zfXPq_UwJRT6DOmgAA8E1-31epqYloXWzrX1ue8j2gDrpYPwWiONnLh_fKqELnf6cslD4qCPNdksxHjTp5TWgTMtb0QT38qtXqaKAm6xneH4nKOxeqk3nGzTFmHsDF7RoDIQcIWu7eIDiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "实验室的工程师通过实验发现此次测试的手机银行APP普遍存在高危漏洞,用户在进行转账交易时,黑客能够通过一定的技术手段劫持...",
|
||||
"author": "中国信通院CAICT",
|
||||
"pubDate": "2017-03-15 14:13:34"
|
||||
},
|
||||
{
|
||||
"title": "部分三星手机指纹安全漏洞爆发 中国银行:App已关停",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ-Z2P9BxIW8LOqv7z--_GAlqXa8Fplpd90_MKY9BV-a_tzIegx12UuuuWaPLscBeVc4qYrn8ZgwH9zPn1-rYQA7okzHUXoZIqiGX2I0iRL53CsOS0hSavBhV2ypKgwO4bXCOnI4C2TWnG90SJCWGubxl5Cwv1el9yD3KN6c93CCFWpCZbJEefE8W7__mhpfrp_8qYNhP-iHktPujwwRB2Pw..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"description": "两款手机和Tab S6平板指纹识别存在漏洞问题,中国银行决定关闭手机银行(包括境内版个人手机银行、境外版个人手机银行企业手机...",
|
||||
"author": "银行科技研究社",
|
||||
"pubDate": "2019-10-23 12:18:17"
|
||||
"title": "什么操作?一男子发现银行网银端漏洞,存50元取50万,收获3000万",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3RBfDGcuhAcYK6EhXVOSA6VqXa8Fplpd9Hzh_lyNfZEqbnRTiI9rBQm3Q87lpJNG3cN4vp1YvJLDwBSPpNKz66VhemuvDOBKdbKq8zyckFEcDlRvZYhEBeMw9r9kKDTs8JkqrrVxvBBjVhoGJkK0jKZMExOmTHzxEnZwJiUsgHt426TGjjzW-m9d9apFNp5IhfTyuqbmZb4TFcvUoAZZH7Q..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "他发现上海某银行的网银有漏洞,可以修改定期存单金额和贷款金额,比如存款改成50元,贷款改成50万,就能套现50万.半年内他...",
|
||||
"author": "木火通明",
|
||||
"pubDate": "2019-04-23 21:42:11"
|
||||
},
|
||||
{
|
||||
"title": "有人利用手机银行漏洞疯狂作案30余起,崇仁人警惕!……",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ-Z2P9BxIW8LOqv7z--_GAlqXa8Fplpd9m5cb0s6JR_zNCEHz6i52VIFSpCqjLWk5J5P7KDVtCs0rVHWxH8XmEiwxsgfUQ8dBLgMBlmTfT9IJnVZNsFMRAl_vVO-1MQkMkOOXyoRIOLz_NxmZFqdUIH6GA3f5tfWm0j1Wrd2rlZaJIh4ryBTdn-9mBXU2Qh5-GdJojfO6gqs89kyxDwoXvg..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"title": "手机银行漏洞:五行代码可转走银行250亿美元存款",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAxH-o62u-IsyVgrFeYQugDrGFFTyF4j-fIHKmKiWmh_gT1RIk9nIJTomqza81rARJOjZaCXpGyzbfa51Lk7hnBdd-PXO8zD4bZBzkEs4qL91zXrAssxq_Fx_iURzYopd5FdYNUIpQFKjqT5bbRtXpk6qvJW3YSGGH4mUNEhHT1092NRPfeW2gOckW9rfO5f8Y4zZqnpfFaZ3i-R9z0OfFxpHSTjVCI9DmVfyAhJ0RCVBxAmAH5j2j34zQH5fQsyygiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "在银行客户所使用的手机银行软件之中存在一个严重的安全漏洞. Prakash解释称,通过利用这个漏洞,他可以从任何一名银行客户的...",
|
||||
"author": "黑白之道",
|
||||
"pubDate": "2016-05-27 08:16:49"
|
||||
},
|
||||
{
|
||||
"title": "黑客攻击发现:多家手机银行APP存漏洞",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAxH-o62u-IsyVgrFeYQugDpII3pXlhB4cu4QQVVNjVmAappCK6q5S16c49JwWaZSxh6K1ZbFnBuvxOAGz10wsWDCGOVaVbb4pV_vNEfPvSlDh69B_ygeCeHyP2pP4-9OYzmM9EgVrwn3UJ9paHwZeQ8yY46If-pFETSS-0YEV8fETpKlqv5RkewRoBiPd-aG9Y7g5Zxp-ImqDVr2SrMfwi1gtbpSKZ2v4PWTMZ0URHjtUoGUnTGtCmFj7kb-frKMWiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "手机银行存在的漏洞让人担忧.参赛队伍介绍说,通过对国内20家银行提供给消费者的、基于安卓系统的20个手机银行APP进行攻击...",
|
||||
"author": "E安全",
|
||||
"pubDate": "2016-09-05 11:36:23"
|
||||
},
|
||||
{
|
||||
"title": "银行手机app存重大漏洞,余额为0也能成功转账?被人套取资金数百万4个月后才发现",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3RBfDGcuhAcYK6EhXVOSA6VqXa8Fplpd95FuX7oHuqTy2vXk0m56mQ70Jd5155gD2Md3QcfhtX3-qLVh5LFUOweFf60r0lcM0QVDRCGxYZGQelXNR3W4tYu5LUfYWhH0buEMkJJBVgjYw_NNWnLEmovv2Q7hapVTrJs1xgQwC0o_gxP6VbP9Q8-ADnlWefaUbxpHxVwDXySyFW6cwuUnkdA..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "揭示了平顶山银行APP中存在过巨大漏洞.判决书显示,罪犯朱某鑫,1996年生人,小学文化.2017年至2018年,朱某鑫在手机上下...",
|
||||
"author": "支付爆光台",
|
||||
"pubDate": "2020-03-19 20:19:19"
|
||||
},
|
||||
{
|
||||
"title": "警惕!有人利用手机银行漏洞,在我市疯狂作案30余起...",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3RBfDGcuhAcYK6EhXVOSA6VqXa8Fplpd9uQLYrci54ZeLmLtABBGBCMIvO4GzVCXt80DQXHrBh8VSd1SY3lJZNDZNyjq5zoKt0mT_fnwtE_JIauljziXMGalNG8OVdv5bTR0I2AF5eLpJa2F-yUwexQGdQ_k6SHQwX3ySM0Gj6eAyQBjnkA7l8ZXOMbRNJafAdPiN8gBUESctPujwwRB2Pw..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "支付货款受害人手机接收到了到账信息可是到银行查询却未实际到账怀疑被诈骗刑侦大队民警接报后立即展开调查经民警努力追捕犯罪...",
|
||||
"author": "乐享崇仁",
|
||||
"pubDate": "2019-09-12 22:35:10"
|
||||
"author": "赣州公安",
|
||||
"pubDate": "2019-09-11 18:44:52"
|
||||
},
|
||||
{
|
||||
"title": "警惕!有人利用手机银行漏洞疯狂作案30余起……",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ-Z2P9BxIW8LOqv7z--_GAlqXa8Fplpd9SamOCvhwx0d6CdZsiIUih7kLI9EpFh8bw0knJ6uHDIvPFEidt9VIvot456Cs-EitOt1KjbyuuWMxkm9Pqcodh5r6t7-CpXT5EboJIg6GGFdn48NJOLAJfwtr0G0aumvXnXccrNuPNREQiTm53HUFCEr13RD74cn9k71IYgxmdxd6VKrzu_4XKA..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3RBfDGcuhAcYK6EhXVOSA6VqXa8Fplpd9NT8RvUvXV0PFeE3a2kUhkP2ZG_sX8zawtBT3KVXDaagk-cP3LlavEKLsUaYCzd6w6DZhlyQ9YspIRZKmkzay6EZQflQxyhdeqKfuAYpCA52ekN5651P75SmY3qYCzo2bOCCca3RPdx4ylb5AvEf1Wk8wPAKoG25Q9dQcrLNGeD3wdVqCwyPdzA..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "行账号但受害人手机仍能接收到银行预转账信息此时受害人误认为钱款已到账实际上手机银行端比对银行账号错误后该笔银行转账会退...",
|
||||
"author": "玉山生活",
|
||||
"pubDate": "2019-09-15 17:21:04"
|
||||
},
|
||||
{
|
||||
"title": "【警惕】当心!手机绑定银行卡,这个安全漏洞很危险!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4ccluG6pWZhOVgrFeYQugDibtzWmjNxBtVVQdk0bYDh2I2V0fYBaY4964c3qVs00IYi0PRrVDUG0VsiyakpaPjz8b6EcO6e4sFMZtp7TY0cgI6qFbWRY287fuiHWKVHhAtJWPn9orQQizCy_pnEt8HKVEgJk6G2t6oGqCkbVU5bZOZ-9hS32ygSLff1YnhUUab7a7Ge9ltPPuAjBirQ5ibdQXc807f3X9oUuPzrt1lzx18VZkBAfRr0QNwFMBtIX0iZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1AFFE21D9AE8E1F6F68422D21F767966F4A98DC6790699E",
|
||||
"description": "手机丢失后先做6件事↓↓↓01致电运营商挂失手机号02致电银行冻结手机网银网络时代,这点特别重要!重要!重要!03手机绑定过支...",
|
||||
"author": "集宁佰事通",
|
||||
"pubDate": "2017-01-20 11:26:29"
|
||||
"title": "某银行手机APP现支付漏洞3天被盗刷40多万",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAxH-o62u-IsyVgrFeYQugDt6m0Zx5D-v1Rwjk3P2iLUhEZ-LRrvFkVfsvQ7RvizarNGtYcShVf1nwcLufi6L-Gk7jKfOPejPKPrq1E8X8xtcLtMuSAR7jeYn91RFWK5aCBjj3TewmabqUEL84ZxANtI9op8YjndHKzRF4Q4i9YVEPKrHFAjjttHYqLtFFSwSzHWEdrYZx40buATK0RtUpeKuK4Xnc6AvoJJ3-8f7g0iBwlwVQ0IawpTKu0NTfZRcaiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "银行手机APP新上线的支付功能被人发现了漏洞,3天内数十名客户的信用卡遭盗刷,共损失40余万元!银行立即停止这项支付功能,...",
|
||||
"author": "支付界",
|
||||
"pubDate": "2016-06-16 09:00:18"
|
||||
},
|
||||
{
|
||||
"title": "浅析某城商行手机银行水平授权漏洞问题",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3RBfDGcuhAcYK6EhXVOSA6VqXa8Fplpd9xDBW9Rl70OcDaZ8d2t3eWLxTzFuASo02mX09efynhG3F4_7-WUI3gC3ZjaOrWCB9EsQUbql0RvIrYgINh8Nu28IO5qsg2KkFcI5Ud9tw-aj4WuHTgESjTlTUICBxW3zzbT2DRbilp0A20hoSggt-li4bneigETdENFVo2Of620Pf3q8uRDTfkw..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B41E20C0956FC4B9492A4D1A6D81B1B94207FB267D3A551",
|
||||
"description": "也导致此城商行从2019年1月18日至今一直关闭手机银行APP软件中Ⅱ、Ⅲ类账户开户链接功能.-问题原因分析-水平越权缺陷漏洞是...",
|
||||
"author": "51Testing软件测试网",
|
||||
"pubDate": "2022-10-12 12:01:01"
|
||||
}
|
||||
],
|
||||
"银行漏洞": [
|
||||
{
|
||||
"title": "银行漏洞还是储户大意?招行贵宾客户竟然这样被“套路”",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd91QfWQpjIAJaW83layKLh1VZ9Ren9N_a_qw0eNRcz9xLKKIPvb1DpvyT056VaMCnQSlpVQgbghkvpzWuvQrsVmO-XZvYY9YqB71UTGOX4OyMhI3ouZ9zqVGLmXj10loet697BoLLlj9xPR7jm1X_nC4V3Z5aqIlHSBlSccrJYSFiFW6cwuUnkdA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"description": "正规渠道转出资金银行漏洞还是储户大意?为何李某等人的账户会在其不知情的情况下顺利被他人支取出资金?交易过程中的银行短信...",
|
||||
"author": "新浪财经",
|
||||
"pubDate": "2020-07-21 15:52:31"
|
||||
},
|
||||
{
|
||||
"title": "银行漏洞丢钱,中移动花式收费,谁来给我们一个交代?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd9AV_F105sXKjgUfWd9EmqhDVGAcOZQNrtdmc4FKRGLCWS6ht8l2LFworcfmUQz2BnDF95C3i8H5Kejta0fsV1i82R0iMHgu_JbmT0_g_Z_g_V3qvFdXJvNIRhBwsxNF5OSc5vrK2gY9-1-YbeklR9R24jz9oIVF96UWRhPGN-Og3yPfCoem7FzA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"description": "银行给出的回复也就是杂费、服务费之类的正常说法,具体是什么银行也说不出来.民警将该案件上报,总队也觉得有些蹊跷,案件升...",
|
||||
"author": "纽扣资讯网",
|
||||
"pubDate": "2018-08-21 19:29:05"
|
||||
},
|
||||
{
|
||||
