add qianxin

This commit is contained in:
MasonLiu 2024-12-05 00:03:51 +08:00
parent dd0073b497
commit 6445612e65
19 changed files with 2222 additions and 1950 deletions

51
Core.py
View File

@ -12,6 +12,8 @@ from GotoSend_4hou import Src_4hou
from GotoSend_anquanke import Src_anquanke from GotoSend_anquanke import Src_anquanke
from GotoSend_doonsec import Src_doonsec from GotoSend_doonsec import Src_doonsec
from GotoSend_xianzhi import Src_xianzhi from GotoSend_xianzhi import Src_xianzhi
from GotoSend_freebuf import Src_freebuf
from GotoSend_qianxin import Src_qianxin
# 加载参数 # 加载参数
def get_params(): def get_params():
@ -35,6 +37,8 @@ def send_job(time_1):
Src_anquanke(time_1) Src_anquanke(time_1)
Src_doonsec(time_1) Src_doonsec(time_1)
Src_xianzhi(time_1) Src_xianzhi(time_1)
Src_freebuf(time_1)
Src_qianxin(time_1)
def signal_handler(sig, frame): def signal_handler(sig, frame):
print("接收到退出信号,程序即将退出...") print("接收到退出信号,程序即将退出...")
@ -46,13 +50,16 @@ signal.signal(signal.SIGTERM, signal_handler) # kill命令
def main_loop(): def main_loop():
n = 1
while True: while True:
try: try:
# 执行任务 # 执行任务
print(f"{n}次执行,当前时间为:{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}")
crab_job() crab_job()
send_job(e_hour) send_job(e_hour)
print("执行完毕,等待下一次执行...") print("执行完毕,等待下一次执行...")
time.sleep(e_hour * 60 * 60 - 60) n += 1
time.sleep(e_hour * 60 * 60 - 3 * 60)
except Exception as e: except Exception as e:
print(f"发生错误: {e}, 程序已暂停") print(f"发生错误: {e}, 程序已暂停")
@ -72,11 +79,11 @@ def check_rss_status(url):
def test_rss_source(): def test_rss_source():
rss_info = "" rss_info = ""
# url_1 = check_rss_status("https://forum.butian.net/Rss") url_1 = check_rss_status("https://forum.butian.net/Rss")
# if url_1 == True: if url_1 == True:
# rss_info += "奇安信 源正常\n" rss_info += "奇安信 源正常\n"
# else: else:
# rss_info += f"奇安信 源异常: {url_1}\n" rss_info += f"奇安信 源异常: {url_1}\n"
url_2 = check_rss_status("https://wechat.doonsec.com/bayes_rss.xml") url_2 = check_rss_status("https://wechat.doonsec.com/bayes_rss.xml")
if url_2 == True: if url_2 == True:
@ -84,11 +91,11 @@ def test_rss_source():
else: else:
rss_info += f"洞见 源异常: {url_2}\n" rss_info += f"洞见 源异常: {url_2}\n"
# url_3 = check_rss_status("https://www.huawei.com/cn/rss-feeds/psirt/rss") url_3 = check_rss_status("https://www.huawei.com/cn/rss-feeds/psirt/rss")
# if url_3 == True: if url_3 == True:
# rss_info += "华为 源正常\n" rss_info += "华为 源正常\n"
# else: else:
# rss_info += f"华为 源异常: {url_3}\n" rss_info += f"华为 源异常: {url_3}\n"
# url_4 = check_rss_status("https://www.sec_wiki.com/news/rss") # url_4 = check_rss_status("https://www.sec_wiki.com/news/rss")
# if url_4 == True: # if url_4 == True:
@ -108,17 +115,17 @@ def test_rss_source():
else: else:
rss_info += f"嘶吼 源异常: {url_6}\n" rss_info += f"嘶吼 源异常: {url_6}\n"
# url_7 = check_rss_status("https://paper.seebug.org/rss/") url_7 = check_rss_status("https://paper.seebug.org/rss/")
# if url_7 == True: if url_7 == True:
# rss_info += "Seebug社区 源正常\n" rss_info += "Seebug社区 源正常\n"
# else: else:
# rss_info += f"Seebug社区 源异常: {url_7}\n" rss_info += f"Seebug社区 源异常: {url_7}\n"
# url_8 = check_rss_status("https://www.freebuf.com/feed") url_8 = check_rss_status("https://www.freebuf.com/feed")
# if url_8 == True: if url_8 == True:
# rss_info += "FreeBuf社区 源正常\n" rss_info += "FreeBuf社区 源正常\n"
# else: else:
# rss_info += f"FreeBuf社区 源异常: {url_8}\n" rss_info += f"FreeBuf社区 源异常: {url_8}\n"
url_9 = check_rss_status("https://xz.aliyun.com/feed") url_9 = check_rss_status("https://xz.aliyun.com/feed")
if url_9 == True: if url_9 == True:
@ -135,7 +142,7 @@ if __name__ == "__main__":
start_info += "程序已启动,当前时间为:" + datetime.now().strftime("%Y-%m-%d %H:%M:%S") + "\n" start_info += "程序已启动,当前时间为:" + datetime.now().strftime("%Y-%m-%d %H:%M:%S") + "\n"
start_info += "程序作者MasonLiu \t 开源地址:[GM-gitea](https://git.masonliu.com/MasonLiu/PyBot)" + "\n" start_info += "程序作者MasonLiu \t 开源地址:[GM-gitea](https://git.masonliu.com/MasonLiu/PyBot)" + "\n"
start_info += "时间配置:每隔" + str(e_hour) + "小时执行一次推送\n" start_info += "时间配置:每隔" + str(e_hour) + "小时执行一次推送\n"
start_info += "启用源:\n嘶吼\n洞见微信安全资讯\n安全客\n先知社区\n" start_info += "启用源:\n嘶吼\n洞见微信安全资讯\n安全客\n先知社区\n"
SendToFeishu(start_info, "程序信息") SendToFeishu(start_info, "程序信息")
# print(start_info) # print(start_info)
SendToFeishu(rss_info, "RSS源状态") SendToFeishu(rss_info, "RSS源状态")

