add xianzhi

This commit is contained in:
MasonLiu 2024-12-04 17:21:26 +08:00
parent 06581e8e2e
commit dd0073b497
12 changed files with 265 additions and 135 deletions

91
Core.py
View File

@ -1,5 +1,5 @@
import signal import signal
from datetime import datetime from datetime import datetime, timedelta
import sys import sys
import time import time
import yaml import yaml
@ -11,19 +11,18 @@ from media.xianzhi import xianzhi_main
from GotoSend_4hou import Src_4hou from GotoSend_4hou import Src_4hou
from GotoSend_anquanke import Src_anquanke from GotoSend_anquanke import Src_anquanke
from GotoSend_doonsec import Src_doonsec from GotoSend_doonsec import Src_doonsec
from GotoSend_xianzhi import Src_xianzhi
# 加载参数 # 加载参数
def get_params(): def get_params():
with open('./config.yaml', 'r', encoding="utf-8") as file: with open('./config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file) config = yaml.safe_load(file)
sleep_time = int(f"{config['sleep_time']}") sleep_time = int(f"{config['sleep_time']}")
s_hour = int(f"{config['s_hour']}")
e_hour = int(f"{config['e_hour']}") e_hour = int(f"{config['e_hour']}")
c_hour = int(f"{config['c_hour']}")
return sleep_time, s_hour, e_hour, c_hour return sleep_time, e_hour
sleep_time, s_hour, e_hour, c_hour = get_params() sleep_time, e_hour = get_params()
def crab_job(): def crab_job():
print("正在启动各爬虫并获取资源中...") print("正在启动各爬虫并获取资源中...")
@ -31,10 +30,11 @@ def crab_job():
xianzhi_main() xianzhi_main()
freebuf_main() freebuf_main()
def send_job(): def send_job(time_1):
Src_4hou(s_hour, e_hour) Src_4hou(time_1)
Src_anquanke(s_hour, e_hour) Src_anquanke(time_1)
Src_doonsec(s_hour, e_hour) Src_doonsec(time_1)
Src_xianzhi(time_1)
def signal_handler(sig, frame): def signal_handler(sig, frame):
print("接收到退出信号,程序即将退出...") print("接收到退出信号,程序即将退出...")
@ -44,21 +44,16 @@ def signal_handler(sig, frame):
signal.signal(signal.SIGINT, signal_handler) # Ctrl+C signal.signal(signal.SIGINT, signal_handler) # Ctrl+C
signal.signal(signal.SIGTERM, signal_handler) # kill命令 signal.signal(signal.SIGTERM, signal_handler) # kill命令
def main_loop(): def main_loop():
while True: while True:
try: try:
# 获取当前时间 # 执行任务
now = datetime.now()
# 检查是否为特定时间点
if now.hour == c_hour and now.minute == 5:
crab_job() crab_job()
send_job() send_job(e_hour)
print("执行完毕,等待下一次执行...") print("执行完毕,等待下一次执行...")
else: time.sleep(e_hour * 60 * 60 - 60)
pass
# print("正在等待执行...")
# print("等待间隔:", int(sleep_time))
time.sleep(sleep_time) # 每隔35秒执行一次
except Exception as e: except Exception as e:
print(f"发生错误: {e}, 程序已暂停") print(f"发生错误: {e}, 程序已暂停")
# SendToFeishu(f"发生错误: {e}, 程序已退出", "报错信息") # SendToFeishu(f"发生错误: {e}, 程序已退出", "报错信息")
@ -77,11 +72,11 @@ def check_rss_status(url):
def test_rss_source(): def test_rss_source():
rss_info = "" rss_info = ""
url_1 = check_rss_status("https://forum.butian.net/Rss") # url_1 = check_rss_status("https://forum.butian.net/Rss")
if url_1 == True: # if url_1 == True:
rss_info += "奇安信 源正常\n" # rss_info += "奇安信 源正常\n"
else: # else:
rss_info += f"奇安信 源异常: {url_1}\n" # rss_info += f"奇安信 源异常: {url_1}\n"
url_2 = check_rss_status("https://wechat.doonsec.com/bayes_rss.xml") url_2 = check_rss_status("https://wechat.doonsec.com/bayes_rss.xml")
if url_2 == True: if url_2 == True:
@ -89,17 +84,17 @@ def test_rss_source():
else: else:
rss_info += f"洞见 源异常: {url_2}\n" rss_info += f"洞见 源异常: {url_2}\n"
url_3 = check_rss_status("https://www.huawei.com/cn/rss-feeds/psirt/rss") # url_3 = check_rss_status("https://www.huawei.com/cn/rss-feeds/psirt/rss")
if url_3 == True: # if url_3 == True:
rss_info += "华为 源正常\n" # rss_info += "华为 源正常\n"
else: # else:
rss_info += f"华为 源异常: {url_3}\n" # rss_info += f"华为 源异常: {url_3}\n"
url_4 = check_rss_status("https://www.sec_wiki.com/news/rss") # url_4 = check_rss_status("https://www.sec_wiki.com/news/rss")
if url_4 == True: # if url_4 == True:
rss_info += "安全维基 源正常\n" # rss_info += "安全维基 源正常\n"
else: # else:
rss_info += f"安全维基 源异常: {url_4}\n" # rss_info += f"安全维基 源异常: {url_4}\n"
url_5 = check_rss_status("https://api.anquanke.com/data/v1/rss") url_5 = check_rss_status("https://api.anquanke.com/data/v1/rss")
if url_5 == True: if url_5 == True:
@ -113,17 +108,17 @@ def test_rss_source():