"title": "银行漏洞改存单,50元变身50万,半年骗取3000万!这是什么骚操作?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd9mKT0DQUrRqb8BcrDQvD22xVFCARR8_K6I50421o4bAcZnvRX9hj5xKOp21ihQ9HwIYlgpdagvBTZEYVp7BXG5QjxFDC9Ay9DHpgaDCBRtfjFUj14VLWqrnrzNCe_28Plr-6K7gI13efqjXTDdMyazXrIMqaF5dAuwdDWgyumkZurCDCayYmfpA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd9pzKu330fp4wKNvjCnpsTYJy_MYuu2jCD8DAS_luExtAWB1N6-Cxv3qasDw3uxHi0z8MjCNPczv36si2m__UqjpsfZTQNAbaoiYscmaVEzka-Nf0uOtaXOO83W4asiYuUGAW-rQuwk6eo8gpCckTFDmjFBvf9GaZ79Fhd4sLWmCqjotuuiAmOIg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "犯罪嫌疑人马某最终如实交代了他利用银行漏洞进行贷款诈骗的行为.那么他又是如何发现银行这一漏洞的呢?据犯罪嫌疑人马某交代...",
|
||||
"author": "测试届的LV",
|
||||
"pubDate": "2019-06-10 08:18:15"
|
||||
},
|
||||
{
|
||||
"title": "华人女生发现银行漏洞刷爆2千万,挥霍后竟无罪释放",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd9OmuA8nYXLl_VjNLyXI2_kJ_ks5sdQqCBdZiXwe9F99opJkuNWqfhwLKEF2Q3LuyRSkGRXZnlfpyBB44uHSCJP3HvTsDxvmULUiGUVubsRkMkclbVYcpqh7NROuOOJ0QaNQOhn797GvoF_efrh-HMTuJjFh_UReVfiwekxAFaKU7S-e4Yz84xMA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"description": "李佳欣租住的豪华公寓据悉,李佳欣在发现银行漏洞后疯狂消费,购买各种奢侈品,包括爱马仕、迪奥、香奈儿、卡地亚等,甚至在一...",
|
||||
"author": "外交之声",
|
||||
"pubDate": "2017-12-03 23:54:42"
|
||||
},
|
||||
{
|
||||
"title": "2014年浙江大妈发现银行漏洞,一月内偷走5亿,警方:银行的责任",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd9S2Eo3tU5jDTsJukJn462S_znMvpv1N03eSCquBw8ozC8Kjf54NnFBVDNmKHvpWU6it1tMPJUFVFr6wPhORsG1k_s634cZg_uLnbgVKabqXTLbE4wqp2__wvLcYnsR06CLZyACeRIfcvYbg7zNe4M6Lq_CsIavlZKomCIJnR9itzS-e4Yz84xMA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"description": "她成功找到银行的漏洞,在一个月之内挪走了多家银行近五亿元的存款,直到一年后才东窗事发.事发后,涉事银行却推卸责任,引起...",
|
||||
"author": "知书局",
|
||||
"pubDate": "2023-02-03 18:20:39"
|
||||
},
|
||||
{
|
||||
"title": "21岁女生利用银行漏洞奢靡消费近2500万元 被无罪释放",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd9APYiJWUV4H41oWMpviG-HZ6bMVg6iRdy_BoZqPkzBppNsHIpxW_7G49KjyA544DK1KESybwIHl50tAWv7t_jRrvIAINcrVgCBdtrtaQIKeiJUZPlm81Aqp4eeoffWLdf8qpNKdHmDKUixC-Es5Bi4l63VEsuy28uLfl2uXEqlTwtPujwwRB2Pw..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"description": "据悉,李佳欣在发现银行漏洞后疯狂消费,购买各种奢侈品,包括爱马仕、迪奥、香奈儿、卡地亚等,甚至在一天之内消费了30万澳元...",
|
||||
"author": "澳网",
|
||||
"pubDate": "2017-12-04 23:18:55"
|
||||
},
|
||||
{
|
||||
"title": "让人惊悚的网络诈骗系列之“银行漏洞骗局”",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd95tXO73yUIYxpZ2N1p9_DUIKNVkmpnSvd8imVtUhsFBM6XxGXkSyVGsfCBxcCKfyVcL--c7airK9DR_ynKFfAnBmYaFvhbLNfWg8nCXKzDzWAy7mQPy7TyqemaN6lVxJf4FcA09tUflzsWhpSQ8DHs6MaSKbGNUUK5ShefSxN2yWrCDCayYmfpA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"description": "随着网络环境的日趋复杂,网络诈骗也愈演愈烈,骗子可能不用偷你的银行卡、不用拿走你的身份证,只需通过一些手段获取你的私人...",
|
||||
"author": "火绒安全",
|
||||
"pubDate": "2017-09-11 17:23:47"
|
||||
"title": "银行漏洞丢钱,中移动花式收费,谁来给我们一个交代?",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd9yCKB9iwOJDtLWv88jWC4D3LqwHy7uz5eXXAi1F7RRhfTmxUGPHxNlpTpcgRBQ6HKHK5da9FY-PQYWsW6wwagjjDjk-whi91Qgy9WtCkxb-qLhZaY-aNqNZo-A-90R7nATCrHl4ejTzTSf1l1B9mwUO_aBLTc1iOYrXXwyxVEjXMHpHkoPMgL3A..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "银行给出的回复也就是杂费、服务费之类的正常说法,具体是什么银行也说不出来.民警将该案件上报,总队也觉得有些蹊跷,案件升...",
|
||||
"author": "纽扣资讯网",
|
||||
"pubDate": "2018-08-21 19:29:05"
|
||||
},
|
||||
{
|
||||
"title": "2013年,大妈发现银行漏洞,仅1个月就偷走银行5个亿",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd9Q9y5NoSu3fPTEhbUtfboD7ffSVYQzD5XzTmaWk6LMtbVLPWKLJuIovkkYlwklEfVAhQ_pvTq3BZop9wivDl79SSTKmn6TMaFLi3h63AY09Mfo7PGnhHonJiKIwkGeuhUy45wB_CuIyhsAoANVt-rbrKh2kOI0XadFfa08WkRe1dCy6umSSPEsg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd95i37lwf53KQXhIurbqJ78EwAthuML43VGgVJaQi0-yHjXSXQt6yNSFB9IXhZ2qRlx8h84Wk9DhG-65N7kylrgZSAS8EF4JoB7gLO8CtrkqAkUh-oIJhz2JFYUslUu5suP83v9EowWRAL3jlKxMCZS-F8OToB1kbJVAxZxwFsJHdQL0Hr9Gyd3Q..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "2013年,大妈发现银行漏洞,仅1个月就偷走银行5个亿存到银行的钱,居然不翼而飞了?2013年3月,方德富在工商银行的天台支行,...",
|
||||
"author": "灵枫历史阁",
|
||||
"pubDate": "2023-06-04 17:49:26"
|
||||
},
|
||||
{
|
||||
"title": "日报:银行漏洞一张支票可兑付多次;专家提示不要指望会降息",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd98QupOUv1qsdPWAzStrsMMAWaH52qDqvIZH4DqopbwqGNQqWLhSxHaFHSOYGXhaxGX0NO4_VkU17lBMRGQKgeEp0AqydnR5eWCoSyNrBy7-Qd92t1W3nkz-RLKevg22V7OgKHARff09PiWPNGQ5Ckqx92DyWf0nhV_TGp3flSWEEtPujwwRB2Pw..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"description": "银行漏洞一张支票可兑付多次卑诗企业主以亲身经历发出警告,称该公司一名前员工多次使用手机银行兑现多张支票.Glacier Media报...",
|
||||
"author": "城市知道温哥华",
|
||||
"pubDate": "2023-10-09 06:55:35"
|
||||
"title": "华裔女留学生发现银行漏洞消费超2千万 获无罪释放",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd9Y9dzG87vgOnZ1Pc8kgUn4bOjDKoqa0WENxM-PZgqv19n30ZqfoqFybLK1SR7LYH-QCkY-6vQJJYQTF1vlweUrhn78sPKj2o_GrDfgQa25qzSTggfIFWslDhRkC_VjqvqrWlk0CAlCiFgyV5xySIl44uhYpsJDbjVNZWI5TFmlNCE8RsmObDbtQ..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "据悉,李佳欣在发现银行漏洞后疯狂消费,购买各种奢侈品,包括爱马仕、迪奥、香奈儿、卡地亚等,甚至在一天之内消费了30万澳元...",
|
||||
"author": "网易新闻客户端",
|
||||
"pubDate": "2017-12-04 19:29:22"
|
||||
},
|
||||
{
|
||||
"title": "这几种套现方式钻了银行漏洞!竟没有被封…",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0aUB9aI6uhjOqv7z--_GAlqXa8Fplpd9pHh2Wmpt9ARzRZOQ4kQsBr9f5x9ub8EW_b4f4oPihLb6_js2nXXjVYnVhhKQ1RIcJYX5xVspxXZljzj46SZxGoiBSvRN_Uuse5AlZlNMRAQaXUe7lZSpQNAWozonBknCJymElDf9IhohrWkle3_jtva3DRp0hY1_wUlrPsHMri0O8fIRwtipOg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=D1B02BDA91E6C75627200A6468CCAC3627AFA9BE679069A3",
|
||||
"description": "不过随着银行监管越来越严,很多卡友也受到了处罚,卡姐有个朋友,堪称“套现小行家”,用信用卡套现了5万元.仍然在银行保持...",
|
||||
"author": "来谈钱",
|
||||
"pubDate": "2024-03-17 18:02:42"
|
||||
"title": "银行漏洞还是储户大意?招行贵宾客户竟然这样被“套路”",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd9v5ehQ7aW1JrlZRA0hZQJXryemPyhOEIG8SsPkKVwA1sPvJD5lLpq7bzDWppkR171ixxIoa_DU8md1f4wjSote19_OcS3Nh9M6nZ0smXRixVcky8-IucQNTXYuUAh4dDsfikJaUblV14sI7zkCqc8NLDAAOczmKq7RstcmWk3oo5Cy6umSSPEsg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "正规渠道转出资金银行漏洞还是储户大意?为何李某等人的账户会在其不知情的情况下顺利被他人支取出资金?交易过程中的银行短信...",
|
||||
"author": "新浪财经",
|
||||
"pubDate": "2020-07-21 15:52:31"
|
||||
},
|
||||
{
|
||||
"title": "黑产利用光大银行漏洞,信用卡1万额度可提15万",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd9_l1Bjwrux0F8XX3ZwV0YGrjfAMzkM73UoJC81rUsfwUnC0L0pK2NGWNghIH-J-fYIncaKaBKcUsuIlpwk4-3jk4VToaA9SRp9Vr4XkwUF0LCcfIRH-kfYWOyUAhatvlV7uhKM-K6ewbGShFPW_aIOF1TAIpU4sbeTHGWMu-x92t5LU3lqtPw9g..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "5月25日,雷锋网宅客频道(微信ID:letshome)从网络安全公司紫豹科技了解到,其情报团队监控到一起银行漏洞事件.紫豹科技相关...",
|
||||
"author": "可转债摊大饼",
|
||||
"pubDate": "2018-05-26 13:15:31"
|
||||
},
|
||||
{
|
||||
"title": "卷!某银行漏洞管理平台投标限价1115万元,浪潮近半价拿下",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd9ifWXEHUoNmfSyLSSYMdnbbqUPPxfMrR_HpEuKaBJKg8PTI9uoyQdisGi3AKbA0cCDIcz0fhIwhmPAuY_jwZcpmJUVzanQWGkl-1v7fBXZvYm5oOi6PffjcUvJJu5EaHf0qt35Qbl3EiiZ3DOOBA-0d2rsxJ5Q5UX7efkrvAUqVI6Ebq8fk9diw..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "近期,农业发展银行采购漏洞管理平台,产品包括漏洞管理系统和漏洞扫描设备,投标限价1115万元,要求提供投标产品的同品牌同类...",
|
||||
"author": "安知讯",
|
||||
"pubDate": "2023-02-06 19:02:16"
|
||||
},
|
||||
{
|
||||
"title": "六安徽商银行再爆监管漏洞!违规吸收存款,罚25万元!负责人被行政处罚!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd9kcTUthZEfb8g-5IZT5zCoUSBUeJYC34rdFaDNYyJmAoXFUZ5CJ3JiX9xGPY5VnW5ScRIpQ68upf1GZG4zUK1E4hjcF9tu16epEQS3uFzQnI4_zOPR7F8DHn-d1o-hRu2S5LGk62RcNBRLRFf_9Xto_IOkkmAQabZ_B7BZGsB0cfm0CtGSSkZQQ..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "yuan元:银行漏洞百出,金融部门应该管管了.阿莫:金融行业的蛀虫,破坏金融秩序的健康发展...小龙:这样的人居然在银行担担当...",
|
||||
"author": "六地品安",
|
||||
"pubDate": "2018-10-25 14:25:30"
|
||||
},
|
||||
{
|
||||