134
GotoSend_freebuf.py Normal file
View File

@ -0,0 +1,134 @@
import json
import sqlite3
import os
from datetime import datetime, timedelta
from SendBot import SendToFeishu
def create_database():
conn = sqlite3.connect('./db/freebuf.db')
cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT,
link TEXT,
description TEXT,
pubDate DATETIME,
category TEXT
)''')
conn.commit()
conn.close()
def insert_data(data):
conn = sqlite3.connect('./db/freebuf.db')
cursor = conn.cursor()
for entry in data:
try:
# 解析 pubDate 字符串为 datetime 对象
pub_date = datetime.strptime(entry['pubDate'], '%a, %d %b %Y %H:%M:%S %z')
# 格式化 pubDate 为所需的格式
formatted_pub_date = pub_date.strftime('%Y-%m-%d %H:%M:%S')
except ValueError:
# 如果解析失败,使用原始 pubDate 字符串
formatted_pub_date = entry['pubDate']
cursor.execute('''
INSERT INTO articles (title, link, description, pubDate, category)
VALUES (?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['description'], formatted_pub_date, entry['category']))
conn.commit()
conn.close()
def get_freebuf_json():
# 检查文件是否存在
if not os.path.exists('./JSON/freebuf.json'):
raise FileNotFoundError(f"freebuf.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件
with open('./JSON/freebuf.json', 'r', encoding='utf-8') as file:
data = json.load(file)
# 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list):
raise ValueError("JSON文件格式错误请检查common.py是否异常")
# 提取所需字段并编号
total_data = []
for index, item in enumerate(data, start=1):
entry = {
"id": index,
"title": item.get("title", ""),
"link": item.get("link", ""),
"description": item.get("description", ""),
"pubDate": item.get("pubDate", ""),
"category": item.get("category", "")
}
total_data.append(entry)
return total_data
def select_articles(e_hour):
conn = sqlite3.connect('./db/freebuf.db')
cursor = conn.cursor()
# 获取当前日期和时间
now = datetime.now()
start_time = now - timedelta(hours=e_hour)
end_time = now
# 查询指定时间段内的数据
cursor.execute('''
SELECT * FROM articles
WHERE pubDate BETWEEN ? AND ?
''', (start_time.strftime('%Y-%m-%d %H:%M:%S'), end_time.strftime('%Y-%m-%d %H:%M:%S')))
results = cursor.fetchall()
conn.close()
return results
def clear_table():
conn = sqlite3.connect('./db/freebuf.db')
cursor = conn.cursor()
cursor.execute('DELETE FROM articles')
conn.commit()
conn.close()
def get_filtered_articles(entries):
result = ""
for entry in entries:
result += f"类型:{entry[5]}\t文章:{entry[1]}\n"
result += f"链接:{entry[2]}\t上传时间:{entry[4]}\n"
result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
return result
def Src_freebuf(e_hour):
if not os.path.exists('./db/freebuf.db'):
# 创建数据库和表
create_database()
# 清空表
clear_table()
# 获取 JSON 数据
freebuf_data = get_freebuf_json()
# 插入数据到数据库
insert_data(freebuf_data)
# 查询指定时间段内的数据
filtered_articles = select_articles(e_hour)
# print(filtered_articles)
if filtered_articles:
results = get_filtered_articles(filtered_articles)
print("Freebuf资讯递送中")
SendToFeishu(results, "Freebuf资讯递送")
print("-" * 40 + "\n")
# print(results)
else:
# 如果为空,则跳过执行
print("Freebuf数据为空跳过执行。")
# print(results)
if __name__ == "__main__":
Src_freebuf(4)

126
GotoSend_qianxin.py Normal file
View File

@ -0,0 +1,126 @@
import json
import sqlite3
import os
from datetime import datetime, timedelta
from SendBot import SendToFeishu
def create_database():
conn = sqlite3.connect('./db/qianxin.db')
cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT,
guid TEXT,
source TEXT,
description TEXT,
pubDate DATETIME
)''')
conn.commit()
conn.close()
def insert_data(data):
conn = sqlite3.connect('./db/qianxin.db')
cursor = conn.cursor()
for entry in data:
cursor.execute('''
INSERT INTO articles (title, guid, source, description, pubDate)
VALUES (?, ?, ?, ?, ?)
''', (entry['title'], entry['guid'], entry['source'], entry['description'], entry['pubDate']))
conn.commit()
conn.close()
def get_qianxin_json():
# 检查文件是否存在
if not os.path.exists('./JSON/qianxin.json'):
raise FileNotFoundError(f"qianxin.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件
with open('./JSON/qianxin.json', 'r', encoding='utf-8') as file:
data = json.load(file)
# 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list):
raise ValueError("JSON文件格式错误请检查common.py是否异常")
# 提取所需字段并编号
total_data = []
for index, item in enumerate(data, start=1):
entry = {
"id": index,
"title": item.get("title", ""),
"guid": item.get("guid", ""),
"description": item.get("description", ""),
"pubDate": item.get("pubDate", ""),
"source": item.get("source", "")
}
total_data.append(entry)
return total_data
def select_articles(e_hour):
conn = sqlite3.connect('./db/qianxin.db')
cursor = conn.cursor()
# 获取当前日期和时间
now = datetime.now()
start_time = now - timedelta(hours=e_hour)
end_time = now
# 查询指定时间段内的数据
cursor.execute('''
SELECT * FROM articles
WHERE pubDate BETWEEN ? AND ?
''', (start_time.strftime('%Y-%m-%d %H:%M:%S'), end_time.strftime('%Y-%m-%d %H:%M:%S')))
results = cursor.fetchall()
conn.close()
return results
def clear_table():
conn = sqlite3.connect('./db/qianxin.db')
cursor = conn.cursor()
cursor.execute('DELETE FROM articles')
conn.commit()
conn.close()
def get_filtered_articles(entries):
result = ""
for entry in entries:
result += f"来源:{entry[3]}\t文章:{entry[1]}\n"
result += f"链接:{entry[2]}\t上传时间:{entry[5]}\n"
result += f"描述:{entry[4]}\n"
result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
return result
def Src_qianxin(e_hour):
if not os.path.exists('./db/qianxin.db'):
# 创建数据库和表
create_database()
# 清空表
clear_table()
# 获取 JSON 数据
M_qianxin_data = get_qianxin_json()
# 插入数据到数据库
insert_data(M_qianxin_data)
# 查询指定时间段内的数据
filtered_articles = select_articles(e_hour)
# print(filtered_articles)
if filtered_articles:
results = get_filtered_articles(filtered_articles)
print("奇安信攻防社区资讯递送中:")
SendToFeishu(results, "奇安信攻防社区资讯递送")
print("-" * 40 + "\n")
# print(results)
else:
# 如果为空,则跳过执行
print("奇安信攻防社区数据为空,跳过执行。")
# print(results)
if __name__ == "__main__":
Src_qianxin(4)

