From 574fc326cd4e10cf19a6a6fc112401426c499111 Mon Sep 17 00:00:00 2001 From: MasonLiu <2857911564@qq.com> Date: Sun, 15 Dec 2024 02:14:39 +0800 Subject: [PATCH] update --- Core.py | 40 +- test.py => Dev_test.py | 2 +- JSON/4hou.json | 28 +- JSON/anquanke.json | 240 +- JSON/doonsec.json | 2640 ++++++++--------- JSON/freebuf.json | 212 +- JSON/qianxin.json | 28 +- JSON/seebug.json | 16 +- JSON/xianzhi.json | 22 +- README.md | 14 +- FeishuSendBot.py => SendCore/FeishuSendBot.py | 0 MailSendBot.py => SendCore/MailSendBot.py | 0 QiweiSendBot.py => SendCore/QiweiSendBot.py | 0 .../FeishuSendBot.cpython-312.pyc | Bin 3084 -> 3093 bytes .../__pycache__}/QiweiSendBot.cpython-312.pyc | Bin 1806 -> 1815 bytes UpdateLOG.md | 17 + __pycache__/SendBot.cpython-312.pyc | Bin 3650 -> 0 bytes db/4hou.db | Bin 229376 -> 229376 bytes db/anquanke.db | Bin 12288 -> 12288 bytes db/doonsec.db | Bin 69632 -> 69632 bytes db/freebuf.db | Bin 20480 -> 20480 bytes db/qianxin.db | Bin 12288 -> 12288 bytes db/seebug.db | Bin 20480 -> 20480 bytes db/xianzhi.db | Bin 24576 -> 24576 bytes history/tech_passage.md | 35 + log/core.log | 26 + requirements.txt | 3 + web/app.py | 85 +- web/templates/log.html | 53 + 29 files changed, 1826 insertions(+), 1635 deletions(-) rename test.py => Dev_test.py (84%) rename FeishuSendBot.py => SendCore/FeishuSendBot.py (100%) rename MailSendBot.py => SendCore/MailSendBot.py (100%) rename QiweiSendBot.py => SendCore/QiweiSendBot.py (100%) rename {__pycache__ => SendCore/__pycache__}/FeishuSendBot.cpython-312.pyc (86%) rename {__pycache__ => SendCore/__pycache__}/QiweiSendBot.cpython-312.pyc (92%) create mode 100644 UpdateLOG.md delete mode 100644 __pycache__/SendBot.cpython-312.pyc create mode 100644 log/core.log create mode 100644 web/templates/log.html diff --git a/Core.py b/Core.py index 9b2e261..596179f 100644 --- a/Core.py +++ b/Core.py @@ -12,8 +12,8 @@ import time import yaml import requests from datetime import datetime, timedelta -from FeishuSendBot import SendToFeishu, gen_sign -from QiweiSendBot import SendToWX +from SendCore.FeishuSendBot import SendToFeishu, gen_sign +from SendCore.QiweiSendBot import SendToWX from media.common import run, seebug_main, M_4hou_main, anquanke_main, sec_wiki_main, huawei_main, doonsec_main, qianxin_main from media.freebuf import freebuf_main from media.xianzhi import xianzhi_main @@ -29,7 +29,7 @@ from loguru import logger # 清除所有已有的日志记录器配置 logger.remove() -logger.add("./log/spider.log", +logger.add("./log/core.log", format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}", rotation="100 MB", compression="zip", @@ -71,14 +71,14 @@ def check_avaliable(info, title, webhook_url, timestamp, sign): def send_job(time_1): # 爬取数据 logger.info("正在启动各爬虫并获取资源中...") - # seebug_main() - # anquanke_main() - # huawei_main() - # doonsec_main() - # qianxin_main() - # freebuf_main() - # xianzhi_main() - # M_4hou_main() + seebug_main() + anquanke_main() + huawei_main() + doonsec_main() + qianxin_main() + freebuf_main() + xianzhi_main() + M_4hou_main() # 分析各个数据源的结果 reslt_4hou = Src_4hou(time_1) @@ -121,14 +121,15 @@ signal.signal(signal.SIGTERM, signal_handler) # kill命令 def main_loop(choice): - n = 0 if choice == 1: + n = 0 while True: try: # 执行任务 - logger.info(f"第{n+1}次执行,当前时间为:{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}") + n += 1 # 每次循环递增 n + logger.info(f"第{n}次执行,当前时间为:{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}") send_job(e_hour) - time.sleep(e_hour * 60 * 60 - 5 * 60) + time.sleep(e_hour * 60 * 60 - 3 * 60) except Exception as e: logger.error(f"发生错误: {e}, 程序已暂停") @@ -136,13 +137,14 @@ def main_loop(choice): # logger.info(result) exit() elif choice == 0: + n = 0 # 设置每天的特定时间点执行job函数 logger.info(f"第{n+1}次执行准备开始。") - schedule.every().day.at("09:05").do(send_job, 12) - schedule.every().day.at("12:05").do(send_job, 3) - schedule.every().day.at("15:05").do(send_job, 3) - schedule.every().day.at("18:05").do(send_job, 3) - schedule.every().day.at("21:05").do(send_job, 3) + schedule.every().day.at("09:00").do(send_job, 12) + schedule.every().day.at("12:00").do(send_job, 3) + schedule.every().day.at("15:00").do(send_job, 3) + schedule.every().day.at("18:00").do(send_job, 3) + schedule.every().day.at("21:00").do(send_job, 3) while True: schedule.run_pending() diff --git a/test.py b/Dev_test.py similarity index 84% rename from test.py rename to Dev_test.py index eee5a6e..cdb73d4 100644 --- a/test.py +++ b/Dev_test.py @@ -1,4 +1,4 @@ -from FeishuSendBot import SendToFeishu, gen_sign +from SendCore.FeishuSendBot import SendToFeishu, gen_sign webhook_url, timestamp, sign = gen_sign() diff --git a/JSON/4hou.json b/JSON/4hou.json index 6f277d6..fbaa5ed 100644 --- a/JSON/4hou.json +++ b/JSON/4hou.json @@ -1,4 +1,18 @@ [ + { + "title": "国投智能2024年度品牌问卷调查开启,限量办案宝典、定制礼品免费送", + "link": "https://www.4hou.com/posts/YZqW", + "description": "
2024年度品牌问卷调查
2024年已接近尾声,这一年,美亚柏科正式更名为“国投智能”,实现华丽蜕变,业务版图持续扩张,行业影响力不断提升,开启了崭新的辉煌篇章。
国投智能的成长离不开广大用户的长期支持,为回馈大家的关注与厚爱,进一步了解您的真实感受,为您提供更加优质的产品与服务,岁末年终之际,特别推出2024年度品牌问卷调查活动,丰厚奖品等你来拿。
问卷时间
2024年12月3日-12月22日
参与方式
长按识别下方二维码即可填写问卷
活动奖品
奖品一
我们将从参与填写问卷的用户中,抽取部分送出《电子数据取证与网络犯罪调查》一本,限量的高品质【办案宝典】您值得拥有!
示例
奖品二
手柄紫砂杯一个,暖暖的,很贴心。
示例
奖品三
数字立方大厦积木一个,数字的奥秘与建筑的魅力等你来探索。
示例
感谢您一路同行,您的每一个宝贵建议都是我们不断前行的动力。我们将始终秉持“以客户为中心”的理念,为您提供更高效、更优质、更专业的服务。
*奖品一、奖品二与奖品三不可同时获得
*活动最终解释权归国投智能所有
", + "pubDate": "Fri, 13 Dec 2024 14:13:23 +0800", + "author": "企业资讯" + }, + { + "title": "最新网络钓鱼活动利用损坏的 Word 文档来规避检测", + "link": "https://www.4hou.com/posts/vwRL", + "description": "新出现的网络钓鱼攻击滥用 Microsoft 的 Word 文件恢复功能,将损坏的 Word 文档作为电子邮件附件发送,使它们能够绕过安全软件,但仍可由应用程序恢复。
威胁者不断寻找新方法来绕过电子邮件安全软件并将网络钓鱼电子邮件放入目标的收件箱中。恶意软件狩猎公司 Any.Run 发现了一种新的网络钓鱼活动,利用故意损坏的 Word 文档作为电子邮件中的附件。
网络钓鱼电子邮件
这些附件使用广泛的主题,几乎全部围绕员工福利和奖金。打开附件时,Word 将检测到文件已损坏,并指出它在文件中“发现不可读的内容”,询问您是否要恢复它。
通过网络钓鱼电子邮件发送的 Word 文档已损坏
这些网络钓鱼文档的损坏方式很容易恢复,并显示一个文档,告诉目标扫描二维码以检索文档。如下所示,这些文档都带有目标公司的徽标,例如下面所示的示例:
修复后的Word文档
扫描二维码会将用户带到一个冒充 Microsoft 登录名的钓鱼网站,试图窃取用户的凭据。
网络钓鱼页面窃取 Microsoft 凭据
虽然这种网络钓鱼攻击的最终目标并不新鲜,但它使用损坏的 Word 文档是一种逃避检测的新策略。尽管这些文件在操作系统中可以成功运行,但由于未能对其文件类型应用正确的程序,大多数安全解决方案仍然无法检测到它们。
它们已上传到 VirusTotal,但所有防病毒解决方案都返回“干净”或“未找到项目”,因为它们无法正确分析该文件。因此,这些附件相当成功地实现了他们的目标。
从附件来看,几乎所有附件在 VirusTotal 上的检测量都是零 [1,2,3,4],只有一些 [1] 由 2 个供应商检测到。同时,这也可能是由于文档中没有添加恶意代码,仅显示二维码所致。一般规则仍然适用于保护用户免受网络钓鱼攻击。
如果收到来自未知发件人的电子邮件,尤其是包含附件的电子邮件,应立即将其删除或在打开之前与网络管理员确认。
", + "pubDate": "Fri, 13 Dec 2024 12:00:00 +0800", + "author": "胡金鱼" + }, { "title": "Ultralytics 人工智能模型被劫持 利用加密货币挖矿程序感染数千人", "link": "https://www.4hou.com/posts/vwRM", @@ -124,19 +138,5 @@ "description": "人工智能 (AI) 技术已有数十年的历史,推动着从机器人到预测分析等方方面面的创新。两年前,伴随着 ChatGPT 的横空出世,生成式人工智能 (GenAI) 成为了 AI 发展史上的一个里程碑式转折点。ChatGPT 被设计用于以近乎人类的水平进行对话、创作和理解。得益于这一变革性功能,AI 走出技术领域,进入日常生活,以前所未有的方式推动着先进技术的广泛普及。
ChatGPT 于 2022 年底推出,在短短 5 天内迅速走红,用户数量达到了 100 万。2024 年,ChatGPT 的活跃用户数量骤增至 2 亿,成为历史上增长速度最快的应用之一。 凭借实时生成上下文相关的连贯回答的能力,ChatGPT 让 AI 成为了一个家喻户晓的名词。这两年以来,人类仿佛又迎来了一次技术革命,全球各个行业都在AI应用中看到了无限可能。
在十一月乌镇举办的2024年世界互联网大会上,人工智能成为展示重点,涵盖低空经济、智能网联汽车、人形机器人、数字文创等热点,40余个大模型及垂直模型、10余个机器人集中亮相。今年十月,我国一位儿童用户通过视频展示了两个AI就“愚公是否应该移山”这一主题展开辩论,这两个应用占线的严密逻辑以及“类人化”的表达方式在短短几天就收获了数十万观看与数万条评论。可以看出,在短短两年时间内,各个AI应用已经开始“飞入寻常百姓家”。
然而,在ChatGPT 及其他类似工具应用于各行各业、为专业人士和个人的工作和生活赋能的同时,此类工具的“两面性”也日益凸显。
ChatGPT 的崛起:助力各行各业创新
从客户服务到内容创建,AI应用已迅速成为个人和企业必不可少的生产工具。虽然想要达到人类顶级人才的水平仍有待时日,但大型语言模型 (LLM) 通常都能够根据需求提供不错的解决方案,可让专业人士专注于创造性、分析性和战略性任务。GenAI 的即时性和可扩展性促进了范式转变,即“AI 无处不在”不再只是一种趋势,而是实实在在的现实。
GenAI 工具为各行各业提供了支持,它可通过回答 StackOverflow 等平台上的技术问题,帮助快速解决问题,并加快项目进度,将为期一周的任务缩短至数小时。ChatGPT 等 GenAI 工具还通过创新性地应用语言模型来破译功能和理解复杂代码,将其功能扩展到了逆向工程。
在网络安全领域, GenAI 已经产生了深远的影响。例如,ChatGPT 能够分析庞大的数据集,以检测异常和模式,从而帮助用户发现以前可能无法察觉的威胁。这种增强的可视性是一项颠覆性特性,有助于高效打击日益复杂的网络攻击。
从积极的方面看,GenAI 已成为加强安全运维不可或缺的工具:
1. 加速工作流程:网络安全专业人员现在使用 ChatGPT 等 GenAI 工具快速排除故障、破解复杂问题并从海量数据集中提取实用洞察——这些任务以前都需要数周或数天的时间才能完成。
2. 威胁检测:GenAI 能够快速、深入地分析海量数据,从而帮助机构检测到可能被忽视的威胁。
3. 事件响应:GenAI 正被探索用于总结攻击模式、缩短响应时间并加强防御能力。
然而,GenAI 的兴起也带来了重大风险。若无适当的安全防护措施,输入到 ChatGPT 等工具中的敏感数据可能会在不经意间被泄漏。一次数据处理不当就可能带来毁灭性后果,如果这些数据被用于未来网络攻击的话。
从某些方面来看,这项变革性技术为网络犯罪分子肆无忌惮的滥用提供了可乘之机:
· 恶意代码开发:ChatGPT 和类似工具甚至支持新手攻击者创建和调试恶意软件,这大大降低了网络犯罪发起攻击的门槛。
· 复杂的网络钓鱼电子邮件:黑客可利用 GenAI 制作出更具迷惑性的逼真电子邮件。与传统的网络钓鱼电子邮件相比,这些电子邮件更有可能骗到收件人,因为前者措辞不够严谨并缺乏对相关情况的了解,所以可能会被明眼人识破。
· 深度伪造:GenAI 生成的视频和音频片段往往难辨真伪,主要用于欺诈、造谣和勒索,致使社交工程威胁升级。
这些滥用案例凸显了一个残酷的现实:正如 GenAI 可以让防御者如虎添翼一样,它也可能为虎作伥,成为攻击者的帮凶。
保障 GenAI 领域的安全
随着 GenAI 的快速普及,用户需要采取主动式安全防护来缓解风险。Check Point 建议采取以下措施:
1. 开展员工培训:让员工了解 GenAI 特定的威胁和风险,例如逼真的网络钓鱼电子邮件、深度伪造和幻觉,以便他们能够发现和报告潜在事件。
2. 实施数据保护:采用可靠工具防止在不经意间与 AI 平台共享敏感数据,从而降低数据泄漏或滥用风险。
3. 监控和规范 AI 使用:制定明确的政策,确保在机构内以合乎道德的方式安全使用 GenAI,让使用者和开发人员承担起相应的责任。
4. 实施自动化数据控制:部署自动化解决方案来监控和限制与第三方 AI 系统的数据共享,确保敏感信息始终安全无虞。
5. 采用基于 AI 的防御:利用 AI 工具有效防范攻击,增强威胁检测和响应能力。
未来愿景:负责任地使用 AI,维护网络安全
毫无疑问,ChatGPT 等 GenAI 将在塑造网络安全格局方面发挥日益重要的作用。我们所面临的挑战在于如何正确发挥其潜力,同时最大限度地降低滥用风险。
使用 GenAI 的好处显而易见:用户可以使用其算法高效使用之前很难处理的海量数据。然而,GenAI 并不是人类的自动化替身,也不仅仅是一套先进的算法。虽然 GenAI 潜力巨大,但其风险也不容小觑。
为了确保 GenAI 正面助力网络安全,各机构必须对其使用承担起责任。无论是通过监管敏感应用、培养 AI 文化素养,还是部署高级监控工具,业界都必须与这项技术同步发展。通过保持警惕性和前瞻性,我们可确保 ChatGPT 等工具不断推动创新,同时防止其被滥用。
威胁者越来越多地使用可扩展矢量图形 (SVG) 附件来显示网络钓鱼形式或部署恶意软件,同时逃避检测。网络上的大多数图像都是 JPG 或 PNG 文件,它们由称为像素的小方块网格组成。每个像素都有特定的颜色值,这些像素一起形成整个图像。 SVG(即可缩放矢量图形)以不同的方式显示图像,因为图像不是使用像素,而是通过代码中文本数学公式中描述的线条、形状和文本创建。
例如,以下文本将创建一个矩形、一个圆形、一个链接和一些文本:
\n \n \n \n Hello, SVG!