"title": "华人女生发现银行漏洞刷爆2千万,挥霍后竟无罪释放",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd9oW-h7ODZ-2qwX0zMPf7C6RCHPwN_SVrexdeJKTUt6u70a3A4YFjhJy2-ceZ6AezyCVa99sgWUSMG1BxjJXmQTC9necAA8QWQpGliM5Vh89nlmjp6vgvDSiKLTXkY9DkrRgWkt8QJ-tB-Ir1Q1eXP1H87FuOXldJ_GV0QQxjE3Dyq3X8EKMKOIA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "李佳欣租住的豪华公寓据悉,李佳欣在发现银行漏洞后疯狂消费,购买各种奢侈品,包括爱马仕、迪奥、香奈儿、卡地亚等,甚至在一...",
|
||||
"author": "外交之声",
|
||||
"pubDate": "2017-12-03 23:54:42"
|
||||
},
|
||||
{
|
||||
"title": "有钱没命花! 3名华人钻银行“漏洞” 获利千万美元 获刑82年!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-3HBP-6BLzry8K6EhXVOSA6VqXa8Fplpd9B4aKooqWHsSX8MfFu9KbHvc4fitnLtTm8fvOyPI9IxxpfezbeTUEo-5I1gXwlj2nzTlA7YViDnsYI3MiVnSH83UGdL_9nfZ5CnPFsoQNVHHv5gJHFUCJbKrvsffl30U9SZwi1LbYQp5Kjb6rwDDLFSiA5W18-Aksmk_8Z_sDxnoSYTqT4eyLmA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=4B420630663E9422FDFACDB8C96265A4FD0E1B1467D3A556",
|
||||
"description": "银行明明有时间差漏洞为什么不修补,这其实就是最基本的银行与客户间的信任与承诺,过去的几十年里,对于绝大多数客户来说,这...",
|
||||
"author": "留学生公社",
|
||||
"pubDate": "2023-11-18 18:00:57"
|
||||
}
|
||||
],
|
||||
"支付漏洞": [
|
||||
{
|
||||
"title": "天融信:《电子支付漏洞报告》重磅发布!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0K00mTeQ6RzOqv7z--_GAlqXa8Fplpd9FUBZyclKJzppnNaqf7khdjN2uFFWHfgbNBdOgu0AN8ihhIt6jlxYIAfdwEtEIisenyuvTbHdcdeKraTPArwnRvdUl8X8l3-w9yRHMbKr4fggTEwaPw94-uJhrJA4TUne51gxQ7y3ZvPUmNwJBhhku3ozjPYjF0P0EAO3v4ygrI5f_71bqkOtiw..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-34ZVeDnWy53UK6EhXVOSA6VqXa8Fplpd9OZBwVnf0OZvVkDThqmS0KvPYf9vd0fHL-1NzwpelId6ZjzS0XkOchUXb-1nTvzwUw2lXvVOhe6UnAbSqXsVbT7SxAOPamN2pIyS9f5HmkZ2B7S2a8JMXTvBYYErM7l8LyDqQEOuupqFCNfmVif-GnjgfY1u-EGPEyR6tmRvfLGcNGbbB75bUeA..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "支付漏洞趋势3电子支付的安全风险3.1线下支付安全风险线下交易要求付款者必须持有有效支付工具,如银行卡和智能手机APP.银行...",
|
||||
"author": "天融信",
|
||||
"pubDate": "2023-07-12 18:21:06"
|
||||
},
|
||||
{
|
||||
"title": "利用支付漏洞套现1300万被判15年",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0K00mTeQ6RzOqv7z--_GAlqXa8Fplpd9xVhy9OTbkCfriOx6asm8OI0Zz7zB6S7h4PmspIX-ELXRRItnAoXMaQqiw0cp712l9OfgbQAYlqPj6PNNoiSeUdw8ieX7_wJS6B1B78__qrNurVFEwTrUqaYDkICI5tBUigDFaP2EOvnbjOzn7p7X70NYaZvt_yv0dKGuPBDSWoXI3OTRHYU2og..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"description": "利用支付漏洞,他在半年时间里收入1300万元,光用来打赏主播就花了400万元.撰文 | 张浩东出品 | 支付百科 今年8月份,一个17岁黑...",
|
||||
"author": "支付百科",
|
||||
"pubDate": "2022-01-03 13:54:08"
|
||||
},
|
||||
{
|
||||
"title": "敏付科技存“支付漏洞”被约谈整改",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0K00mTeQ6RzOqv7z--_GAlqXa8Fplpd9wTdzBee7O2k8ExqdT1_3DwxLFIkXB4nq_NSl0PP-0qdZpln2nQqS73ax1H0izCZZpiDwJy_4qu3VLt4sxF9ZkbXXuJwR9nNhFD2Na4dWNJViHoFAC3If4LRCqb7Xjl76KEa431KeeOyzy-v0h98AoGaiucgpGGmxViRxinjF30kO8fIRwtipOg..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-34ZVeDnWy53UK6EhXVOSA6VqXa8Fplpd9mXuxCPlr9wuMG1zGFKYTVdQ6NbOgjV3V00dz2oMl86RWnpNZdq7Kx7bwuNXgqln9u0SXOIrj7gbeHDszmwhzqbV1lKylQ6RfvW3H0ycB_6keGoLVmFkX_AXTykKUvEAJQK3ft1pFVY_Vg6kFWy0wgJjjAXrkYVuU453FXdGyDT9Q_LeJW-Rhtg..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "支付之家网(ZFZJ.CN) 支付之家网获悉,持牌支付机构敏付科技有限公司(简称“敏付”)因存在“支付漏洞”被北海市公安机关约...",
|
||||
"author": "支付之家网",
|
||||
"pubDate": "2022-01-24 08:00:21"
|
||||
},
|
||||
{
|
||||
"title": "银行卡免密支付漏洞这么大!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4VWBshEBEZNGVgrFeYQugDuQ4kL7uR81Sd2Pr115nJuaGM5bMh5P11s3nipXYh7GfWqnDDAJY_PIfdbK8hCMlRkr3S_2VjJLus9RPhsk5RWH7sUYR0dd2wdL7a2QZgEM0OgnsQfgmP4ojfo-M4oiDVPRlI4SIFNmId2K64e_gRujQTWJyfib4dr5Q4nGwc20xEh0WNyMn01OUafeHdhv3xxm4ND7NmPq0rxWvcsyGTHFX2cnH9ZxIeLdVgVH2XfGwiZqwg0yoRFw.&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"description": "仔细想想,我们信用卡设定的自动还款也是一样,不需要密码,钱就划走了,还有去超市被商户扫支付宝和微信支付的付款码的时候,...",
|
||||
"author": "犀牛生意经",
|
||||
"pubDate": "2016-08-29 09:23:44"
|
||||
},
|
||||
{
|
||||
"title": "就一加手机支付漏洞讨论在线支付中的安全风险",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0K00mTeQ6RzOqv7z--_GAlqXa8Fplpd9Fh3XIYrMAGv8DFrr22hvP7lXc8UxwhPrmt35a3KpBu6ny2zYHVUy0fzTmouD28uKucdB59exCwtVCeimLs4dn2JPBUmulZbNTAP4G5_gOfeROuE4dn7-AsFFDT2rm6if8GuWvgfh537hfTvtwelqT145vXTrHh_vOI2oNCrthFf1AfaFW2DefQ..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"description": "支付交易的处理是由CyberSource处理的,但是支付表单却仍然托管在OnePlus的基础设施中.如果攻击者拥有该页面的读写权限,那...",
|
||||
"author": "FreeBuf",
|
||||
"pubDate": "2018-02-12 19:17:27"
|
||||
},
|
||||
{
|
||||
"title": "渗透测试之支付逻辑漏洞",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0K00mTeQ6RzOqv7z--_GAlqXa8Fplpd9-x80KM2ExBnuTLaCGHND4pnodWQPfS713l4o4wsrc482IPoKr1Um2KX9oy-H2wZpAC0-bguM9a6wpsHEs_stwZG7Pnkd13W3NB_vEpmc18f1BCp1yUI62z4PnNuDyHfxooHtUBL1in2xBTkSI9l-62SJ8n7Ehs0wNlM8bWPSIzgtPujwwRB2Pw..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"description": "支付逻辑漏洞分类:1、支付过程中可直接修改数据包中的支付金额这种漏洞应该是支付漏洞中最常见的,主要针对支付宝等需要第三...",
|
||||
"author": "黑白之道",
|
||||
"pubDate": "2020-05-03 10:23:30"
|
||||
},
|
||||
{
|
||||
"title": "从最近的微信支付看XXE漏洞",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0K00mTeQ6RzOqv7z--_GAlqXa8Fplpd9Fh3XIYrMAGv8DFrr22hvP7lXc8UxwhPrmt35a3KpBu6ny2zYHVUy0U6-iFffsFZZKupXLyrvXSi38ERphi-I1mL123iNJTqJhWIn1jLi70QHLrc8BXKqNIrYSDC3SuFj8sJ83EgOBAXVz9hZNxHvL8kNcXA2dk33zhfqYkx7ep0HpHkoPMgL3A..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"description": "这就很能说明问题,于是老大让我对微信支付漏洞做漏洞研究并找出产品出问题的原因.所以才有了这篇文章.由于本文的初衷是为了...",
|
||||
"author": "FreeBuf",
|
||||
"pubDate": "2018-07-08 18:03:00"
|
||||
},
|
||||
{
|
||||
"title": "逻辑漏洞 |支付漏洞学习",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0K00mTeQ6RzOqv7z--_GAlqXa8Fplpd9-x80KM2ExBnuTLaCGHND4pnodWQPfS713l4o4wsrc482IPoKr1Um2AwsjcBxBqzscxW4CeKA1NI3LGa8_-pH0OWAfBUFgUROSuQME650iJ_uW5kDB55_8B3mNJDsarqE8gTj1anAtfv-e87wRb4HTx-cwBXtHh5g2MqOsPA67Z_P28temKTOwg..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"description": "验证正常则对订单进行状态处理或为用户进行网站内入账等常见支付漏洞修改支付的价格支付三步曲 —— 订购、订单、付款三个步骤...",
|
||||
"author": "黑白之道",
|
||||
"pubDate": "2020-10-31 10:33:06"
|
||||
},
|
||||
{
|
||||
"title": "手机支付漏洞已成盗刷之源!小编教你如何防范!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DEdXGAxkkb-4VWBshEBEZNGVgrFeYQugDndALL-7pI3oraek_dUHh9oi3Z6JTpwtmofwF_TsWuaziznq53yTuHU0TY6mSaDfaySSatUm8Q3moWHSxcguBZZMZVuXK0hVAcGyacQrUu5Ux6cGmLX7rcIdYhuFwg_cTwOGdVp36ey1X9nDqO-Kggd2_u5ze64Ec_9Bonpg0IFZlD7FXtCuDS0qTyAiA4AISYTHyEWhmWzDDHK2A0ycAz8fI_OPt2xV_kDfTq-aCI8LiZqwg0yoRFw.&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAwUyg1TyL97GVgrFeYQugDndALL-7pI3oraek_dUHh9oi3Z6JTpwtmofwF_TsWuaziznq53yTuHU0TY6mSaDfaySSatUm8Q3moWHSxcguBZZMZVuXK0hVAcGyacQrUu5Ux6cGmLX7rcIdYhuFwg_cTwOGdVp36ey1X9nDqO-Kggd2_u5ze64Ec_9Bonpg0IFZDFs5gtIb2zRKTVklZSD7LN6AbwUzvZio_quACiFs8NLmD_Eh-Th7MpDZ-ixMe2dgiZqwg0yoRFw.&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "手机明明揣在兜里,怎么支付宝和微信钱包里的钱就没了?你以为手机丢了只是损失一部手机吗?说不定紧跟着与手机(号)绑定的移...",
|
||||
"author": "电脑爱好者",
|
||||
"pubDate": "2016-05-20 17:30:26"
|
||||
},
|
||||
{
|
||||
"title": "微信支付惊曝安全漏洞!0元就能买买买!官方称已修复",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS5wC65iOYyCZ0K00mTeQ6RzOqv7z--_GAlqXa8Fplpd9t2415XxXWeWOd4x_q4Bx7HW4iE_621bUVqharOs6i6Vxvo1sihAVLQvK-fjfhcVB9C52dIU_AwfKxoegUlNfKGEwxEw6U7bDVmOg8XeMLrwOfCCjfurTzWwSV4omaPjIUe2-hhV84SH5dSRcxu13q0EQODWQeoUJ2zwrKahfkUF5LU3lqtPw9g..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=D1B058559BEECE5D2D2B026E7D1054A52E0E62CD679069A8",
|
||||
"description": "陌陌的微信支付漏洞利用过程vivo的微信支付漏洞利用过程值得注意的是,目前漏洞的详细信息以及攻击方式已被公开,安全人员建议...",
|
||||
"author": "中国网",
|
||||
"pubDate": "2018-07-04 17:38:58"
|
||||
"title": "从最近的微信支付看XXE漏洞",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-34ZVeDnWy53UK6EhXVOSA6VqXa8Fplpd9PohLElZHBTPQonqCfZ0TtAmg5tVFTq0IqC9Rtf6vksxuBUsHWIRChz8_pO8mtSkn9lXhXHUkYMYENsBFAw4MpbDSeZX0cZU1zR3nbXPtYia6L7-46xKO3KmNFRmSu32pWZ_YvGzlmU_R_rWuQm9uNSShFsfQZtiOAS1Eo5m1NxDdrgozfSg6bw..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "这就很能说明问题,于是老大让我对微信支付漏洞做漏洞研究并找出产品出问题的原因.所以才有了这篇文章.由于本文的初衷是为了...",
|
||||