File diff suppressed because one or more lines are too long

View File

@ -1,162 +1,162 @@
[ [
{ {
"guid": "https://www.anquanke.com/post/id/302345", "guid": "https://www.anquanke.com/post/id/302432",
"title": "全国首个海洋可信数据空间启动360筑牢海洋数据安全新防线", "title": "AI全新赋能360开启终端All in One 5.0时代",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "微信", "source": "微信",
"pubDate": "2024-12-02 15:32:30" "pubDate": "2024-12-04 14:44:35"
}, },
{ {
"guid": "https://www.anquanke.com/post/id/302342", "guid": "https://www.anquanke.com/post/id/302429",
"title": "MediaTek 修补了智能手机芯片组中的高严重性漏洞 CVE-2024-20125", "title": "日本加密服务因价值3.08亿美元的比特币被盗而关闭",
"author": " 安全客",
"description": null,
"source": "therecord",
"pubDate": "2024-12-04 14:36:18"
},
{
"guid": "https://www.anquanke.com/post/id/302426",
"title": "能源行业承包商称勒索软件攻击限制了对 IT 系统的访问",
"author": " 安全客",
"description": null,
"source": "therecord",
"pubDate": "2024-12-04 14:31:13"
},
{
"guid": "https://www.anquanke.com/post/id/302423",
"title": "韩国撤销戒严令,加密货币市场回暖",
"author": " 安全客",
"description": null,
"source": "Cointelegraph.com News",
"pubDate": "2024-12-04 14:25:11"
},
{
"guid": "https://www.anquanke.com/post/id/302420",
"title": "法国移动运营商联手应对日益猖獗的欺诈行为",
"author": " 安全客",
"description": null,
"source": "infosecurity",
"pubDate": "2024-12-04 11:31:24"
},
{
"guid": "https://www.anquanke.com/post/id/302417",
"title": "ASA漏洞CVE-2014-2120正在被恶意利用",
"author": " 安全客",
"description": null,
"source": "securityaffairs",
"pubDate": "2024-12-04 11:24:59"
},
{
"guid": "https://www.anquanke.com/post/id/302414",
"title": "Play Store上发现15款针对数百万人的SpyLoan应用程序",
"author": " 安全客",
"description": null,
"source": "hackread",
"pubDate": "2024-12-04 11:19:55"
},
{
"guid": "https://www.anquanke.com/post/id/302411",
"title": "保护您的网络: Zyxel 发布固件更新",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "securityonline", "source": "securityonline",
"pubDate": "2024-12-02 15:20:44" "pubDate": "2024-12-04 11:02:26"
}, },
{ {
"guid": "https://www.anquanke.com/post/id/302339", "guid": "https://www.anquanke.com/post/id/302407",
"title": "ShadowHound使用隐蔽高效的摄取器增强 Active Directory 侦察", "title": "谷歌浏览器解决 V8 JavaScript 引擎中的高严重性漏洞 (CVE-2024-12053)",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "securityonline", "source": "securityonline",
"pubDate": "2024-12-02 15:00:17" "pubDate": "2024-12-04 10:47:00"
}, },
{ {
"guid": "https://www.anquanke.com/post/id/302336", "guid": "https://www.anquanke.com/post/id/302404",
"title": "以加密货币钱包为目标的恶意 PyPI 软件包aiocpa 活动曝光", "title": "威胁行为者利用Gafgyt恶意软件利用配置错误的Docker远程API服务器进行攻击",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "securityonline", "source": "securityonline",
"pubDate": "2024-12-02 14:46:21" "pubDate": "2024-12-04 10:37:57"
}, },
{ {
"guid": "https://www.anquanke.com/post/id/302333", "guid": "https://www.anquanke.com/post/id/302397",
"title": "CVE-2024-52338 Apache Arrow R软件包存在严重安全漏洞允许任意执行代码", "title": "CVE-2024-48651ProFTPD 漏洞为攻击者提供 Root 访问权限",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "securityonline", "source": "securityonline",
"pubDate": "2024-12-02 14:40:00" "pubDate": "2024-12-03 15:23:53"
}, },
{ {
"guid": "https://www.anquanke.com/post/id/302330", "guid": "https://www.anquanke.com/post/id/302394",
"title": "CVE-2024-8672 CVSS 9.9Widget Options 插件中的严重缺陷威胁 100,000+ 个网站", "title": "针对 Windows 任务计划程序缺陷 CVE-2024-49039 发布的零日漏洞利用代码,该漏洞已被 RomCom Group 积极利用",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "securityonline", "source": "securityonline",
"pubDate": "2024-12-02 14:34:37" "pubDate": "2024-12-03 15:16:41"
}, },
{ {
"guid": "https://www.anquanke.com/post/id/302327", "guid": "https://www.anquanke.com/post/id/302390",
"title": "CVE-2024-11980 CVSS 10十亿电动路由器中的严重缺陷", "title": "领跑中国市场360安全大模型获权威机构安全运营实测认证",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-02 14:25:47"