else: else:
rss_info += f"嘶吼 源异常: {url_6}\n" rss_info += f"嘶吼 源异常: {url_6}\n"
url_7 = check_rss_status("https://paper.seebug.org/rss/") # url_7 = check_rss_status("https://paper.seebug.org/rss/")
if url_7 == True: # if url_7 == True:
rss_info += "Seebug社区 源正常\n" # rss_info += "Seebug社区 源正常\n"
else: # else:
rss_info += f"Seebug社区 源异常: {url_7}\n" # rss_info += f"Seebug社区 源异常: {url_7}\n"
url_8 = check_rss_status("https://www.freebuf.com/feed") # url_8 = check_rss_status("https://www.freebuf.com/feed")
if url_8 == True: # if url_8 == True:
rss_info += "FreeBuf社区 源正常\n" # rss_info += "FreeBuf社区 源正常\n"
else: # else:
rss_info += f"FreeBuf社区 源异常: {url_8}\n" # rss_info += f"FreeBuf社区 源异常: {url_8}\n"
url_9 = check_rss_status("https://xz.aliyun.com/feed") url_9 = check_rss_status("https://xz.aliyun.com/feed")
if url_9 == True: if url_9 == True:
@ -139,9 +134,15 @@ if __name__ == "__main__":
start_info = "" start_info = ""
start_info += "程序已启动,当前时间为:" + datetime.now().strftime("%Y-%m-%d %H:%M:%S") + "\n" start_info += "程序已启动,当前时间为:" + datetime.now().strftime("%Y-%m-%d %H:%M:%S") + "\n"
start_info += "程序作者MasonLiu \t 开源地址:[GM-gitea](https://git.masonliu.com/MasonLiu/PyBot)" + "\n" start_info += "程序作者MasonLiu \t 开源地址:[GM-gitea](https://git.masonliu.com/MasonLiu/PyBot)" + "\n"
start_info += "时间配置:前一天 " + str(s_hour) + " 点到当天 " + str(e_hour) + " 点,每" + str(sleep_time) + "秒执行一次" + ";每日11点开始推送。" + "\n" start_info += "时间配置:每隔" + str(e_hour) + "小时执行一次推送\n"
start_info += "启用源:\n嘶吼\n洞见微信安全资讯\n安全客\n先知社区\n"
SendToFeishu(start_info, "程序信息") SendToFeishu(start_info, "程序信息")
# print(start_info) # print(start_info)
SendToFeishu(rss_info, "RSS源状态") SendToFeishu(rss_info, "RSS源状态")
# print(rss_info) # print(rss_info)
# 首次运行先暂停两分钟
time.sleep(2 * 60)
# 主程序
main_loop() main_loop()

View File

@ -66,16 +66,14 @@ def get_4hou_json():
return total_data return total_data
def query_articles_within_time_range(s_hour, e_hour): def select_articles(e_hour):
conn = sqlite3.connect('./db/4hou.db') conn = sqlite3.connect('./db/4hou.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
now = datetime.now() now = datetime.now()
start_time = datetime(now.year, now.month, now.day, s_hour) - timedelta(days=1) start_time = now - timedelta(hours=e_hour)
# print(start_time) end_time = now
end_time = datetime(now.year, now.month, now.day, e_hour)
# print(end_time)
# 查询指定时间段内的数据 # 查询指定时间段内的数据
cursor.execute(''' cursor.execute('''
@ -103,7 +101,7 @@ def get_filtered_articles(entries):
return result return result
def Src_4hou(s_hour, e_hour): def Src_4hou(e_hour):
if not os.path.exists('./db/4hou.db'): if not os.path.exists('./db/4hou.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
@ -118,17 +116,19 @@ def Src_4hou(s_hour, e_hour):
insert_data(M_4hou_data) insert_data(M_4hou_data)
# 查询指定时间段内的数据 # 查询指定时间段内的数据
filtered_articles = query_articles_within_time_range(s_hour, e_hour) filtered_articles = select_articles(e_hour)
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles)
SendToFeishu(results, "4hou资讯递送") print("嘶吼资讯递送中:")
SendToFeishu(results, "嘶吼资讯递送")
print("-" * 40 + "\n")
# print(results) # print(results)
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
print("4hou数据为空,跳过执行。") print("嘶吼数据为空,跳过执行。")
# print(results) # print(results)
if __name__ == "__main__": if __name__ == "__main__":
Src_4hou(11, 11) Src_4hou(4)

View File

@ -59,16 +59,14 @@ def get_anquanke_json():
return total_data return total_data
def query_articles_within_time_range(s_hour, e_hour): def select_articles(e_hour):
conn = sqlite3.connect('./db/anquanke.db') conn = sqlite3.connect('./db/anquanke.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
now = datetime.now() now = datetime.now()
start_time = datetime(now.year, now.month, now.day, s_hour) - timedelta(days=1) start_time = now - timedelta(hours=e_hour)
# print(start_time) end_time = now
end_time = datetime(now.year, now.month, now.day, e_hour)
# print(end_time)
# 查询指定时间段内的数据 # 查询指定时间段内的数据
cursor.execute(''' cursor.execute('''
@ -96,7 +94,7 @@ def get_filtered_articles(entries):
return result return result
def Src_anquanke(s_hour, e_hour): def Src_anquanke(e_hour):