"author": "FreeBuf",
|
||||
"pubDate": "2018-07-08 18:03:00"
|
||||
},
|
||||
{
|
||||
"title": "支付漏洞:你可能收到了假微信转账",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAwUyg1TyL97GVgrFeYQugDonBfgmHjxCOd5XAY1uNSeSCEkLPGf4cu3kGZpLvvkSCuHaUmcDkcnrwDQLZHUliJi-KdKemZNhbMwwfs2qZ-ey2WueZfM3Q2xvQYgxQa-wMRl520NthlI2CaKKPCpDZe-eWIvRYrW2ZNcTo3KmF86iEowge5WjG0YYa5AR-5kBvaRxFoZVxS3OmJechIZPIVjJajuUu5V_Us1XMZbTAxic6vsr67-iOh1v5FwtbFaAkiZqwg0yoRFw.&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "这一支付方式被别有用心的不法分子玩出了“新套路”.从事服装生意7年的晓雯,眼看“回头客”已将钱转至自己的微信上,谁知是...",
|
||||
"author": "画乡之窗",
|
||||
"pubDate": "2017-02-28 18:28:24"
|
||||
},
|
||||
{
|
||||
"title": "就一加手机支付漏洞讨论在线支付中的安全风险",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-34ZVeDnWy53UK6EhXVOSA6VqXa8Fplpd9PohLElZHBTPQonqCfZ0TtAmg5tVFTq0IqC9Rtf6vksxuBUsHWIRCh-L5VoC6JnrqApIEh_-2oIPZjtRsmX4pPhbTbM6tiyMB93hkLeBBYoEZOkmyt0NGPjZnp902yylFJvxWBnNXdCSxEFrHicHaEgf3IuPe41nQmxVL51aVjsJflztgI7RZ1g..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "支付交易的处理是由CyberSource处理的,但是支付表单却仍然托管在OnePlus的基础设施中.如果攻击者拥有该页面的读写权限,那...",
|
||||
"author": "FreeBuf",
|
||||
"pubDate": "2018-02-12 19:17:27"
|
||||
},
|
||||
{
|
||||
"title": "利用支付漏洞套现1300万被判15年",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-34ZVeDnWy53UK6EhXVOSA6VqXa8Fplpd9NFACt4r9XtAYsMhQto1wHGOTujEotFi8vSykO0Z07Xs9-tfxZkeUpTcjypPGbjy1dzndMaxfsw-B9kMCysl9Q2JC1F-c4KWIii5atqTrR2E5H27QHHkcE0EslGSb2u3Sda0wOdznXVXGERgXa2BsvbMBN1ghMG_zS-JkohXtNAgY-UZGbO56rA..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "利用支付漏洞,他在半年时间里收入1300万元,光用来打赏主播就花了400万元.撰文 | 张浩东出品 | 支付百科 今年8月份,一个17岁黑...",
|
||||
"author": "支付百科",
|
||||
"pubDate": "2022-01-03 13:54:08"
|
||||
},
|
||||
{
|
||||
"title": "支付漏洞实战",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-34ZVeDnWy53UK6EhXVOSA6VqXa8Fplpd9Mhk1GjVLnS3VHON7gk3zpZbU9KmHHCJJLg47g3ZmcNtZwp5Wq-oGePXvAK5urD-4C4yk8q__JM5Jcdj-G0RjPcE93MwAKtCMZRGrluOMy6HFTdJK5HByXKYdciKZTBSxD8fZWRsvoT7OjCsM5Jo-FiA9YWwQV24IAKCjGJg0JjHS-e4Yz84xMA..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "本文作者:Heart(Ms08067实验室 SRSP TEAM小组成员) 首先先了解支付漏洞:支付漏洞的理解通常都是篡改价格.比如,一分钱买...",
|
||||
"author": "Ms08067安全实验室",
|
||||
"pubDate": "2020-08-28 09:00:22"
|
||||
},
|
||||
{
|
||||
"title": "银行卡免密支付漏洞这么大!",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DCOjX66B0wQAwUyg1TyL97GVgrFeYQugDuQ4kL7uR81Sd2Pr115nJuaGM5bMh5P11s3nipXYh7GfWqnDDAJY_PIfdbK8hCMlRkr3S_2VjJLus9RPhsk5RWH7sUYR0dd2wdL7a2QZgEM0OgnsQfgmP4ojfo-M4oiDVPRlI4SIFNmId2K64e_gRujQTWJyfib4dr5Q4nGwc20xoJoT7dq0ZINPpTcUcFfc5Yu3qxonRRd6dOgptLPH2lD_2VmKXtAg58IEiz6Zny7IiZqwg0yoRFw.&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "仔细想想,我们信用卡设定的自动还款也是一样,不需要密码,钱就划走了,还有去超市被商户扫支付宝和微信支付的付款码的时候,...",
|
||||
"author": "犀牛生意经",
|
||||
"pubDate": "2016-08-29 09:23:44"
|
||||
},
|
||||
{
|
||||
"title": "某小程序的支付漏洞+任意地址删除",
|
||||
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS0Sn1n1P5K-34ZVeDnWy53UK6EhXVOSA6VqXa8Fplpd9AKiOW-WJ7zh0-bPf6gXkyGutYIrVVRNKhs5Zma6jodl3HgUbak8MkfEx6b8RQNbvd8Ml2TZMWJlGlNstepzq4wMfBNggnY_PHlanDvUbRD6Nm-vWZS8ZccVToRBI7HqsiJmSmiuTe5jjbPG3Qbk94xqlbuVgE15V_OmylOfgzc1hWLv6O878UA..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=4B422930C9903A8D5255631767A2805A5348862F67D3A55C",
|
||||
"description": "常见的逻辑漏洞有交易支付、密码修改、密码找回、越权修改、越权查询、突破限制等,下图是简单的逻辑漏洞总结,在挖掘的过程中...",
|
||||
"author": "狐狸说安全",
|
||||
"pubDate": "2023-09-14 14:25:44"
|
||||
}
|
||||
]
|
||||
}
|
||||
642
resources/JSON/uni_rss.json
Normal file
642
resources/JSON/uni_rss.json
Normal file
@ -0,0 +1,642 @@
|
||||
[
|
||||
{
|
||||
"title": "老显卡福音!美团开源首发INT8无损满血版DeepSeek R1",
|
||||
"link": "https://tech.meituan.com/2025/03/07/meituan-int8-deepseek-r1.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "DeepSeek R1模型权重原生为FP8类型,仅能被英伟达新型GPU支持。美团技术团队进行了INT8精度量化的尝试,量化后模型精度基本无损,可部署到A100等其他型号GPU,从而解锁了芯片限制;相比BF16实现了50%的吞吐提升,降低了推理成本。相关技术已在Hugging Face上开源。",
|
||||
"published": "2025-03-07 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "上下文感知的聚合页广告优化实践",
|
||||
"link": "https://tech.meituan.com/2025/03/02/context-enhanced-learning-for-intelligent-marketing.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "聚合页广告将商家和优惠信息以多种形式聚合展示给用户,是美团广告业务中一个重要的业务场景。本文从最能影响用户决策的“发券”和“排序”两个方向出发,介绍了上下文感知建模在广告场景的落地方案,证明了聚合页上下文感知的收益空间。希望能对从事相关研究的同学带来一些启发或帮助。",
|
||||
"published": "2025-03-02 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "行为正则化与顺序策略优化结合的离线多智能体学习算法",
|
||||
"link": "https://tech.meituan.com/2025/02/21/marl-in-meituan.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "离线多智能体强化学习(MARL)是一个新兴领域,目标是在从预先收集的数据集中学习最佳的多智能体策略。随着人工智能技术的发展,多智能体系统在诸如自动驾驶、智能家居、机器人协作以及智能调度决策等方面展现了巨大的应用潜力。但现有的离线MARL方法也面临很多挑战,仍存在不协调行为和分布外联合动作的问题。为了应对这些挑战,中山大学计算机学院、美团履约平台技术部开展了学术合作项目,并取得了一些的成果,希望分享给大家。",
|
||||
"published": "2025-02-21 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "预测技术在美团弹性伸缩场景的探索与应用",
|
||||
"link": "https://tech.meituan.com/2025/02/14/prediction-technology-in-meituan-elastic-scaling.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "在管理企业大规模服务弹性伸缩的场景下,Web应用的负载时序数据分析和预测至关重要。然而,由于应用的周期性特征和负载的复杂性,寻找一种能够适应所有应用的预测模型成为了一项挑战。美团与中国人民大学信息学院柴云鹏教授团队展开了“预测技术在弹性伸缩场景的应用”科研合作,取得了较好的成果。希望能给从事相关研究工作的同学带来一些帮助或启发。",
|
||||
"published": "2025-02-14 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "美团技术年货 | 600+页电子书,算法、工程、测试、数据、安全系列大合集",
|
||||
"link": "https://tech.meituan.com/2025/01/16/2024-spring-festival-present.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "值蛇年春节到来之际,我们精选过去一年公众号30多篇技术文章和科研论文,整理制作成一本600多页的电子书,作为一份特别的新年礼物,献给每一位热爱技术的你。愿大家乘风破浪,勇往直前!",
|
||||
"published": "2025-01-16 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "鸿蒙应用签名实操及机制探究",
|
||||
"link": "https://tech.meituan.com/2025/01/06/openharmony.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "本文对鸿蒙公开资料进行了深入分析和解读,梳理了鸿蒙单框架应用的签名机制,拆解每一步的实操过程和背后的实现原理,并对源码分析整理签名的校验机制。从中管中窥豹,探究鸿蒙系统的安全设计思路,希望能给从事鸿蒙研发的同学提供一些借鉴。",
|
||||
"published": "2025-01-06 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "2024 | 美团技术团队热门技术文章汇总",
|
||||
"link": "https://tech.meituan.com/2024/12/26/2024-happy-new-year-top10.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "本文整理了2024年美团技术团队最为热门的10篇技术文章,这些文章覆盖了基础理论、数据存储、因果推断、搜索推荐、智能测试、知识图谱、领域驱动设计等多个技术领域,期望这些精选内容能为大家带来一些启发或帮助。愿大家在新的一年里,持续深耕技术沃土,稳步前行,不断攀登新的高峰。",
|
||||
"published": "2024-12-26 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "AutoConsis:UI内容一致性智能检测",
|
||||
"link": "https://tech.meituan.com/2024/11/21/autoconsis-ui-meituan.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "美团到店研发平台质量工程部与复旦大学计算机学院周扬帆教授团队展开了大前端智能化测试领域的科研合作,从UI界面内容一致性校验入手,并实现了一套自动化智能检测流程,相关论文被软件工程领域具有国际影响力的会议ICSE 2024(CCF-A类会议)的Software In Practice Track(软件工程实践应用)收录。",
|
||||
"published": "2024-11-21 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "CIKM 2024 | 美团技术团队精选论文解读",
|
||||
"link": "https://tech.meituan.com/2024/10/31/cikm-2024-meituan.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "本文精选了美团技术团队被 CIKM 2024 收录的 8 篇论文进行解读,覆盖了自监督学习、解释生成、CTR预测、跨域推荐、向量召回、图像生成、时效预测等多个技术领域。这些论文有美团独立研究,还有跟高校、科研机构合作的成果。希望能给从事相关研究工作的同学带来一些帮助或启发。",
|
||||
"published": "2024-10-31 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "大前端:如何突破动态化容器的天花板?",
|
||||
"link": "https://tech.meituan.com/2024/10/18/recce-in-meituan.html",
|
||||
"author": "美团技术团队",
|
||||
"description": "长久以来,容器要实现动态化和双端复用,难免要牺牲掉一些性能。有没有办法让动态化容器的性能尽可能接近原生?美团金服大前端团队给出了一种解决方案,尝试突破动态化容器的天花板。",
|
||||
"published": "2024-10-18 08:00:00",
|
||||
"source": "美团技术团队"
|
||||
},
|
||||
{
|
||||
"title": "僵尸网络911 S5的数字遗产",
|
||||
"link": "https://blog.netlab.360.com/911s5/",
|
||||
"author": "lvxing",
|
||||
"description": "<h1 id=\"%E6%A6%82%E8%BF%B0\">概述</h1><p>2024年5月29日,美国司法部发布通告,声称其执法活动摧毁了"史上最大的僵尸网络" 911 S5,查封了相关域名</p>",