},
{
"guid": "https://www.anquanke.com/post/id/302321",
"title": "被武器化的 Windows 工具 Wevtutil.exe 在新型攻击中被利用",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-02 11:19:00"
},
{
"guid": "https://www.anquanke.com/post/id/302318",
"title": "Trellix 企业安全管理器修补关键漏洞,包括 CVE-2024-11482 (CVSS 9.8)",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-02 10:45:29"
},
{
"guid": "https://www.anquanke.com/post/id/302315",
"title": "“Toast代码”行动 深度剖析 TA-RedAnt 对零日漏洞CVE-2024-38178的利用",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-02 10:39:57"
},
{
"guid": "https://www.anquanke.com/post/id/302311",
"title": "唯一入选两大创新典型案例360安全大模型闪耀乌镇",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "微信", "source": "微信",
"pubDate": "2024-11-29 14:16:14" "pubDate": "2024-12-03 15:01:22"
}, },
{ {
"guid": "https://www.anquanke.com/post/id/302308", "guid": "https://www.anquanke.com/post/id/302387",
"title": "利用 CleverSoar 安装程序和 Nidhogg Rootkit 的恶性恶意软件活动", "title": "黑客利用 DeFi 漏洞在 2024 年从加密货币中盗取 14.8 亿美元",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "securityonline", "source": "hackread",
"pubDate": "2024-11-29 11:31:18" "pubDate": "2024-12-03 14:56:10"
}, },
{ {
"guid": "https://www.anquanke.com/post/id/302305", "guid": "https://www.anquanke.com/post/id/302384",
"title": "发布 PoCWindows 驱动程序中的整数溢出漏洞可导致权限升级", "title": "施乐、诺基亚、美国银行、摩根士丹利等公司 76 万员工的数据在网上泄露",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-11-29 11:22:55"
},
{
"guid": "https://www.anquanke.com/post/id/302302",
"title": "NHS 重大“网络事件”迫使医院使用笔和纸",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "theregister", "source": "theregister",
"pubDate": "2024-11-29 11:14:57" "pubDate": "2024-12-03 14:43:32"
}, },
{ {
"guid": "https://www.anquanke.com/post/id/302299", "guid": "https://www.anquanke.com/post/id/302381",
"title": "美国电信巨头 T-Mobile 检测到有线运营商的网络入侵企图", "title": "Horns & Hooves活动利用NetSupport和BurnsRAT进行广泛妥协",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-03 14:31:35"
},
{
"guid": "https://www.anquanke.com/post/id/302378",
"title": "从美国到阿联酋: APT35 扩大网络间谍活动范围",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-03 11:35:47"
},
{
"guid": "https://www.anquanke.com/post/id/302374",
"title": "德国联邦司法部发布计算机刑法草案,白帽黑客迎来合法曙光",
"author": " 安全客",
"description": null,
"source": "安全客",
"pubDate": "2024-12-03 11:14:52"
},
{
"guid": "https://www.anquanke.com/post/id/302371",
"title": "关于开展“清朗·网络平台算法典型问题治理”专项行动的通知",
"author": " 安全客",
"description": null,
"source": "国家网信办",
"pubDate": "2024-12-03 10:58:19"
},
{
"guid": "https://www.anquanke.com/post/id/302368",
"title": "新型 Ymir 勒索软件利用内存进行隐蔽攻击;目标是企业网络",
"author": " 安全客", "author": " 安全客",
"description": null, "description": null,
"source": "TheHackersNews", "source": "TheHackersNews",
"pubDate": "2024-11-29 11:03:29" "pubDate": "2024-12-03 10:49:26"
},
{
"guid": "https://www.anquanke.com/post/id/302296",
"title": "VPN 漏洞、弱凭据助长勒索软件攻击",
"author": " 安全客",
"description": null,
"source": "helpnetsecurity",
"pubDate": "2024-11-29 10:55:05"
},
{
"guid": "https://www.anquanke.com/post/id/302293",
"title": "CVE-2024-42330 (CVSS 9.1) Zabbix 修补了严重远程代码执行漏洞",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-11-29 10:49:22"
},
{
"guid": "https://www.anquanke.com/post/id/302290",
"title": "TikTok 在最新安全举措中瞄准改变外观的滤镜和未成年人用户",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-11-29 10:44:26"
},
{
"guid": "https://www.anquanke.com/post/id/302287",
"title": "信用卡盗刷恶意软件曝光: 针对 Magento 结账页面",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-11-29 10:35:03"
},
{
"guid": "https://www.anquanke.com/post/id/302284",
"title": "Contiki-NG 物联网操作系统修补关键漏洞",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-11-29 10:26:47"
} }
] ]