if not os.path.exists('./db/anquanke.db'): if not os.path.exists('./db/anquanke.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
@ -111,12 +109,14 @@ def Src_anquanke(s_hour, e_hour):
insert_data(M_anquanke_data) insert_data(M_anquanke_data)
# 查询指定时间段内的数据 # 查询指定时间段内的数据
filtered_articles = query_articles_within_time_range(s_hour, e_hour) filtered_articles = select_articles(e_hour)
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles)
print("安全客资讯递送中:")
SendToFeishu(results, "安全客资讯递送") SendToFeishu(results, "安全客资讯递送")
print("-" * 40 + "\n")
# print(results) # print(results)
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
@ -124,4 +124,4 @@ def Src_anquanke(s_hour, e_hour):
# print(results) # print(results)
if __name__ == "__main__": if __name__ == "__main__":
Src_anquanke(11, 11) Src_anquanke(4)

View File

@ -66,16 +66,14 @@ def get_doonsec_json():
return total_data return total_data
def query_articles_within_time_range(s_hour, e_hour): def select_articles(e_hour):
conn = sqlite3.connect('./db/doonsec.db') conn = sqlite3.connect('./db/doonsec.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
now = datetime.now() now = datetime.now()
start_time = datetime(now.year, now.month, now.day, s_hour) - timedelta(days=1) start_time = now - timedelta(hours=e_hour)
# print(start_time) end_time = now
end_time = datetime(now.year, now.month, now.day, e_hour)
# print(end_time)
# 查询指定时间段内的数据 # 查询指定时间段内的数据
cursor.execute(''' cursor.execute('''
@ -104,7 +102,7 @@ def get_filtered_articles(entries):
return result return result
def Src_doonsec(s_hour, e_hour): def Src_doonsec(e_hour):
if not os.path.exists('./db/doonsec.db'): if not os.path.exists('./db/doonsec.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
@ -119,12 +117,14 @@ def Src_doonsec(s_hour, e_hour):
insert_data(M_doonsec_data) insert_data(M_doonsec_data)
# 查询指定时间段内的数据 # 查询指定时间段内的数据
filtered_articles = query_articles_within_time_range(s_hour, e_hour) filtered_articles = select_articles(e_hour)
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles)
print("洞见微信安全资讯递送中:")
SendToFeishu(results, "洞见微信安全资讯递送") SendToFeishu(results, "洞见微信安全资讯递送")
print("-" * 40 + "\n")
# print(results) # print(results)
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
@ -132,4 +132,4 @@ def Src_doonsec(s_hour, e_hour):
# print(results) # print(results)
if __name__ == "__main__": if __name__ == "__main__":
Src_doonsec(11, 11) Src_doonsec(4)

131
GotoSend_xianzhi.py Normal file
View File

@ -0,0 +1,131 @@
import json
import sqlite3
import os
from datetime import datetime, timedelta
from SendBot import SendToFeishu
def create_database():
conn = sqlite3.connect('./db/xianzhi.db')
cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT,
link TEXT,
published DATETIME
)''')
conn.commit()
conn.close()
def insert_data(data):
conn = sqlite3.connect('./db/xianzhi.db')
cursor = conn.cursor()
for entry in data:
try:
# 解析 published 字符串为 datetime 对象
pub_date = datetime.strptime(entry['published'], '%Y-%m-%dT%H:%M:%S%z')
# 格式化 published 为所需的格式
formatted_pub_date = pub_date.strftime('%Y-%m-%d %H:%M:%S')
# print(formatted_pub_date)
except ValueError:
# 如果解析失败,使用原始 published 字符串
formatted_pub_date = entry['published']
cursor.execute('''
INSERT INTO articles (title, link, published)
VALUES (?, ?, ?)
''', (entry['title'], entry['link'], formatted_pub_date))
conn.commit()
conn.close()
def get_xianzhi_json():
# 检查文件是否存在
if not os.path.exists('./JSON/xianzhi.json'):
raise FileNotFoundError(f"xianzhi.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件
with open('./JSON/xianzhi.json', 'r', encoding='utf-8') as file:
data = json.load(file)
# 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list):
raise ValueError("JSON文件格式错误请检查common.py是否异常")
# 提取所需字段并编号
total_data = []
for index, item in enumerate(data, start=1):
entry = {
"id": index,
"title": item.get("title", ""),
"link": item.get("link", ""),
"published": item.get("published", "")
}
total_data.append(entry)
return total_data
def select_articles(e_hour):
conn = sqlite3.connect('./db/xianzhi.db')
cursor = conn.cursor()
# 获取当前日期和时间
now = datetime.now()
start_time = now - timedelta(hours=e_hour)
end_time = now
# 查询指定时间段内的数据
cursor.execute('''
SELECT * FROM articles
WHERE published BETWEEN ? AND ?