|
||||
"published": "Fri, 14 Jun 2024 09:20:11 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges",
|
||||
"link": "https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges/",
|
||||
"author": "Alex.Turing",
|
||||
"description": "<h1 id=\"overview\">Overview</h1>\n<p>On Oct 21, 2022, 360Netlab's honeypot system captured a suspicious ELF file <code>ee07a74d12c0bb3594965b51d0e45b6f</code>, which propagated via F5 vulnerability with zero VT detection, our system observces that it communicates with IP <code>45.9.150.144</code> using SSL with <strong>forged Kaspersky certificates</strong>, this caught our attention. After further lookup,</p>",
|
||||
"published": "Tue, 10 Jan 2023 14:00:37 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "警惕:魔改后的CIA攻击套件Hive进入黑灰产领域",
|
||||
"link": "https://blog.netlab.360.com/warning-hive-variant-xdr33-is-coming_cn/",
|
||||
"author": "Alex.Turing",
|
||||
"description": "<!--kg-card-begin: markdown--><h1 id=\"id\">概述</h1>\n<p>2022年10月21日,360Netlab的蜜罐系统捕获了一个通过F5漏洞传播,VT 0检测的可疑ELF文件<code>ee07a74d12c0bb3594965b51d0e45b6f</code>,流量监控系统提示它和</p>",
|
||||
"published": "Mon, 09 Jan 2023 03:13:20 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "快讯:使用21个漏洞传播的DDoS家族WSzero已经发展到第4个版本",
|
||||
"link": "https://blog.netlab.360.com/new-ddos-botnet-wszeor/",
|
||||
"author": "Hui Wang",
|
||||
"description": "<!--kg-card-begin: markdown--><h2 id=\"id\">概述</h2>\n<p>近期,我们的BotMon系统连续捕获到一个由Go编写的DDoS类型的僵尸网络家族,它用于DDoS攻击,使用了包括SSH/Telnet弱口</p>",
|
||||
"published": "Wed, 07 Dec 2022 12:58:21 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "P2P Botnets: Review - Status - Continuous Monitoring",
|
||||
"link": "https://blog.netlab.360.com/p2p-botnets-review-status-continuous-monitoring/",
|
||||
"author": "360Netlab",
|
||||
"description": "<h1 id=\"origins\">Origins</h1>\n<p>P2P networks are more scalable and robust than traditional C/S structures, and these advantages were recognized by the botnet authors early on and used in their botnets. In terms of time, <a href=\"https://en.wikipedia.org/wiki/Storm_botnet?ref=blog.netlab.360.com\">Storm</a>, which appeared in 2007, can be considered the progenitor of this area, when botnet threats were</p>",
|
||||
"published": "Thu, 03 Nov 2022 14:00:00 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "P2P 僵尸网络:回顾·现状·持续监测",
|
||||
"link": "https://blog.netlab.360.com/p2p-botnet-monitor/",
|
||||
"author": "360Netlab",
|
||||
"description": "<!--kg-card-begin: markdown--><h1 id=\"id\">缘起</h1>\n<p>P2P结构的网络比传统的C/S结构具有更好的可扩展性和健壮性,这些优点很早就为botnet的作者所认识到并被用到</p>",
|
||||
"published": "Wed, 02 Nov 2022 03:11:33 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "Fodcha Is Coming Back, Raising A Wave of Ransom DDoS",
|
||||
"link": "https://blog.netlab.360.com/fodcha-is-coming-back-with-rddos/",
|
||||
"author": "Alex.Turing",
|
||||
"description": "<h1 id=\"background\">Background</h1>\n<p>On April 13, 2022, 360Netlab first disclosed the <code>Fodcha</code> botnet. After our article was published, Fodcha suffered a crackdown from the relevant authorities, and its authors quickly responded by leaving <code>"Netlab pls leave me alone I surrender"</code> in an updated sample.No surprise, Fodcha's authors</p>",
|
||||
"published": "Mon, 31 Oct 2022 14:00:00 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "卷土重来的DDoS狂魔:Fodcha僵尸网络再次露出獠牙",
|
||||
"link": "https://blog.netlab.360.com/ddosmonster_the_return_of__fodcha_cn/",
|
||||
"author": "Alex.Turing",
|
||||
"description": "<h1 id=\"%E8%83%8C%E6%99%AF\">背景</h1>\n<p>2022年4月13日,360Netlab首次向社区披露了Fodcha僵尸网络,在我们的文章发表之后,Fodcha遭受到相关部门的打击,其作者</p>",
|
||||
"published": "Thu, 27 Oct 2022 02:49:26 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "PureCrypter is busy pumping out various malicious malware families",
|
||||
"link": "https://blog.netlab.360.com/purecrypter-is-busy-pumping-out-various-malicious-malware-families/",
|
||||
"author": "wanghao",
|
||||
"description": "<p>In our daily botnet analysis work, it is common to encounter various loaders.Compared to other types of malware, loaders are unique in that they are mainly used to "promote", i.e., download and run other malware on the infected machine. According to our observations, most loaders are</p>",
|
||||
"published": "Mon, 29 Aug 2022 13:00:00 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "PureCrypter Loader持续活跃,已经传播了10多个其它家族",
|
||||
"link": "https://blog.netlab.360.com/purecrypter/",
|
||||
"author": "wanghao",
|
||||
"description": "<!--kg-card-begin: markdown--><p>在我们的日常botnet分析工作中,碰到各种loader是常事。跟其它种类的malware相比,loader的特殊之处在于它主要用来“推广”,</p>",
|
||||
"published": "Mon, 29 Aug 2022 01:20:17 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information",
|
||||
"link": "https://blog.netlab.360.com/a-new-botnet-orchard-generates-dga-domains-with-bitcoin-transaction-information/",
|
||||
"author": "daji",
|
||||
"description": "<p>DGA is one of the classic techniques for botnets to hide their C2s, attacker only needs to selectively register a very small number of C2 domains, while for the defenders, it is difficult to determine in advance which domain names will be generated and registered.</p><p>360 netlab has long focused</p>",
|
||||
"published": "Fri, 05 Aug 2022 14:00:00 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "DGA家族Orchard持续变化,新版本用比特币交易信息生成DGA域名",
|
||||
"link": "https://blog.netlab.360.com/orchard-dga/",
|
||||
"author": "daji",
|
||||
"description": "<!--kg-card-begin: markdown--><p>DGA是一种经典的botnet对抗检测的技术,其原理是使用某种DGA算法,结合特定的种子和当前日期,定期生成大量的域名</p>",
|
||||
"published": "Fri, 05 Aug 2022 03:31:07 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "公有云网络安全威胁情报(202204)",
|
||||
"link": "https://blog.netlab.360.com/public-cloud-threat-intelligence-202204/",
|
||||
"author": "360Netlab",
|
||||
"description": "<!--kg-card-begin: markdown--><h2 id=\"id\">概述</h2>\n<!--kg-card-end: markdown--><blockquote>本文聚焦于云上重点资产的扫描攻击、云服务器总体攻击情况分析、热门漏洞及恶意程序的攻击威胁。</blockquote><!--kg-card-begin: markdown--><ul>\n<li><a href=\"https://netlab.360.com/zh/honeypot?ref=blog.netlab.360.com\">360高级</a></li></ul>",
|
||||
"published": "Wed, 11 May 2022 02:53:55 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "公有云网络安全威胁情报(202203)",
|
||||
"link": "https://blog.netlab.360.com/public-cloud-threat-intelligence-202203/",
|
||||
"author": "360Netlab",
|
||||
"description": "<h3 id=\"-\">概述</h3><blockquote>本文聚焦于云上重点资产的扫描攻击、云服务器总体攻击情况分析、热门漏洞及恶意程序的攻击威胁。</blockquote><ul><li><a href=\"https://netlab.360.com/zh/honeypot?ref=blog.netlab.360.com\">360高级</a></li></ul>",
|
||||
"published": "Tue, 19 Apr 2022 02:24:17 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "Fodcha, a new DDos botnet",
|
||||
"link": "https://blog.netlab.360.com/fodcha-a-new-ddos-botnet/",
|
||||
"author": "Hui Wang",
|
||||
"description": "<h2 id=\"overview\">Overview</h2><p>Recently, CNCERT and 360netlab worked together and discovered a rapidly spreading DDoS botnet on the Internet. The global infection looks fairly big as just in China there are more than 10,000 daily active bots (IPs) and alsomore than 100 DDoS victims beingtargeted on a daily basis. We named</p>",
|
||||
"published": "Wed, 13 Apr 2022 14:01:14 GMT",
|
||||
"source": "360 Netlab Blog"
|
||||
},
|
||||
{
|
||||
"title": "机器学习的逻辑回归模型",
|
||||
"link": "https://paper.seebug.org/3303/",
|
||||
"author": "",
|
||||
"description": ".katex img {\n display: block;\n position: absolute;\n width: 100%;\n height: inherit;\n }\n\n作者:0x7F@知道创宇404实验室\n日期:2025年2月28日\n1. 前言\n在「机器学习的线性回归模型」文章中,我们学习了监督学习中如何使用线性回归模型拟合连...",
|
||||