File diff suppressed because it is too large Load Diff

View File

@ -1,4 +1,92 @@
[ [
{
"title": "立即修复微软驱动程序关键漏洞已被APT组织利用",
"link": "https://www.freebuf.com/news/416830.html",
"description": "2024年8月微软发布安全更新已经修复该漏洞强烈建议组织及时进行修复。",
"body": "<p>近日微软被曝Windows AFD.sys漏洞编号CVE-2024-38193正在被黑客组织利用。该漏洞被归类为自带易受攻击驱动程序BYOVD漏洞可影响Windows套接字的注册I/ORIO扩展并允许攻击者远程接管整个系统。</p><p>漏洞影响版本包括Windows 11ARM64、x64多个版本、Windows 10ARM64、x64、32位多个版本、Wi",
"category": "资讯",
"pubDate": "Wed, 04 Dec 2024 14:37:40 +0800"
},
{
"title": "思科安全设备ASA十年老漏洞正在被利用",
"link": "https://www.freebuf.com/news/416826.html",
"description": "该漏洞最初于2014年披露它允许未经身份验证的远程攻击者对WebVPN用户执行XSS攻击。",
"body": "<p>近期思科系统公司Cisco Systems更新了关于CVE-2014-2120的安全公告警告客户该漏洞已在野外被利用。CVE-2014-2120是一个影响思科自适应安全设备ASA软件的WebVPN登录页面的跨站脚本XSS漏洞。该漏洞最初于2014年披露它允许未经身份验证的远程攻击者对WebVPN用户执行XSS攻击。</p><p><img src=\"https://image",
"category": "资讯",
"pubDate": "Wed, 04 Dec 2024 14:12:46 +0800"
},
{
"title": "因涉嫌实施侵入性的监控行为,苹果公司在加州被员工起诉",
"link": "https://www.freebuf.com/news/416797.html",
"description": "一名现任苹果员工于美国当地时间12月1日向加利福尼亚州法院提起诉讼指控苹果侵入性的监控行为干预了员工的个人生活。",
"body": "<p>据Cyber Security News消息一名现任苹果员工于美国当地时间12月1日向加利福尼亚州法院提起诉讼指控苹果侵入性的监控行为干预了员工的个人生活。</p><p><img src=\"https://image.3001.net/images/20241204/1733280393_674fc28912cc0257261a4.png!small\" alt=\"\" width=\"646",
"category": "资讯",
"pubDate": "Wed, 04 Dec 2024 10:34:21 +0800"
},
{
"title": "FreeBuf早报 | 苹果被员工起诉监控越界;暗网头目背叛终身监禁",
"link": "https://www.freebuf.com/news/416759.html",
"description": "苹果要求员工上班期间只能使用苹果设备,并鼓励他们在个人设备上也使用苹果产品。",
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 工信部通报27款侵害用户权益行为的APP及SDK</h3><p>近期工信部组织第三方检测机构进行抽查共发现27款App及SDK存在侵害用户权益行为主要集中在信息窗口关不掉、乱跳转违规收集个人信息以及过度索取权限等问题。工信部要求相关App开发者限期整改对于整改落实不到位的将采取企业约谈、App下架、行政处罚",
"category": "资讯",
"pubDate": "Tue, 03 Dec 2024 16:41:40 +0800"
},
{
"title": "知名开源监控系统Zabbix存在SQL 注入漏洞",
"link": "https://www.freebuf.com/news/416735.html",
"description": "攻击者可以通过操控特定的API调用注入恶意SQL代码从而获得未授权的访问和控制权限。",
"body": "<p style=\"list-style-type:none;\">Zabbix 存在 SQL 注入漏洞CVE-2024-42327该漏洞是由于在 Zabbix前端的CUser类中的addRelatedObjects函数未对输入数据进行充分验证和转义导致具有API访问权限的恶意用户可以通过user.get API传递特制输入触发SQL注入攻击进而利用该漏洞实现权限提升或访问敏感数据。</p",
"category": "资讯",
"pubDate": "Tue, 03 Dec 2024 13:46:22 +0800"
},
{
"title": "只需几分钟AWS密钥泄露即被利用",
"link": "https://www.freebuf.com/news/416720.html",
"description": "Clutch Security的研究人员进行了一项测试以查看这种情况发生的速度有多快。",
"body": "<p>开发者经常无意中在网上暴露AWS访问密钥这已不是秘密这些密钥在组织有机会撤销它们之前就被攻击者抓取并滥用。Clutch Security的研究人员进行了一项测试以查看这种情况发生的速度有多快。</p><p><img src=\"https://image.3001.net/images/20241203/1733204055_674e9857af59cfdecf8da.png!smal",
"category": "资讯",
"pubDate": "Tue, 03 Dec 2024 11:50:54 +0800"
},
{
"title": "新型恶意软件能利用LogoFAIL漏洞感染Linux系统",
"link": "https://www.freebuf.com/news/416709.html",
"description": "由韩国BoB培训计划的网络安全学生利用 LogoFAIL 漏洞创建了新型恶意软件Bootkitty能够攻击Linux系统设备。",
"body": "<p>据BleepingComputer消息韩国Best of the Best BoB 培训计划的网络安全学生利用 LogoFAIL 漏洞创建了新型恶意软件Bootkitty能够攻击Linux系统设备。</p><p>固件安全公司Binarly 于2023 年 11 月发现了 LogoFAIL并警告其可能被用于实际攻击。而安全公司ESET表示Bootkitty 是第一个专门针对 Lin",
"category": "资讯",
"pubDate": "Tue, 03 Dec 2024 11:12:26 +0800"
},
{
"title": "FreeBuf 赠书第109期 | API攻防Web API安全指南",
"link": "https://www.freebuf.com/articles/416686.html",
"description": "这本书就体系化地讲解了Web API 的漏洞挖掘方法和防御策略能够帮助组织构建起API安全体系。",
"body": "<p>知名网络安全公司HackerOne发布的《2023年黑客力量安全报告》透露已有30名优秀的白帽子各自获得了超100万美元的奖励而其中最厉害的白帽奖励超过了400万美元。</p><p>HackerOne是全球领先的漏洞赏金平台自2012年成立以来HackerOne已向白帽子和漏洞研究人员发放了超过3亿美元的奖励。</p><p>白帽遵循一套道德准则和职业操守,在获得组织的明确授权后,通过",
"category": "活动",
"pubDate": "Mon, 02 Dec 2024 18:54:59 +0800"
},
{
"title": "浅谈一次edusrc | 文件上传成功getshell",
"link": "https://www.freebuf.com/vuls/416682.html",
"description": "这篇文章偏基础的src漏洞挖掘并且讲的内容还是偏向edusrc方面的。",
"body": "<h2 id=\"h2-1\">0x1 前言</h2><p>这里记录一下我在微信小程序挖人社局等一些人力资源和社会保障部信息中心漏洞人社这类漏洞相对于web应用端的漏洞来讲要好挖很多里面的WAF过滤等一些验证也少。比如你在开始学习src漏洞挖掘就可以从微信小程序下手。<br />一般像这类漏洞可以在微信小程序检索<strong>就业、人社、贷款</strong>等关键字</p><p><img s",