''', (start_time.strftime('%Y-%m-%d %H:%M:%S'), end_time.strftime('%Y-%m-%d %H:%M:%S')))
results = cursor.fetchall()
conn.close()
return results
def clear_table():
conn = sqlite3.connect('./db/xianzhi.db')
cursor = conn.cursor()
cursor.execute('DELETE FROM articles')
conn.commit()
conn.close()
def get_filtered_articles(entries):
result = ""
for entry in entries:
result += f"文章:{entry[1]}\n"
result += f"链接:{entry[2]}\t上传时间:{entry[3]}\n"
result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
return result
def Src_xianzhi(e_hour):
if not os.path.exists('./db/xianzhi.db'):
# 创建数据库和表
create_database()
# 清空表
clear_table()
# 获取 JSON 数据
M_xianzhi_data = get_xianzhi_json()
# 插入数据到数据库
insert_data(M_xianzhi_data)
# 查询指定时间段内的数据
filtered_articles = select_articles(e_hour)
# print(filtered_articles)
if filtered_articles:
results = get_filtered_articles(filtered_articles)
print("先知社区资讯递送中:")
SendToFeishu(results, "先知社区资讯递送")
print("-" * 40 + "\n")
# print(results)
else:
# 如果为空,则跳过执行
print("先知社区数据为空,跳过执行。")
# print(results)
if __name__ == "__main__":
Src_xianzhi(100)

File diff suppressed because one or more lines are too long

View File

@ -5,7 +5,7 @@
"description": "根据提示输入内容执行集成调用sqlmap\\\\x0d\\\\x0a泛微CheckServer-Sql注入检测漏洞存在后将payload字段下内容保存为req文件使用sqlmap模块构造参数", "description": "根据提示输入内容执行集成调用sqlmap\\\\x0d\\\\x0a泛微CheckServer-Sql注入检测漏洞存在后将payload字段下内容保存为req文件使用sqlmap模块构造参数",
"author": "星悦安全", "author": "星悦安全",
"category": "星悦安全", "category": "星悦安全",
"pubDate": "2024-12-03T16:58:07" "pubDate": "2024-12-04T16:58:07"
}, },
{ {
"title": "Linux通用应急响应脚本", "title": "Linux通用应急响应脚本",
@ -13,7 +13,7 @@
"description": "Linux通用应急响应脚本适用大多数情况目前在ubuntu、centos7、kali上均可以正常运行。", "description": "Linux通用应急响应脚本适用大多数情况目前在ubuntu、centos7、kali上均可以正常运行。",
"author": "Hack分享吧", "author": "Hack分享吧",
"category": "Hack分享吧", "category": "Hack分享吧",
"pubDate": "2024-12-03T16:56:30" "pubDate": "2024-12-04T16:56:30"
}, },
{ {
"title": "JAVA安全-反序列化系列-CC6(无依赖链)分析", "title": "JAVA安全-反序列化系列-CC6(无依赖链)分析",
@ -21,7 +21,7 @@
"description": "CC6这条链是基于CC1的基础上由于在CC1中使用到的AnnotationInvocationHandler类也就是入口点它的readObject()在java8u71版本后就进行了修改导致在jdk8u71后的版本cc1使用不了", "description": "CC6这条链是基于CC1的基础上由于在CC1中使用到的AnnotationInvocationHandler类也就是入口点它的readObject()在java8u71版本后就进行了修改导致在jdk8u71后的版本cc1使用不了",
"author": "菜狗安全", "author": "菜狗安全",
"category": "菜狗安全", "category": "菜狗安全",
"pubDate": "2024-12-03T16:30:14" "pubDate": "2024-12-04T16:30:14"
}, },
{ {
"title": "Palo Alto Networks PAN-OS身份认证绕过导致RCE漏洞(CVE-2024-0012)", "title": "Palo Alto Networks PAN-OS身份认证绕过导致RCE漏洞(CVE-2024-0012)",
@ -29,7 +29,7 @@
"description": "Palo Alto Networks PAN-OS身份认证绕过导致RCE漏洞(CVE-2024-0012)", "description": "Palo Alto Networks PAN-OS身份认证绕过导致RCE漏洞(CVE-2024-0012)",
"author": "nday POC", "author": "nday POC",
"category": "nday POC", "category": "nday POC",
"pubDate": "2024-12-03T15:43:29" "pubDate": "2024-12-04T15:43:29"
}, },
{ {
"title": "一款快速等保核查、资产扫描工具", "title": "一款快速等保核查、资产扫描工具",
@ -37,7 +37,7 @@
"description": "主要功能主机存活探测、漏洞扫描、子域名扫描、端口扫描、各类服务数据库爆破等~~", "description": "主要功能主机存活探测、漏洞扫描、子域名扫描、端口扫描、各类服务数据库爆破等~~",
"author": "安全帮", "author": "安全帮",