在浏览器中打开时,该文件将生成上述文本描述的图形。
生成的 SVG 图像
由于这些是矢量图像,它们会自动调整大小,而不会损失图像质量或形状,这使得它们非常适合在可能具有不同分辨率的浏览器应用程序中使用。
使用 SVG 附件逃避检测
在网络钓鱼活动中使用 SVG 附件并不是什么新鲜事,然而,根据安全研究人员发现,威胁者正在网络钓鱼活动中越来越多地使用 SVG 文件。
SVG 附件的多功能性,使得它们不仅可以显示图形,还可以使用。这使得威胁者可以创建 SVG 附件,这些附件可以创建网络钓鱼表单来窃取凭据。如下所示,最近的 SVG 附件 [VirusTotal] 显示了一个带有内置登录表单的虚假 Excel 电子表格,提交后会将数据发送给受害者。
显示网络钓鱼表单的 SVG 附件
最近活动 [VirusTotal] 中使用的其他 SVG 附件会伪装成官方文档或要求提供更多信息,提示您单击下载按钮,然后从远程站点下载恶意软件。
用于分发恶意软件的 SVG 附件
其他活动利用 SVG 附件和嵌入式 JavaScript 在打开图像时,自动将浏览器重定向到托管网络钓鱼表单的网站。问题在于,由于这些文件大多只是图像的文本表示,因此安全软件往往不会检测到它们。
从上传到VirusTotal的样本来看,最多只有一两次被安全软件检测到。尽管如此,接收 SVG 附件对于合法电子邮件来说并不常见,人们应保持怀疑态度。
除非您是开发人员并希望收到这些类型的附件,否则安全研究人员会建议删除包含它们的任何电子邮件会更安全。
", - "pubDate": "Thu, 05 Dec 2024 12:00:00 +0800", - "author": "胡金鱼" - }, - { - "title": "新型漏洞攻击利用服务器进行恶意更新", - "link": "https://www.4hou.com/posts/8gW2", - "description": "一组被称为“NachoVPN”的漏洞允许流氓 VPN 服务器在未修补的 Palo Alto 和 SonicWall SSL-VPN 客户端连接到它们时安装恶意更新。
安全研究人员发现,威胁者可以利用社交工程或网络钓鱼攻击中的恶意网站或文档,诱骗潜在目标将其 SonicWall NetExtender 和 Palo Alto Networks GlobalProtect VPN 客户端连接到攻击者控制的 VPN 服务器。
威胁者可以使用恶意 VPN 端点窃取受害者的登录凭据、以提升的权限执行任意代码、通过更新安装恶意软件,以及通过安装恶意根证书发起代码签名伪造或中间人攻击。
SonicWall 在 7 月份发布了补丁来解决 CVE-2024-29014 NetExtender 漏洞,距 5 月份初次报告两个月后,Palo Alto Networks 本周发布了针对 CVE-2024-5921 GlobalProtect 漏洞的安全更新。
虽然 SonicWall 表示客户必须安装 NetExtender Windows 10.2.341 或更高版本来修补安全漏洞,但 Palo Alto Networks 表示,除了安装 GlobalProtect 6.2.6 或更高版本之外,在 FIPS-CC 模式下运行 VPN 客户端还可以减轻潜在的攻击(其中修复了该漏洞)。
上周,AmberWolf 披露了有关这两个漏洞的更多详细信息,并发布了一个名为 NachoVPN 的开源工具,该工具模拟可以利用这些漏洞的流氓 VPN 服务器。
经证实,该工具与平台无关,能够识别不同的 VPN 客户端,并根据连接到它的特定客户端调整其响应。它也是可扩展的,建议在发现新漏洞时添加它们。
AmberWolf 还在该工具的 GitHub 页面上表示,它目前支持各种流行的企业 VPN 产品,例如 Cisco AnyConnect、SonicWall NetExtender、Palo Alto GlobalProtect 和 Ivanti Connect Secure。
", - "pubDate": "Wed, 04 Dec 2024 12:00:00 +0800", - "author": "胡金鱼" } ] \ No newline at end of file diff --git a/JSON/anquanke.json b/JSON/anquanke.json index b9f72a1..7e3efb6 100644 --- a/JSON/anquanke.json +++ b/JSON/anquanke.json @@ -1,4 +1,124 @@ [ + { + "guid": "https://www.anquanke.com/post/id/302706", + "title": "SAP 修复了 NetWeaver 的 Adobe Document Services 中的关键 SSRF 缺陷", + "author": " 安全客", + "description": null, + "source": "securityaffairs", + "pubDate": "2024-12-13 10:16:47" + }, + { + "guid": "https://www.anquanke.com/post/id/302691", + "title": "新恶意软件技术可利用 Windows UI 框架规避 EDR 工具", + "author": " 安全客", + "description": null, + "source": "TheHackersNews", + "pubDate": "2024-12-13 10:15:35" + }, + { + "guid": "https://www.anquanke.com/post/id/302703", + "title": "AuthQuake 缺陷允许跨 Azure、Office 365 帐户绕过 MFA", + "author": " 安全客", + "description": null, + "source": "hackread", + "pubDate": "2024-12-13 10:15:11" + }, + { + "guid": "https://www.anquanke.com/post/id/302697", + "title": "欧洲刑警组织拆除了15个国家的27个DDOS攻击平台;管理员被捕", + "author": " 安全客", + "description": null, + "source": "TheHackersNews", + "pubDate": "2024-12-13 10:13:59" + }, + { + "guid": "https://www.anquanke.com/post/id/302713", + "title": "助力人才强国战略,360以实战人才为核心打造产教融合新业态", + "author": " 安全客", + "description": null, + "source": "微信", + "pubDate": "2024-12-13 10:13:44" + }, + { + "guid": "https://www.anquanke.com/post/id/302717", + "title": "实战分享:构建高效平台型C2的经验总结", + "author": " 360安全应急响应中心", + "description": null, + "source": null, + "pubDate": "2024-12-13 09:49:41" + }, + { + "guid": "https://www.anquanke.com/post/id/302710", + "title": "Dell 敦促立即更新以修复 Critical Power Manager 漏洞", + "author": " 安全客", + "description": null, + "source": "hackread", + "pubDate": "2024-12-12 16:59:00" + }, + { + "guid": "https://www.anquanke.com/post/id/302700", + "title": "Krispy Kreme 网络攻击扰乱了美国的在线订购", + "author": " 安全客", + "description": null, + "source": "hackread", + "pubDate": "2024-12-12 15:52:15" + }, + { + "guid": "https://www.anquanke.com/post/id/302694", + "title": "Ivanti 修复了其 CSA 解决方案中的一个最高严重性漏洞", + "author": " 安全客", + "description": null, + "source": "securityaffairs", + "pubDate": "2024-12-12 15:36:03" + }, + { + "guid": "https://www.anquanke.com/post/id/302688", + "title": "整合Apple Intelligence后,ChatGPT陷入困境", + "author": " 安全客", + "description": null, + "source": "Decrypt", + "pubDate": "2024-12-12 15:14:52" + }, + { + "guid": "https://www.anquanke.com/post/id/302685", + "title": "WordPress Plugin Automations SQL注入漏洞", + "author": " 安全客", + "description": null, + "source": "CN-SEC", + "pubDate": "2024-12-12 15:07:56" + }, + { + "guid": "https://www.anquanke.com/post/id/302675", + "title": "木马“卷王”再度升级传播手段,360全方位遏制银狐变种", + "author": " 安全客", + "description": null, + "source": "微信", + "pubDate": "2024-12-12 14:40:28" + }, + { + "guid": "https://www.anquanke.com/post/id/302672", + "title": "目标 Android 用户:伪装成流行应用程序的 AppLite 木马", + "author": " 安全客", + "description": null, + "source": "securityonline", + "pubDate": "2024-12-12 14:30:50" + }, + { + "guid": "https://www.anquanke.com/post/id/302669", + "title": "CVE-2024-53247:Splunk 安全网关应用程序漏洞允许远程执行代码", + "author": " 安全客", + "description": null, + "source": "securityonline", + "pubDate": "2024-12-12 14:23:31" + }, + { + "guid": "https://www.anquanke.com/post/id/302666", + "title": "CVE-2024-53677 (CVSS 9.5): Apache Struts 中的严重漏洞允许远程执行代码", + "author": " 安全客", + "description": null, + "source": "securityonline", + "pubDate": "2024-12-12 14:17:02" + }, { "guid": "https://www.anquanke.com/post/id/302661", "title": "ChatGPT 和 Sora 下线:OpenAI 在全球中断中争先恐后地恢复服务", @@ -38,125 +158,5 @@ "description": null, "source": "securityonline", "pubDate": "2024-12-12 11:28:04" - }, - { - "guid": "https://www.anquanke.com/post/id/302654", - "title": "恶意 npm 软件包模仿 ESLint 插件,窃取敏感数据", - "author": " 安全客", - "description": null, - "source": "securityonline", - "pubDate": "2024-12-12 11:20:48" - }, - { - "guid": "https://www.anquanke.com/post/id/302651", - "title": "Zloader 木马利用新颖的 DNS 隧道协议增强规避能力", - "author": " 安全客", - "description": null, - "source": "securityonline", - "pubDate": "2024-12-12 11:07:59" - }, - { - "guid": "https://www.anquanke.com/post/id/302648", - "title": "BadRAM 漏洞 (CVE-2024-21944): 研究人员发现 AMD SEV 中的安全漏洞", - "author": " 安全客", - "description": null, - "source": "securityonline", - "pubDate": "2024-12-12 11:01:36" - }, - { - "guid": "https://www.anquanke.com/post/id/302646", - "title": "美国证券交易委员会推进纽约证券交易所提交的文件,以上市Bitwise比特币和以太坊ETF", - "author": " 安全客", - "description": null, - "source": "Cointelegraph.com News", - "pubDate": "2024-12-12 10:52:47" - }, - { - "guid": "https://www.anquanke.com/post/id/301903", - "title": "与业界共鸣!赛宁网安引领“实用型靶场”建设,呼吁用户导向", - "author": " XCTF联赛小秘", - "description": null, - "source": null, - "pubDate": "2024-12-11 17:30:19" - }, - { - "guid": "https://www.anquanke.com/post/id/302630", - "title": "银狐团伙再出新招——Web漏洞成切入点", - "author": " 安全KER小助手", - "description": null, - "source": null, - "pubDate": "2024-12-11 16:58:12" - }, - { - "guid": "https://www.anquanke.com/post/id/302623", - "title": "唯一入选两大应用场景案例! 360打造城市安全运营的“天津模式”", - "author": " 安全客", - "description": null, - "source": "微信", - "pubDate": "2024-12-11 15:17:16" - }, - { - "guid": "https://www.anquanke.com/post/id/302620", - "title": "CVE-2024-11639 (CVSS 10) – Ivanti Cloud Services 应用程序中存在严重缺陷:建议立即修补", - "author": " 安全客", - "description": null, - "source": "securityonline", - "pubDate": "2024-12-11 15:06:37" - }, - { - "guid": "https://www.anquanke.com/post/id/302617", - "title": "美国 CISA 将 Microsoft Windows CLFS 驱动程序缺陷添加到其已知利用漏洞目录中", - "author": " 安全客", - "description": null, - "source": "securityaffairs", - "pubDate": "2024-12-11 14:45:16" - }, - { - "guid": "https://www.anquanke.com/post/id/302614", - "title": "谷歌浏览器修补高严重性漏洞 - CVE-2024-12381 和 CVE-2024-12382", - "author": " 安全客", - "description": null, - "source": "securityonline", - "pubDate": "2024-12-11 14:38:33" - }, - { - "guid": "https://www.anquanke.com/post/id/302611", - "title": "攻击者主动利用 Cleo 文件传输软件(CVE-2024-50623)中的漏洞", - "author": " 安全客", - "description": null, - "source": "helpnetsecurity", - "pubDate": "2024-12-11 14:30:30" - }, - { - "guid": "https://www.anquanke.com/post/id/302608", - "title": "微软在 “12 月补丁星期二 ”中解决了 CVE-2024-49138 严重零日漏洞和 72 个其他漏洞", - "author": " 安全客", - "description": null, - "source": "securityonline", - "pubDate": "2024-12-11 11:34:18" - }, - { - "guid": "https://www.anquanke.com/post/id/302605", - "title": "施耐德电气警告 Modicon 控制器存在严重漏洞 - CVE-2024-11737 (CVSS 9.8)", - "author": " 安全客", - "description": null, - "source": "securityonline", - "pubDate": "2024-12-11 11:26:19" - }, - { - "guid": "https://www.anquanke.com/post/id/302602", - "title": "Apache Superset 在最新版本中修补多个安全漏洞", - "author": " 安全客", - "description": null, - "source": "securityonline", - "pubDate": "2024-12-11 11:22:12" - }, - { - "guid": "https://www.anquanke.com/post/id/302599", - "title": "CVE-2024-52335 (CVSS 9.8):Siemens Healthineers 解决了医学成像软件中的关键缺陷", - "author": " 安全客", - "description": null, - "source": "securityonline", - "pubDate": "2024-12-11 11:15:00" } ] \ No newline at end of file diff --git a/JSON/doonsec.json b/JSON/doonsec.json index 34599b8..4f4565a 100644 --- a/JSON/doonsec.json +++ b/JSON/doonsec.json @@ -1,4 +1,1140 @@ [ + { + "title": "cve-2024-26229 漏洞分析", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486275&idx=1&sn=18c0bd580c1f76ce1aface83320fe3c2", + "description": null, + "author": "TtTeam", + "category": "TtTeam", + "pubDate": "2024-12-15T00:00:59" + }, + { + "title": "免杀基础-线程劫持", + "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517664&idx=1&sn=88bf2b3381e0af1feb048e2134d3da6d", + "description": null, + "author": "船山信安", + "category": "船山信安", + "pubDate": "2024-12-15T00:00:35" + }, + { + "title": "VUE|如何不使用Fuzz得到网站所有参数与接口?", + "link": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496602&idx=1&sn=b23208b7113632dbea687ab88a6e3ef9", + "description": null, + "author": "迪哥讲事", + "category": "迪哥讲事", + "pubDate": "2024-12-14T23:34:36" + }, + { + "title": "QR 码可绕过浏览器隔离,实现恶意 C2 通信", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247491770&idx=1&sn=ea35f88e6aa19b5b5f897c215e87a6e8", + "description": null, + "author": "犀牛安全", + "category": "犀牛安全", + "pubDate": "2024-12-14T23:30:18" + }, + { + "title": "LDAP 攻防查询操作指南", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485745&idx=1&sn=e31a21eb50a321b7644c58dd97cdea6e", + "description": null, + "author": "securitainment", + "category": "securitainment", + "pubDate": "2024-12-14T21:39:20" + }, + { + "title": "绕过EDR系统检测的新型攻击技术", + "link": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492466&idx=1&sn=089ab82b59e99f6ae79b71b103514b23", + "description": "近日,一起大规模的数据泄露事件震动了网络安全界。名为“HikkI-Chan”的黑客在臭名昭著的Breach Forums上泄露了超过3.9亿VK用户的个人信息。", + "author": "白泽安全实验室", + "category": "白泽安全实验室", + "pubDate": "2024-12-14T20:25:26" + }, + { + "title": "【安全圈】最新网络钓鱼活动利用损坏的 Word 文档来规避检测", + "link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066606&idx=3&sn=d6db5800165d61a841b21b917d975bde", + "description": null, + "author": "安全圈", + "category": "安全圈", + "pubDate": "2024-12-14T19:00:24" + }, + { + "title": "Frida 逆向一个 APP", + "link": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458586874&idx=1&sn=3bdc2f37290cd64b6fe65a45db267db7", + "description": "看雪论坛作者ID:mb_vcrwlkem", + "author": "看雪学苑", + "category": "看雪学苑", + "pubDate": "2024-12-14T18:00:10" + }, + { + "title": "从目录浏览分析幽盾攻击组织", + "link": "https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247488850&idx=1&sn=01d5793dd2794a1e702dd4d2608fadde", + "description": "迷子でもいい、迷子でも進め!!!!!", + "author": "Desync InfoSec", + "category": "Desync InfoSec", + "pubDate": "2024-12-14T16:45:48" + }, + { + "title": "新型 OT/IoT 网络武器:IOCONTROL", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525951&idx=2&sn=db9e840a8fa035ead438827315449dc2", + "description": "Team82 获得了一种定制的 IoT/OT 恶意软件 IOCONTROL 样本,该恶意软件被与伊朗有关的攻击者用来攻击以色列和美国的 OT/IoT 设备。", + "author": "Ots安全", + "category": "Ots安全", + "pubDate": "2024-12-14T14:43:32" + }, + { + "title": "Zabbix 存在SQL注入漏洞 (CVE-2024-42327)", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488091&idx=1&sn=e6260f524d404ed289aa878c061f01f4", + "description": "Zabbix 上具有默认 User 角色或具有任何其他授予 API 访问权限的角色的非 admin 用户帐户可以利用此漏洞。SQLi 存在于 addRelatedObjects 函数的 CUser 类中", + "author": "星悦安全", + "category": "星悦安全", + "pubDate": "2024-12-14T12:20:46" + }, + { + "title": "价值1.4 W人民币漏洞!骚!缓存配置错误造成鉴权绕过", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506296&idx=1&sn=d78be69680656e7f679dc04367806179", + "description": "这篇文章讲述了我最喜欢的一个漏洞发现,因为它是一个非常出乎意料的问题。", + "author": "一个不正经的黑客", + "category": "一个不正经的黑客", + "pubDate": "2024-12-14T12:05:47" + }, + { + "title": "OpenWrt 严重漏洞致设备遭受恶意固件注入", + "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247493068&idx=5&sn=6cbbaac9e6c56d21ac09c0bb63b45aea", + "description": null, + "author": "独眼情报", + "category": "独眼情报", + "pubDate": "2024-12-14T11:39:43" + }, + { + "title": "AI安全漏洞之VLLM反序列化漏洞分析与保姆级复现(附批量利用)", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484369&idx=1&sn=6bf8e1fb3de630777ecce9568e186adf", + "description": "AI安全漏洞之VLLM反序列化漏洞分析与保姆级复现(附批量利用)", + "author": "Ting的安全笔记", + "category": "Ting的安全笔记", + "pubDate": "2024-12-14T10:20:42" + }, + { + "title": "Go — :恶意软件开发 (第六部分)", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503856&idx=1&sn=b8e02fd58d4f83ba069a47f2c9eb8266", + "description": "欢迎回来!在我们旅程的前几部分,我们使用 TCP 服务器和客户端建立了坚实的基础,实现了无缝的远程命令执行", + "author": "安全狗的自我修养", + "category": "安全狗的自我修养", + "pubDate": "2024-12-14T08:35:04" + }, + { + "title": "使用 Sqlmap 和 Burp Suite(Burp CO2 插件)进行 Sql 注入攻击", + "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485986&idx=1&sn=e2508059f48ec83f001e1884c49f9ee0", + "description": "Burp CO2 是流行的 Web 代理/Web 应用程序测试工具 Burp Suite 的扩展,可在 Portswigger 上获取", + "author": "三沐数安", + "category": "三沐数安", + "pubDate": "2024-12-14T08:30:11" + }, + { + "title": "PHP 常见漏洞威胁函数 | 全面总结", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247485822&idx=1&sn=7121f15cad1c3aaf8a54ff5735789067", + "description": null, + "author": "安全君呀", + "category": "安全君呀", + "pubDate": "2024-12-14T08:10:44" + }, + { + "title": "漏洞预警 | I Doc View SSRF漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491726&idx=1&sn=3cc974eaf3fee6d1baa7741b52b96b0b", + "description": "I Doc View在线文档预览的/view/url接口存在SSRF漏洞,未授权的攻击者可使用file协议读取系统敏感文件。", + "author": "浅安安全", + "category": "浅安安全", + "pubDate": "2024-12-14T08:00:16" + }, + { + "title": "漏洞预警 | 顺景ERP管理系统任意文件下载漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491726&idx=2&sn=e1d9019f697e2b42d4d8fee135c26031", + "description": "顺景ERP管理系统的/api/TMScmQuote/GetFile接口存在任意文件下载漏洞,未经身份验证的攻击者可以通过该漏洞下载服务器任意文件,从而获取大量敏感信息。", + "author": "浅安安全", + "category": "浅安安全", + "pubDate": "2024-12-14T08:00:16" + }, + { + "title": "漏洞预警 | YourPHPCMS SQL注入漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491726&idx=3&sn=295c736ddffb607c469f96a60e45993d", + "description": "YourphpCMS存在SQL注入漏洞,未经身份验证的攻击者可以通过该漏洞获取数据库敏感信息。", + "author": "浅安安全", + "category": "浅安安全", + "pubDate": "2024-12-14T08:00:16" + }, + { + "title": "WebSockets XSS |burpsuite翻译", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487045&idx=1&sn=638bcc244e652b91f87f92ea38b1bf31", + "description": null, + "author": "进击的HACK", + "category": "进击的HACK", + "pubDate": "2024-12-14T07:55:55" + }, + { + "title": "JWT攻防指南一篇通", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493905&idx=2&sn=32dabb1937bb95a440a7e79d05519a44", + "description": null, + "author": "七芒星实验室", + "category": "七芒星实验室", + "pubDate": "2024-12-14T07:05:17" + }, + { + "title": "OpenWrt LuCi 任意文件读取", + "link": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247496122&idx=2&sn=817a93013142cf529d0727c9402e0c80", + "description": null, + "author": "Khan安全攻防实验室", + "category": "Khan安全攻防实验室", + "pubDate": "2024-12-14T00:01:29" + }, + { + "title": "免杀基础-shellcode开发", + "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517663&idx=1&sn=b2f84fc57658dadea5f9872ab1bb4c70", + "description": null, + "author": "船山信安", + "category": "船山信安", + "pubDate": "2024-12-14T00:01:15" + }, + { + "title": "一款后渗透免杀工具,助力每一位像我这样的脚本小子快速实现免杀,支持bypass 360 火绒 Windows Defender", + "link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492959&idx=1&sn=bfaedc1fde06af5264a7be8d453a2158", + "description": null, + "author": "夜组安全", + "category": "夜组安全", + "pubDate": "2024-12-14T00:01:13" + }, + { + "title": "Microsoft Teams 被利用传播 DarkGate 恶意软件", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505171&idx=2&sn=7d08ade7b7aa05f6bcf3148e7a7dedc9", + "description": null, + "author": "网络研究观", + "category": "网络研究观", + "pubDate": "2024-12-13T23:56:58" + }, + { + "title": "【漏洞预警】Cleo远程代码执行漏洞CVE-2024-50623", + "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489308&idx=1&sn=5c47de34e923278823c34ea94e60cbb6", + "description": null, + "author": "飓风网络安全", + "category": "飓风网络安全", + "pubDate": "2024-12-13T21:58:33" + }, + { + "title": "烽火狼烟丨暗网数据及攻击威胁情报分析周报(12/09-12/13)", + "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484480&idx=1&sn=1c697c3d39f222244bc4a5d6e314e2b9", + "description": "盛邦安全威胁情报周报", + "author": "盛邦安全应急响应中心", + "category": "盛邦安全应急响应中心", + "pubDate": "2024-12-13T19:55:52" + }, + { + "title": "Unix通用打印系统cups-browsed远程代码执行漏洞分析", + "link": "https://mp.weixin.qq.com/s?__biz=MzAwNTI1NDI3MQ==&mid=2649619760&idx=1&sn=941fa5fb1aeba9276998379a942c2a88", + "description": "安全研究员Simone Margaritelli披露了Unix通用打印系统CUPS存在一系列安全漏洞,利用多个漏洞组合可在受影响的系统上执行远程命令。