"category": "漏洞",
"pubDate": "Mon, 02 Dec 2024 18:22:10 +0800"
},
{
"title": "FreeBuf早报 | 苹果Safari远程代码执行漏洞被广泛利用蓝牙芯片漏洞影响15亿用户",
"link": "https://www.freebuf.com/news/416669.html",
"description": "Safari中的一个关键远程代码执行漏洞已被发现并被广泛利用。该漏洞存在于WebKit的JavaScriptCore组件中。",
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 国家安全部:警惕开源信息成为泄密源头</h3><p>大数据时代,信息在网络空间发布、传播渠道愈发丰富多样。值得警惕的是,一些敏感信息在未经脱密处理、未经风险隐患评估的情况下,通过互联网公开传播,成为境外间谍情报机关获取开源情报的重要来源,对我国家安全构成威胁。 【<a href=\"https://www.secrss.",
"category": "资讯",
"pubDate": "Mon, 02 Dec 2024 17:27:57 +0800"
},
{
"title": "因软件更新丹麦第一电信运营商宕机超过24小时",
"link": "https://www.freebuf.com/news/416662.html",
"description": "丹麦电信运营商 TDC Net 遭遇大规模电信服务中断,导致所有用户无法使用移动电话、短信和网络接入服务。",
"body": "<p>上周11月28日丹麦发生了一起大规模手机故障事件。丹麦电信运营商 TDC Net 遭遇大规模电信服务中断,导致所有用户无法使用移动电话、短信和网络接入服务,持续时间长达至少一天。</p><p>这次中断事件严重扰乱了成千上万人的通信,并引发了人们对基本电信服务可靠性的严重担忧。受影响的群体包括紧急救援人员、医院和通勤上班一族,这表明了现代社会依赖无缝连接的程度。<img src=\"htt",
"category": "资讯",
"pubDate": "Mon, 02 Dec 2024 16:38:31 +0800"
},
{ {
"title": "印度电信安全新规引发大量吐槽", "title": "印度电信安全新规引发大量吐槽",
"link": "https://www.freebuf.com/news/416631.html", "link": "https://www.freebuf.com/news/416631.html",
@ -41,7 +129,7 @@
}, },
{ {
"title": "FreeBuf周报 | VPN正成为企业入侵的关键路径知名压缩工具7-Zip存在严重漏洞", "title": "FreeBuf周报 | VPN正成为企业入侵的关键路径知名压缩工具7-Zip存在严重漏洞",
"link": "https://www.freebuf.com/articles/416526.html", "link": "https://www.freebuf.com/news/416526.html",
"description": "总结推荐本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!", "description": "总结推荐本周的热点资讯、安全事件、一周好文和省心工具,保证大家不错过本周的每一个重点!",
"body": "<p>各位 Buffer 周末好以下是本周「FreeBuf周报」我们总结推荐了本周的热点资讯、安全事件、一周好文和省心工具保证大家不错过本周的每一个重点<img style=\"border-width:0px;line-height:inherit;max-width:635px;height:auto;\" src=\"https://image.3001.net/images/202209", "body": "<p>各位 Buffer 周末好以下是本周「FreeBuf周报」我们总结推荐了本周的热点资讯、安全事件、一周好文和省心工具保证大家不错过本周的每一个重点<img style=\"border-width:0px;line-height:inherit;max-width:635px;height:auto;\" src=\"https://image.3001.net/images/202209",
"category": "资讯", "category": "资讯",
@ -70,93 +158,5 @@
"body": "<p>Tor 项目已向隐私社区发出紧急呼吁,要求志愿者在今年年底前帮助部署 200 个新的 WebTunnel 桥以对抗政府审查。目前Tor 项目运营着 143 个 WebTunnel 网桥,帮助严格审查地区的用户绕过互联网访问限制和网站封锁,目前影响了浏览器内置的审查规避机制,包括 obfs4 连接和Snowflake。</p><p>Tor 项目认为,设置更多的 WebTunnel 网桥是对", "body": "<p>Tor 项目已向隐私社区发出紧急呼吁,要求志愿者在今年年底前帮助部署 200 个新的 WebTunnel 桥以对抗政府审查。目前Tor 项目运营着 143 个 WebTunnel 网桥,帮助严格审查地区的用户绕过互联网访问限制和网站封锁,目前影响了浏览器内置的审查规避机制,包括 obfs4 连接和Snowflake。</p><p>Tor 项目认为,设置更多的 WebTunnel 网桥是对",
"category": "资讯", "category": "资讯",
"pubDate": "Fri, 29 Nov 2024 11:33:37 +0800" "pubDate": "Fri, 29 Nov 2024 11:33:37 +0800"
},
{
"title": "知名工业WiFi接入点被曝存在20多个漏洞",
"link": "https://www.freebuf.com/news/416495.html",
"description": "Advantech工业级无线接入点设备被曝光存在近二十个安全漏洞部分漏洞可被恶意利用以绕过身份验证并执行高权限代码。",
"body": "<p>近期Advantech工业级无线接入点设备被曝光存在近二十个安全漏洞部分漏洞可被恶意利用以绕过身份验证并执行高权限代码。<img src=\"https://image.3001.net/images/20241129/1732851076_674935841806b8cad795e.png!small\" alt=\"\" /></p><p>网络安全公司Nozomi Networks在周三发布",
"category": "资讯",
"pubDate": "Fri, 29 Nov 2024 11:26:58 +0800"
},
{
"title": "摄像头贴很有必要,黑客可不激活指示器而调用摄像头",
"link": "https://www.freebuf.com/news/416480.html",
"description": "通过刷新联想ThinkPad X230笔记本电脑上的摄像头固件可在摄像头本身激活的情况下独立控制其LED。",
"body": "<p>在你的笔记本电脑上贴上摄像头并不是一个愚蠢的想法。一位安全工程师发现通过刷新联想ThinkPad X230笔记本电脑上的摄像头固件可在摄像头本身激活的情况下独立控制其LED。换句话说可以在摄像头指示器不亮的情况下悄悄调用笔记本的摄像头。</p><p><img src=\"https://image.3001.net/images/20241129/1732849151_67492dff",
"category": "资讯",
"pubDate": "Fri, 29 Nov 2024 10:22:37 +0800"
},
{
"title": "内网代理篇 | 实验过程记录",
"link": "https://www.freebuf.com/articles/network/415550.html",
"description": "因为内网经常遇到不同网段跳板机为linux命令行无法可视化访问web的问题这是我们不想看到的所以做了一次内网代理实验的记录快速开展实验解决以上问题。",
"body": "<h1>内网多层代理实验记录</h1><p>本次简单搭建了一个环境做多层代理测试目的是解决内网渗透因为网段不同或者linux跳板无法访问web服务的情况。搭建了此环境环境比较简陋用kali的setoolkit钓鱼工具输搭建了个web。然后用ssh隧道将流量转给了节点3的windows至于为何不用kali当节点。是因为想同时写ssh隧道的教程和venom的教程。</p><p>节点1:kali",