"category": "安全帮", "category": "安全帮",
"pubDate": "2024-12-03T15:13:26" "pubDate": "2024-12-04T15:13:26"
}, },
{ {
"title": "Windows日志分析工具GUI版", "title": "Windows日志分析工具GUI版",
@ -45,7 +45,7 @@
"description": null, "description": null,
"author": "信安404", "author": "信安404",
"category": "信安404", "category": "信安404",
"pubDate": "2024-12-03T14:50:25" "pubDate": "2024-12-04T14:50:25"
}, },
{ {
"title": "Windows日志分析工具GUI版", "title": "Windows日志分析工具GUI版",
@ -53,7 +53,7 @@
"description": "骁佬终于把日志查询、内存检索、md5检索整合在一起了还开发了GUI有了自己公众号给榜一大佬点点关注。", "description": "骁佬终于把日志查询、内存检索、md5检索整合在一起了还开发了GUI有了自己公众号给榜一大佬点点关注。",
"author": "安服仔的救赎", "author": "安服仔的救赎",
"category": "安服仔的救赎", "category": "安服仔的救赎",
"pubDate": "2024-12-03T14:46:21" "pubDate": "2024-12-04T14:46:21"
}, },
{ {
"title": "安卓逆向 -- 某app破解下载和高清功能", "title": "安卓逆向 -- 某app破解下载和高清功能",
@ -61,7 +61,7 @@
"description": null, "description": null,
"author": "逆向有你", "author": "逆向有你",
"category": "逆向有你", "category": "逆向有你",
"pubDate": "2024-12-03T14:08:29" "pubDate": "2024-12-04T14:08:29"
}, },
{ {
"title": "Windows 在新的网络钓鱼攻击中感染了后门 Linux 虚拟机", "title": "Windows 在新的网络钓鱼攻击中感染了后门 Linux 虚拟机",
@ -69,7 +69,7 @@
"description": "Securonix 研究人员发现的一项新活动是使用网络钓鱼电子邮件执行无人值守的 Linux 虚拟机安装,以破坏企业网络并获得持久性。", "description": "Securonix 研究人员发现的一项新活动是使用网络钓鱼电子邮件执行无人值守的 Linux 虚拟机安装,以破坏企业网络并获得持久性。",
"author": "嘶吼专业版", "author": "嘶吼专业版",
"category": "嘶吼专业版", "category": "嘶吼专业版",
"pubDate": "2024-12-03T14:00:24" "pubDate": "2024-12-04T14:00:24"
}, },
{ {
"title": "最近邻居攻击X 罗斯 APT 如何利用附近的 Wi-Fi 网络进行隐秘访问", "title": "最近邻居攻击X 罗斯 APT 如何利用附近的 Wi-Fi 网络进行隐秘访问",
@ -77,7 +77,7 @@
"description": null, "description": null,
"author": "securitainment", "author": "securitainment",
"category": "securitainment", "category": "securitainment",
"pubDate": "2024-12-03T13:38:02" "pubDate": "2024-12-04T13:38:02"
}, },
{ {
"title": "一次0Day漏洞Rce审计流程", "title": "一次0Day漏洞Rce审计流程",
@ -85,7 +85,7 @@
"description": null, "description": null,
"author": "钟毓安全", "author": "钟毓安全",
"category": "钟毓安全", "category": "钟毓安全",
"pubDate": "2024-12-03T13:28:36" "pubDate": "2024-12-04T13:28:36"
}, },
{ {
"title": "关于缓存欺骗的小总结", "title": "关于缓存欺骗的小总结",
@ -93,7 +93,7 @@
"description": null, "description": null,
"author": "白帽子左一", "author": "白帽子左一",
"category": "白帽子左一", "category": "白帽子左一",
"pubDate": "2024-12-03T12:01:48" "pubDate": "2024-12-04T12:01:48"
}, },
{ {
"title": "记一次网上阅卷系统漏洞挖掘", "title": "记一次网上阅卷系统漏洞挖掘",
@ -101,7 +101,7 @@
"description": null, "description": null,
"author": "掌控安全EDU", "author": "掌控安全EDU",
"category": "掌控安全EDU", "category": "掌控安全EDU",
"pubDate": "2024-12-03T12:00:13" "pubDate": "2024-12-04T12:00:13"
}, },
{ {
"title": "干货|一文搞懂加密流量检测的解决方法和技术细节", "title": "干货|一文搞懂加密流量检测的解决方法和技术细节",
@ -109,7 +109,7 @@
"description": null, "description": null,
"author": "e安在线", "author": "e安在线",
"category": "e安在线", "category": "e安在线",
"pubDate": "2024-12-03T10:34:52" "pubDate": "2024-12-04T10:34:52"
}, },
{ {
"title": "混淆 API 补丁以绕过新的 Windows Defender 行为签名", "title": "混淆 API 补丁以绕过新的 Windows Defender 行为签名",
@ -117,7 +117,7 @@
"description": null, "description": null,
"author": "securitainment", "author": "securitainment",