启明星辰ADLab研究人员对该漏洞的原理进行深入分析,同时提出修复建议和缓解措施。", + "author": "ADLab", + "category": "ADLab", + "pubDate": "2024-12-13T19:18:17" + }, + { + "title": "【安全圈】关键的Windows UI自动化框架漏洞允许黑客绕过EDR", + "link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066594&idx=3&sn=fb1485e3b4a0ed439c616f967bfc2543", + "description": null, + "author": "安全圈", + "category": "安全圈", + "pubDate": "2024-12-13T19:02:29" + }, + { + "title": "记一次从302跳转打到fastcgi", + "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247518641&idx=1&sn=2be19ab3c556e5ebb43a2a7676d694bf", + "description": null, + "author": "亿人安全", + "category": "亿人安全", + "pubDate": "2024-12-13T18:59:16" + }, + { + "title": "环境搭建 | XDebug 无错配置+代替phpStudy的另一种集成工具", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMzQyMTg5OA==&mid=2247486369&idx=1&sn=1f3d812b33e268c77c3210f4e8a9841e", + "description": "XDebug 无错配置 + 代替phpStudy的另一种集成工具", + "author": "Heihu Share", + "category": "Heihu Share", + "pubDate": "2024-12-13T18:32:18" + }, + { + "title": "钓鱼攻击防护思路", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MDY1MzUzNw==&mid=2247498002&idx=1&sn=e74675640b427002ba3768e58142c45b", + "description": null, + "author": "长风实验室", + "category": "长风实验室", + "pubDate": "2024-12-13T18:24:01" + }, + { + "title": "【xss】xss挑战之旅", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247494829&idx=2&sn=d22194c8b083bbd7e0c3127f0fa71e84", + "description": "一个平凡而普通的人,时时都会感到被生活的波涛巨浪所淹没。你会被淹没吗?除非你甘心就此而沉沦!!", + "author": "儒道易行", + "category": "儒道易行", + "pubDate": "2024-12-13T18:00:12" + }, + { + "title": "NGINX联合攻击链", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg5NTY3NTMxMQ==&mid=2247484518&idx=1&sn=b10fc8d8846638b65961aada1a67590b", + "description": "NGINX联合攻击链研究", + "author": "金色钱江", + "category": "金色钱江", + "pubDate": "2024-12-13T17:52:06" + }, + { + "title": "零基础掌握SSH安全登录:从入门到实战全攻略", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568558&idx=1&sn=918050938980ade91e3b0633b5502e52", + "description": null, + "author": "马哥网络安全", + "category": "马哥网络安全", + "pubDate": "2024-12-13T17:02:04" + }, + { + "title": "忘记 PSEXEC:DCOM 上传与执行后门", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485712&idx=1&sn=f538857359489611b8c2f5f3e8321d6e", + "description": null, + "author": "securitainment", + "category": "securitainment", + "pubDate": "2024-12-13T16:31:58" + }, + { + "title": "一个0day的开端:失败的man与nday", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247487889&idx=1&sn=3cc6ea970109136c7522b2c5ff73bdf0", + "description": "最近在审计Java的CMS,跟着文章进行nday审计...", + "author": "蚁景网安", + "category": "蚁景网安", + "pubDate": "2024-12-13T16:30:38" + }, + { + "title": "深入了解SAML协议及常见安全问题", + "link": "https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247491313&idx=1&sn=49b15be28a571d1e470af12fd721adb8", + "description": "了解SAML协议及其安全问题,对于构建安全的网络环境至关重要。本文将深入探讨SAML的工作原理,分析常见的安全漏洞,以帮助企业和开发者构建更安全的SAML SSO系统。", + "author": "联想全球安全实验室", + "category": "联想全球安全实验室", + "pubDate": "2024-12-13T15:41:43" + }, + { + "title": "干货|一文搞懂加密流量检测的解决方法和技术细节", + "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247185&idx=3&sn=a4ea530b171509460cbff168f33ded4a", + "description": null, + "author": "e安在线", + "category": "e安在线", + "pubDate": "2024-12-13T14:00:42" + }, + { + "title": "最新网络钓鱼活动利用损坏的 Word 文档来规避检测", + "link": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580215&idx=1&sn=9ff4f8c581555adb95ed00a53c21a308", + "description": "如果收到来自未知发件人的电子邮件,尤其是包含附件的电子邮件,应立即将其删除或在打开之前与网络管理员确认。", + "author": "嘶吼专业版", + "category": "嘶吼专业版", + "pubDate": "2024-12-13T14:00:28" + }, + { + "title": "分享一个简单且粗暴的白嫖某数据库管理软件的思路", + "link": "https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515104&idx=1&sn=54610adabdcceafb100701d37d10e9d6", + "description": "分享一个简单且粗暴的白嫖某数据库管理软件的思路", + "author": "白帽100安全攻防实验室", + "category": "白帽100安全攻防实验室", + "pubDate": "2024-12-13T13:50:08" + }, + { + "title": "加了签名又如何,该爆破时照样爆破,分享 burpsuite 插件 signme", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3ODk1MjI5NQ==&mid=2247484641&idx=1&sn=1f39e2f830330b9d775e283b5fb90ec5", + "description": null, + "author": "网安小趴菜", + "category": "网安小趴菜", + "pubDate": "2024-12-13T13:41:10" + }, + { + "title": "源代码安全审计研究", + "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzUyNjU5Mg==&mid=2247485850&idx=1&sn=4041edd2933925f850820c2a0c05fe0b", + "description": "代码审计就是挖掘源代码中存在的代码安全问题", + "author": "华克斯", + "category": "华克斯", + "pubDate": "2024-12-13T13:15:28" + }, + { + "title": "拿下证书站两个接口SQL盲注", + "link": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247546009&idx=1&sn=35e8f3b53c5252ca8f467a0dc7dcfc5f", + "description": null, + "author": "掌控安全EDU", + "category": "掌控安全EDU", + "pubDate": "2024-12-13T12:03:58" + }, + { + "title": "AI安全漏洞之VLLM反序列化漏洞分析与保姆级复现(附批量利用)", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484366&idx=1&sn=cef0cd84a600f9172436a33b15497565", + "description": "AI安全漏洞之VLLM反序列化漏洞分析与保姆级复现(附批量利用)", + "author": "Ting的安全笔记", + "category": "Ting的安全笔记", + "pubDate": "2024-12-13T11:53:58" + }, + { + "title": "哥斯拉二开从0到1-2(免杀)", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3Mzg5MTc1OA==&mid=2247484271&idx=1&sn=a3810f3c76c165837985c9a999c55228", + "description": null, + "author": "Cloud Security lab", + "category": "Cloud Security lab", + "pubDate": "2024-12-13T11:28:40" + }, + { + "title": "【OleView.NET】Windows COM 攻击面漏洞扫描工具", + "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247493039&idx=3&sn=6825a1e1963fd82c3dbe8d1f6d4ffaed", + "description": null, + "author": "独眼情报", + "category": "独眼情报", + "pubDate": "2024-12-13T11:22:45" + }, + { + "title": "Zerologon", + "link": "https://mp.weixin.qq.com/s?__biz=MzkzNzI2Mzc0Ng==&mid=2247486367&idx=1&sn=be7226d2660eaedf3e2f919c000e5748", + "description": "“A9 Team 甲方攻防团队,成员来自某证券、微步、青藤、长亭、安全狗等公司。", + "author": "A9 Team", + "category": "A9 Team", + "pubDate": "2024-12-13T10:42:33" + }, + { + "title": "功能强大的XSS自动化扫描器", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650605007&idx=4&sn=44a2db492c668b298e01d3ff9f914e88", + "description": null, + "author": "黑白之道", + "category": "黑白之道", + "pubDate": "2024-12-13T10:02:54" + }, + { + "title": "实战自动化加解密&加密场景下的暴力破解", + "link": "https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517224&idx=1&sn=7b6cc949eb4840049bcbbbe76e5d7d3e", + "description": null, + "author": "HACK之道", + "category": "HACK之道", + "pubDate": "2024-12-13T09:08:46" + }, + { + "title": "Mitre_Att&ck框架T1622(调试器规避)技术的简单实现", + "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484957&idx=1&sn=37059c25f43518ac486bd4d37596e732", + "description": "Mitre_Att\\\\x26amp;ck框架T1622(调试器规避)技术的简单实现", + "author": "新蜂网络安全实验室", + "category": "新蜂网络安全实验室", + "pubDate": "2024-12-13T09:00:39" + }, + { + "title": "新型 IOCONTROL 恶意软件攻击美以关键基础设施", + "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793479&idx=1&sn=9600f9f6ca274db50e1249144cf4f554", + "description": "黑客组织针对美国以色列关键基础设施。", + "author": "军哥网络安全读报", + "category": "军哥网络安全读报", + "pubDate": "2024-12-13T09:00:35" + }, + { + "title": "新型隐秘 Pumakit Linux rootkit 恶意软件被发现", + "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793479&idx=2&sn=fca57ae06815eba38d739b1a6e3032fe", + "description": "这个新发现的linux rootkit不知道是哪个黑客组织在用。", + "author": "军哥网络安全读报", + "category": "军哥网络安全读报", + "pubDate": "2024-12-13T09:00:35" + }, + { + "title": "警惕!银狐木马,再出新招!", + "link": "https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247487728&idx=1&sn=8c5f5e8ba6e21eb50db932b856bd4e99", + "description": "银狐木马通过QQ、微信等即时通信软件发送钓鱼文件或网站链接,诱导受害者点击", + "author": "君说安全", + "category": "君说安全", + "pubDate": "2024-12-13T09:00:00" + }, + { + "title": "内网渗透--内网探测", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247484470&idx=1&sn=ba9f46113b7612e8365c9b6f968e37ca", + "description": "内网渗透--内网探测", + "author": "富贵安全", + "category": "富贵安全", + "pubDate": "2024-12-13T08:41:29" + }, + { + "title": "网络资产收集与漏洞扫描工具", + "link": "https://mp.weixin.qq.com/s?__biz=MzA4NzU1Mjk4Mw==&mid=2247492196&idx=1&sn=9a17a69290ef6d3f0970fde1eb354811", + "description": "hscan是一款网络资产收集与漏洞扫描工具,作者目前已完成探活、服务扫描(常规 \\\\x26amp; 非常规端口)等功能...。", + "author": "Hack分享吧", + "category": "Hack分享吧", + "pubDate": "2024-12-13T08:39:44" + }, + { + "title": "SeaCMS admin_files.php CVE-2024-42599分析", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyMDY1NzA2Mw==&mid=2247483831&idx=1&sn=317637ef6617e99f0ba2575c705aaca6", + "description": null, + "author": "fraud安全", + "category": "fraud安全", + "pubDate": "2024-12-13T08:32:02" + }, + { + "title": "工具集:TestNet【资产管理系统】", + "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247484904&idx=1&sn=b2d7a3504673bc469fb07920bb274f7b", + "description": null, + "author": "风铃Sec", + "category": "风铃Sec", + "pubDate": "2024-12-13T08:31:08" + }, + { + "title": "使用 Sqlmap 在 Web 服务器中上传 Shell", + "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485974&idx=1&sn=15c944eab7abf07044165fb13078a157", + "description": "您可能多次使用 sqlmap 进行 SQL 注入以获取 Web 服务器的数据库信息。在本教程中,我将向您展示如果网站存在 SQL 漏洞,如何上传任何后门来获取 meterpreter 会话。", + "author": "三沐数安", + "category": "三沐数安", + "pubDate": "2024-12-13T08:31:01" + }, + { + "title": "隐蔽攻击!新型恶意技术利用 Windows UI 框架绕过 EDR 防护", + "link": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447899745&idx=1&sn=b75d1f66e7f422b23cd1132e08b4f2a3", + "description": "风险预警\\\\x0d\\\\x0a\\\\x0d\\\\x0a xa0Akamai 安全研究人员发现了一种新型攻击技术,攻击者利用 Windows 辅助功能框架 UI Automation (UIA) 执行恶意活动,而 EDR 安全工具却无法察觉。", + "author": "技术修道场", + "category": "技术修道场", + "pubDate": "2024-12-13T08:06:57" + }, + { + "title": "漏洞预警 | Django拒绝服务和SQL注入漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491705&idx=1&sn=c6d00db2d1d2da8d4eccb0541ede19a2", + "description": "Django存在拒绝服务和SQL注入漏洞,攻击者可通过该漏洞使应用程序挂起或崩溃和获取敏感数据,建议相关用户及时更新。", + "author": "浅安安全", + "category": "浅安安全", + "pubDate": "2024-12-13T08:02:47" + }, + { + "title": "漏洞预警 | 小米路由器任意文件读取漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491705&idx=3&sn=cfbfa8d0e7f3f0cf0bb12bfdb1f55e15", + "description": "小米路由器的/api-third-party/download/extdisks接口存在任意文件读取漏洞,攻击者通过漏洞可以读取服务器敏感信息。", + "author": "浅安安全", + "category": "浅安安全", + "pubDate": "2024-12-13T08:02:47" + }, + { + "title": "CTF逆向题目解题思路", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247485811&idx=1&sn=4bc9f21cb3e724d31c231696d945d4a1", + "description": null, + "author": "安全君呀", + "category": "安全君呀", + "pubDate": "2024-12-13T08:00:31" + }, + { + "title": "闭源系统半自动漏洞挖掘工具 SinkFinder", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247487028&idx=1&sn=59fd71a1f2ba11ab7b07247934d24721", + "description": null, + "author": "进击的HACK", + "category": "进击的HACK", + "pubDate": "2024-12-13T07:55:25" + }, + { + "title": "【MalDev-10】免杀-3", + "link": "https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247484344&idx=1&sn=23bea36464fb1ec449f66047871fdf87", + "description": "本章主要介绍几种高级免杀技巧,如syscalls、用户层hook、直接调用syscalls、bypass EDR的原理和代码实战", + "author": "高级红队专家", + "category": "高级红队专家", + "pubDate": "2024-12-13T07:08:42" + }, + { + "title": "集群安全之Kubelet端口未授权深入利用", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493893&idx=2&sn=1a876190945290652e0f24a385b4a06a", + "description": "漏洞描述K8s Node对外开启10250(Kubelet API)和10255端口(readonly AP", + "author": "七芒星实验室", + "category": "七芒星实验室", + "pubDate": "2024-12-13T07:00:46" + }, + { + "title": "技术控必看:JDBC攻击全解析,一篇带你深入核心", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247517713&idx=1&sn=0b5347b5542a6442c28d186dd95c10a5", + "description": "JDBC Attack漫谈", + "author": "Z2O安全攻防", + "category": "Z2O安全攻防", + "pubDate": "2024-12-13T00:04:33" + }, + { + "title": "免杀基础-进程遍历的方式", + "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517640&idx=1&sn=41e3091a9189473c37b96505c31d784a", + "description": null, + "author": "船山信安", + "category": "船山信安", + "pubDate": "2024-12-13T00:01:29" + }, + { + "title": "广联达OA系统漏洞批量检测工具 - GlodonScan", + "link": "https://mp.weixin.qq.com/s?__biz=MzUyMTA0MjQ4NA==&mid=2247551275&idx=2&sn=6b84b6daf3d7d3e6a6137ca9a7253946", + "description": null, + "author": "LemonSec", + "category": "LemonSec", + "pubDate": "2024-12-13T00:01:11" + }, + { + "title": "记一次网上阅卷系统漏洞挖掘", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486347&idx=1&sn=85137a0acb6c87cbba9b0be502bbad60", + "description": null, + "author": "扫地僧的茶饭日常", + "category": "扫地僧的茶饭日常", + "pubDate": "2024-12-13T00:00:15" + }, + { + "title": "大众和斯柯达汽车存在漏洞,导致发动机故障和车主数据被盗", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505156&idx=1&sn=8b9e9979adb64197311a0dbe6ec5ff74", + "description": null, + "author": "网络研究观", + "category": "网络研究观", + "pubDate": "2024-12-12T23:59:45" + }, + { + "title": "苹果通过 iOS 18.2 更新修复了密码应用程序中的加密漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505156&idx=3&sn=c456598d99353e763fbdc160fe0f3444", + "description": null, + "author": "网络研究观", + "category": "网络研究观", + "pubDate": "2024-12-12T23:59:45" + }, + { + "title": "Burp Suite for Pentester:软件漏洞扫描程序和 Retire.js", + "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485958&idx=1&sn=5b9296ea0c9d303950e55b2e9f337108", + "description": "不仅我们看到的前端或看不到的后端,都会导致应用程序易受攻击。动态 Web 应用程序本身包含很多内容,无论是 JavaScript 库、第三方功能、功能插件还是其他内容。但是,如果安装的功能或插件本身易受攻击怎么办?", + "author": "三沐数安", + "category": "三沐数安", + "pubDate": "2024-12-12T23:54:32" + }, + { + "title": "LNK钓鱼攻击不只是简单的左移右移(文末代码)", + "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NTUwNzAyOA==&mid=2247484367&idx=1&sn=08d275a8f0411e601dafa3ec654cb7c1", + "description": null, + "author": "悟盾", + "category": "悟盾", + "pubDate": "2024-12-12T23:00:50" + }, + { + "title": "OSINT工具Maigret进入GitHub排名前3", + "link": "https://mp.weixin.qq.com/s?__biz=MzU5Mjk3MDA5Ng==&mid=2247486440&idx=1&sn=1687ebb14b495fab8460ab5accd7fb06", + "description": "Maigret 工具是只通过用户名收集一个人的信息,通过检查大量网站上的帐户并从网页收集所有可用信息", + "author": "军机故阁", + "category": "军机故阁", + "pubDate": "2024-12-12T22:33:09" + }, + { + "title": "一文带你详解MSI武器化", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247489055&idx=1&sn=42b5e2676724c459cb811749218c6b53", + "description": null, + "author": "Relay学安全", + "category": "Relay学安全", + "pubDate": "2024-12-12T21:54:30" + }, + { + "title": "【漏洞预警】Apache Struts 文件上传漏洞(CVE-2024-53677)", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyNzQzNDI5OQ==&mid=2247486633&idx=1&sn=ce9d691bace642433060f9e374fae37d", + "description": "近日,安全聚实验室监测到 Apache Struts 中存在文件上传漏洞 ,CVSS:9. 5xa0此漏洞允许未经身份验证的攻击者可以操纵文件上传参数以启用路径遍历,这可能导致上传可用于执行远程代码执行的恶意文件。", + "author": "安全聚", + "category": "安全聚", + "pubDate": "2024-12-12T21:14:45" + }, + { + "title": "(二维码) 在浏览器隔离环境中实现 C2 通信的突破", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485678&idx=1&sn=ac70475ca373f1941323a62d687151b6", + "description": null, + "author": "securitainment", + "category": "securitainment", + "pubDate": "2024-12-12T19:20:37" + }, + { + "title": "浅析libc2.38版本及以前tcache安全机制演进过程与绕过手法", + "link": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458585913&idx=2&sn=5c4eaeec34a6b48ede70a3c2a1b22aca", + "description": "看雪论坛作者ID:是气球呀", + "author": "看雪学苑", + "category": "看雪学苑", + "pubDate": "2024-12-12T18:01:15" + }, + { + "title": "高危!Apache Struts文件上传漏洞安全风险通告", + "link": "https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620155&idx=2&sn=25816eda1386048700d085e49807bf55", + "description": "亚信安全建议受影响用户尽快采取相关安全措施。", + "author": "亚信安全", + "category": "亚信安全", + "pubDate": "2024-12-12T17:52:02" + }, + { + "title": "创宇安全智脑 | Mitel MiCollab 企业协作平台任意文件读取(CVE-2024-41713)等80个漏洞可检测", + "link": "https://mp.weixin.qq.com/s?__biz=MzIwNjU0NjAyNg==&mid=2247490057&idx=1&sn=898cb42cbed7532cef5ba97f53508c92", + "description": "创宇安全智脑是基于知道创宇16年来AI+安全大数据在真实攻防场景中的经验积累构建的下一代全场景安全智能算力平台", + "author": "创宇安全智脑", + "category": "创宇安全智脑", + "pubDate": "2024-12-12T17:30:49" + }, + { + "title": "Shiro框架漏洞看了你就会了(含靶场复现)", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568491&idx=1&sn=636c74804b027a06692725d2766cf513", + "description": null, + "author": "马哥网络安全", + "category": "马哥网络安全", + "pubDate": "2024-12-12T17:01:22" + }, + { + "title": "【漏洞通告】Apache Struts 2远程代码执行漏洞安全风险通告", + "link": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496866&idx=1&sn=bbb30a60616ec1cf4ea6804a05eac048", + "description": "近日,嘉诚安全监测到Apache Struts 2中存在一个远程代码执行漏洞,鉴于漏洞危害较大,嘉诚安全提醒相关用户尽快更新至安全版本,避免引发漏洞相关的网络安全事件。", + "author": "嘉诚安全", + "category": "嘉诚安全", + "pubDate": "2024-12-12T16:46:17" + }, + { + "title": "【漏洞通告】GitLab Kubernetes Proxy Response NEL头注入漏洞安全风险通告", + "link": "https://mp.weixin.qq.com/s?__biz=MzU4NjY4MDAyNQ==&mid=2247496866&idx=2&sn=0e95d9823e9072e35edb8a094e4fc18f", + "description": "近日,嘉诚安全监测到GitLab社区版(CE)和企业版(EE)中存在Kubernetes Proxy Response NEL头注入漏洞,鉴于漏洞危害较大,嘉诚安全提醒相关用户尽快更新至安全版本,避免引发漏洞相关的网络安全事件。", + "author": "嘉诚安全", + "category": "嘉诚安全", + "pubDate": "2024-12-12T16:46:17" + }, + { + "title": "【漏洞通告】Apache Struts 2 任意文件上传漏洞(S2-067)(CVE-2024-53677)", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247523950&idx=1&sn=c7f7b9fa14789faf8a6c75b897452a46", + "description": "2024年12月12日,深瞳漏洞实验室监测到一则Apache-Struts2组件存在任意文件上传漏洞的信息,漏洞编号:CVE-2024-53677,漏洞威胁等级:严重。", + "author": "深信服千里目安全技术中心", + "category": "深信服千里目安全技术中心", + "pubDate": "2024-12-12T16:34:01" + }, + { + "title": "【风险通告】Apache Struts存在文件上传漏洞(CVE-2024-53677)", + "link": "https://mp.weixin.qq.com/s?__biz=MzUzOTE2OTM5Mg==&mid=2247490197&idx=1&sn=9ffaa9babf02fbd7ab419b9c4a23da71", + "description": null, + "author": "安恒信息CERT", + "category": "安恒信息CERT", + "pubDate": "2024-12-12T16:29:08" + }, + { + "title": "【风险通告】GitLab存在敏感信息泄露漏洞(CVE-2024-11274)", + "link": "https://mp.weixin.qq.com/s?