"category": "网络安全",
"pubDate": "Fri, 29 Nov 2024 09:19:29 +0800"
},
{
"title": "MORF一款轻量级移动端网络安全侦查框架",
"link": "https://www.freebuf.com/sectool/416461.html",
"description": "MORF是一款功能强大、轻量级且独立于平台的移动端网络安全工具旨在帮助广大安全研究人员轻松识别和处理移动应用程序中的敏感信息。",
"body": "<h2 id=\"h2-1\">关于MORF</h2><p>MORF是一款功能强大、轻量级且独立于平台的移动端网络安全工具旨在帮助广大安全研究人员轻松识别和处理移动应用程序中的敏感信息。</p><p><img src=\"https://image.3001.net/images/20241128/1732804244_67487e9432a399da8fd7f.png!small\" width=\"6",
"category": "工具",
"pubDate": "Thu, 28 Nov 2024 22:33:27 +0800"
},
{
"title": "JavaSecLab 一款综合Java漏洞平台",
"link": "https://www.freebuf.com/sectool/416442.html",
"description": "JavaSecLab是一款综合型Java漏洞平台提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范等。",
"body": "<h2 id=\"h2-1\">项目介绍</h2><p>JavaSecLab是<strong>一款综合型Java漏洞平台</strong>提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范覆盖多种漏洞场景友好用户交互UI……<br /><img src=\"https://image.3001.net/images/20241128/1732785853_674836bd53c",
"category": "工具",
"pubDate": "Thu, 28 Nov 2024 17:30:55 +0800"
},
{
"title": "零时科技 || DCF 攻击事件分析",
"link": "https://www.freebuf.com/articles/blockchain-articles/416431.html",
"description": "我们监控到BNB Smart Chain上的一起攻击事件被攻击的项目为DCF本次攻击共造成约440,000 USD的损失。",
"body": "<p><img src=\"https://image.3001.net/images/20241128/1732779893_67481f759aeb648c2571f.jpg!small\" alt=\"\" width=\"690\" height=\"184\" /></p><h2 id=\"h2-1\"><strong>背景介绍</strong></h2><p>2024年11月25日我们监控到 BNB S",
"category": "区块链安全",
"pubDate": "Thu, 28 Nov 2024 15:49:35 +0800"
},
{
"title": "Bootkitty首个针对Linux的UEFI引导程序恶意软件",
"link": "https://www.freebuf.com/news/416423.html",
"description": "研究人员发现了首个专门针对Linux系统UEFI引导程序恶意软件。",
"body": "<p>研究人员发现了首个专门针对Linux系统UEFI引导程序恶意软件这标志着以前专注于Windows的隐蔽且难以清除的引导程序威胁发生了转变。</p><p>这款名为“Bootkitty”的Linux恶意软件是一个概念验证仅在某些Ubuntu版本和配置上有效而不是实际攻击中部署的完全成熟的威胁。引导程序恶意软件旨在感染计算机的启动过程在操作系统加载之前运行从而允许其在非常低的级别上控制系",
"category": "资讯",
"pubDate": "Thu, 28 Nov 2024 15:09:35 +0800"
},
{
"title": "索赔800万元字节跳动起诉篡改代码攻击模型的实习生",
"link": "https://www.freebuf.com/news/416403.html",
"description": "字节跳动公司近日正式就前实习生田柯宇篡改代码并攻击公司内部模型训练一案向北京市海淀区人民法院提起诉讼。",
"body": "<p>字节跳动公司近日正式就前实习生田柯宇篡改代码并攻击公司内部模型训练一案向北京市海淀区人民法院提起诉讼该案已被法院受理。字节跳动在诉讼中请求法院判令田柯宇赔偿公司侵权损失共计800万元人民币及合理支出2万元人民币并要求其公开赔礼道歉以维护公司的合法权益和声誉。</p><p>此案背景可追溯至字节跳动于11月5日发布的《企业纪律与职业道德委员会通报》该通报向公司全员披露了事件的详细情况。通",
"category": "资讯",
"pubDate": "Thu, 28 Nov 2024 14:08:40 +0800"
},
{
"title": "代码审计实战 | 若依 RuoYi4.6.0",
"link": "https://www.freebuf.com/articles/system/416395.html",
"description": "RuoYi 是一个 Java EE 企业级快速开发平台,内置模块如:部门管理、角色用户、菜单及按钮授权等。",
"body": "<h2 id=\"h2-1\">一.环境搭建</h2><p>RuoYi 是一个 Java EE 企业级快速开发平台基于经典技术组合Spring Boot、Apache Shiro、MyBatis、Thymeleaf、Bootstrap内置模块如部门管理、角色用户、菜单及按钮授权、数据权限、系统参数、日志管理、通知公告等。在线定时任务配置支持集群支持多数据源支持分布式事务。本次对此框架代",
"category": "系统安全",
"pubDate": "Thu, 28 Nov 2024 13:39:49 +0800"
},
{
"title": "FreeBuf早报 | 全球最大盗版IPTV网络被清剿ChatGPT可攻击Linux和Windows",
"link": "https://www.freebuf.com/news/416388.html",
"description": "研究人员展示了人工智能AI在增强道德黑客实践方面的巨大潜力特别是在Linux环境中。",
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. ChatGPT在攻击Linux和Windows方面有巨大潜力</h3><p align=\"left\">研究人员展示了人工智能AI在增强道德黑客实践方面的巨大潜力特别是在Linux环境中。【外刊-<a href=\"https://cybersecuritynews.com/teaching-ai-to-hack/\"",
"category": "资讯",
"pubDate": "Thu, 28 Nov 2024 13:13:50 +0800"
},
{
"title": "微软或窃取你的Word、Excel文件以训练人工智能模型",
"link": "https://www.freebuf.com/news/416371.html",
"description": "微软在其生产力套件中的Connected Experiences选项已经引起了人们的恐慌有人指责默认设置可能会允许微软使用客户的Word和Excel文档及其他数据来训练AI模型。微软否认窃取个人文件的相关说法Windows相关方面强烈否认这些说法。一位发言人告诉The Register 杂志:“在 Microsoft 365的消费者和商业应用程序中微软不会在未经用户许可的情况下使用用户数据来训",
"body": "<p>微软在其生产力套件中的Connected Experiences选项已经引起了人们的恐慌有人指责默认设置可能会允许微软使用客户的Word和Excel文档及其他数据来训练AI模型。</p><p><b>微软否认窃取个人文件的相关说法</b></p><p>Windows相关方面强烈否认这些说法。一位发言人告诉The Register 杂志:“在 Microsoft 365的消费者和商业应用程序中",
"category": "资讯",
"pubDate": "Thu, 28 Nov 2024 11:32:43 +0800"
} }
] ]