"category": "securitainment", "category": "securitainment",
"pubDate": "2024-12-03T10:24:00" "pubDate": "2024-12-04T10:24:00"
}, },
{ {
"title": "二开哥斯拉-绕过cloudflare流量检测", "title": "二开哥斯拉-绕过cloudflare流量检测",
@ -125,7 +125,7 @@
"description": "WebShell\\\\x0d\\\\x0a\\\\x0d\\\\x0a上传了 但是遇到防火墙拦截了,哎,苦恼连接不上\\\\x0d\\\\x0a\\\\x0d\\\\x0a没办法经过测试发现是因为流量中的字段有敏感字段被拦截了找了好几个人要了二开过的哥斯拉发现都不行还是被检测被拦截无奈只能自己手搓一个二开了", "description": "WebShell\\\\x0d\\\\x0a\\\\x0d\\\\x0a上传了 但是遇到防火墙拦截了,哎,苦恼连接不上\\\\x0d\\\\x0a\\\\x0d\\\\x0a没办法经过测试发现是因为流量中的字段有敏感字段被拦截了找了好几个人要了二开过的哥斯拉发现都不行还是被检测被拦截无奈只能自己手搓一个二开了",
"author": "RongRui安全团队", "author": "RongRui安全团队",
"category": "RongRui安全团队", "category": "RongRui安全团队",
"pubDate": "2024-12-03T10:23:40" "pubDate": "2024-12-04T10:23:40"
}, },
{ {
"title": "任子行网络安全审计系统 log_fw_ips_scan_jsondata SQL注入漏洞", "title": "任子行网络安全审计系统 log_fw_ips_scan_jsondata SQL注入漏洞",
@ -133,7 +133,7 @@
"description": "任子行网络安全审计系统 log_fw_ips_scan_jsondata 接口存在SQL注入漏洞未经身份验证的远程攻击者除了可以利用xa0SQLxa0注入获取数据库中的信息之外甚至在高权限的情况可向服务器中写入木马进一步获取服务器系统权限。", "description": "任子行网络安全审计系统 log_fw_ips_scan_jsondata 接口存在SQL注入漏洞未经身份验证的远程攻击者除了可以利用xa0SQLxa0注入获取数据库中的信息之外甚至在高权限的情况可向服务器中写入木马进一步获取服务器系统权限。",
"author": "nday POC", "author": "nday POC",
"category": "nday POC", "category": "nday POC",
"pubDate": "2024-12-03T10:13:51" "pubDate": "2024-12-04T10:13:51"
}, },
{ {
"title": "绕过CDN查找真实IP方法", "title": "绕过CDN查找真实IP方法",
@ -141,7 +141,7 @@
"description": null, "description": null,
"author": "黑白之道", "author": "黑白之道",
"category": "黑白之道", "category": "黑白之道",
"pubDate": "2024-12-03T10:08:31" "pubDate": "2024-12-04T10:08:31"
}, },
{ {
"title": "一款内存马检测工具", "title": "一款内存马检测工具",
@ -149,7 +149,7 @@
"description": null, "description": null,
"author": "黑白之道", "author": "黑白之道",
"category": "黑白之道", "category": "黑白之道",
"pubDate": "2024-12-03T10:08:31" "pubDate": "2024-12-04T10:08:31"
}, },
{ {
"title": "Windows 自动登录配置指南", "title": "Windows 自动登录配置指南",
@ -157,7 +157,7 @@
"description": null, "description": null,
"author": "网络个人修炼", "author": "网络个人修炼",
"category": "网络个人修炼", "category": "网络个人修炼",
"pubDate": "2024-12-03T10:01:50" "pubDate": "2024-12-04T10:01:50"
}, },
{ {
"title": "一次0Day漏洞Rce审计流程", "title": "一次0Day漏洞Rce审计流程",
@ -165,7 +165,7 @@
"description": null, "description": null,
"author": "Jie安全", "author": "Jie安全",
"category": "Jie安全", "category": "Jie安全",
"pubDate": "2024-12-03T10:00:35" "pubDate": "2024-12-04T10:00:35"
}, },
{ {
"title": "二开哥斯拉-绕过cloudflare流量检测", "title": "二开哥斯拉-绕过cloudflare流量检测",
@ -173,7 +173,7 @@
"description": null, "description": null,
"author": "RongRui安全团队", "author": "RongRui安全团队",
"category": "RongRui安全团队", "category": "RongRui安全团队",
"pubDate": "2024-12-03T09:57:03" "pubDate": "2024-12-04T09:57:03"
}, },
{ {
"title": "应用内存中的后渗透利用-远程工具密码读取", "title": "应用内存中的后渗透利用-远程工具密码读取",
@ -181,7 +181,7 @@
"description": "新版本的todesk和向日葵已经无法从配置文件获取密码而且常规的替换手法也已经失效", "description": "新版本的todesk和向日葵已经无法从配置文件获取密码而且常规的替换手法也已经失效",
"author": "安全洞察知识图谱", "author": "安全洞察知识图谱",
"category": "安全洞察知识图谱", "category": "安全洞察知识图谱",
"pubDate": "2024-12-03T09:54:28" "pubDate": "2024-12-04T09:54:28"
}, },
{ {