__biz=MzUzOTE2OTM5Mg==&mid=2247490197&idx=2&sn=f905ddb46575c4bbf932f4af33a4738a", + "description": null, + "author": "安恒信息CERT", + "category": "安恒信息CERT", + "pubDate": "2024-12-12T16:29:08" + }, + { + "title": "网安必备 Burp Suite工具介绍", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MDY1MzUzNw==&mid=2247497998&idx=1&sn=295d05fc562e35a631e557fb29288bae", + "description": null, + "author": "长风实验室", + "category": "长风实验室", + "pubDate": "2024-12-12T16:19:32" + }, + { + "title": "Zabbix SQL 注入 CVE-2024-42327 POC已公开", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3MDk0OTc1Nw==&mid=2247487889&idx=2&sn=0912f0715b90ec7999f942aa0df0a5f3", + "description": "CVE-2024-42327 的 PoC 发布", + "author": "剁椒鱼头没剁椒", + "category": "剁椒鱼头没剁椒", + "pubDate": "2024-12-12T15:37:30" + }, + { + "title": "【攻击手法分析】勒索病毒如何轻松绕过安全设备防线:第二篇-流量致盲,无声突破", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTQ0MjE1NQ==&mid=2247494587&idx=1&sn=761d5ecda1eb25d36828bee7b5e10eed", + "description": null, + "author": "solar应急响应团队", + "category": "solar应急响应团队", + "pubDate": "2024-12-12T15:35:59" + }, + { + "title": "CNNVD关于Apache Struts安全漏洞的通报", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651462062&idx=1&sn=6d04ce844444272812e3be3b061bf062", + "description": "近日,国家信息安全漏洞库(CNNVD)收到关于Apache Struts安全漏洞(CNNVD-202412-1393、CVE-2024-53677)情况的报送。", + "author": "CNNVD安全动态", + "category": "CNNVD安全动态", + "pubDate": "2024-12-12T15:31:28" + }, + { + "title": "渗透实战 | 组合拳从0-1 Getshell过程", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247488085&idx=1&sn=a4a5660879f0df6f6a27786650a755be", + "description": null, + "author": "不秃头的安全", + "category": "不秃头的安全", + "pubDate": "2024-12-12T15:22:18" + }, + { + "title": "如何阻止利用 CVE-2024-49040", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxNjg3MjczOA==&mid=2247486345&idx=1&sn=7544b47f2c754b4742fa9ac39bfe763a", + "description": null, + "author": "卡巴斯基网络安全大百科", + "category": "卡巴斯基网络安全大百科", + "pubDate": "2024-12-12T15:00:39" + }, + { + "title": "Apache Struts 文件上传漏洞(CVE-2024-53677)安全风险通告", + "link": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502622&idx=1&sn=b09b74ae58ce913511ebc0fee0ec7fef", + "description": "致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。", + "author": "奇安信 CERT", + "category": "奇安信 CERT", + "pubDate": "2024-12-12T15:00:20" + }, + { + "title": "【漏洞通告】Apache Struts任意文件上传漏洞S2-067(CVE-2024-53677)", + "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488729&idx=1&sn=a0e9eae2466686a1ed32088d958a1046", + "description": "近日,绿盟科技CERT监测到Apache发布安全公告,修复了Apache Struts任意文件上传漏洞S2-067(CVE-2024-53677)。由于文件上传功能存在逻辑缺陷,未经身份验证的攻击者可以通过控制文件上传参数进行路径遍历", + "author": "绿盟科技CERT", + "category": "绿盟科技CERT", + "pubDate": "2024-12-12T14:29:41" + }, + { + "title": "主机侧命令执行监测的规避", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3NzYzODU5NQ==&mid=2247484894&idx=1&sn=513ddea2f76c9a5bc7e6b7e6986b9c25", + "description": "在网络安全领域,规避主机侧命令执行监测是关键技术之一。本文深入探讨了使用Windows API进行信息收集和规避策略,为网络安全专业人士提供了实用的技术指导。", + "author": "T00ls安全", + "category": "T00ls安全", + "pubDate": "2024-12-12T14:11:02" + }, + { + "title": "我很高兴与您分享我的最新研究成果 - “DCOM 上传和执行”一种先进的横向移动技术", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525704&idx=2&sn=5ff65e8e375a4f73c4a15acf5f327056", + "description": null, + "author": "Ots安全", + "category": "Ots安全", + "pubDate": "2024-12-12T12:54:15" + }, + { + "title": "新型 DCOM 横向移动攻击,忘记 PSEXEC:DCOM 上传并执行后门", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525704&idx=3&sn=b9107e935aaac816be457034f7fde725", + "description": null, + "author": "Ots安全", + "category": "Ots安全", + "pubDate": "2024-12-12T12:54:15" + }, + { + "title": "Emlog-Pro 2.4.1最新版存在命令执行漏洞(RCE)", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247488031&idx=1&sn=39bd2bcb7698b56ca816ae62312cf3c2", + "description": "emlog-pro-2.4.1版本存在命令执行漏洞,远程攻击者可以利用此漏洞,执行任意代码并获取敏感信息。\\\\x0d\\\\x0a影响版本:emlog-pro-2.4.1", + "author": "星悦安全", + "category": "星悦安全", + "pubDate": "2024-12-12T12:10:49" + }, + { + "title": "太棒辣 | 感谢大哥带我学习关于验证码逻辑漏洞这些事", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485214&idx=1&sn=a126b82447490aba7c8486d38e147729", + "description": "犀利猪安全,带你上高速~", + "author": "Jie安全", + "category": "Jie安全", + "pubDate": "2024-12-12T11:51:35" + }, + { + "title": "自制Python网络安全工具 (2)【SQL 注入检测工具】【官网实时更新】", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MzgwMDE2Mw==&mid=2247488242&idx=1&sn=03418bc7151e6bc9449d6c3ab010c18c", + "description": "Python 网络安全工具,涵盖漏洞扫描、密码破解、渗透测试、数据包嗅探、取证分析等领域。每个工具都添加了 丰富的描述、实现思路,以及核心 Python 库,逐步完善所有代码,请关注官网。", + "author": "黑客驰", + "category": "黑客驰", + "pubDate": "2024-12-12T11:46:53" + }, + { + "title": "【2024-12-12】每日安全资讯", + "link": "https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247488074&idx=1&sn=1154b0e4998f167930f9e30aa3994785", + "description": "【2024-12-12】每日安全资讯", + "author": "知机安全", + "category": "知机安全", + "pubDate": "2024-12-12T11:32:16" + }, + { + "title": "实战自动化加解密&加密场景下的暴力破解", + "link": "https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247486039&idx=1&sn=cbc383b06034ab3d9530cc65d6ea6383", + "description": "Yu9师傅教你如何拥有“写轮眼”透视加密", + "author": "沃克学安全", + "category": "沃克学安全", + "pubDate": "2024-12-12T11:23:11" + }, + { + "title": "【高危漏洞预警】Apache Struts2文件上传限制不当漏洞可导致远程代码执行", + "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489303&idx=1&sn=67a0e75e16ceeb84736dfdecec8929a1", + "description": null, + "author": "飓风网络安全", + "category": "飓风网络安全", + "pubDate": "2024-12-12T10:51:55" + }, + { + "title": "【漏洞预警】GitLab CE/EE需授权输入验证不当漏洞可导致敏感信息泄露", + "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489303&idx=2&sn=48d2b3a20b0b6aa648b31928fb3c1c2a", + "description": null, + "author": "飓风网络安全", + "category": "飓风网络安全", + "pubDate": "2024-12-12T10:51:55" + }, + { + "title": "干货|一文搞懂加密流量检测的解决方法和技术细节", + "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247179&idx=3&sn=c77255cfee1fdc55e200f0175714f97b", + "description": null, + "author": "e安在线", + "category": "e安在线", + "pubDate": "2024-12-12T10:15:48" + }, + { + "title": "如何使用simplewall安全地配置Windows 过滤平台(WFP)", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495174&idx=3&sn=2d8439f8048b82ec785a789d371751a9", + "description": "该工具能够帮助广大研究人员以安全的方式配置WFP。", + "author": "网络安全与人工智能研究中心", + "category": "网络安全与人工智能研究中心", + "pubDate": "2024-12-12T10:15:40" + }, + { + "title": "Windows 权限提升漏洞检测工具集", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604901&idx=4&sn=8b22298458041ebc0c7de6e73309a1cf", + "description": null, + "author": "黑白之道", + "category": "黑白之道", + "pubDate": "2024-12-12T10:04:23" + }, + { + "title": "2024年最全的Nmap扫描案例集合(含15个常用场景分类,102个命令组合)", + "link": "https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247493947&idx=2&sn=22e2049c5b7a89bd775d5cb827f55576", + "description": "本文收集了Nmap扫描的15个场景的命令使用场景, 每个场景中列出了命令的参数组合及含义,方便使用查阅。", + "author": "龙哥网络安全", + "category": "龙哥网络安全", + "pubDate": "2024-12-12T10:00:25" + }, + { + "title": "十一月安全通告", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3Mzg1OTYyMQ==&mid=2247487648&idx=1&sn=8c4d211b5db20df0304363083209be8f", + "description": null, + "author": "中龙技术", + "category": "中龙技术", + "pubDate": "2024-12-12T09:00:50" + }, + { + "title": "新的 DCOM 攻击利用 Windows Installer 服务部署隐蔽后门", + "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793461&idx=1&sn=04f25b71012dff47f9a7245f2e18778a", + "description": "Deep Instinct 的技术博客详细介绍了该攻击……", + "author": "军哥网络安全读报", + "category": "军哥网络安全读报", + "pubDate": "2024-12-12T09:00:37" + }, + { + "title": "记一次接口fuzz+逻辑漏洞拿下证书站高危", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486316&idx=1&sn=99516f099d6a519939789425766585b8", + "description": null, + "author": "扫地僧的茶饭日常", + "category": "扫地僧的茶饭日常", + "pubDate": "2024-12-12T09:00:19" + }, + { + "title": "内网渗透的步骤_内网渗透思路", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247484415&idx=1&sn=34083aa1286bc790ebb9ab59d5ff8a1a", + "description": "内容有长,耐心看完", + "author": "富贵安全", + "category": "富贵安全", + "pubDate": "2024-12-12T08:55:22" + }, + { + "title": "一网打尽!20种绕过CDN查找真实IP的实用方法", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247489313&idx=1&sn=fddc5049d2f1cc034240b8c50879457d", + "description": "绕过CDN查找真实IP是网络安全与渗透测试中的一项重要技能。20种详细的用于绕过CDN并找到网站的真实IP地址方法,供参考。", + "author": "安全洞察知识图谱", + "category": "安全洞察知识图谱", + "pubDate": "2024-12-12T08:31:05" + }, + { + "title": "DMC Airin Blog Plugin 反序列化 CVE-2024-52413分析", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyMDY1NzA2Mw==&mid=2247483820&idx=1&sn=a23aeb71510508774f10b307c7147e14", + "description": null, + "author": "fraud安全", + "category": "fraud安全", + "pubDate": "2024-12-12T08:30:20" + }, + { + "title": "探索开源 C2 框架中的漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkzMDQ5MDM3NA==&mid=2247487448&idx=1&sn=7ee29c06eeab215458a3c97c371e9d36", + "description": null, + "author": "SecretTeam安全团队", + "category": "SecretTeam安全团队", + "pubDate": "2024-12-12T08:01:10" + }, + { + "title": "漏洞预警 | WordPress Plugin Automations SQL注入漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491701&idx=1&sn=be4218ea093c0ed8f548e499518fa818", + "description": "Automations的/?bwfan-track-id接口存在SQL注入漏洞,未经身份验证的攻击者可以通过该漏洞获取数据库敏感信息。", + "author": "浅安安全", + "category": "浅安安全", + "pubDate": "2024-12-12T08:00:13" + }, + { + "title": "漏洞预警 | Veeam Service Provider Console远程代码执行和信息泄露漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491701&idx=2&sn=986dca366576ab77940040ab4b163181", + "description": "Veeam Service Provider Console存在远程代码执行和信息泄露漏洞,攻击者可利用该漏洞执行任意代码、获取敏感信息,建议相关用户及时更新。", + "author": "浅安安全", + "category": "浅安安全", + "pubDate": "2024-12-12T08:00:13" + }, + { + "title": "漏洞预警 | Progress WhatsUp Gold远程代码执行漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491701&idx=3&sn=a5686e3902d307406a535d6aff1858a3", + "description": "Progress Software WhatsUp Gold存在注册表覆盖远程代码执行漏洞,成功利用该漏洞允许攻击者绕过正常的安全机制,获得对受影响系统的完全控制权,从而可能执行任意代码、窃取敏感信息、破坏系统功能或部署持久化恶意软件。", + "author": "浅安安全", + "category": "浅安安全", + "pubDate": "2024-12-12T08:00:13" + }, + { + "title": "【MalDev-10】免杀-2", + "link": "https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247484343&idx=1&sn=491225b73b55711f66cddec178cd8201", + "description": "本章主要讲解动态检测逃逸和AMSI绕过技术和代码实战", + "author": "高级红队专家", + "category": "高级红队专家", + "pubDate": "2024-12-12T07:19:11" + }, + { + "title": "Go — :恶意软件开发 (第五部分)", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503855&idx=1&sn=3676f21744684a6b641ae533b27f2664", + "description": "欢迎回来!在前面的部分中,我们设置了 TCP 服务器和客户端,支持远程命令执行并轻松处理文件上传和下载", + "author": "安全狗的自我修养", + "category": "安全狗的自我修养", + "pubDate": "2024-12-12T07:11:07" + }, + { + "title": "Microsoft December 2024 Patch Tuesday修复了正在被活动利用的零日漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247492928&idx=1&sn=618a18a9ab07e6b70e505bce60fbc6ba", + "description": null, + "author": "黑猫安全", + "category": "黑猫安全", + "pubDate": "2024-12-12T07:00:20" + }, + { + "title": "SAP修复了NetWeaver的Adobe文档服务中的严重SSRF漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247492928&idx=2&sn=6bdb83f91406f4b7ff13d4d7e532349b", + "description": null, + "author": "黑猫安全", + "category": "黑猫安全", + "pubDate": "2024-12-12T07:00:20" + }, + { + "title": "安卓逆向 -- 去除软件中的恶意捆绑下载教程", + "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037209&idx=1&sn=fd49b8e7ef4bb6c555d48988c94ed6ac", + "description": null, + "author": "逆向有你", + "category": "逆向有你", + "pubDate": "2024-12-12T00:00:59" + }, + { + "title": "XXE漏洞检测工具", + "link": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515150&idx=1&sn=cdde4c00dd188d786d3e826d01dcb79a", + "description": null, + "author": "Web安全工具库", + "category": "Web安全工具库", + "pubDate": "2024-12-12T00:00:44" + }, + { + "title": "干货 | 自动化快速收集内网配置文件信息", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491971&idx=1&sn=f502f6aa694aa22f8408b4fdb8b52e1d", + "description": null, + "author": "星落安全团队", + "category": "星落安全团队", + "pubDate": "2024-12-12T00:00:44" + }, + { + "title": "免杀基础-IAT隐藏", + "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517626&idx=1&sn=b73a3191f060c5718cc7907226ff0421", + "description": null, + "author": "船山信安", + "category": "船山信安", + "pubDate": "2024-12-12T00:00:28" + }, + { + "title": "ShellCode在线免杀处理平台", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDYxMTc0Mg==&mid=2247484180&idx=1&sn=b0cb2b085e2fca7f38cca70541c0f14c", + "description": null, + "author": "渗透云记", + "category": "渗透云记", + "pubDate": "2024-12-11T23:59:16" + }, + { + "title": "【漏洞预警】Ivanti Cloud Services Application身份验证绕过漏洞(CVE-2024-11639)", + "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489295&idx=1&sn=a839ca79c296bf8e27e6b58259673990", + "description": null, + "author": "飓风网络安全", + "category": "飓风网络安全", + "pubDate": "2024-12-11T23:48:04" + }, + { + "title": "[历史文章]红队基础设施建设与改造(二)——深入理解sqlmap(上)", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247485286&idx=1&sn=bfea0a0504a232cc41d56747a6ed4104", + "description": "本文剖析了sqlmap的大部分功能点和所有的检测逻辑,同时还会讲到tamper的分析以及tamper的编写", + "author": "魔影安全实验室", + "category": "魔影安全实验室", + "pubDate": "2024-12-11T22:41:04" + }, + { + "title": "JAVA安全-模板注入-FreeMarker", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485562&idx=1&sn=485e361d6f72c063b471c3b6e8ba4a5e", + "description": "由于传播、利用本公众号菜狗安全所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,公众号菜狗安全及作者不为此承担任何责任,一旦造成后果请自行承担!如有侵权烦请告知,会立即删除并致歉。", + "author": "菜狗安全", + "category": "菜狗安全", + "pubDate": "2024-12-11T21:21:26" + }, + { + "title": "滥用AD-DACL:WriteDacl", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyMjM0ODAwNg==&mid=2247488298&idx=1&sn=b4b830f847fe5a1b3a41fc2ebe813310", + "description": "AD-DACL提权实验 wirteDacl", + "author": "TIPFactory情报工厂", + "category": "TIPFactory情报工厂", + "pubDate": "2024-12-11T20:28:01" + }, + { + "title": "利用 Spring Boot 3.4.0 属性进行远程代码执行", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525604&idx=1&sn=c9c72fb33dcc8aaeecfc286954b468ae", + "description": null, + "author": "Ots安全", + "category": "Ots安全", + "pubDate": "2024-12-11T19:31:52" + }, + { + "title": "(QR)用代码解决问题:浏览器隔离环境中的 C2", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525604&idx=2&sn=b3b779767b6190159934a910889fbe0a", + "description": null, + "author": "Ots安全", + "category": "Ots安全", + "pubDate": "2024-12-11T19:31:52" + }, + { + "title": "LexiCrypt是一种 shellcode 混淆和编码工具", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525604&idx=3&sn=b63d58bb28b803669a136891d243b08a", + "description": null, + "author": "Ots安全", + "category": "Ots安全", + "pubDate": "2024-12-11T19:31:52" + }, + { + "title": "渗透测试小练习(1)尝试一个图形验证码绕过的复现", + "link": "https://mp.weixin.qq.com/s?__biz=MzI4NzA1Nzg5OA==&mid=2247485612&idx=2&sn=2a1158f7b17eb1ee8b19889b6f5ffcfd", + "description": null, + "author": "透明魔方", + "category": "透明魔方", + "pubDate": "2024-12-11T19:30:21" + }, + { + "title": "2024-12微软漏洞通告", + "link": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247520891&idx=1&sn=9535d3e973223031ca7f28abfe0e1260", + "description": null, + "author": "火绒安全", + "category": "火绒安全", + "pubDate": "2024-12-11T18:10:27" + }, + { + "title": "【风险通告】微软12月安全更新补丁和多个高危漏洞风险提示", + "link": "https://mp.weixin.qq.com/s?__biz=MzUzOTE2OTM5Mg==&mid=2247490187&idx=1&sn=01d384d7accbadf6fc64011e08dfeaa0", + "description": null, + "author": "安恒信息CERT", + "category": "安恒信息CERT", + "pubDate": "2024-12-11T18:05:16" + }, + { + "title": "ADCS学习记录", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg2MDYxOTQ1Mw==&mid=2247483977&idx=1&sn=4dd3050bfa213454437037b5ac7f472d", + "description": null, + "author": "舒克的freestyle", + "category": "舒克的freestyle", + "pubDate": "2024-12-11T18:00:17" + }, + { + "title": "WPForms插件漏洞导致数百万WordPress网站面临Stripe退款风险", + "link": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458585644&idx=3&sn=f727f4e41376948f65be9449f4cd865e", + "description": "WPForms插件漏洞允许订阅者级别用户执行Stripe退款,建议尽快升级至1.9.2.2版本。", + "author": "看雪学苑", + "category": "看雪学苑", + "pubDate": "2024-12-11T17:59:33" + }, + { + "title": "【漏洞通告】Ivanti Cloud Services Application身份验证绕过漏洞(CVE-2024-11639)", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247523947&idx=2&sn=ecf8b93a77abcde7380781b0a7ba958e", + "description": "2024年12月11日,深瞳漏洞实验室监测到一则Ivanti Cloud Services Application (CSA)组件存在身份验证漏洞漏洞的信息,漏洞编号:CVE-2024-11639,漏洞威胁等级:严重。", + "author": "深信服千里目安全技术中心", + "category": "深信服千里目安全技术中心", + "pubDate": "2024-12-11T17:45:18" + }, { "title": "【漏洞通告】微软2024年12月安全更新通告", "link": "https://mp.weixin.qq.com/s?__biz=MzI1NDQxMDE0NQ==&mid=2247485083&idx=1&sn=b0001d31a1da90591366a8795080ae1b", @@ -47,6 +1183,14 @@ "category": "嘉诚安全", "pubDate": "2024-12-11T15:35:16" }, + { + "title": "MySQL高交互蜜罐速成", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3MDk0OTc1Nw==&mid=2247487885&idx=1&sn=4abb31169be2bf73e4be862044a5cabc", + "description": "会员文章+1", + "author": "剁椒鱼头没剁椒", + "category": "剁椒鱼头没剁椒", + "pubDate": "2024-12-11T15:23:47" + }, { "title": "资产管理工具TestNet", "link": "https://mp.weixin.qq.com/s?__biz=MzU0MDUxMDEzNQ==&mid=2247489742&idx=1&sn=38637114689c4d4fa20919fc17cf0319", @@ -55,6 +1199,14 @@ "category": "黑客仓库", "pubDate": "2024-12-11T15:01:01" }, + { + "title": "渗透实战|组合拳从0-1 Getshell过程", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDA5NzUzNA==&mid=2247489170&idx=1&sn=32ec815b2befd71f103761e23a6f87e9", + "description": null, + "author": "藏剑安全", + "category": "藏剑安全", + "pubDate": "2024-12-11T14:34:11" + }, { "title": "Nuclei|图形化|轻量化刷漏洞神器|11000+poc", "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTQyOTk3Mg==&mid=2247484928&idx=1&sn=0d5f72ae7989e53bcc477d6e0f275680", @@ -63,6 +1215,38 @@ "category": "海底生残月", "pubDate": "2024-12-11T14:29:32" }, + { + "title": "【风险提示】天融信关于微软2024年12月安全更新的风险提示", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg3MDAzMDQxNw==&mid=2247496664&idx=1&sn=61b0c3aaa8d69a3fb1056ffb3f3d3ed4", + "description": "2024年12月11日,天融信阿尔法实验室监测到微软官方发布了12月安全更新。此次更新共修复72个漏洞,其中16个严重漏洞、55个重要漏洞、1个中危漏洞。", + "author": "天融信阿尔法实验室", + "category": "天融信阿尔法实验室", + "pubDate": "2024-12-11T14:09:20" + }, + { + "title": "IBM DB2数据库曝严重漏洞,多个版本或面临DoS攻击风险;克罗地亚最大港口运营商遭勒索软件攻击 | 牛览", + "link": "https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651133916&idx=2&sn=74b19c9e305f2a4c9339a264238fb1ae", + "description": "牛览网络安全全球资讯,洞察行业发展前沿态势!", + "author": "安全牛", + "category": "安全牛", + "pubDate": "2024-12-11T12:22:26" + }, + { + "title": "组合拳从0-1 Getshell过程", + "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjQyMjcwMw==&mid=2247486746&idx=2&sn=064e435cceb3e68cc85ad60755ba3364", + "description": null, + "author": "小黑说安全", + "category": "小黑说安全", + "pubDate": "2024-12-11T12:07:17" + }, + { + "title": "两个硬编码凭证导致接管漏洞案例", + "link": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247614639&idx=1&sn=fd9973982ad39d76f3b355943e30411a", + "description": null, + "author": "白帽子左一", + "category": "白帽子左一", + "pubDate": "2024-12-11T12:00:22" + }, { "title": "利用损坏的文件绕过防病毒软件", "link": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492736&idx=1&sn=b5f0252e59634a98b43987a0be02514f", @@ -135,6 +1319,22 @@ "category": "潇湘信安", "pubDate": "2024-12-11T08:30:42" }, + { + "title": "burpsuite漏洞检测插件", + "link": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488512&idx=1&sn=bbf4eade0ae5bfb2b0fc7528f169bcb7", + "description": null, + "author": "白帽学子", + "category": "白帽学子", + "pubDate": "2024-12-11T08:11:51" + }, + { + "title": "【Tools】探索轻量级的无害化钓鱼演练工具,提升网络安全!", + "link": "https://mp.weixin.qq.com/s?