View File

@ -1,4 +1,25 @@
[ [
{
"guid": "https://forum.butian.net/share/3912",
"title": "基于ptrace的沙箱绕过",
"description": "本文记录复现羊城杯hard-sandbox这道题的过程并在途中学习了基于ptrace的沙箱绕过",
"source": "subject",
"pubDate": "2024-12-04 10:00:01"
},
{
"guid": "https://forum.butian.net/share/3952",
"title": "多轮对话越狱大模型",
"description": "最近奇安信办的datacon有个AI安全赛道其中的挑战之一就是与越狱相关的不同的地方在于它关注的是多轮越狱",
"source": "subject",
"pubDate": "2024-12-04 09:00:02"
},
{
"guid": "https://forum.butian.net/share/3911",
"title": "Web Pwn常见利用方式总结",
"description": "本篇文章总结了web pwn常见的利用方式",
"source": "subject",
"pubDate": "2024-12-03 09:31:45"
},
{ {
"guid": "https://forum.butian.net/share/3916", "guid": "https://forum.butian.net/share/3916",
"title": "HKCERT24 Rev bashed 和 MBTI Radar WP", "title": "HKCERT24 Rev bashed 和 MBTI Radar WP",
@ -47,26 +68,5 @@
"description": "在漏洞挖掘中通过对js的挖掘可发现诸多安全问题此文章主要记录学习如何利用JS测试以及加密参数逆向相关的漏洞挖掘。", "description": "在漏洞挖掘中通过对js的挖掘可发现诸多安全问题此文章主要记录学习如何利用JS测试以及加密参数逆向相关的漏洞挖掘。",
"source": "subject", "source": "subject",
"pubDate": "2024-11-26 09:37:28" "pubDate": "2024-11-26 09:37:28"
},
{
"guid": "https://forum.butian.net/share/3899",
"title": "从rust堆看堆块伪造",
"description": "本文章详细分析了强网杯S8的chat_with_me这道题从rust堆看堆块伪造最后getshell",
"source": "subject",
"pubDate": "2024-11-22 10:00:02"
},
{
"guid": "https://forum.butian.net/share/3897",
"title": "go中栈溢出的总结",
"description": "本篇文章详细记录了自己复现强网杯S8中qroute这道题的过程并又做了一些CISCN中go的栈溢出相关题目记录了复现过程遇到的困难以及解决方法希望能对你学习go的栈溢出有所帮助",
"source": "subject",
"pubDate": "2024-11-21 09:00:00"
},
{
"guid": "https://forum.butian.net/share/3883",
"title": "Linux系统下反弹shell的理解",
"description": "之前研究过一段时间的反弹shell所以本文是我个人对反弹shell的理解当然本人才疏学浅如有啥错的地方各位师傅指出共同学习一起进步",
"source": "subject",
"pubDate": "2024-11-21 09:00:00"
} }
] ]

File diff suppressed because it is too large Load Diff

View File

@ -1,5 +1,9 @@
## 持续更新中 ## 持续更新中
RSS订阅链接来源https://github.com/zhengjim/Chinese-Security-RSS RSS订阅链接来源https://github.com/zhengjim/Chinese-Security-RSS <br>
使用python-json进行格式化然后使用飞书webhook机器人进行发送 使用python-json进行格式化然后使用飞书webhook机器人进行发送 <br>
config.yaml可指定大部分可能需要的参数 config.yaml可指定大部分可能需要的参数 <br>
### 使用方法:
先下载支持库:`pip install -r requirements.txt`
随后便可直接运行:`python Core.py`

Binary file not shown.

BIN
db/freebuf.db Normal file

Binary file not shown.

BIN
db/qianxin.db Normal file

Binary file not shown.

BIN
imgs/首次运行提示.jpg Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 53 KiB

View File

@ -135,3 +135,4 @@ def run():
huawei_main() huawei_main()
doonsec_main() doonsec_main()
qianxin_main() qianxin_main()