"published": "2025-03-13 15:37:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "「深蓝洞察」2024年度最憋屈的漏洞披露",
|
||||
"link": "https://paper.seebug.org/3304/",
|
||||
"author": "",
|
||||
"description": "作者:DARKNAVY\n原文链接:https://mp.weixin.qq.com/s/Y8-wT88VnLeMUiD-HssPyw\n在网络安全领域,漏洞披露一直被视为保护用户的重要环节,但在现实中,这一过程却充满了争议和矛盾。究竟什么才算得上“负责任的披露”?当厂商在信息公开和补丁发布上占据主导地位,而安全研究者则需要耗费大量精力进行沟通与博弈,这一模式是否还能真正实现保护用户安全的初衷?...",
|
||||
"published": "2025-03-12 16:28:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "「深蓝洞察」2024年度最“安全”的防线",
|
||||
"link": "https://paper.seebug.org/3302/",
|
||||
"author": "",
|
||||
"description": "作者:DARKNAVY\n原文链接:https://mp.weixin.qq.com/s/LaM5iz_EKbAK_lkaAcBshw\n在攻防对抗日益激烈的2024年,安全软件一直被视为企业安全防线的重要基石。然而,这些安全软件本身也可能存在漏洞,甚至被攻击者利用作为入侵的跳板来对用户造成危害。多年来,因为安全软件而导致的事故不禁让人产生一个疑问——安全软件真的可信吗?\n安全软件被滥用为攻击工...",
|
||||
"published": "2025-03-11 16:39:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "「深蓝洞察」2024年度最难以阻挡的攻防趋势",
|
||||
"link": "https://paper.seebug.org/3301/",
|
||||
"author": "",
|
||||
"description": "作者:DARKNAVY\n原文链接:https://mp.weixin.qq.com/s/lUA03YjBiCAatcJh-bUHEQ\n近年来,漏洞攻防不断演进。从多年前仅需一个栈溢出就能攻破系统,到如今需要运用各种精妙的手法来突破系统的层层防御。“盾”与“矛”始终处于动态对抗:每当新的防御措施出现,新的攻击手段随之而来。防御机制的升级促使攻击者寻找新的突破口,而攻击方法的创新又推动着防御技术...",
|
||||
"published": "2025-03-10 16:19:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "机器学习的线性回归模型",
|
||||
"link": "https://paper.seebug.org/3300/",
|
||||
"author": "",
|
||||
"description": ".katex img {\n display: block;\n position: absolute;\n width: 100%;\n height: inherit;\n }\n\n作者:0x7F@知道创宇404实验室\n日期:2025年2月28日 \n1. 前言\n跟随着 ChatGPT 等大语言模型掀起的人工智能的浪潮,在这个时间点学习 A...",
|
||||
"published": "2025-03-07 15:22:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "Llama 的悖论:深入探索 Llama.cpp 的堆迷宫,从堆溢出到远程代码执行",
|
||||
"link": "https://paper.seebug.org/3299/",
|
||||
"author": "",
|
||||
"description": "作者:Patrick Peng \n译者:知道创宇404实验室翻译组\n原文链接:https://retr0.blog/blog/llama-rpc-rce\n我一直对 Llama.cpp 情有独钟,它堪称我在人工智能与机器学习研究领域孜孜以求的“终极目标”。不仅如此,能在如此复杂且成熟的人工智能项目中挖掘出堆栈/堆溢出导致的远程代码执行漏洞,听起来就格外酷炫。当然,我内心深处渴望在人工智能项目中...",
|
||||
"published": "2025-03-06 14:27:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "Emoji攻击:增强针对Judge LLMs检测的越狱攻击",
|
||||
"link": "https://paper.seebug.org/3297/",
|
||||
"author": "",
|
||||
"description": "作者:Zhipeng Wei, Yuqi Liu, N. Benjamin Erichson\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/html/2411.01077v2\n摘要\n越狱(Jailbreaking)技术可以欺骗大型语言模型(LLMs),使其生成受限制的输出,从而构成严重威胁。其中一种防御方法是使用另一个 LLM 作为 Judge(裁判)来评估...",
|
||||
"published": "2025-03-04 17:37:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "模型序列化攻击",
|
||||
"link": "https://paper.seebug.org/3298/",
|
||||
"author": "",
|
||||
"description": "译者:知道创宇404实验室翻译组\n原文链接:https://github.com/protectai/modelscan/blob/main/docs/model_serialization_attacks.md\n机器学习(ML)模型是基于机器学习的应用程序的核心资产。安全地存储和检索模型对成功至关重要。根据使用的机器学习库,模型可以以多种常见格式保存。流行的选择包括:Pickle、HDF5...",
|
||||
"published": "2025-03-04 15:09:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "关于 Chat Template 注入方式的学习",
|
||||
"link": "https://paper.seebug.org/3296/",
|
||||
"author": "",
|
||||
"description": "作者: dawu@知道创宇404实验室\n日期: 2025年2月28日 \n1. 前言\n伴随着年后 DeepSeek R1 模型的火热,号称能运行 DeepSeek R1 “满血版” 的 Ktransformers 框架也受到了大量关注。在使用该框架和阅读相关源码时,我发现框架在借助聊天模版(chat template) 将用户输入转化为输入模型的 token 列表的过程中,可能会存在类似于拼...",
|
||||
"published": "2025-03-03 14:35:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "从零开始搭建:基于本地 DeepSeek 的 Web 蜜罐自动化识别",
|
||||
"link": "https://paper.seebug.org/3295/",
|
||||
"author": "",
|
||||
"description": "作者:wh0am1i@知道创宇404实验室\n日期:2025年2月28日 \n1. 前言\npocsuite3 框架可以通过 --dork 或 --dork-zoomeye 参数获取 ZoomEye 网络空间测绘平台的搜索引擎数据。但随着近几年网络空间领域的攻防对抗升级,导致网络空间中存在大量的蜜罐。为了过滤掉这些蜜罐,ZoomEye 中加入了自动标注蜜罐的识别算法, 同时 pocsuite3 ...",
|
||||
"published": "2025-02-28 14:18:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "DeepSeek 启示:深度揭秘基于 PTX 的 GPU 底层优化技术",
|
||||
"link": "https://paper.seebug.org/3294/",
|
||||
"author": "",
|
||||
"description": "作者:启明星辰ADLab\n原文链接:https://mp.weixin.qq.com/s/FVVes7UIK_OORUk3fXy9mQ\n一、概述\n近日,DeepSeek连续不断地开源了多个项目,一时间引发了关于GPU底层优化的热潮,这在如今国内算力被广泛打压的背景下,给我国在现代高性能计算(HPC)和人工智能(AI)领域带来了希望,其中尤其引人瞩目的是关于底层PTX优化技术引入,这在一定程度...",
|
||||
"published": "2025-02-27 15:24:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "银狐突袭!DeepSeek本地化部署暗藏“致命陷阱”",
|
||||
"link": "https://paper.seebug.org/3293/",
|
||||
"author": "",
|
||||
"description": "作者:启明星辰ADLab\n原文链接:https://mp.weixin.qq.com/s/VUzwaR7eti2YoNebGFz80A\n一、前言\n近期,国产大模型DeepSeek凭借其高效的推理能力、创新性的优化技术、低门槛本地化部署能力、灵活的开源商业授权等,迅速成为开源生态中的“现象级选手”。然而,技术普及的加速期往往伴随着网络安全攻防对抗的升级。当前,大量政府、企业和个人开发者在基于D...",
|
||||
"published": "2025-02-27 10:47:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "使用 DeepSeek-R1 在固件漏洞挖掘领域的新实践",
|
||||
"link": "https://paper.seebug.org/3292/",
|
||||
"author": "",
|
||||
"description": "作者:启明星辰ADLab\n原文链接:https://mp.weixin.qq.com/s/rZ4iGXs2O_xYD1yEOyu3CQ\n1. 前言\n在数字化时代,固件是硬件设备的核心软件组件,直接控制着硬件的运行状态和功能,其安全性至关重要。一旦固件存在安全漏洞,黑客即可利用来攻击设备的运行或者控制设备发起其它网络攻击,典型有Mirai病毒利用设备固件漏洞发起大规模的分布式拒绝服务。因此,挖...",
|
||||
"published": "2025-02-26 15:20:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "Fuzz 工作流解析与 AI 引入方案分享",
|
||||
"link": "https://paper.seebug.org/3291/",
|
||||
"author": "",
|
||||
"description": "作者:ghost461@知道创宇404实验室\n时间:2025年2月26日\n本文为知道创宇404实验室内部分享沙龙“404 Open Day”的议题内容,作为目前团队AI安全研究系列的一部分,分享出来与大家一同交流学习。\n1. 概述\n本文受 Google 安全博客的《Leveling Up Fuzzing: Finding more vulnerabilities with AI》启发,结合自...",
|
||||
"published": "2025-02-26 14:10:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "「深蓝洞察」2024年度最悲剧的后门",
|
||||
"link": "https://paper.seebug.org/3290/",
|
||||
"author": "",
|
||||
"description": "作者:DARKNAVY\n原文链接:https://mp.weixin.qq.com/s/BZtSTpTQbNiAY_KDhnqc8Q\n“看到了软件的源码,就意味着没有后门吗?”\n1983年的图灵奖颁奖仪式上,Ken Thompson抛出了这个问题。作为历史上唯三在40岁以下获得图灵奖的传奇之一,他在获奖演讲中向听众展示了如何通过在编译器中植入后门来骇入由无害源码编译得到的Unix系统。Ken...",
|
||||
"published": "2025-02-25 17:17:00",
|
||||
"source": "知道创宇404实验室"
|
||||
},
|
||||
{
|
||||
"title": "AI 帮你高效构建代码安全策略【大模型应用实践系列四】",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/213",
|
||||
"author": "",
|
||||
"description": "腾讯啄木鸟代码安全团队,依托混元大模型的超强代码理解和安全分析能力,在SQL注入威胁检测场景验证中,新增识别上百个漏洞检测策略,相比传统方法人效比提升3.8倍,在Github高star项目上斩获10+0day漏洞。",
|
||||
"published": "2025-01-08 10:26:57",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "AI猎手:我们用大模型挖到了0day漏洞!【大模型应用实践系列三】",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/212",
|
||||
"author": "",
|
||||
"description": "AI版“赏金猎人”登场,基于混元大模型能力打造的自动漏洞挖掘工具,7*24小时自动感知、追踪、挖橱0day。 AI猎人VS黑客的角逐战正式开始。",
|
||||
"published": "2025-01-03 10:23:17",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "AI助力!明文密码泄漏无处遁形【大模型应用实践系列二】",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/211",
|
||||
"author": "",
|
||||
"description": "本文聚焦于密钥硬编码的问题,分析了传统检测策略的缺陷,并详细介绍了大模型在该场景下的优势、检测实施方案和效果。我们将继续推出更多关于大模型在研发安全、网络安全、威胁情报等领域的应用探索与总结",
|
||||
"published": "2024-12-05 17:14:13",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "大模型应用实践(一):AI助力Code Review安全漏洞发现",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/210",
|
||||
"author": "",
|
||||
"description": "借助混元大模型,腾讯啄木鸟代码安全团队在代码评审(Code Review,下文简称CR)场景下的安全漏洞检出能力取得显著提升,日均发现和阻断300+个代码安全风险,极大提升了公司核心数据资产安全性。",
|
||||
"published": "2024-11-27 10:39:46",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "警惕Hugging Face开源组件风险被利用于大模型供应链攻击",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/209",
|
||||
"author": "",
|
||||
"description": "著名AI社区Hugging Face开源组件datasets存在不安全特性,可引发供应链后门投毒攻击风险。",
|
||||
"published": "2023-11-03 14:00:00",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "虚拟货币挖矿检测与防御",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/208",
|
||||