__biz=MzIxMTEyOTM2Ng==&mid=2247504263&idx=1&sn=323c7103ef89009186497e79d55e6f0e", + "description": null, + "author": "释然IT杂谈", + "category": "释然IT杂谈", + "pubDate": "2024-12-11T08:08:36" + }, { "title": "Linux应急处置/漏洞检测工具,支持恶意文件/内核Rootkit/SSH/Webshell/挖矿进程等13类70+项检查", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492938&idx=1&sn=9557293ff92e8a09b9a07afd780bb77a", @@ -151,6 +1351,14 @@ "category": "菜鸟学信安", "pubDate": "2024-12-11T08:00:13" }, + { + "title": "漏洞预警 | Apache HertzBeat弱口令漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491696&idx=1&sn=8a2073f94177e371f3b84a33c8bd9e5a", + "description": "Apache HertzBeat开源实时监控系统存在默认口令漏洞,未经身份验证的攻击者可以通过默认口令登录后台,从而进行任意恶意操作。", + "author": "浅安安全", + "category": "浅安安全", + "pubDate": "2024-12-11T08:00:08" + }, { "title": "【MalDev-10】免杀-1", "link": "https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247484342&idx=1&sn=6aa22db05980732baa5b1ea0c1b89c34", @@ -167,6 +1375,14 @@ "category": "安全狗的自我修养", "pubDate": "2024-12-11T07:09:22" }, + { + "title": "【手动修复格式化后的NTFS文件系统】", + "link": "https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048087&idx=2&sn=0a9bf3c321f4ddfed72e7124255f1da3", + "description": null, + "author": "电子物证", + "category": "电子物证", + "pubDate": "2024-12-11T07:01:02" + }, { "title": "WordPress:反向 Shell", "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485928&idx=1&sn=7b7459637ab0cce49cde301ffbc42b0a", @@ -231,6 +1447,86 @@ "category": "魔影安全实验室", "pubDate": "2024-12-10T22:42:28" }, + { + "title": "一个平平无奇的登录接口竟能引发账号密码泄露。。。", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247517536&idx=1&sn=22e7ada15b747e5f631d01ebfe025525", + "description": "一个平平无奇的登录接口竟能引发账号密码泄露。。。", + "author": "Z2O安全攻防", + "category": "Z2O安全攻防", + "pubDate": "2024-12-10T22:07:07" + }, + { + "title": "OpenWrt Attended SysUpgrade 命令注入漏洞(CVE-2024-54143)安全风险通告", + "link": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502599&idx=1&sn=08433e68d77f02c833f22ef0e429a3a4", + "description": "致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。", + "author": "奇安信 CERT", + "category": "奇安信 CERT", + "pubDate": "2024-12-10T19:45:15" + }, + { + "title": "网安瞭望台第12期:u200bWeb3 公司员工成网络钓鱼新目标、黑客利用 ProjectSend 漏洞对暴露服务器安插后门", + "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTkwODU3Ng==&mid=2247514233&idx=1&sn=fe7f18f9e6fc67cea439adb40e62ddca", + "description": "网安资讯分享\\\\x0d\\\\x0aDAILY NEWS AND KNOWLEDGE", + "author": "东方隐侠安全团队", + "category": "东方隐侠安全团队", + "pubDate": "2024-12-10T19:30:59" + }, + { + "title": "研究员在DeepSeek 和 Claude AI 中发现多个提示注入漏洞", + "link": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247521736&idx=1&sn=f656ad45da506b8f778e68ff0243d0be", + "description": "速修复", + "author": "代码卫士", + "category": "代码卫士", + "pubDate": "2024-12-10T18:10:44" + }, + { + "title": "Nacos 漏洞 Checklist", + "link": "https://mp.weixin.qq.com/s?__biz=MzU0NDc0NTY3OQ==&mid=2247488045&idx=1&sn=16a963cb6bf423b58b5d8a688954ada5", + "description": "还在等什么,狱卒啊!!!!!!!", + "author": "老鑫安全", + "category": "老鑫安全", + "pubDate": "2024-12-10T18:01:31" + }, + { + "title": "PWN入门:偷吃特权-SetUID", + "link": "https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458585619&idx=1&sn=07fcf75692e40d7d9d1d1c98bcae9fdf", + "description": "看雪论坛作者ID:福建炒饭乡会", + "author": "看雪学苑", + "category": "看雪学苑", + "pubDate": "2024-12-10T17:59:33" + }, + { + "title": "【漏洞预警】OpenWrt Attended SysUpgrade命令注入漏洞(CVE-2024-54143)", + "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489290&idx=1&sn=23aac3e9aa06dfc1b6f591189e48ef86", + "description": null, + "author": "飓风网络安全", + "category": "飓风网络安全", + "pubDate": "2024-12-10T17:48:17" + }, + { + "title": "【漏洞通告】OpenWrt Attended SysUpgrade命令注入漏洞(CVE-2024-54143)", + "link": "https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247500362&idx=2&sn=f976039cdb60102871bbd4d9cbf28c60", + "description": null, + "author": "启明星辰安全简讯", + "category": "启明星辰安全简讯", + "pubDate": "2024-12-10T16:51:10" + }, + { + "title": "监控告警:夜莺体系中使用Python实现短信告警", + "link": "https://mp.weixin.qq.com/s?__biz=MzIzNjU5NDE2MA==&mid=2247489936&idx=1&sn=9cdb305e1d853e58adbf4935c990b54c", + "description": "如何在夜莺体系中使用Python调用短信猫实现短信告警。", + "author": "网络小斐", + "category": "网络小斐", + "pubDate": "2024-12-10T15:45:23" + }, + { + "title": "最新发现绕过浏览器隔离技术的攻击方法", + "link": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492460&idx=1&sn=6690bdcb97e05e17b32a69f5cde0dfe6", + "description": "近日,一起大规模的数据泄露事件震动了网络安全界。名为“HikkI-Chan”的黑客在臭名昭著的Breach Forums上泄露了超过3.9亿VK用户的个人信息。", + "author": "白泽安全实验室", + "category": "白泽安全实验室", + "pubDate": "2024-12-10T15:26:50" + }, { "title": "组合拳从0-1 Getshell过程", "link": "https://mp.weixin.qq.com/s?__biz=MzkyNzYxMDQ2MQ==&mid=2247484883&idx=1&sn=d75e99c20c6bf4ea903734339f9fc206", @@ -247,6 +1543,22 @@ "category": "安全白白", "pubDate": "2024-12-10T14:38:59" }, + { + "title": "linux应急之find命令在应急实战中的使用", + "link": "https://mp.weixin.qq.com/s?__biz=MjM5ODkxMTEzOA==&mid=2247484465&idx=1&sn=c4302c0daf5601ea4712c5c58d969150", + "description": "linux应急之find命令在应急实战中的使用,作者:雁过留痕@深信服MSS专家部", + "author": "安服仔的救赎", + "category": "安服仔的救赎", + "pubDate": "2024-12-10T14:16:59" + }, + { + "title": "干货|一文搞懂加密流量检测的解决方法和技术细节", + "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247144&idx=2&sn=7589654db9e7dc80b381dacb0adca8d5", + "description": null, + "author": "e安在线", + "category": "e安在线", + "pubDate": "2024-12-10T13:15:32" + }, { "title": "第一届数证杯个人赛---流量取证手搓版", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MzEwMDAyNw==&mid=2247485190&idx=1&sn=4dd8c2eca127620360553eec90fb35d9", @@ -263,6 +1575,14 @@ "category": "ZeroPointZero安全团队", "pubDate": "2024-12-10T12:48:22" }, + { + "title": "Apache Tomcat DoS 漏洞 (CVE-2024-24549)", + "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525565&idx=1&sn=de38673cb2c5e9ffb292e2d4ad9b6805", + "description": null, + "author": "Ots安全", + "category": "Ots安全", + "pubDate": "2024-12-10T12:37:35" + }, { "title": "Sophos MDR 追踪针对印度组织的 Mimic 勒索软件活动", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525565&idx=2&sn=efe39f2b6b2a55916c448faaf7cff53b", @@ -278,1325 +1598,5 @@ "author": "白安全组", "category": "白安全组", "pubDate": "2024-12-10T11:02:01" - }, - { - "title": "网关按其功能可分为:协议网关、应用网关、安全网关", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg3NTUzOTg3NA==&mid=2247514779&idx=1&sn=a6392297004d12e4d96593d8be6a133c", - "description": null, - "author": "全栈网络空间安全", - "category": "全栈网络空间安全", - "pubDate": "2024-12-10T10:51:58" - }, - { - "title": "[漏洞挖掘与防护] 05.CVE-2018-12613:phpMyAdmin 4.8.1后台文件包含缺陷复现及防御措施", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247501076&idx=1&sn=ea61326375112eb6b7486937c1ca2278", - "description": "本文主要复现phpMyAdmin文件包含漏洞,希望您喜欢!", - "author": "娜璋AI安全之家", - "category": "娜璋AI安全之家", - "pubDate": "2024-12-10T10:51:47" - }, - { - "title": "SuperMega:一款支持注入和加载的Shellcode工具", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQyODI4Ng==&mid=2247495151&idx=3&sn=6bc524a313373744150fadf60892c035", - "description": "该工具可以将其注入到可执行文件中执行进一步的安全测试。", - "author": "网络安全与人工智能研究中心", - "category": "网络安全与人工智能研究中心", - "pubDate": "2024-12-10T10:34:51" - }, - { - "title": "【免杀】过360核晶、火绒 运行mimikatz、上线CS的万能加载器XlAnyLoader v1.1正式发布!", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485855&idx=1&sn=f0c58a95fb3ce9a64ea2efa3556af326", - "description": "过360核晶、火绒 、微软、卡巴斯基(静态)\\\\x0d\\\\x0axlanyloader万能加载器", - "author": "威零安全实验室", - "category": "威零安全实验室", - "pubDate": "2024-12-10T10:31:19" - }, - { - "title": "Burpsuite存储桶配置不当漏洞检测插件", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486968&idx=1&sn=7ee147a6efd7c1a074d8acd00e67fe4a", - "description": null, - "author": "进击的HACK", - "category": "进击的HACK", - "pubDate": "2024-12-10T07:55:46" - }, - { - "title": "渗透测试 | 记一次信息泄露到学工系统", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486968&idx=2&sn=826a2c400bb764439e925e53dfb1de78", - "description": null, - "author": "进击的HACK", - "category": "进击的HACK", - "pubDate": "2024-12-10T07:55:46" - }, - { - "title": "敏感数据加密后如何实现模糊查询", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486968&idx=3&sn=147db9c25c1dbc344f5d45396e2f33ee", - "description": "敏感数据加密后如何实现模糊查询", - "author": "进击的HACK", - "category": "进击的HACK", - "pubDate": "2024-12-10T07:55:46" - }, - { - "title": "CVE-2018-15664:Dockerxa0CP任意读写主机文件", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493826&idx=2&sn=2f70d68dfd020f5c120e5f7d596b9b81", - "description": "影响范围Docker 17.06.0-ce~17.12.1-ce:rc2Docker 18.01.0-ce~", - "author": "七芒星实验室", - "category": "七芒星实验室", - "pubDate": "2024-12-10T07:01:23" - }, - { - "title": "Mandiant开发了一种使用QR码绕过浏览器隔离的技术", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247492912&idx=1&sn=1f965af8ed996b0c53edad9d397b7021", - "description": null, - "author": "黑猫安全", - "category": "黑猫安全", - "pubDate": "2024-12-10T07:00:58" - }, - { - "title": "CVE-2024-48307|JeecgBoot SQL 注入漏洞(POC)", - "link": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491216&idx=1&sn=390db568593214c3e21c608f9aac4946", - "description": null, - "author": "实战安全研究", - "category": "实战安全研究", - "pubDate": "2024-12-10T00:18:25" - }, - { - "title": "浅谈xss2rce的一些实现", - "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517604&idx=1&sn=a61345317ad41dece28e93038482f6f6", - "description": null, - "author": "船山信安", - "category": "船山信安", - "pubDate": "2024-12-10T00:01:18" - }, - { - "title": "【免杀】过360核晶、火绒 运行mimikatz、上线CS的万能加载器XlAnyLoader v1.1正式发布!", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491680&idx=1&sn=5fac3da92a08ffecc0a205595f236328", - "description": "过360核晶、火绒 、微软、卡巴斯基(静态)\\\\x0d\\\\x0axlanyloader万能加载器", - "author": "星落安全团队", - "category": "星落安全团队", - "pubDate": "2024-12-10T00:00:14" - }, - { - "title": "如何寻找隐藏的参数", - "link": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496545&idx=1&sn=f5fa3d991b8bce754f69af9bce39e422", - "description": null, - "author": "迪哥讲事", - "category": "迪哥讲事", - "pubDate": "2024-12-09T23:41:24" - }, - { - "title": "渗透测试人员的 Burp Suite:HackBar", - "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485872&idx=1&sn=2603f14c6fdd1c0d01adb361b18ffc13", - "description": "每次针对特定漏洞手动插入新的有效载荷并检查其响应,这不是有点耗时且无聊的任务吗?", - "author": "三沐数安", - "category": "三沐数安", - "pubDate": "2024-12-09T23:19:45" - }, - { - "title": "【漏洞预警】SoftLab Integrate Google Drive身份认证绕过漏洞(CVE-2023-32117)", - "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489283&idx=1&sn=29b9004e3fdc168434fc378d44504590", - "description": null, - "author": "飓风网络安全", - "category": "飓风网络安全", - "pubDate": "2024-12-09T23:16:04" - }, - { - "title": "【漏洞情报】海信智能公交企业管理系统AdjustWorkHours.aspx SQL注入漏洞", - "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489283&idx=2&sn=5c93a143e811b95e8b77abdcb97f6599", - "description": null, - "author": "飓风网络安全", - "category": "飓风网络安全", - "pubDate": "2024-12-09T23:16:04" - }, - { - "title": "Zabbix SQL 注入漏洞(CVE-2024-42327)", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486212&idx=1&sn=a25394ea5d523773aa1771aebc8872fc", - "description": null, - "author": "天启实验室", - "category": "天启实验室", - "pubDate": "2024-12-09T20:52:21" - }, - { - "title": "SRC挖掘-验证码攻防问题总结分享", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247518596&idx=1&sn=b8f5c4c7744bd9a24cbfd7b6dc8362d9", - "description": null, - "author": "亿人安全", - "category": "亿人安全", - "pubDate": "2024-12-09T19:31:15" - }, - { - "title": "最强大的Android间谍软件曝光,可提取信息、密码和执行shell命令", - "link": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094241&idx=2&sn=ffebda2bff5fc391363ae248eb8be9d4", - "description": null, - "author": "网安百色", - "category": "网安百色", - "pubDate": "2024-12-09T19:30:23" - }, - { - "title": "SQL注入学习记录", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NzM4OTQ5NQ==&mid=2247484954&idx=1&sn=362865deeff0f3a6b60f8406f9b71269", - "description": null, - "author": "小杨学安全", - "category": "小杨学安全", - "pubDate": "2024-12-09T19:28:19" - }, - { - "title": "安全卫士 | 魔方安全漏洞周报", - "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzA5NDc0MA==&mid=2649291910&idx=1&sn=cce3441e3c4e73b5d7381cac3619dd88", - "description": "成事在微,筑防于先。魔方安全提醒您:注意企业网络空间资产安全!", - "author": "魔方安全", - "category": "魔方安全", - "pubDate": "2024-12-09T18:31:10" - }, - { - "title": "钓鱼网页散播银狐木马,远控后门威胁终端安全", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504176&idx=1&sn=27f99ecb6ba3c497677bde65758089d4", - "description": null, - "author": "听风安全", - "category": "听风安全", - "pubDate": "2024-12-09T18:24:17" - }, - { - "title": "APT-C-08(蔓灵花)组织新型攻击组件分析报告", - "link": "https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505075&idx=1&sn=e77800fcd72fe1d342a5c9e4d15de2f4", - "description": "360安全大脑监测到多起蔓灵花组织通过投递内部携带有chm恶意文档的压缩包附件的钓鱼邮件,诱导用户打开其中的chm文档,利用计划任务周期性回传受影响用户的机器名及用户名并同时下发后续攻击组件", - "author": "360威胁情报中心", - "category": "360威胁情报中心", - "pubDate": "2024-12-09T17:54:21" - }, - { - "title": "u200b潜藏在签名安装文件中的Koi Loader恶意软件", - "link": "https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513306&idx=1&sn=c196ec679f20bce97cec72e3aeae12f7", - "description": "近日,我们使用奇安信情报沙箱分析可疑Inno Setup安装文件,该文件带有数字签名,沙箱结果显示样本启动后运行powershell代码,从远程服务器下载JS脚本并执行,JS脚本进一步调用powershell代码从同一个服务器下载其他载荷。", - "author": "奇安信威胁情报中心", - "category": "奇安信威胁情报中心", - "pubDate": "2024-12-09T17:43:03" - }, - { - "title": "Windows进程", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247488931&idx=1&sn=b2ac667cb4bfa2ba329272b917c33369", - "description": null, - "author": "Relay学安全", - "category": "Relay学安全", - "pubDate": "2024-12-09T17:40:35" - }, - { - "title": "\\\"多引擎\\\"的资产识别、信息收集 | 干货", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519358&idx=2&sn=053fe593848492102cf308e4ce93de7f", - "description": null, - "author": "渗透安全团队", - "category": "渗透安全团队", - "pubDate": "2024-12-09T17:08:43" - }, - { - "title": "【 CVE-2024-38193 】Windows 0day漏洞已在野利用,PoC已发布", - "link": "https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260229&idx=1&sn=f6a11bf294dc8f32a86b9a5cafa66554", - "description": null, - "author": "骨哥说事", - "category": "骨哥说事", - "pubDate": "2024-12-09T16:48:48" - }, - { - "title": "基于安全产品DNS隧道流量分析", - "link": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247487855&idx=1&sn=ab33b11b9d2ec3860605cd33256b0f4b", - "description": "选择哪家的云都没问题,这里我选择的是TX云。", - "author": "蚁景网安", - "category": "蚁景网安", - "pubDate": "2024-12-09T16:30:38" - }, - { - "title": "哥斯拉源码解读+如何绕过waf检测", - "link": "https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247493811&idx=1&sn=db12565d91e55498d134dcb943e35185", - "description": null, - "author": "龙哥网络安全", - "category": "龙哥网络安全", - "pubDate": "2024-12-09T15:51:00" - }, - { - "title": "src|组合拳进入后台,拿下高危!", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484180&idx=1&sn=9bab0ede32aa0055770498bc9cd20a42", - "description": "src高危漏洞", - "author": "simple学安全", - "category": "simple学安全", - "pubDate": "2024-12-09T15:48:25" - }, - { - "title": "Windows 零日漏洞 CVE-2024-38193 在野外被利用:PoC 发布", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525485&idx=1&sn=a5aeff09df0da8ba8baa5a35ae43b833", - "description": null, - "author": "Ots安全", - "category": "Ots安全", - "pubDate": "2024-12-09T15:44:07" - }, - { - "title": "EarlyBird 技术:一种先进的恶意软件规避策略", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525485&idx=2&sn=f773a4d627cc7872c87f1808d64a1c57", - "description": null, - "author": "Ots安全", - "category": "Ots安全", - "pubDate": "2024-12-09T15:44:07" - }, - { - "title": "通过 NTLM 强制进行层次结构接管并中继到远程站点数据库上的 MSSQL", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525485&idx=3&sn=57070a075945c22af097a8ce86269e93", - "description": null, - "author": "Ots安全", - "category": "Ots安全", - "pubDate": "2024-12-09T15:44:07" - }, - { - "title": "【web安全】云密钥泄露排查与利用思路", - "link": "https://mp.weixin.qq.com/s?__biz=MzkzMzYzNzIzNQ==&mid=2247485459&idx=1&sn=fab08a0a3edea2775ca41953da798df6", - "description": "随着云技术逐步发展,云资源被运用在各个领域,aksk泄露的风险也逐渐得到越来越多的关注。本文提供对本地文件、日常浏览器访问js文件、安全测试期间抓包数据进行aksk泄露排查的简要方案,以及对aksk泄露文件、权限的排查思路。", - "author": "安全驾驶舱", - "category": "安全驾驶舱", - "pubDate": "2024-12-09T15:24:15" - }, - { - "title": "太棒辣 | 感谢大哥带我学习关于验证码逻辑漏洞这些事", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247487368&idx=1&sn=e37ec534c44ac5981864d0853b870a29", - "description": "犀利猪安全,带你上高速~", - "author": "犀利猪安全", - "category": "犀利猪安全", - "pubDate": "2024-12-09T15:14:22" - }, - { - "title": "Mitre_Att&ck框架T1518(软件发现)的简单实现", - "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484947&idx=1&sn=4c4d13bc392c72bb9d35a2e8103d4a31", - "description": null, - "author": "新蜂网络安全实验室", - "category": "新蜂网络安全实验室", - "pubDate": "2024-12-09T14:50:31" - }, - { - "title": "使用云访问凭证蜜标及时发现入侵行为", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTM5MDUxMA==&mid=2247501033&idx=1&sn=225f59063df401594c298e53353c8ab6", - "description": "云厂商自身具备一定的入侵行为检测能力,但依然存在检测规则被绕过、低危操作不触发告警的可能。