"title": "Windows常规应急", "title": "Windows常规应急",
@ -189,7 +189,7 @@
"description": "“A9 Team 甲方攻防团队,成员来自某证券、微步、青藤、长亭、安全狗等公司。", "description": "“A9 Team 甲方攻防团队,成员来自某证券、微步、青藤、长亭、安全狗等公司。",
"author": "A9 Team", "author": "A9 Team",
"category": "A9 Team", "category": "A9 Team",
"pubDate": "2024-12-03T09:44:45" "pubDate": "2024-12-04T09:44:45"
}, },
{ {
"title": "蓝队应急响应-Linux日志分析及常用命令总结", "title": "蓝队应急响应-Linux日志分析及常用命令总结",
@ -197,7 +197,7 @@
"description": "蓝队应急响应-Linux日志分析及常用命令总结", "description": "蓝队应急响应-Linux日志分析及常用命令总结",
"author": "网络安全实验室", "author": "网络安全实验室",
"category": "网络安全实验室", "category": "网络安全实验室",
"pubDate": "2024-12-03T09:37:05" "pubDate": "2024-12-04T09:37:05"
}, },
{ {
"title": "实战!一次超简单的网站后门利用体验", "title": "实战!一次超简单的网站后门利用体验",
@ -205,7 +205,7 @@
"description": null, "description": null,
"author": "中国电信安全", "author": "中国电信安全",
"category": "中国电信安全", "category": "中国电信安全",
"pubDate": "2024-12-03T09:26:04" "pubDate": "2024-12-04T09:26:04"
}, },
{ {
"title": "【新增PHP类型】蚁剑 | 哥斯拉免杀 过雷池、D盾、安全狗的 XlByPassWAF v1.1已更新!", "title": "【新增PHP类型】蚁剑 | 哥斯拉免杀 过雷池、D盾、安全狗的 XlByPassWAF v1.1已更新!",
@ -213,7 +213,7 @@
"description": "新增PHP免杀Webshell\\\\x0d\\\\x0a过雷池、D盾、安全狗等WAF \\\\x0d\\\\x0a蚁剑 | 哥斯拉免杀", "description": "新增PHP免杀Webshell\\\\x0d\\\\x0a过雷池、D盾、安全狗等WAF \\\\x0d\\\\x0a蚁剑 | 哥斯拉免杀",
"author": "威零安全实验室", "author": "威零安全实验室",
"category": "威零安全实验室", "category": "威零安全实验室",
"pubDate": "2024-12-03T09:15:21" "pubDate": "2024-12-04T09:15:21"
}, },
{ {
"title": "【新增PHP类型】蚁剑 | 哥斯拉免杀 过雷池、D盾、安全狗的 XlByPassWAF v1.1已更新!", "title": "【新增PHP类型】蚁剑 | 哥斯拉免杀 过雷池、D盾、安全狗的 XlByPassWAF v1.1已更新!",
@ -221,7 +221,7 @@
"description": "新增PHP免杀Webshell\\\\x0d\\\\x0a过雷池、D盾、安全狗等WAF \\\\x0d\\\\x0a蚁剑 | 哥斯拉免杀", "description": "新增PHP免杀Webshell\\\\x0d\\\\x0a过雷池、D盾、安全狗等WAF \\\\x0d\\\\x0a蚁剑 | 哥斯拉免杀",
"author": "爱喝酒烫头的曹操", "author": "爱喝酒烫头的曹操",
"category": "爱喝酒烫头的曹操", "category": "爱喝酒烫头的曹操",
"pubDate": "2024-12-03T09:14:56" "pubDate": "2024-12-04T09:14:56"
}, },
{ {
"title": "【漏洞复现】OfficeWeb365 SaveDraw 任意文件上传getshell漏洞", "title": "【漏洞复现】OfficeWeb365 SaveDraw 任意文件上传getshell漏洞",
@ -229,7 +229,7 @@
"description": "【漏洞复现】OfficeWeb365 SaveDraw 任意文件上传getshell漏洞", "description": "【漏洞复现】OfficeWeb365 SaveDraw 任意文件上传getshell漏洞",
"author": "白帽攻防", "author": "白帽攻防",
"category": "白帽攻防", "category": "白帽攻防",
"pubDate": "2024-12-03T09:10:26" "pubDate": "2024-12-04T09:10:26"
}, },
{ {
"title": "新型网络钓鱼活动利用损坏的 Word 文档来逃避安全保护", "title": "新型网络钓鱼活动利用损坏的 Word 文档来逃避安全保护",
@ -237,7 +237,7 @@
"description": "攻击者利用损坏的Word文档钓鱼", "description": "攻击者利用损坏的Word文档钓鱼",
"author": "军哥网络安全读报", "author": "军哥网络安全读报",
"category": "军哥网络安全读报", "category": "军哥网络安全读报",
"pubDate": "2024-12-03T09:01:01" "pubDate": "2024-12-04T09:01:01"
}, },
{ {
"title": "一次0Day漏洞Rce审计流程", "title": "一次0Day漏洞Rce审计流程",
@ -245,7 +245,7 @@
"description": null, "description": null,
"author": "进击安全", "author": "进击安全",
"category": "进击安全", "category": "进击安全",
"pubDate": "2024-12-03T09:00:59" "pubDate": "2024-12-04T09:00:59"
}, },
{ {
"title": "JS逆向系列12-深入Js Hook", "title": "JS逆向系列12-深入Js Hook",
@ -253,7 +253,7 @@
"description": null, "description": null,