"author": "",
|
||||
"description": "从流量和主机层入手,分析挖矿木马的防御之策。",
|
||||
"published": "2021-11-18 18:00:58",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "安全通知|NPM官方仓库遭遇coa等恶意包投毒攻击",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/207",
|
||||
"author": "",
|
||||
"description": "腾讯洋葱入侵检测系统发现开源软件沙箱主机出现异常行为,跟进发现npm官方仓库的coa、rc被投毒攻击,已经在腾讯软件源紧急拦截相关版本。目前npm官方仓库已将相应版本的恶意包删除,但由于国内开源镜像站均同步npm官方仓库且存在缓存,所以恶意包还可能通过各个开源镜像站影响广大用户。",
|
||||
"published": "2021-11-05 21:31:07",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "云原生安全攻防|使用eBPF逃逸容器技术分析与实践",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/206",
|
||||
"author": "",
|
||||
"description": "在新版本容器运行时中适用的攻击手法,并使用新方式把“任意文件写”转化为“远程代码执行”。",
|
||||
"published": "2021-11-03 18:56:37",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "Ghostscript沙箱绕过(CVE-2021-3781)分析",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/205",
|
||||
"author": "",
|
||||
"description": "完整分析从ImageMagick到Ghostscript的攻击利用链",
|
||||
"published": "2021-10-29 18:40:35",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "实时中文语音克隆——开源项目MockingBird体验",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/204",
|
||||
"author": "",
|
||||
"description": "5秒内克隆生成任意声音?以语音克隆开源项目MockingBird为例看AI项目面临的安全风险",
|
||||
"published": "2021-10-27 22:06:51",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "关于BGP那些事儿",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/203",
|
||||
"author": "",
|
||||
"description": "这是Facebook创立以来最严重的一次网络访问事故,在这起故障中,我们又看到了BGP的身影",
|
||||
"published": "2021-10-19 18:10:52",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "红蓝对抗之隐蔽通信应用及防御",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/202",
|
||||
"author": "",
|
||||
"description": "腾讯蓝军和红军十多年案例经验、总结沉淀",
|
||||
"published": "2021-09-27 16:40:43",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "Web应用组件自动化发现的探索",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/201",
|
||||
"author": "",
|
||||
"description": "另一种方式的指纹识别",
|
||||
"published": "2021-09-17 19:30:59",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "云原生——容器和应用安全运营实践思考",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/200",
|
||||
"author": "",
|
||||
"description": "从安全攻击面出发,以防御视角分享我们在云原生安全运营上的一些实践和思考",
|
||||
"published": "2021-09-07 18:00:59",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "自动化数据分析下的威胁发现",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/199",
|
||||
"author": "",
|
||||
"description": "企业防御之安全运营数据分析",
|
||||
"published": "2021-08-16 18:41:00",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "可信安全网络 —— 安全左移之DDoS对抗",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/198",
|
||||
"author": "",
|
||||
"description": "DDoS对抗新思路",
|
||||
"published": "2021-07-28 18:13:13",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "攻防启示:Chromium组件风险剖析与收敛",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/197",
|
||||
"author": "",
|
||||
"description": "Chromium内核的安全问题,早已悄无声息地牵动着互联网生活方方面面。基于对实战经历的复盘,本文将从Chromium架构及安全机制概况入手,剖析Chromium组件在多场景下给企业带来的安全风险并一探收敛方案。",
|
||||
"published": "2021-07-15 10:30:58",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "腾讯 SOAR 的安全运营探索",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/196",
|
||||
"author": "",
|
||||
"description": "与业界先行者相比,我们数据面板、剧本等平台功能方面仍有一些差距,未来也会持续建设",
|
||||
"published": "2021-07-09 17:55:48",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "警惕!这种新型挖矿可能盯上你主机",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/195",
|
||||
"author": "",
|
||||
"description": "除了门罗币,这种不消耗CPU资源的虚拟货币可能成为黑产的新宠儿,提前预知,方能不乱阵脚。",
|
||||
"published": "2021-07-01 20:27:10",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "腾讯自研HIDS「洋葱」后台上云架构演进实践",
|
||||
"link": "https://security.tencent.com/index.php/blog/msg/194",
|
||||
"author": "",
|
||||
"description": "云计算时代,洋葱拥抱云原生方案实践,希望能为大家系统上云提供参考。",
|
||||
"published": "2021-06-17 18:16:08",
|
||||
"source": "腾讯安全响应中心"
|
||||
},
|
||||
{
|
||||
"title": "荣誉 | 美团SRC2024年终奖励荣耀揭晓",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493717&idx=1&sn=fe94bf647a29fff908cc7ed29b70554c&chksm=ec180986db6f80904efbb237256479db8ebb60e2521763cbbb272c604f641c3549211606bcc5&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "向每一位守护者致敬!",
|
||||
"published": "2025-01-17 18:01:00",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "美团SRC邀您领取新年礼盒啦!",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493717&idx=2&sn=f317d3190e4e199c933d1b29fa2f2d94&chksm=ec180986db6f809093c190d72edcad5b3b289422052597427f2eeb42ea44a93a729aff84a87c&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "获取方式见文中。",
|
||||
"published": "2025-01-17 18:01:00",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "鸿蒙应用签名实操及机制探究",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493695&idx=1&sn=89a37bdee61841877d1acf28b8a68cbf&chksm=ec1809ecdb6f80faccbf32d3be7076832bfb6b0d443881e05d93cac96cecaad3952bdf8fba50&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "本文对鸿蒙公开资料进行了深入分析和解读,梳理了鸿蒙单框架应用的签名机制,拆解每一步的实操过程和背后的实现原理,并对源码分析整理签名的校验机制。",
|
||||
"published": "2024-12-31 10:01:00",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "白帽世界大会 | 美团SRC期待与您在澳门相见",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493590&idx=1&sn=0281d8d3faa07d26a91b338102cb7c61&chksm=ec180605db6f8f138853b493e0e34cf24d9ccc265a72fc721fba5cfbd25c0854f757b3cd0e16&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "HackProve World 2025,用真正的技术,验证数字世界的安全。",
|
||||
"published": "2024-12-19 17:31:00",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "年末冲刺!2024漏洞马拉松『美团站』正式启动",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493372&idx=1&sn=f8ed6cc9dc514805d164f9d47277e8f5&chksm=ec18072fdb6f8e39c609c95ac1b0aba49aa2e9f70246d4c7af7ce82ca6d40ee9caa7fef0e362&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "活动时间:即日起至2024年12月15日。",
|
||||
"published": "2024-12-03 18:30:00",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "活动|短视频激励系统专测开启!",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493353&idx=1&sn=60d8aea7934fa17d1e2077e2b879d3ae&chksm=ec18073adb6f8e2cdb2c0881302bcad6094724119dd5f6d5e0ecccc18fc1e2323067d6d00593&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "活动时间:11月25日-11月28日",
|
||||
"published": "2024-11-25 10:00:00",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "活动|美团SRC七周年,多重惊喜派送中!",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493342&idx=1&sn=5aadfd7e004ccab04ad3286741aeca6f&chksm=ec18070ddb6f8e1b739a0a4e922e09723ce21d5d296c78c97d8c69a515bcf67f4c84e27e7972&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "活动时间:11月11日10: 00-11月18日0: 00",
|
||||
"published": "2024-11-11 10:08:00",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "活动正式开启|美团SRC邀您加入双11安全保卫战",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493302&idx=1&sn=38e8eb7b46ba68d83932055efcf06386&chksm=ec180765db6f8e73f7e8e9039563065a99de826daeafcb49ee5b0231e48816907e306d43fe1c&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "美团SRC活动时间:2024.09.19-09.30",
|
||||
"published": "2024-09-18 19:36:05",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "你的中秋福利已上线!美团SRC预祝各位中秋佳节愉快",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493276&idx=1&sn=02f5b0a74938d0be8764ba9658a0c98e&chksm=ec18074fdb6f8e593725883103e1ae90af22dda6af3e178d008da8c28713a6d0ba252605396e&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "兑换时间:9月5日18:00起。",
|
||||
"published": "2024-09-05 11:42:42",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "美团安全25届秋招启动,心动offer等你拿!",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493276&idx=2&sn=ca4080f1e1607bb22730e538f02ea6a0&chksm=ec18074fdb6f8e5920d56d573dd6c838afb76315ebd36dc1f113f5a747fdf584302ecd8faf0b&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "网申时间:即日起至2024年10月31日。",