那么作为云的使用者,在面对攻击者的入侵行为时,我们能做点什么呢?", - "author": "国际云安全联盟CSA", - "category": "国际云安全联盟CSA", - "pubDate": "2024-12-09T14:47:53" - }, - { - "title": "有PoC,Windows 0day漏洞CVE-2024-38193在野外被利用", - "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492986&idx=1&sn=09e54f7bf277f6cbca0f1c957c7e12cd", - "description": null, - "author": "独眼情报", - "category": "独眼情报", - "pubDate": "2024-12-09T14:02:03" - }, - { - "title": "【新手法】QR 码绕过浏览器隔离,实现恶意 C2 通信", - "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492986&idx=2&sn=2f68e8cdfddb9cf61b36ab3bb32c62e7", - "description": null, - "author": "独眼情报", - "category": "独眼情报", - "pubDate": "2024-12-09T14:02:03" - }, - { - "title": "【值得一看】财富 100 强公司中 40% 的 waf存在错误配置,导致易被绕过", - "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492986&idx=4&sn=6e677b7538a25ed316c371425b33a43f", - "description": null, - "author": "独眼情报", - "category": "独眼情报", - "pubDate": "2024-12-09T14:02:03" - }, - { - "title": "黑客利用 ProjectSend 漏洞对暴露的服务器进行后门处理", - "link": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580114&idx=1&sn=fa181017da36db2d6d5598cb97f6ec10", - "description": "尽管该漏洞已于 2023 年 5 月 16 日得到修复,但直到近期才为其分配了 CVE,导致用户没有意识到其严重性以及应用安全更新的紧迫性。", - "author": "嘶吼专业版", - "category": "嘶吼专业版", - "pubDate": "2024-12-09T14:00:32" - }, - { - "title": "[含POC]CyberPanel upgrademysqlstatus 远程命令执行漏洞(CVE-2024-51567)", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485555&idx=1&sn=ce73bb7765466995a3745ab23db7e56f", - "description": null, - "author": "安全光圈", - "category": "安全光圈", - "pubDate": "2024-12-09T13:44:15" - }, - { - "title": "Cobalt Strike Postex Kit 套件", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485646&idx=1&sn=1090b5ba2f204ef433973a730c3ae7b1", - "description": null, - "author": "securitainment", - "category": "securitainment", - "pubDate": "2024-12-09T13:37:14" - }, - { - "title": "干货|一文搞懂加密流量检测的解决方法和技术细节", - "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247132&idx=2&sn=db993f8d0a0734eefc16f2dd7aaa2ba9", - "description": null, - "author": "e安在线", - "category": "e安在线", - "pubDate": "2024-12-09T13:13:54" - }, - { - "title": "【免杀】冰蝎免杀 XlByPassBehinder 过360、火绒、微软 v1.2已更新!", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485853&idx=1&sn=d820e9417910db7fd86eaaf2d6aa0631", - "description": "XlByPassBehinder v1.2更新!\\\\x0d\\\\x0a经测试过过360、火绒、微软 \\\\x0d\\\\x0a支持自定义webshell连接密码", - "author": "威零安全实验室", - "category": "威零安全实验室", - "pubDate": "2024-12-09T10:35:13" - }, - { - "title": "vulnhub之Matrix-3的实践", - "link": "https://mp.weixin.qq.com/s?__biz=MzA3MjM5MDc2Nw==&mid=2650748856&idx=1&sn=669a6d84045d7efd002d8c6f6382d49b", - "description": null, - "author": "云计算和网络安全技术实践", - "category": "云计算和网络安全技术实践", - "pubDate": "2024-12-09T10:11:24" - }, - { - "title": "web应急之各中间件日志保存位置", - "link": "https://mp.weixin.qq.com/s?__biz=MjM5ODkxMTEzOA==&mid=2247484416&idx=1&sn=434f9fb6580367d1a6a13705e3b7f526", - "description": "web应急之各中间件日志保存位置,作者:雁过留痕@深信服MSS专家部", - "author": "安服仔的救赎", - "category": "安服仔的救赎", - "pubDate": "2024-12-09T10:10:28" - }, - { - "title": "某订货系统文件上传漏洞分析", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604707&idx=3&sn=c9de054d4fda0db26998079e2dad84c4", - "description": null, - "author": "黑白之道", - "category": "黑白之道", - "pubDate": "2024-12-09T09:58:21" - }, - { - "title": "接口测试二三事", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486308&idx=1&sn=3a7a66d35bf0ebaf1c3e608311c1c41e", - "description": null, - "author": "扫地僧的茶饭日常", - "category": "扫地僧的茶饭日常", - "pubDate": "2024-12-09T09:52:52" - }, - { - "title": "动态逃逸杀软的艺术", - "link": "https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247489197&idx=1&sn=6e201677c58d82a5f5f4fabf579346bf", - "description": "主要聚焦在流量、内存、行为上进行规避,并且组合了间接系统调用、反调试、反沙箱等技术进一步对抗杀软,也为后续综合逃逸EDR/XDR打下良好的基础", - "author": "安全洞察知识图谱", - "category": "安全洞察知识图谱", - "pubDate": "2024-12-09T09:43:42" - }, - { - "title": "【漏洞复现】Palo Alto PAN-OS身份认证绕过CVE-2024-0012及命令执行漏洞CVE-2024-9474", - "link": "https://mp.weixin.qq.com/s?__biz=MzkyMjcxNzE2MQ==&mid=2247484485&idx=1&sn=0f5b3d6588ad00afd34fe51811a012a4", - "description": "【漏洞复现】Palo Alto Networks PAN-OS身份认证绕过CVE-2024-0012及命令执行漏洞CVE-2024-9474", - "author": "白帽攻防", - "category": "白帽攻防", - "pubDate": "2024-12-09T09:34:02" - }, - { - "title": "CVE-2023-6553 WordPress存在的远程命令执行漏洞", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486227&idx=1&sn=a70bbbb6e66a54b7a6765ab23f927f9f", - "description": null, - "author": "TtTeam", - "category": "TtTeam", - "pubDate": "2024-12-09T09:33:26" - }, - { - "title": "RedLine信息窃取木马活动通过盗版企业软件瞄准俄罗斯企业", - "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793421&idx=3&sn=7d7ec00dc894ec04618b450e170fa2de", - "description": "信息窃取木马通过盗版软件激活工具威胁俄罗斯企业。", - "author": "军哥网络安全读报", - "category": "军哥网络安全读报", - "pubDate": "2024-12-09T09:00:17" - }, - { - "title": "\\\"多引擎\\\"的资产识别、信息收集", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwMDY5OTA3OA==&mid=2247483730&idx=1&sn=1e6684394884bcfdf2a1fee28dc25c19", - "description": null, - "author": "SecSentry", - "category": "SecSentry", - "pubDate": "2024-12-09T08:51:52" - }, - { - "title": "Wireshark & Packetdrill | TCP RST 之应用主动 RST 连接", - "link": "https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493057&idx=1&sn=136e392cdb02bb2bd94be1b73810f718", - "description": null, - "author": "Echo Reply", - "category": "Echo Reply", - "pubDate": "2024-12-09T08:08:11" - }, - { - "title": "安卓APP抓包大全", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509812&idx=1&sn=424628999b821b12940f0fbab27483ee", - "description": null, - "author": "李白你好", - "category": "李白你好", - "pubDate": "2024-12-09T08:03:07" - }, - { - "title": "Linux 网络故障排查笔记", - "link": "https://mp.weixin.qq.com/s?__biz=MzI1NzI5NDM4Mw==&mid=2247498432&idx=1&sn=27b48b918c2a18a56337f6c13ca213b1", - "description": null, - "author": "Docker中文社区", - "category": "Docker中文社区", - "pubDate": "2024-12-09T08:02:53" - }, - { - "title": "HTTPS也能明文抓包", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247509640&idx=1&sn=f34051af5a0f4bb89e3eb6a6b98d2b05", - "description": null, - "author": "kali笔记", - "category": "kali笔记", - "pubDate": "2024-12-09T08:01:28" - }, - { - "title": "超级详细 - PHP webshell 免杀步骤、姿势总结", - "link": "https://mp.weixin.qq.com/s?__biz=MzkzMDQ5MDM3NA==&mid=2247487271&idx=1&sn=74bff3a1cd79d6676389f202dc5ad838", - "description": null, - "author": "SecretTeam安全团队", - "category": "SecretTeam安全团队", - "pubDate": "2024-12-09T08:00:53" - }, - { - "title": "漏洞预警 | Apache Arrow R package反序列化漏洞", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491681&idx=2&sn=6e023ccd4d0d3fa65654c5c2d88ff938", - "description": "Apache Arrow R包存在反序列化漏洞,攻击者可通过构造恶意的Arrow IPC、Feather或Parquet文件,在元数据中嵌入恶意对象,当应用程序加载这些文件时,可能触发反序列化漏洞,从而导致任意代码执行。", - "author": "浅安安全", - "category": "浅安安全", - "pubDate": "2024-12-09T08:00:27" - }, - { - "title": "坑人的恶意域名解析", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486959&idx=1&sn=6d26ed5344fe905df5145d3826bd73d8", - "description": null, - "author": "进击的HACK", - "category": "进击的HACK", - "pubDate": "2024-12-09T07:55:30" - }, - { - "title": "等保命令||人大金仓数据库等保测评相关命令收藏这篇你就够用了", - "link": "https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502367&idx=1&sn=b042fcf974dff8819fba4cf0b509daa0", - "description": null, - "author": "网络安全与等保测评", - "category": "网络安全与等保测评", - "pubDate": "2024-12-09T07:47:04" - }, - { - "title": "【OSCP】 Kioptrix 提权靶机(1-5)全系列教程,Try Harder!绝对干货!", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247496963&idx=1&sn=646e34d7b03cef9741616ea8d7e20968", - "description": null, - "author": "泷羽Sec", - "category": "泷羽Sec", - "pubDate": "2024-12-09T07:44:19" - }, - { - "title": "JAVA安全之Groovy命令注入刨析", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493820&idx=2&sn=9ec5b54dd922368d1f30e2a9d62eaaaa", - "description": null, - "author": "七芒星实验室", - "category": "七芒星实验室", - "pubDate": "2024-12-09T07:01:05" - }, - { - "title": "关于内网代理、vm、frp、proxifier全局流量转发等问题", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzY5NDUyMQ==&mid=2247484915&idx=1&sn=0da135b7e90aa90e6681a61c423ec648", - "description": null, - "author": "flowers-boy", - "category": "flowers-boy", - "pubDate": "2024-12-09T01:27:03" - }, - { - "title": "关于内网代理、横向移动技巧", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzY5NDUyMQ==&mid=2247484890&idx=1&sn=9ca4a681145e7f8abcbdc2345c342eb8", - "description": null, - "author": "flowers-boy", - "category": "flowers-boy", - "pubDate": "2024-12-09T01:17:44" - }, - { - "title": "关于内网代理、横向移动技巧", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzY5NDUyMQ==&mid=2247484871&idx=1&sn=089ce3d21145f24a457defdeb38ba1c2", - "description": null, - "author": "flowers-boy", - "category": "flowers-boy", - "pubDate": "2024-12-09T00:39:17" - }, - { - "title": "高版本Fastjson反序列化Xtring新链和EventListenerList绕过", - "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517584&idx=1&sn=26963081ad3fb9b4c7daaf1a6ebb1da3", - "description": null, - "author": "船山信安", - "category": "船山信安", - "pubDate": "2024-12-09T00:00:37" - }, - { - "title": "免杀|先锋马免杀分享", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247517520&idx=1&sn=b2ba85beb3cd31cad51d5e6ac33969ba", - "description": null, - "author": "Z2O安全攻防", - "category": "Z2O安全攻防", - "pubDate": "2024-12-08T22:35:57" - }, - { - "title": "网络工程师必知:5种常见的防火墙类型", - "link": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649463458&idx=1&sn=03f5dc1be57f136c227974046cc727e1", - "description": "学网络,尽在网络技术联盟站!", - "author": "网络技术联盟站", - "category": "网络技术联盟站", - "pubDate": "2024-12-08T20:01:42" - }, - { - "title": "HTB_Vintage(思路)", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485349&idx=1&sn=a329b52351dc5b9a272eb4450c1df369", - "description": "HTB_Vintage(思路)+ windows(hard)+pre2k+krb5票据(getTGT)+bloodyAD+asreproast+dpapi", - "author": "羽泪云小栈", - "category": "羽泪云小栈", - "pubDate": "2024-12-08T20:00:10" - }, - { - "title": "无文件攻击概览:武器化 PowerShell 和 Microsoft 合法应用程序", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485637&idx=1&sn=e3658e19648848f897893d47b9925dde", - "description": null, - "author": "securitainment", - "category": "securitainment", - "pubDate": "2024-12-08T18:49:48" - }, - { - "title": "EDR 规避:利用硬件断点的新技术 – Blindside", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525470&idx=2&sn=8137725aa1e79d840d5907dab8750104", - "description": null, - "author": "Ots安全", - "category": "Ots安全", - "pubDate": "2024-12-08T18:18:17" - }, - { - "title": "PE文件结构:NT头部", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247484858&idx=1&sn=8564c27477338a8d3157b18e82a374a0", - "description": null, - "author": "风铃Sec", - "category": "风铃Sec", - "pubDate": "2024-12-08T15:48:48" - }, - { - "title": "RDP连接多开方法与利用思路", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493781&idx=2&sn=91e0f133a4824dcbbc882d716787520a", - "description": "文章前言本篇文章我们主要介绍在拿下目标域内主机的情况下,如何多开RDP链接且使得正常登录目标主机的用户不会被", - "author": "七芒星实验室", - "category": "七芒星实验室", - "pubDate": "2024-12-08T15:04:48" - }, - { - "title": "MalleableC2配置详解", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247484871&idx=1&sn=85dc63ec970621ccc35863a08e4aaade", - "description": "MalleableC2配置详解,解释了CS profile的配置项,为免杀和隐藏提供思路", - "author": "魔影安全实验室", - "category": "魔影安全实验室", - "pubDate": "2024-12-08T14:26:49" - }, - { - "title": "渗透测试 | 记一次信息泄露到学工系统", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486301&idx=1&sn=2dda1feb65b7d107523e4ea4e929921a", - "description": null, - "author": "扫地僧的茶饭日常", - "category": "扫地僧的茶饭日常", - "pubDate": "2024-12-08T14:08:26" - }, - { - "title": "一文看懂安卓JSB风险漏洞挖掘", - "link": "https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486237&idx=1&sn=61373f8016157b66e2c28307cdd3de53", - "description": null, - "author": "暴暴的皮卡丘", - "category": "暴暴的皮卡丘", - "pubDate": "2024-12-08T13:16:14" - }, - { - "title": "Mitre_Att&ck框架T1056.002(图形界面输入捕获)的简单实现", - "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484926&idx=1&sn=d38335e66a441a8cd2de7efe528ab730", - "description": "Mitre_Att\\\\x26amp;ck框架T1056.002(图形界面输入捕获)的简单实现", - "author": "新蜂网络安全实验室", - "category": "新蜂网络安全实验室", - "pubDate": "2024-12-08T13:00:48" - }, - { - "title": "Go :恶意软件开发(第二部分)", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503766&idx=1&sn=99017e10b273bcc56d5e09aa8c760946", - "description": "欢迎回来!!现在我们已经启动并运行了 TCP 服务器和客户端,", - "author": "安全狗的自我修养", - "category": "安全狗的自我修养", - "pubDate": "2024-12-08T12:40:41" - }, - { - "title": "【MalDev-08】反虚拟机", - "link": "https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247484339&idx=1&sn=3f7607badf404e2423c94c3f7f866e6e", - "description": "本章主要通过文件系统检测、硬件检测、基于时间的沙箱逃逸检测、注册表检测等方式进行反虚拟机。", - "author": "高级红队专家", - "category": "高级红队专家", - "pubDate": "2024-12-08T12:06:18" - }, - { - "title": "使用Azure CDN进行子域名接管", - "link": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247614596&idx=1&sn=651eb8cf208c293adf46552a30899075", - "description": null, - "author": "白帽子左一", - "category": "白帽子左一", - "pubDate": "2024-12-08T12:03:04" - }, - { - "title": "哥斯拉webshell管理工具二次开发规避流量检测设备", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492924&idx=1&sn=6480fbcef03f510d24353a08df6010ef", - "description": null, - "author": "夜组安全", - "category": "夜组安全", - "pubDate": "2024-12-08T12:02:41" - }, - { - "title": "渗透测试 | 记一次信息泄露到学工系统", - "link": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247545734&idx=1&sn=14b57260a20b172b8f5240f5b120005b", - "description": null, - "author": "掌控安全EDU", - "category": "掌控安全EDU", - "pubDate": "2024-12-08T12:02:22" - }, - { - "title": "基于包长语义的隧道内部攻击流量识别", - "link": "https://mp.weixin.qq.com/s?__biz=MzA3MTAwODc0NQ==&mid=2649891287&idx=1&sn=59212e83e259d2665f07853fa80de907", - "description": "ACM CCS 2024 论文抢先看!本文中,我们考量当攻击者启用隧道传输其攻击流量时,如何对攻击流量进行准确检测。", - "author": "赛博新经济", - "category": "赛博新经济", - "pubDate": "2024-12-08T11:35:58" - }, - { - "title": "burpsuite SQL注入插件", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486953&idx=1&sn=ab10862e21c3541f3bf996f5396697ec", - "description": null, - "author": "进击的HACK", - "category": "进击的HACK", - "pubDate": "2024-12-08T07:55:40" - }, - { - "title": "渗透测试实战—利用防火墙突破网络隔离", - "link": "https://mp.weixin.qq.com/s?__biz=MzkyNjczNzgzMA==&mid=2247484338&idx=1&sn=1d4e3af01af9eb42ccc7d8c19de30992", - "description": "渗透测试实战—利用防火墙突破网络隔离", - "author": "网安日记本", - "category": "网安日记本", - "pubDate": "2024-12-08T07:00:47" - }, - { - "title": "新型 C2 技术利用二维码绕过浏览器隔离", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505049&idx=2&sn=af32da1272fdc565fad633f0937681e3", - "description": null, - "author": "网络研究观", - "category": "网络研究观", - "pubDate": "2024-12-08T00:00:35" - }, - { - "title": "Windows 7 至 Windows 11 中存在新的 0 Day NTLM 哈希泄露漏洞", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247504999&idx=3&sn=860de968b5da5269ea0ec755cd3e8392", - "description": null, - "author": "网络研究观", - "category": "网络研究观", - "pubDate": "2024-12-07T18:02:01" - }, - { - "title": "WEB前端逆向拦截页面跳转", - "link": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487787&idx=1&sn=c9f78157d67619339c84a9681a33dbba", - "description": "从网上求助学来的知识,都会写清楚原作者", - "author": "青衣十三楼飞花堂", - "category": "青衣十三楼飞花堂", - "pubDate": "2024-12-07T17:24:27" - }, - { - "title": "攻防|记一次溯源真实案例", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568203&idx=1&sn=2fdb04a880e088fc0b8f232f5adfd9f4", - "description": null, - "author": "马哥网络安全", - "category": "马哥网络安全", - "pubDate": "2024-12-07T17:00:24" - }, - { - "title": "TCP连接,是否是新开端口号和客户端进行交互?", - "link": "https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490258&idx=1&sn=db89cb9898e851c734a0830cf1f677fd", - "description": null, - "author": "车小胖谈网络", - "category": "车小胖谈网络", - "pubDate": "2024-12-07T16:51:29" - }, - { - "title": "Spring Properties 远程代码执行", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485622&idx=1&sn=c6b1a76d598054eb86efa917775f6188", - "description": null, - "author": "securitainment", - "category": "securitainment", - "pubDate": "2024-12-07T15:54:26" - }, - { - "title": "Windows 中存在严重0day,可导致用户凭据泄露", - "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492906&idx=1&sn=bcccbff213bc1e74461cb25625f86307", - "description": null, - "author": "独眼情报", - "category": "独眼情报", - "pubDate": "2024-12-07T14:15:15" - }, - { - "title": "制作一个可以绕过 Defender 的 Powershell Shellcode 下载器(无需绕过 Amsi)", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525456&idx=1&sn=1ff51ea83820483d2912dc91da0c103e", - "description": null, - "author": "Ots安全", - "category": "Ots安全", - "pubDate": "2024-12-07T13:09:10" - }, - { - "title": "新的 Windows 零日漏洞暴露 NTLM 凭据,已获得非官方补丁", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525456&idx=2&sn=36ccd1ade2da7b7093c538a25b09dc4a", - "description": null, - "author": "Ots安全", - "category": "Ots安全", - "pubDate": "2024-12-07T13:09:10" - }, - { - "title": "记一次简单的代码审计项目案例", - "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247485642&idx=1&sn=afcc7c4a8330cefeed2195326b87685f", - "description": null, - "author": "安全君呀", - "category": "安全君呀", - "pubDate": "2024-12-07T12:07:52" - }, - { - "title": "记一次JAVA代码审计过程", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485194&idx=1&sn=47071e2c86a784f6eeca99def55e03ef", - "description": null, - "author": "Jie安全", - "category": "Jie安全", - "pubDate": "2024-12-07T11:15:35" - }, - { - "title": "移动安全框架 (MobSF) 存在存储型XSS漏洞 | CVE-2024-53999", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604682&idx=3&sn=66e331213aaa69ebd6e06ba539c6cbae", - "description": null, - "author": "黑白之道", - "category": "黑白之道", - "pubDate": "2024-12-07T10:24:59" - }, - { - "title": "sqlmap被动代理小工具", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604682&idx=4&sn=b00a4b26e07c7fbcb487eb3616ea6456", - "description": null, - "author": "黑白之道", - "category": "黑白之道", - "pubDate": "2024-12-07T10:24:59" - }, - { - "title": "记一次JAVA代码审计过程", - "link": "https://mp.weixin.qq.com/s?__biz=MzkyMjM5NDM3NQ==&mid=2247486169&idx=1&sn=06e49fd2f6cf2dbdca4eb3c550ed86cf", - "description": null, - "author": "进击安全", - "category": "进击安全", - "pubDate": "2024-12-07T10:20:28" - }, - { - "title": "无补丁,I-O Data路由器0Day漏洞被利用", - "link": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651309095&idx=1&sn=c6dd464702642072510bbb85c37cb402", - "description": "补丁预计将在12月18日发布,因此在此之前用户将面临比较严重的风险。", - "author": "FreeBuf", - "category": "FreeBuf", - "pubDate": "2024-12-07T10:04:20" - }, - { - "title": "深度解析GoldenEyeDog APT组织最新攻击技术动向", - "link": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655261379&idx=1&sn=ee9f64fe9cbad33d1a141c69151701d7", - "description": null, - "author": "计算机与网络安全", - "category": "计算机与网络安全", - "pubDate": "2024-12-07T09:57:20" - }, - { - "title": "Mitre Att&ck框架T1036.006(文件名后面的空格)技术的简单实现", - "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484920&idx=1&sn=2bada6774d9702240e6f8d840640f4dc", - "description": "Mitre Att\\\\x26amp;ck框架T1036.006(文件名后面的空格)技术的简单实现", - "author": "新蜂网络安全实验室", - "category": "新蜂网络安全实验室", - "pubDate": "2024-12-07T09:04:06" - }, - { - "title": "俄黑客利用Cloudflare Tunnels和 DNS Fast-Flux 隐藏恶意软件针对乌克兰", - "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793408&idx=2&sn=62e5b7cce0750160459330d1cb527daf", - "description": "研究人员发现俄罗斯黑客组织利用Cloudflare Tunnels和 DNS Fast-Flux隐藏恶意软件的托管设施。", - "author": "军哥网络安全读报", - "category": "军哥网络安全读报", - "pubDate": "2024-12-07T09:01:41" - }, - { - "title": "新的Windows 0day漏洞:攻击者几乎无需用户交互即可窃取 NTLM 凭据", - "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793408&idx=3&sn=07c14519c7e26f4483bd662559941c89", - "description": "从win7到最新的win11 24h2均存在的新0day漏洞,打开文件夹就能触发。", - "author": "军哥网络安全读报", - "category": "军哥网络安全读报", - "pubDate": "2024-12-07T09:01:41" - }, - { - "title": "【PWN】堆溢出2.23 Off-By-One", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485038&idx=1&sn=2d307c01f15498c12c5bcad97233f8ab", - "description": "2.23堆溢出Off-By-One,unsortedbin泄露libc配置fastbin attack + realloc_hook调栈。", - "author": "智佳网络安全", - "category": "智佳网络安全", - "pubDate": "2024-12-07T08:30:49" - }, - { - "title": "漏洞预警 | Zabbix SQL注入漏洞", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491663&idx=1&sn=13f8337d2c5b035b77d6655b19c9fc53", - "description": "Zabbix前端的CUser类中的addRelatedObjects函数未对输入数据进行充分验证和转义,导致具有API访问权限的恶意用户可以通过user.get API传递特制输入触发SQL注入攻击。", - "author": "浅安安全", - "category": "浅安安全", - "pubDate": "2024-12-07T08:30:49" - }, - { - "title": "浅谈利用PDF钓鱼攻击", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247509598&idx=1&sn=be74c502c8b0cd301e12048e894f9257", - "description": "利用PDF文件,诱导用户点击文件,即可获取系统权限。", - "author": "kali笔记", - "category": "kali笔记", - "pubDate": "2024-12-07T08:00:57" - }, - { - "title": "云安全学习-密钥泄露与CF利用框架", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486945&idx=2&sn=beee676ac80e94387272c03affb7e5cb", - "description": "u200b首先认识下阿里云官方解释的什么是AccessKey:在调用阿里云API时您需要使用AccessKey完成身份验证。AccessKey包括AccessKey ID和AccessKey Secret,需要一起使用。", - "author": "进击的HACK", - "category": "进击的HACK", - "pubDate": "2024-12-07T07:56:26" - }, - { - "title": "【SDL实践指南】Foritify结构化规则定义", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493770&idx=2&sn=d76331319fa028f0f4379b0f87c23020", - "description": "基本介绍结构分析器匹配源代码中的任意程序结构,它的设计目的不是为了发现由执行流或数据流引起的问题,相反它通过", - "author": "七芒星实验室", - "category": "七芒星实验室", - "pubDate": "2024-12-07T07:00:42" - }, - { - "title": "实战红蓝:谈一谈NSmartProxy流量特征在实战中的表现", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486222&idx=1&sn=f1b43263c2fab0c92dd05ae1bcc4c16d", - "description": null, - "author": "TtTeam", - "category": "TtTeam", - "pubDate": "2024-12-07T00:01:07" - }, - { - "title": "PC逆向 -- 用户APC执行", - "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037147&idx=2&sn=2980166e539b9fecaf3f664831f7a1ae", - "description": null, - "author": "逆向有你", - "category": "逆向有你", - "pubDate": "2024-12-07T00:00:15" - }, - { - "title": "【免杀干货】杀毒软件检测详解", - "link": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247537058&idx=1&sn=e1aa16a7450e6eb919e87021ac20192a", - "description": "收藏学习", - "author": "教父爱分享", - "category": "教父爱分享", - "pubDate": "2024-12-06T23:59:45" - }, - { - "title": "【漏洞预警】SonicWall SMA100 SSL-VPN缓冲区溢出漏洞CVE-2024-45318", - "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489275&idx=1&sn=31722ca4a5e3edc74c5e218e4bfedbdf", - "description": null, - "author": "飓风网络安全", - "category": "飓风网络安全", - "pubDate": "2024-12-06T23:49:32" - }, - { - "title": "HTB-Vintage笔记", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTQxOTA3Ng==&mid=2247489250&idx=1&sn=e244c73804185afe5f0cf4752865bdbc", - "description": null, - "author": "Jiyou too beautiful", - "category": "Jiyou too beautiful", - "pubDate": "2024-12-06T23:17:24" - }, - { - "title": "网安瞭望台第9期:0day 情报,OAuth 2.0授权流程学习", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTkwODU3Ng==&mid=2247514008&idx=1&sn=5c670c62b4c5fa4a355f424e56645be1", - "description": "网安资讯分享\\\\x0d\\\\x0aDAILY NEWS AND KNOWLEDGE", - "author": "东方隐侠安全团队", - "category": "东方隐侠安全团队", - "pubDate": "2024-12-06T21:54:51" - }, - { - "title": "从JS代码审计到GraphQL利用的管理账户接管", - "link": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496534&idx=1&sn=493cff035c6dde66c5b31d96de6f3834", - "description": null, - "author": "迪哥讲事", - "category": "迪哥讲事", - "pubDate": "2024-12-06T21:38:57" - }, - { - "title": "CVE-2024-42327 Zabbix SQL注入 POC", - "link": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247495970&idx=1&sn=ff9a5f04745abfade7cb4ca85fc55840", - "description": null, - "author": "Khan安全攻防实验室", - "category": "Khan安全攻防实验室", - "pubDate": "2024-12-06T19:50:37" - }, - { - "title": "【安全圈】I-O Data路由器0Day漏洞被利用,无修复补丁", - "link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066435&idx=3&sn=bbca90f744a9f08fd2d2e9d95bb190e2", - "description": null, - "author": "安全圈", - "category": "安全圈", - "pubDate": "2024-12-06T19:00:27" - }, - { - "title": "混淆 Office 宏以逃避 Defender", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525341&idx=3&sn=197b8217ce933acb3c06e016737a1e79", - "description": null, - "author": "Ots安全", - "category": "Ots安全", - "pubDate": "2024-12-06T18:09:22" - }, - { - "title": "实战!一次超简单的网站后门利用体验", - "link": "https://mp.weixin.qq.com/s?__biz=MzIwMzc3NTkxMA==&mid=2247491233&idx=3&sn=cb494f72f9e49b7d0b8bc8158dbd176c", - "description": null, - "author": "电信云堤", - "category": "电信云堤", - "pubDate": "2024-12-06T18:01:43" - }, - { - "title": "未然威胁追踪 | 深度解析GoldenEyeDog APT组织最新攻击技术动向", - "link": "https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505657&idx=1&sn=22625bef15dad3040d367c97fb602c7e", - "description": "GoldenEyeDogAPT组织伪装常用软件诱导安装恶意程序,实现远程控制。", - "author": "华为安全", - "category": "华为安全", - "pubDate": "2024-12-06T17:30:32" - }, - { - "title": "CNNVD 关于SonicWall SMA100 安全漏洞的通报", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651461968&idx=1&sn=0a6663b04895b46371bd12da4468b547", - "description": "近日,国家信息安全漏洞库(CNNVD)收到关于SonicWall SMA100 安全漏洞(CNNVD-202412-487、CVE-2024-45318)情况的报送。", - "author": "CNNVD安全动态", - "category": "CNNVD安全动态", - "pubDate": "2024-12-06T17:10:06" - }, - { - "title": "恶意软件分析-代码注入", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247488896&idx=1&sn=68a8307a5264347a644d93378ae6d367", - "description": null, - "author": "Relay学安全", - "category": "Relay学安全", - "pubDate": "2024-12-06T17:09:18" - }, - { - "title": "新一代Webshell管理器", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568143&idx=2&sn=d5a6df73e38793ccfdecd67ecae32403", - "description": null, - "author": "马哥网络安全", - "category": "马哥网络安全", - "pubDate": "2024-12-06T17:00:34" - }, - { - "title": "SonicWall SMA100 SSLVPN 多个高危漏洞安全风险通告", - "link": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502571&idx=1&sn=c30e1d47ae1059542d59b52c7c4ddfd5", - "description": "致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。", - "author": "奇安信 CERT", - "category": "奇安信 CERT", - "pubDate": "2024-12-06T15:55:21" - }, - { - "title": "一文学会shiro反序列化", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484171&idx=1&sn=1a340e6c0983e249883ffa49c67206d3", - "description": "shiro反序列化漏洞", - "author": "simple学安全", - "category": "simple学安全", - "pubDate": "2024-12-06T15:43:51" - }, - { - "title": "金眼狗APT后门处置", - "link": "https://mp.weixin.qq.com/s?__biz=MjM5ODkxMTEzOA==&mid=2247484375&idx=1&sn=1f76fc8d445edfc4387c1d3e501f79dd", - "description": "金眼狗APT后门处置,作者:雁过留痕@深信服MSS专家部。", - "author": "安服仔的救赎", - "category": "安服仔的救赎", - "pubDate": "2024-12-06T15:09:14" - }, - { - "title": "组策略安全噩梦 第二部分", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485618&idx=2&sn=f01a6dd1559a75dd2631663c6b18d3e5", - "description": null, - "author": "securitainment", - "category": "securitainment", - "pubDate": "2024-12-06T14:56:20" - }, - { - "title": "Apache-HertzBeat开源实时监控系统存在默认口令漏洞【漏洞复现|附nuclei-POC】", - "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTcwOTMwMQ==&mid=2247484585&idx=1&sn=5454bc75cdf44fafbb3e5e8027140664", - "description": null, - "author": "脚本小子", - "category": "脚本小子", - "pubDate": "2024-12-06T14:40:57" - }, - { - "title": "【免杀】单文件一键击溃windows defender进程 v1.1发布!", - "link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485851&idx=1&sn=a1db0833cfab8195b3301d922d7b0538", - "description": "单文件一键击溃windows defender\\\\x0d\\\\x0a使用资源文件嵌入驱动,避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件,旧版本驱动证书已过期", - "author": "威零安全实验室", - "category": "威零安全实验室", - "pubDate": "2024-12-06T13:30:33" - }, - { - "title": "接口测试二三事", - "link": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247545690&idx=1&sn=3d45ecc2dd5998e9a91906e5ceaa5e69", - "description": null, - "author": "掌控安全EDU", - "category": "掌控安全EDU", - "pubDate": "2024-12-06T12:00:16" - }, - { - "title": "干货|一文搞懂加密流量检测的解决方法和技术细节", - "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247124&idx=2&sn=8e23579cb82d06948bf7f91642d24e49", - "description": null, - "author": "e安在线", - "category": "e安在线", - "pubDate": "2024-12-06T11:26:50" - }, - { - "title": "中国科学院信工所 | Snowflake代理请求的隐蔽性分析", - "link": "https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491417&idx=1&sn=948790356cdbfb890e36824bd672ac2d", - "description": "采用机器学习模型对Snowflake代理请求进行精准检测。", - "author": "安全学术圈", - "category": "安全学术圈", - "pubDate": "2024-12-06T10:26:45" - }, - { - "title": "攻防|记一次溯源真实案例", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604658&idx=3&sn=d0065fbf3c181a1e7c9cdac026f2895a", - "description": null, - "author": "黑白之道", - "category": "黑白之道", - "pubDate": "2024-12-06T10:03:46" - }, - { - "title": "一个绕过 EDR 的dumplsass免杀工具", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604658&idx=4&sn=01d4146012efc924fe7b8f0d366f971a", - "description": null, - "author": "黑白之道", - "category": "黑白之道", - "pubDate": "2024-12-06T10:03:46" - }, - { - "title": "工具集:BurpSuite-collections【burp插件合集】", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247484779&idx=1&sn=7b4c268d7c7db35eaad297a0fb50dcb9", - "description": null, - "author": "风铃Sec", - "category": "风铃Sec", - "pubDate": "2024-12-06T09:08:46" - }, - { - "title": "黑客利用 MOONSHINE 漏洞和 DarkNimbus 后门攻击", - "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793394&idx=2&sn=06277be44ef38c9683d24a9ef2472d1c", - "description": "趋势科技发的新报告。", - "author": "军哥网络安全读报", - "category": "军哥网络安全读报", - "pubDate": "2024-12-06T09:00:59" - }, - { - "title": "渗透测试人员的 Nmap:漏洞扫描", - "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485821&idx=1&sn=b98633172a515bdd2cbbfed5efdc3e30", - "description": "Nmap 脚本引擎 (NSE) 是 Nmap 最有效的功能之一,它允许用户准备和共享脚本,以自动执行涉及网络的众多任务。", - "author": "三沐数安", - "category": "三沐数安", - "pubDate": "2024-12-06T09:00:25" - }, - { - "title": "Mitre_Att&ck框架T1574.001技术(劫持Dll搜索顺序)的简单实现", - "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484913&idx=1&sn=38c952a43bd8d00d7d0251d15f3463c1", - "description": "Mitre_Att\\\\x26amp;ck框架T1574.001技术(劫持Dll搜索顺序)的简单实现", - "author": "新蜂网络安全实验室", - "category": "新蜂网络安全实验室", - "pubDate": "2024-12-06T09:00:25" - }, - { - "title": "利用伪装$Version Cookie绕过WAF防火墙", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492726&idx=1&sn=9e6c4dc27f3599ad2ca6487f320cf05c", - "description": "通过使用伪装的 $Version 属性,可以有效地绕过许多 Web 应用防火墙 (WAF)。此技术利用了许多 WAF 对 Cookie 标头解析的不一致性。", - "author": "二进制空间安全", - "category": "二进制空间安全", - "pubDate": "2024-12-06T08:55:58" - }, - { - "title": "Jolokia logback JNDI RCE漏洞复现", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY3MTM4Nw==&mid=2247484054&idx=1&sn=8a23efc97b5ae0c014ad74d391dd5717", - "description": "JNDI是 Java 命名与目录接口(Java Naming and Directory Interface),在J2EE规范中是重要的规范之一", - "author": "浩凯信安", - "category": "浩凯信安", - "pubDate": "2024-12-06T08:31:47" - }, - { - "title": "实战|记一次溯源真实案例", - "link": "https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517178&idx=1&sn=0970bac0e2ec58b8d9669c8556dd6001", - "description": null, - "author": "HACK之道", - "category": "HACK之道", - "pubDate": "2024-12-06T08:04:41" - }, - { - "title": "POC集合,框架nday漏洞利用", - "link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492910&idx=1&sn=09a010c00e7b570a4044e87718fd1ea4", - "description": null, - "author": "夜组安全", - "category": "夜组安全", - "pubDate": "2024-12-06T08:02:20" - }, - { - "title": "某订货系统文件上传漏洞分析", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509663&idx=1&sn=36790b3290209381053ccbb1036f3b23", - "description": null, - "author": "李白你好", - "category": "李白你好", - "pubDate": "2024-12-06T08:01:05" - }, - { - "title": "漏洞预警 | WordPress Elementor PDF生成器任意文件下载漏洞", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491646&idx=1&sn=e2735658a6d4f6f895d5a79139c28b03", - "description": "WordPress Elementor页面生成器插件PDF生成器的/elementor-84接口存在任意文件下载漏洞,未经身份验证的攻击者可以通过该漏洞下载服务器任意文件,从而获取大量敏感信息。", - "author": "浅安安全", - "category": "浅安安全", - "pubDate": "2024-12-06T08:00:57" - }, - { - "title": "漏洞预警 | 用友U8CRM SQL注入漏洞", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491646&idx=2&sn=146ed161d1ca3fb154097be23b43a507", - "description": "用友U8CRM客户关系管理系统存在SQL注入漏洞,未经身份验证的攻击者通过漏洞执行任意SQL语句,调用xp_cmdshell写入后门文件,执行任意代码,从而获取到服务器权限。", - "author": "浅安安全", - "category": "浅安安全", - "pubDate": "2024-12-06T08:00:57" - }, - { - "title": "新型网络钓鱼服务“Rockstar 2FA”来袭,微软 365 用户面临攻击威胁", - "link": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447899703&idx=1&sn=f8913402ae49952d0b206b8e65d7434a", - "description": "网络安全研究人员警告称,一种名为“Rockstar 2FA”的网络钓鱼即服务(PhaaS)工具包正被用于恶意邮件活动,旨在窃取微软 365 帐户凭据。", - "author": "技术修道场", - "category": "技术修道场", - "pubDate": "2024-12-06T08:00:48" - }, - { - "title": "[04]恶意文档分析-工具篇-OleTools(一)", - "link": "https://mp.weixin.qq.com/s?__biz=MzI4MDcxODc4MQ==&mid=2247485099&idx=1&sn=82a1499793e45c47eac7f2cb8af73806", - "description": "恶意文档分析,一学就会!", - "author": "Y1X1n安全", - "category": "Y1X1n安全", - "pubDate": "2024-12-06T08:00:44" - }, - { - "title": "浅谈红队中那些常见的场景和问题", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486926&idx=2&sn=ea58246c8cfed147506b4764e57aaaa2", - "description": "浅谈红队中那些常见的场景和问题。", - "author": "进击的HACK", - "category": "进击的HACK", - "pubDate": "2024-12-06T07:57:01" - }, - { - "title": "Villain C2", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503763&idx=1&sn=1b457900f24b3fe2e8c7f054f7f9a200", - "description": "乘坐 C2 快速前往 Revershell Lane 最近,除了 Cobalt Strike 之外,我一直在摆弄其他 C2,因为", - "author": "安全狗的自我修养", - "category": "安全狗的自我修养", - "pubDate": "2024-12-06T07:11:46" - }, - { - "title": "CVE-2024-22399 - SwingLazyValue利用链构造分析", - "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517492&idx=1&sn=f586d9016d9592f6f6dffa36d64a2eda", - "description": null, - "author": "船山信安", - "category": "船山信安", - "pubDate": "2024-12-06T02:00:41" - }, - { - "title": "ATT&CK红队评估实战靶场二", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzY5NDUyMQ==&mid=2247484853&idx=1&sn=9b889d07c5e333da0d5f5657dbb81ec6", - "description": null, - "author": "flowers-boy", - "category": "flowers-boy", - "pubDate": "2024-12-06T00:29:49" - }, - { - "title": "WAF自动化绕过工具 -- x-waf", - "link": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515071&idx=1&sn=214be935ebb249a12f64fd88a876dc30", - "description": null, - "author": "Web安全工具库", - "category": "Web安全工具库", - "pubDate": "2024-12-06T00:01:13" - }, - { - "title": "安卓逆向 -- 某定位软件分析", - "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037129&idx=1&sn=9f23954b167130ade615e71c326c9f4a", - "description": null, - "author": "逆向有你", - "category": "逆向有你", - "pubDate": "2024-12-06T00:00:49" - }, - { - "title": "PC逆向 -- 内核APC执行", - "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037129&idx=2&sn=48a950a51b0bb5f95804cd7fea6d5a97", - "description": null, - "author": "逆向有你", - "category": "逆向有你", - "pubDate": "2024-12-06T00:00:49" - }, - { - "title": "端口存活扫描工具 -- x-pscan(12月4日更新)", - "link": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247498834&idx=1&sn=de1e00a45bbc8c8e115645394496821f", - "description": null, - "author": "网络安全者", - "category": "网络安全者", - "pubDate": "2024-12-06T00:00:48" - }, - { - "title": "【免杀】单文件一键击溃windows defender进程 v1.1发布!", - "link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491607&idx=1&sn=803fe3abf2c407e54b3d4ec1545abeb0", - "description": "单文件一键击溃windows defender\\\\x0d\\\\x0a使用资源文件嵌入驱动,避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件,旧版本驱动证书已过期", - "author": "星落安全团队", - "category": "星落安全团队", - "pubDate": "2024-12-06T00:00:16" - }, - { - "title": "立即修复,微软驱动程序关键漏洞已被APT组织利用", - "link": "https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490066&idx=1&sn=19f10acfb4432ac39d26b9c846eece40", - "description": null, - "author": "信息安全大事件", - "category": "信息安全大事件", - "pubDate": "2024-12-05T20:24:32" - }, - { - "title": "SMB 中继:攻击、缓解、策略和有效的解决方案", - "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247504962&idx=1&sn=dae7a03ab07cc04acc999dbe7a920e9a", - "description": null, - "author": "网络研究观", - "category": "网络研究观", - "pubDate": "2024-12-05T19:17:18" - }, - { - "title": "【安全圈】立即修复,微软驱动程序关键漏洞已被APT组织利用", - "link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066421&idx=2&sn=c856137ec845bc74a8a86abc23c1eb69", - "description": null, - "author": "安全圈", - "category": "安全圈", - "pubDate": "2024-12-05T19:01:01" - }, - { - "title": "大模型的反序列化导致的RCE漏洞", - "link": "https://mp.weixin.qq.com/s?__biz=MzU0MzkzOTYzOQ==&mid=2247489539&idx=1&sn=69e2563458072584247038ace3c47897", - "description": "大模型RCE漏洞!!", - "author": "黑伞安全", - "category": "黑伞安全", - "pubDate": "2024-12-05T18:04:31" - }, - { - "title": "新型网络钓鱼活动利用损坏的 Word 文档来逃避安全保护", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525328&idx=1&sn=aa4690f683a66fd805db9c7b4ebb5d2f", - "description": null, - "author": "Ots安全", - "category": "Ots安全", - "pubDate": "2024-12-05T17:53:47" - }, - { - "title": "CVE-2024-42448 (CVSS 9.9):Veeam VSPC 中的严重 RCE 漏洞", - "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525328&idx=2&sn=9359464472ac9ce0e09e7e04e80d874f", - "description": null, - "author": "Ots安全", - "category": "Ots安全", - "pubDate": "2024-12-05T17:53:47" } ] \ No newline at end of file diff --git a/JSON/freebuf.json b/JSON/freebuf.json index 37aa625..42debbe 100644 --- a/JSON/freebuf.json +++ b/JSON/freebuf.json @@ -1,4 +1,92 @@ [ + { + "title": "FreeBuf周报 | Meta多款应用全球宕机;SaaS巨头被勒索攻击", + "link": "https://www.freebuf.com/news/417679.html", + "description": "总结推荐本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!", + "body": "各位 Buffer 周末好,以下是本周「FreeBuf周报」,我们总结推荐了本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!