|
||||
"published": "2024-09-05 11:42:42",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "美团安全亮相KCon 2024,分享RDI技术新视角",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493266&idx=1&sn=148ab2c53446796b415384e9fd0dbaf2&chksm=ec180741db6f8e572f536ff844ca8d39d378c9d8a24b6cdbaaad31101f21175ab9637b7f578d&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "RDI技术以其高效和隐蔽的特性,在恶意代码开发中占据了不可替代的地位,尤其是在现代C2架构中发挥着关键作用。",
|
||||
"published": "2024-09-04 10:27:03",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "美团安全25届秋招启动,心动offer等你拿!",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493248&idx=1&sn=74436f59fe2d7b203814c0aa0c91800a&chksm=ec180753db6f8e45010393fcad6b673a46c7db73b98e93dbdff667495e798104c8ec3b8345b8&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "网申时间:即日起至2024年10月31日。",
|
||||
"published": "2024-08-28 10:27:44",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "美团安全团队在第五期移动互联网APP产品安全漏洞技术沙龙中分享移动应用自动化安全实践历程",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493233&idx=1&sn=fcbc3a07cee5cf64e3c6b24925e2bd46&chksm=ec1807a2db6f8eb4f9e072ab8c517a39542fe6943b282abfc2271cd3ac558ac504c019e15748&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "",
|
||||
"published": "2024-08-20 14:21:24",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "新机会,新挑战,新可能,美团信息安全部邀你加入~",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493119&idx=1&sn=ce5d6f489f9d802e5ff5075d90c1ca17&chksm=ec18042cdb6f8d3a4e15bdc3051d92275f75a65008e0b8ce8f0a67746aa967ad5e8cdd1be831&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "欢迎向我们投递简历或推荐身边朋友投递简历!",
|
||||
"published": "2024-07-29 14:37:08",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "活动 | 开店宝专测已开启,邀你参加!",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493104&idx=1&sn=3f5514acce114a1dfeb40fbba5738023&chksm=ec180423db6f8d356d65dc19e7934dca55a1fb1c9ff7b8428f7962b13e552a13af3920ba89b0&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "活动时间:6月24日—6月30日",
|
||||
"published": "2024-06-24 10:06:08",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "美团安全团队携议题亮相CSOP大会,共探网络安全高效运营之道",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493090&idx=1&sn=8b1c7315ef4ae4b2331c0f75d181825e&chksm=ec180431db6f8d27893e8aa04f4f005c2dfa6ce34ad5d62215a6ce17fe070977e33e213ec309&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "议题聚焦于SOC平台的构建历程,从概念的萌芽到实践的落地,再到不断的优化升级各阶段进行深入探讨。",
|
||||
"published": "2024-05-17 18:54:11",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "招聘 | 美团安全实习生招聘正在进行中",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493059&idx=1&sn=362fa696530db9493fa8c165e6f64e6b&chksm=ec180410db6f8d06d8e74196d9ef89d31c92ce0964c8fddc638fe17e2642ff0b9806086b55e5&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "一起成长,一起BETTER!",
|
||||
"published": "2024-05-07 17:27:47",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "活动 | 优选专测,提供测试账号,速来!",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493041&idx=1&sn=daf61012fec9f3aa6fd227dd1f39b828&chksm=ec180462db6f8d74fdff596bd8b60fab42607b31db7c8a820b9a1007af9036c59da29cc74151&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "4月23日至4月30日0:00,邀你参与优选业务专测!",
|
||||
"published": "2024-04-23 09:56:55",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "特别漏洞奖励,祝你挖洞把把都超神~",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493024&idx=1&sn=c0b762ef29c35ece879f1fdb7560c710&chksm=ec180473db6f8d65ce15c48fdcd8ef0c2525421c8f95a70f6cb7f7d282ccc304faf03ac0c8a8&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "",
|
||||
"published": "2024-03-26 19:58:18",
|
||||
"source": "微信公众号"
|
||||
},
|
||||
{
|
||||
"title": "3倍活动?戳这里!",
|
||||
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493024&idx=2&sn=9ca5dd0591b7ffb8dd9cbd166d94826d&chksm=ec180473db6f8d65e4e4b185143fe292dc4aac665b4ae9e5607d14a79213d690aec68dce3daa&scene=58&subscene=0#rd",
|
||||
"author": "美团技术团队",
|
||||
"description": "",
|
||||
"published": "2024-03-26 19:58:18",
|
||||
"source": "微信公众号"
|
||||
}
|
||||
]
|
||||
0
resources/history/uni_passage.md
Normal file
0
resources/history/uni_passage.md
Normal file
BIN
spider/__pycache__/uni.cpython-312.pyc
Normal file
BIN
spider/__pycache__/uni.cpython-312.pyc
Normal file
Binary file not shown.
86
spider/uni.py
Normal file
86
spider/uni.py
Normal file
@ -0,0 +1,86 @@
|
||||
import feedparser
|
||||
import json
|
||||
from datetime import datetime, timezone, timedelta
|
||||
from loguru import logger
|
||||
import yaml
|
||||
|
||||
def fetch_rss_data(feed_urls, wechat_urls):
|
||||
all_entries = []
|
||||
|
||||
# 处理通用 RSS 链接
|
||||
for rss_url in feed_urls:
|
||||
source, url = rss_url.split('|')
|
||||
feed = feedparser.parse(url)
|
||||
for entry in feed.entries:
|
||||
entry_data = {
|
||||
'title': entry.get('title', ''),
|
||||
'link': entry.get('link', ''),
|
||||
'author': entry.get('author', ''),
|
||||
'description': entry.get('summary', ''),
|
||||
'published': entry.get('published', ''),
|
||||
'source': source.strip()
|
||||
}
|
||||
|
||||
# 处理 published 字段
|
||||
if entry_data['published']:
|
||||
try:
|
||||
# 尝试解析 published 字段
|
||||
dt = datetime.strptime(entry_data['published'], '%a, %d %b %Y %H:%M:%S %z')
|
||||
dt_china = dt.astimezone(timezone(timedelta(hours=8)))
|
||||
entry_data['published'] = dt_china.strftime('%Y-%m-%d %H:%M:%S')
|
||||
except ValueError:
|
||||
# 如果解析失败,直接使用 published 字段
|
||||
pass
|
||||
|
||||
all_entries.append(entry_data)
|
||||
|
||||
# 处理微信 RSS 链接
|
||||
for wx_url in wechat_urls:
|
||||
author, url = wx_url.split('|')
|
||||
feed = feedparser.parse(url)
|
||||
for entry in feed.entries:
|
||||
entry_data = {
|
||||
'title': entry.get('title', ''),
|
||||
'link': entry.get('link', ''),
|
||||
'author': author.strip(), # 使用 YAML 文件中指定的作者名
|
||||
'description': entry.get('summary', ''),
|
||||
'published': entry.get('published', ''),
|
||||
'source': '微信公众号'
|
||||
}
|
||||
|
||||
# 处理 published 字段
|
||||
if entry_data['published']:
|
||||
try:
|
||||
# 尝试解析 published 字段
|
||||
dt = datetime.strptime(entry_data['published'], '%a, %d %b %Y %H:%M:%S %z')
|
||||
dt_china = dt.astimezone(timezone(timedelta(hours=8)))
|
||||
entry_data['published'] = dt_china.strftime('%Y-%m-%d %H:%M:%S')
|
||||
except ValueError:
|
||||
# 如果解析失败,直接使用 published 字段
|
||||
pass
|
||||
|
||||
all_entries.append(entry_data)
|
||||
|
||||
return all_entries
|
||||
|
||||
def save_to_json(data, filename):
|
||||
with open(filename, 'w', encoding='utf-8') as f:
|
||||
json.dump(data, f, ensure_ascii=False, indent=4)
|
||||
logger.info(f"通用爬虫数据已保存到 {filename}")
|
||||
|
||||
def uni_spider():
|
||||
# 读取 links.yaml 文件
|
||||
with open('./config/uni_rss.yaml', 'r', encoding='utf-8') as f:
|
||||
links = yaml.safe_load(f)
|
||||
|
||||
feed_urls = links.get('link', [])
|
||||
wechat_urls = links.get('wechat', [])
|
||||
|
||||
# 获取 RSS 数据
|
||||
rss_data = fetch_rss_data(feed_urls, wechat_urls)
|
||||
|
||||
# 保存到 JSON 文件
|
||||
save_to_json(rss_data, './resources/JSON/uni_rss.json')
|
||||
|
||||
if __name__ == "__main__":
|
||||
uni_spider()
|
||||
13
test.py
Normal file
13
test.py
Normal file
@ -0,0 +1,13 @@
|
||||
import feedparser
|
||||
|
||||
feed_url = "https://security.tencent.com/index.php/feed/blog/0"
|
||||
feed = feedparser.parse(feed_url)
|
||||
|
||||
for entry in feed.entries:
|
||||
print(entry.title)
|
||||
print(entry.link)
|
||||
print(entry.id)
|
||||
print(entry.summary)
|
||||
print(entry.id)
|
||||
# 打印所有属性,找出正确的日期字段名
|
||||
# print(entry.keys())
|
||||
Loading…
Reference in New Issue
Block a user