近日,国家发展改革委颁布了新修订的《电力监控系统安全防护规定》(国家发展改革委2024年第27号令,以下简称《规定》),自2025年1月1日起施行,原《电力监控系统安全防护规定》(国家发展改革委2014年第14号令)同时废止。为便于各有关方面准确理解和把握政策内容,国家能源局有关负责同志接受采访,回答了记者提问。
原《规定》于2014", + "category": "资讯", + "pubDate": "Fri, 13 Dec 2024 15:59:44 +0800" + }, + { + "title": "大众和斯柯达曝12个组合漏洞,攻击者可在10米内无接触入侵", + "link": "https://www.freebuf.com/news/417642.html", + "description": "网络安全研究人员发现斯柯达和大众汽车的某些车型的车载娱乐系统中存在多个漏洞,这些漏洞可能让黑客远程跟踪并访问用户的敏感数据。", + "body": "
网络安全研究人员发现斯柯达和大众汽车的某些车型的车载娱乐系统中存在多个漏洞,这些漏洞可能让黑客远程跟踪并访问用户的敏感数据。
专门从事汽车网络安全的公司PCAuto",
+ "category": "资讯",
+ "pubDate": "Fri, 13 Dec 2024 13:42:33 +0800"
+ },
+ {
+ "title": "美国为何悬赏1000万美元,抓一个四川技术宅?",
+ "link": "https://www.freebuf.com/articles/neopoints/417627.html",
+ "description": "最近,美国国务院宣布了一个重磅消息,对一名中国籍黑客关天峰及其所涉团队实施悬赏通缉。",
+ "body": "最近,美国国务院宣布了一个重磅消息,对一名中国籍黑客关天峰及其所涉团队实施悬赏通缉。美国财政部也在一份声明中表示,已对总部位于成都的四川无声信息技",
+ "category": "观点",
+ "pubDate": "Fri, 13 Dec 2024 10:13:45 +0800"
+ },
+ {
+ "title": "FreeBuf早报 | 微软Azure多因素验证一小时内就被破解;虹膜写真或致信息泄露",
+ "link": "https://www.freebuf.com/news/417598.html",
+ "description": "由于存在一个关键漏洞,研究人员在大约一个小时内就破解了微软 Azure 的多因素身份验证(MFA)方法。",
+ "body": "
2024年12月8日-11日,全国网络安全标准化技术委员", + "category": "资讯", + "pubDate": "Thu, 12 Dec 2024 17:42:59 +0800" + }, + { + "title": "白帽世界大会 | HACKPROVE WORLD 2025全议题公布", + "link": "https://www.freebuf.com/fevents/417597.html", + "description": "报名方式:https://www.hackprove.com/events/conference", + "body": "
报名方式:
在当今数字化飞速发展的时代,企业越来越依赖复杂的云服务平台来推动业务创新与增长。然而,这些平台的广泛使用也伴随着潜在的安全风险,尤其是在处理敏感数据时。近期,关于ServiceNow的一系列关键漏洞(CVE-2024-4879、CVE-2024-5178 和 CVE-2024-5217)的披露,再次引发",
+ "category": "Web安全",
+ "pubDate": "Thu, 12 Dec 2024 14:46:21 +0800"
+ },
+ {
+ "title": "CISP-PTE:记录文件上传系统靶机做题思路(拿Key)",
+ "link": "https://www.freebuf.com/articles/web/417556.html",
+ "description": "记录CISP-PTE文件上传系统靶场解题思路,本系统共3个Key,考验的是整体的渗透思路流程,欢迎各位小白或者大佬进行交流学习!",
+ "body": " 发现只有一个文件上传系统:http://10.0.0.152:27689 经过测试发现:空格(%20)、#、union被过滤替换为空,但是空格(%20)可以使用%0a或%0d绕过、#可以使用%23绕过、union可以双写绕过 TISAX(Trusted Information Security Assessment Exchange)认证作为汽车行业和相关领域内的一项重要安全评估标准,其目的是为信息安全评估提供一种标准化的方法,以增强供应链中各参与方的信任度。对于希望在汽车行业中保持竞争力的企业而言,获得TISAX认证不仅是一个目标,更是",
+ "category": "标准与合规",
+ "pubDate": "Thu, 12 Dec 2024 11:20:41 +0800"
+ },
{
"title": "Windows 远程桌面服务漏洞允许攻击者执行远程代码",
"link": "https://www.freebuf.com/news/417532.html",
@@ -16,18 +104,34 @@
"pubDate": "Thu, 12 Dec 2024 10:46:00 +0800"
},
{
- "title": "Facebook、Instagram、WhatsApp 集体遭遇全球宕机",
+ "title": "关键的Windows UI自动化框架漏洞允许黑客绕过EDR",
+ "link": "https://www.freebuf.com/news/417529.html",
+ "description": "攻击者利用了Windows UIA来执行多种恶意活动,可巧妙地避开端点检测和响应(EDR)解决方案的监控。",
+ "body": " 一种新近开发的技术,利用了Windows的一个辅助功能框架——UI Automation(UIA),来执行多种恶意活动,同时巧妙地避开了端点检测和响应(EDR)解决方案的监控。 周三下午,Facebook、Instagram、Threads 和 WhatsApp 遭遇了全球性的大规模服务中断,不同地区的用户受到的影响程度各异。 ISO 27001信息安全管",
+ "category": "标准与合规",
+ "pubDate": "Wed, 11 Dec 2024 23:12:45 +0800"
+ },
{
"title": "大量用户吐槽,Microsoft 365 又大面积宕机",
"link": "https://www.freebuf.com/news/417504.html",
"description": "该中断导致用户无法访问 Microsoft 365 的Web 应用程序和 Microsoft 365 管理中心。",
- "body": " 微软正在调查一次普遍的中断,该中断导致用户无法访问 Microsoft 365 的Web 应用程序和 Microsoft 365 管理中心。这个问题影响了试图通过 Web 浏览器连接 Outlook 、OneDrive 和其他 Office 365 应用程序的用户。 这次中断发生几个小时前,影响到的用户遇到了错误信息,显示“我们正在遭遇服务中断。您打开的所有文件都已保存。在中断解",
+ "body": " 微软正在调查一次普遍的中断,该中断导致用户无法访问 Microsoft 365 的Web 应用程序和 Microsoft 365 管理中心。这个问题影响了试图通过 Web 浏览器连接 Outlook 、OneDrive 和其他 Office 365 应用程序的用户。 报告表明,该攻击活动开始于 2024 年 1 月,通过俄罗斯一些在线论坛向目标发送了包含RedLine数据窃取程序的HPDxLIB 激活工具,该工具主要用来激活一些商业软件。 这个安全漏洞(编号",
- "category": "资讯",
- "pubDate": "Wed, 11 Dec 2024 11:12:55 +0800"
- },
- {
- "title": "渗透测试 | ViewState反序列化漏洞详解",
- "link": "https://www.freebuf.com/articles/web/417387.html",
- "description": "在一次测试过程中遇到了这个ViewState的反序列化漏洞,本文学习一下viewstate的漏洞原理以及利用方式。",
- "body": " 在一次测试过程中遇到了这个ViewState的反序列化漏洞,当时对于利用方式以及原理都不太清楚,因此有了这边文章,学习一下viewstate的漏洞原理以及利用方式。 ViewState 是 ASP.NET(Activ",
- "category": "Web安全",
- "pubDate": "Tue, 10 Dec 2024 19:54:40 +0800"
- },
- {
- "title": "《2024全球AI网络安全产品洞察报告》正式发布 | FreeBuf咨询",
- "link": "https://www.freebuf.com/consult/417383.html",
- "description": "FreeBuf咨询联合天融信、蚂蚁集团、瑞数信息,共同撰写、发布报告,重点研究网安行业AI安全产品的市场规模、商业模式、发展挑战等。",
- "body": " 2024年3月,Microsoft Security Copilot正式发布,是全球首款真正意义上的AI安全产品,借助微软庞大的全球威胁情报和每天数十万亿个信源提供的信息,以快速检测、响应来帮助企业更好地应对当下日益严峻的网络安全形势。 例如用户可以向 Security Copilot 询问特定时间段内的可疑用户登录情况;甚至可以使用它来创建概述事件及其攻击链的 PowerPoi",
- "category": "咨询",
- "pubDate": "Tue, 10 Dec 2024 19:05:37 +0800"
- },
- {
- "title": "FreeBuf早报 | FBI建议用暗号戳穿语音克隆骗局;印度制药巨头遭到黑客攻击",
- "link": "https://www.freebuf.com/news/417351.html",
- "description": "近日,美国联邦调查局(FBI)发布了一项重要建议:与家人设置一个专属“暗号”或“暗语”,以应对日益猖獗的AI语音克隆骗局。",
- "body": " 近日,记者从公安部获悉,2022年以来,全国公安机关共侦破黑客类犯罪案件2430起、抓获犯罪嫌疑人7092名,有效斩断了以黑客犯罪为核心的黑产链条,切实保障了网络与数据安全,有力维护了网络空间正常秩序。 【最近在打vulnhub靶机时,有时候下载的.ova文件导入进vmware里面,但是无法修改网络模式,一点击就会出现不可恢复错误 这里我用me and my girlfriend靶机做测试 刚开始就正常导入,在vmware左侧空白处右键选择导入的靶机 安全研究人员 Jo",
- "category": "资讯",
- "pubDate": "Tue, 10 Dec 2024 10:43:31 +0800"
- },
- {
- "title": "俄罗斯APT组织打击乌克兰国防企业",
- "link": "https://www.freebuf.com/news/417299.html",
- "description": "根据一份新的报告,疑似俄罗斯的APT组织正在对乌克兰的军事和国防企业发动新的间谍活动。",
- "body": " 根据一份新的报告,疑似俄罗斯的APT组织正在对乌克兰的军事和国防企业发动新的间谍活动。 乌克兰军事计算机应急响应团队(MIL.CERT-UA)追踪到该活动的威胁行为者,代号为 UAC-0185 。该组织通过伪装成邀请函的钓鱼邮件,诱骗人们参加上周在基辅举行的一场合法国防会议。 本文总结自网宿安全演武实验室安全应急响应团队日常工作实践,主要介绍在Linux服务器环境出现明确或疑似的被入侵表现之后,安全人员如何在服务器系统中确认入侵结果,执行入侵后的溯源取证、入口定位、行为还原、后门定位等工作,以便及时清理病毒后门、加固系统,降低入侵影响。 在实际安全事件处理中,应",
- "category": "系统安全",
- "pubDate": "Mon, 09 Dec 2024 20:12:21 +0800"
- },
- {
- "title": "Linux应急响应思路和技巧(二):文件分析篇",
- "link": "https://www.freebuf.com/articles/system/413395.html",
- "description": "Linux系统一切皆文件,攻击本身与系统的交互也离不开文件,凭据访问、持久化、防御绕过、恶意样本落盘、提权等攻击阶段都会涉及到文件。",
- "body": " 在上一篇中,我们介绍了应急响应整体流程和如何从进程入手进行主机侧应急排查。 本篇我们将",
- "category": "系统安全",
- "pubDate": "Mon, 09 Dec 2024 20:10:21 +0800"
- },
- {
- "title": "腾讯云首届金融安全峰会圆满举办,让安全价值看得见",
- "link": "https://www.freebuf.com/articles/417280.html",
- "description": "12月6日,2024首届腾讯云金融安全峰会在上海成功举办。",
- "body": " 作为数字经济的重要组成部分之一,金融行业的发展与稳定一直备受关注。国家高度重视金融行业的数字化转型与安全建设,金融企业加速信息技术融合创新改造升级。中国人民银行等7部门联合印发的《推动数字金融高质量发展行动方案》提出,以数据要素和数字技术为关键驱动,加快推进金融机构数字化转型,夯实数字金融发展基础。 随着金融科技进入4.0时代,以人工智能(AI)、大数据、云计算和区块链等新兴技术",
- "category": "活动",
- "pubDate": "Mon, 09 Dec 2024 19:24:40 +0800"
- },
- {
- "title": "FreeBuf早报 | 普通用户手机发现间谍软件Pegasus;软件供应链巨头被勒索软件入侵",
- "link": "https://www.freebuf.com/news/417247.html",
- "description": "Termite 勒索软件团伙已正式声称对软件即服务提供商 Blue Yonder 的攻击行为负责,称窃取了 680GB 文件。",
- "body": " 据国家安全部微信号12月9日消息,长期以来,境外间谍情报机关将我党政机关、企事业单位工作人员视为拉拢策反、渗透利用的重点目标。近日,国家安全机关破获一起间谍案,涉案人员安某曾是众人眼中的“天之骄子”,却因未能抵御境外间谍情报机关的圈套诱惑,最终身陷囹圄",
- "category": "资讯",
- "pubDate": "Mon, 09 Dec 2024 16:10:28 +0800"
}
]
\ No newline at end of file
diff --git a/JSON/qianxin.json b/JSON/qianxin.json
index 8c5164a..30ac2e6 100644
--- a/JSON/qianxin.json
+++ b/JSON/qianxin.json
@@ -1,4 +1,18 @@
[
+ {
+ "guid": "https://forum.butian.net/share/3946",
+ "title": "议题解读:How I use a novel approach to exploit a limited OOB on Ubuntu at Pwn2Own Vancouver 2024",
+ "description": "议题介绍了一种新颖的 Linux 内核栈缓冲区越界写漏洞利用技巧,结合了内核栈分配机制和 ebpf 实现任意地址写修改 modprobe_path 完成利用。\n漏洞分析\n漏洞代码:\n\nnla_parse_nested 解析用户态...",
+ "source": "subject",
+ "pubDate": "2024-12-13 10:16:35"
+ },
+ {
+ "guid": "https://forum.butian.net/share/3921",
+ "title": "堆攻击tcache常见利用手法总结",
+ "description": "本篇文章详细记录了笔者对于glibc堆中和有关tcache攻击的理解,同时对常见利用手法进行了分析复现",
+ "source": "subject",
+ "pubDate": "2024-12-13 09:00:00"
+ },
{
"guid": "https://forum.butian.net/share/3981",
"title": "【病毒分析】2024年网鼎杯朱雀组REVERSE02——关于勒索木马解密详解",
@@ -54,19 +68,5 @@
"description": "本文章详细记录了笔者对qemu逃逸的理解,同时复现了两个经典的CTF中的qemu逃逸的题目,详细记录了复现的过程,希望对你学习qemu逃逸有所帮助",
"source": "subject",
"pubDate": "2024-12-05 09:36:56"
- },
- {
- "guid": "https://forum.butian.net/share/3912",
- "title": "基于ptrace的沙箱绕过",
- "description": "本文记录复现羊城杯hard-sandbox这道题的过程,并在途中学习了基于ptrace的沙箱绕过",
- "source": "subject",
- "pubDate": "2024-12-04 10:00:01"
- },
- {
- "guid": "https://forum.butian.net/share/3952",
- "title": "多轮对话越狱大模型",
- "description": "最近奇安信办的datacon有个AI安全赛道,其中的挑战之一就是与越狱相关的,不同的地方在于它关注的是多轮越狱",
- "source": "subject",
- "pubDate": "2024-12-04 09:00:02"
}
]
\ No newline at end of file
diff --git a/JSON/seebug.json b/JSON/seebug.json
index 99972ee..f4dde91 100644
--- a/JSON/seebug.json
+++ b/JSON/seebug.json
@@ -1,4 +1,12 @@
[
+ {
+ "title": "AI 作为新型黑客:开发进攻性安全代理\n",
+ "link": "https://paper.seebug.org/3253/",
+ "description": "作者:Leroy Jacob Valencia\n译者:知道创宇404实验室翻译组\n原文链接:https://arxiv.org/pdf/2406.07561\n摘要\n在网络安全这一宏大领域内,由防御性措施向主动防御的转变对于守护数字基础设施的安全至关重要。本文深入探讨了AI在主动防御网络安全中的角色,尤其是通过研发一个名为ReaperAI的独立AI代理,该代理被设计来模拟和实施网络攻击。借助于...\n",
+ "pubDate": "Fri, 13 Dec 2024 07:50:00 +0000",
+ "guid": "https://paper.seebug.org/3253/",
+ "category": "AI安全"
+ },
{
"title": "Qwen2.5-Coder 技术报告\n",
"link": "https://paper.seebug.org/3252/",
@@ -110,13 +118,5 @@
"pubDate": "Thu, 21 Nov 2024 02:19:00 +0000",
"guid": "https://paper.seebug.org/3238/",
"category": "专题报告"
- },
- {
- "title": "Identify Infrastructure Linked To LockBit 3.0 Ransomware Affiliates By ZoomEye Enhanced New Syntax\n",
- "link": "https://paper.seebug.org/3239/",
- "description": "Author: Knownsec 404 team\nDate: November 20, 2024\n中文版:https://paper.seebug.org/3238/\n1. Abstract\nLockBit 3.0 is a well-known ransomware operated through a "Ransomware-as-a-Service" (RaaS) model. Th...\n",
- "pubDate": "Tue, 19 Nov 2024 03:20:00 +0000",
- "guid": "https://paper.seebug.org/3239/",
- "category": "404 English Paper"
}
]
\ No newline at end of file
diff --git a/JSON/xianzhi.json b/JSON/xianzhi.json
index 9594eed..53c8f28 100644
--- a/JSON/xianzhi.json
+++ b/JSON/xianzhi.json
@@ -2,7 +2,7 @@
{
"title": "『2024GeekCTF』stkbof-初识hexagon架构PWN",
"link": "https://xz.aliyun.com/t/16695",
- "published": "2024-12-10T20:27:49+08:00",
+ "published": "2024-12-10T20:27:00+08:00",
"id": "https://xz.aliyun.com/t/16695",
"summary": {
"@type": "html",
@@ -129,16 +129,6 @@
"#text": "fastjson之parse和parseobject利用差异"
}
},
- {
- "title": "某内部比赛web题解",
- "link": "https://xz.aliyun.com/t/16679",
- "published": "2024-12-10T12:16:40+08:00",
- "id": "https://xz.aliyun.com/t/16679",
- "summary": {
- "@type": "html",
- "#text": "某内部比赛web题解"
- }
- },
{
"title": "2023巅峰极客-BabyURL复现分析",
"link": "https://xz.aliyun.com/t/16678",
@@ -998,5 +988,15 @@
"@type": "html",
"#text": "从零构建:我的漏洞扫描器之旅"
}
+ },
+ {
+ "title": "CS代码审计配合Jdbc反序列化漏洞的利用",
+ "link": "https://xz.aliyun.com/t/16536",
+ "published": "2024-12-03T23:58:20+08:00",
+ "id": "https://xz.aliyun.com/t/16536",
+ "summary": {
+ "@type": "html",
+ "#text": "CS代码审计配合Jdbc反序列化漏洞的利用"
+ }
}
]
\ No newline at end of file
diff --git a/README.md b/README.md
index 07b7979..9dc138a 100644
--- a/README.md
+++ b/README.md
@@ -3,19 +3,6 @@ RSS订阅链接来源:https://github.com/zhengjim/Chinese-Security-RSS k=&kO!#QQSFUWBT
zO~&yfP_LNrPs&mh?Hsw2o(SQ7X5)$9MSk^8buuLN&H_<@Bv_JS4TikT%Z0D8lHA2Y
zkD_SlXBZqx&p%KS*k}*x>(1P{k7rHNxNKM&j4k5`^bGz~U47n?YeX)e&y?7dGT04=
zM$^-CXhUcuw*)5Ul8rx!=g+%6=lG8G0=||*oATuB66>Eoueu0^2V5xK>=hq@-?_
zdX`saK-Kp?H~+goaK5?OZsl>(xJB_neBzYENIKO6&Yq}R>!G+;SK7%C)ZYr2qth&z
ze?s>QUt#(V^@QRyQD7Mf;q>ZbIkAjx`O)}e7=8?cv-q5XI=i#U)!_kOoC0X78%->y
zqe3Q-0yWha0bGf|u9Y{NAbzCV*J(77|Cs~LQu(WJSojhvIaHs$36`qb^@9M;@!mR~
zyN0W-UhF1UBM+)wR$m+M^a2a-zJ?Qd{ilZiVKT!pV6j{*Jh2vHb|{A!!uW4zA(xAh
OH86{R>WbdiI{pGR`;h+t
delta 1897
zcmZvd{ZA8j9LFg*#W5rqx-l`!cXM$fQSW-~m0mV8?aFkD+pI$~l0}40njmGgN|q&~
zrw5eBwq9X{B2Q9Vbd=&lseOR>7wo6~xWt(Ie(&xl{)Fw*9%`2?xgXlzrSI4G{ds@h
z=egp!;;+@62pq8JPOM#tRMnS0FR8Na`D>4@a;@^?cLplt3iI1ncPDorDgSlX>dvj5
z*0(}C{@hVpcB}OH+Rr;m9~<6{=)^Co_m;Ah=&z~iqY+JWdOb($5snYx{uqug@|4iL
zyM#Bj)RizFk;$Cm@#BqkIrx+$g38K$92iDT&UQzevkQ^&DE21tR1B|#@JvifMbyDD
zlJ$`%v*;+YG+U4ADZSw+O`8}KI&5jS*^v2ILtTg4-R R)J-Rp+X_7O@Jr_b#8k*+a_7n@A>$BrBHw_p9eJq)tca8^
z^4%GWAPS1ay@o6ahedL}N45&D9vQAaTK`D!vg8Ct$IHShCyt8 Wj#nuZ88cS=MZF=RlXVVXw%%NxPyLD6@7co)>D?4Re}4ZFwARw*8y6maqn
z|K3(gNQ)uMC0c_=Z7a|*6yPhqBy!juogzV3`a*`E3Lbe?-4~j7G&AsNf?GL2=!yw3
z6X24;4q4gQdOrL8+&hyQwP=%Gm8S_C_|~xC%d}?t1W>lvTzx?ciRDNrid-WlQ?7>u
zTvs}sVfw)=qU7r!T`w36k +BaC~?b^aem?A%$p zaCNNWX
近期,火绒工程师在日常关注安全动态时发现一个基于 Go 语言的勒索样本。分析发现,该样本会利用 AES 进行数据加密",
+ "category": "观点",
+ "pubDate": "Thu, 12 Dec 2024 15:03:31 +0800"
+ },
+ {
+ "title": "ServiceNow安全漏洞之探讨:CVE-2024系列深度分析",
+ "link": "https://www.freebuf.com/articles/web/417571.html",
+ "description": "本文将深入探讨这三项漏洞的技术细节及其潜在影响,揭示如何通过了解并应对这些风险,以保护企业数据的完整性和安全。",
+ "body": "前言
一、使用fscan扫描端口,查看哪些网站
一、SQL注入
(1)测试发现有4个字段:",
+ "category": "Web安全",
+ "pubDate": "Thu, 12 Dec 2024 11:30:41 +0800"
+ },
+ {
+ "title": "企业TISAX认证——从0到1设施指南(1)保姆级教程",
+ "link": "https://www.freebuf.com/articles/compliance/402074.html",
+ "description": "TISAX是为信息安全评估提供一种标准化的方法,以增强供应链中各参与方的信任度。",
+ "body": "
前言
",
+ "category": "资讯",
+ "pubDate": "Thu, 12 Dec 2024 10:40:20 +0800"
+ },
+ {
+ "title": "OpenAI、Facebook、Instagram、WhatsApp 集体全球宕机",
"link": "https://www.freebuf.com/news/417521.html",
"description": "周三下午,Facebook、Instagram、Threads 和 WhatsApp 遭遇了全球性的大规模服务中断。",
"body": "
前言:ISO 27001作为国际认可的信息安全管理体系标准,为组织提供了一个系统的框架,以保障其信息安全,提升市场竞争力。本文将详细介绍ISO/IEC 27001:2022标准如何从零开始,逐步建设并成功获得ISO 27001管理体系认证。
1、什么是27001信息安全管理体系认证
据Cyber Security News消息,卡巴斯基发现,一项仍在持续的攻击行为正利用盗版软件传播RedLine数据窃取程序,目标是一些俄国企业。
12月11日,Ivanti 向客户发出警告,提醒其 Cloud Services Appliance (CSA)解决方案存在一个新的最高严重性的认证绕过漏洞。
前言
ViewState基础介绍
ViewState机制
全球动态
1. 公安部重拳打击黑客犯罪保障网络安全
据Cyber Security News消息,网络安全研究团队 Zafran 最近在 Web 应用程序防火墙 (WAF) 服务配置中发现了一个被称为“BreakingWAF”的安全漏洞,该漏洞容易让许多财富 100强、1000强的公司受到网络攻击。
Termite 勒索软件团伙正式宣称对软件即服务(SaaS)提供商 Blue Yonder 的11 月攻击负责。Blue Yonder(前身为 JDA Software,作为 Panasonic 子公司运营)是总部位于亚利桑那州的供应链软件供应商,为零售商、制造商和物流供应商提供全球服务。
本文揭示了 DeepSeek 人工智能聊天机器人中的一个现已修补的安全漏洞的详细信息,如果成功利用,黑客可通过输入注入攻击方式控制受害者的账户。
前言
应急响应流程
前言
全球动态
1. 国家安全部:“天之骄子”泄露重要涉密事项,获刑10年
使用python-json进行格式化,然后使用飞书webhook机器人进行发送
config.yaml可指定大部分可能需要的参数
-### 问题反馈
-- 准点发送的文章在定点推送模式下可能会被遗漏推送
-
-### 下一步计划
-- 添加更多RSS订阅源
-- 将所有打印信息转为logging info并存档(已完成)
-- 将logging info转为异步的loguru(已完成)
-- 探查异常中断原因(已发现,获取rss源时的请求未做超时)
-- 添加超时机制,防止程序异常卡死(已完成)
-- 存档所有推送文章方便以后查看(已完成)
-- 添加更多推送方式,如邮件、微信等
-- 创建Web网页以展示最新推送
-
### 日志相关
请查看./log文件夹下内容
@@ -33,6 +20,7 @@ centos: `yum install screen`
随后便可直接运行:`python Core.py`
web运行:`python ./web/app.py`
随后web网页将会在本地5000端口启动,访问即可,使用反向代理即可以域名映射到外网
+直接访问web域名即可查看历史推送,访问路径/log即可查看程序运行日志
### 配置
首先先在飞书中创建群组,然后再创建WebHook机器人
diff --git a/FeishuSendBot.py b/SendCore/FeishuSendBot.py
similarity index 100%
rename from FeishuSendBot.py
rename to SendCore/FeishuSendBot.py
diff --git a/MailSendBot.py b/SendCore/MailSendBot.py
similarity index 100%
rename from MailSendBot.py
rename to SendCore/MailSendBot.py
diff --git a/QiweiSendBot.py b/SendCore/QiweiSendBot.py
similarity index 100%
rename from QiweiSendBot.py
rename to SendCore/QiweiSendBot.py
diff --git a/__pycache__/FeishuSendBot.cpython-312.pyc b/SendCore/__pycache__/FeishuSendBot.cpython-312.pyc
similarity index 86%
rename from __pycache__/FeishuSendBot.cpython-312.pyc
rename to SendCore/__pycache__/FeishuSendBot.cpython-312.pyc
index 89cd167a46d9e229847e83193f35c334162dd5b0..48f637e87604da3d44a08c5e8ccc7abcb03138d3 100644
GIT binary patch
delta 27
icmeB?m@2X19W$fh
+
+### 下一步计划
+- 添加更多RSS订阅源(持续进行中)
+- 将所有打印信息转为logging info并存档(已完成)
+- 将logging info转为异步的loguru(已完成)
+- 探查异常中断原因(已发现,获取rss源时的请求未做超时)
+- 添加超时机制,防止程序异常卡死(已完成)
+- 存档所有推送文章方便以后查看(已完成)
+- 添加更多推送方式,如邮件、微信等
+- 创建Web网页以展示最新推送(info.masonliu.com)
+
+### 更新日志
+- 2024年12月15日:优化了文件结构,修复了日志记录时的小BUG,添加web展示日志功能
\ No newline at end of file
diff --git a/__pycache__/SendBot.cpython-312.pyc b/__pycache__/SendBot.cpython-312.pyc
deleted file mode 100644
index d2f6ca1f11cf30adbf27668613f757294a00f2e4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 3650
zcmai0Yj7LY6~6n>b1h4L$dO~mS!`lkCVt|?G|)_2hm=5@LX%FhfzhnBD_gRpRd-i7
zHd3mDq;(3^Hm?Zm5N8so(*!$|0s%q`q@8xAe`FlS>XILx!IJG?$e}ZI(my?S<+U@w
z3|FJ`y62vA@7;U8d;ev#SrN3>ClB_H*%A62D|*v!3m;q>H?hOf!;TT_FS+Y_N?G
zl5QvcfP9w=DM(y$?!w1IS1>qU>Jj%amWdA%^m!Kkr12H6-tdAMDO_);V%2GEt#-Ru
zq@V8_CclmPnFpHZ#S>oJ6PF6^`bfIt(%MFm)mr3m*jCFvift=jemhqd6`@pV<{Mm}
zTMI3=Sc{6Sfxg)rWGan{UrWCW{n{+zRJ$&vgj6SFtDUU}#u1(ffJ2hGP7S{raVUo`
zewFRT7J-B81T{H>f7xFVs34Wj{(3nhg6}7)Tw)6`o
W_#eTxJMoicaCx
zSVF2G1Sge+C+F%VOj19#5!Xes)pg(^d8lvG0NEixtVAl4KvfDsrIFJDC?cijd!Ej{
z&y+Su
ad
zaUJ-eE;`zvicfR4Bwbr<{!J3X1Kk9|aB`2Tfr~0&mGauE+&T`SVh0Kf8x{U4ojlb+
z3VpH>>8{s1+R`p6=psENbl8U7b*qGU!S1cN1E32anivq-LKje3pyQ`XXKvRp-TUi;
z=}{H{d3ayED8t8
b#ro39?1c-6wUR*T5$l~#@JA4Q9q9Id;m`pQ
literal 69632
zcmeFaX>c58dglr11a-07SKIDstGe54iDpyEqq4G!ZCZv1NP;AQ2S6Qedwa5~vM3NB
z!3MzQF|v&UcwYd;`x38$NQojqiXsUD1Ua+oPyVnmG2z`$I}sB$vW|_3>6nO#y=P*7
zPreCM7AR2FwmdNh5dcUO3RUm@KF9z6e_B?&-PYqqGM!y(ot}tU^R1dWb87xL5~-=F
z(fRr|Uyt)OC-{1df2Tg=v9J5kYhL=ro@aU1BhUR!&AcD+?cvA65qLNP4@cnP2s|8t
zha>QC1RjpS!x4Bm0uM*v;Rrk&fp2I8mOt{ucNQ+3^L~$$>~On(-hqSrvu^k28{BoN
znLj?dbY(+bYeS^9?$x&&A~T-*;yP!o`(yrcLH6A_Pk!fn-<#7v$A3+ytEVl+OHcj#
zNX4s6JsNrOsYvkAmX0(ww>G@qurjiIWn)v_%J(C0HM}3GTh+R(v6(+^YG`i#@$|EM
z+Il+NNNdA;p~pJf*0s-gDD8Hqy4u$Fv~{kV@tgG
aQS$l@3!g^K*Y(>
z-83fxoOi|BRjiS^O-*aw-`upNePacP%QCEJ-166m>2o@4&DI>vwh~bb(3z9b61Edh
zx$&40OSlQp`3i=n`WuZd*6d|H-Kxvk#zV0wsMhlhPFKg~SKC0=s?`J@87x}i;yzd?
z^jStSdo#avK!Js!sQ~ILTscxWJoJrp#>doUY}<6A>6l@sQg$4wN8HZna3j*OsH3MW
zFlrCz%*sR76z%5uciYybJ2!SmN+)l!6cyw!vh