"author": "Spade sec", "author": "Spade sec",
"category": "Spade sec", "category": "Spade sec",
"pubDate": "2024-12-03T09:00:48" "pubDate": "2024-12-04T09:00:48"
}, },
{ {
"title": "vulnhub之Matrix-2的实践", "title": "vulnhub之Matrix-2的实践",
@ -261,7 +261,7 @@
"description": null, "description": null,
"author": "云计算和网络安全技术实践", "author": "云计算和网络安全技术实践",
"category": "云计算和网络安全技术实践", "category": "云计算和网络安全技术实践",
"pubDate": "2024-12-03T08:57:56" "pubDate": "2024-12-04T08:57:56"
}, },
{ {
"title": "针对【中文】和越南语【用户】的新型【恶意软件】“CleverSoar”", "title": "针对【中文】和越南语【用户】的新型【恶意软件】“CleverSoar”",
@ -269,7 +269,7 @@
"description": null, "description": null,
"author": "安小圈", "author": "安小圈",
"category": "安小圈", "category": "安小圈",
"pubDate": "2024-12-03T08:45:48" "pubDate": "2024-12-04T08:45:48"
}, },
{ {
"title": "【漏洞复现】Apache OFBiz远程代码执行漏洞(CVE-2024-45195)", "title": "【漏洞复现】Apache OFBiz远程代码执行漏洞(CVE-2024-45195)",
@ -277,7 +277,7 @@
"description": "星标公众号,及时接收推文消息", "description": "星标公众号,及时接收推文消息",
"author": "Z0安全", "author": "Z0安全",
"category": "Z0安全", "category": "Z0安全",
"pubDate": "2024-12-03T08:42:15" "pubDate": "2024-12-04T08:42:15"
}, },
{ {
"title": "针对银狐一些最新攻击样本加载过程的调试分析", "title": "针对银狐一些最新攻击样本加载过程的调试分析",
@ -285,7 +285,7 @@
"description": "针对银狐一些最新攻击样本加载过程的调试分析", "description": "针对银狐一些最新攻击样本加载过程的调试分析",
"author": "安全分析与研究", "author": "安全分析与研究",
"category": "安全分析与研究", "category": "安全分析与研究",
"pubDate": "2024-12-03T08:40:42" "pubDate": "2024-12-04T08:40:42"
}, },
{ {
"title": "开源的Webshell管理器--游魂", "title": "开源的Webshell管理器--游魂",
@ -293,7 +293,7 @@
"description": null, "description": null,
"author": "菜鸟学信安", "author": "菜鸟学信安",
"category": "菜鸟学信安", "category": "菜鸟学信安",
"pubDate": "2024-12-03T08:30:43" "pubDate": "2024-12-04T08:30:43"
}, },
{ {
"title": "某通用系统0day审计过程", "title": "某通用系统0day审计过程",
@ -301,7 +301,7 @@
"description": null, "description": null,
"author": "道一安全", "author": "道一安全",
"category": "道一安全", "category": "道一安全",
"pubDate": "2024-12-03T08:12:18" "pubDate": "2024-12-04T08:12:18"
}, },
{ {
"title": "内存马检测工具", "title": "内存马检测工具",
@ -309,7 +309,7 @@
"description": null, "description": null,
"author": "白帽学子", "author": "白帽学子",
"category": "白帽学子", "category": "白帽学子",
"pubDate": "2024-12-03T08:11:23" "pubDate": "2024-12-04T08:11:23"
}, },
{ {
"title": "Wireshark & Packetdrill | TCP RST 之连接不存在的服务端口", "title": "Wireshark & Packetdrill | TCP RST 之连接不存在的服务端口",
@ -317,7 +317,7 @@
"description": null, "description": null,
"author": "Echo Reply", "author": "Echo Reply",
"category": "Echo Reply", "category": "Echo Reply",
"pubDate": "2024-12-03T08:08:50" "pubDate": "2024-12-04T08:08:50"
}, },
{ {
"title": "Windows权限控制相关的防御与攻击技术", "title": "Windows权限控制相关的防御与攻击技术",
@ -325,7 +325,7 @@
"description": null, "description": null,
"author": "SecretTeam安全团队", "author": "SecretTeam安全团队",
"category": "SecretTeam安全团队", "category": "SecretTeam安全团队",
"pubDate": "2024-12-03T08:02:54" "pubDate": "2024-12-04T08:02:54"
}, },
{ {
"title": "利用js挖掘漏洞", "title": "利用js挖掘漏洞",
@ -333,7 +333,7 @@
"description": "在漏洞挖掘中通过对js的挖掘可发现诸多安全问题此文章主要记录学习如何利用JS测试以及加密参数逆向相关的漏洞挖掘。", "description": "在漏洞挖掘中通过对js的挖掘可发现诸多安全问题此文章主要记录学习如何利用JS测试以及加密参数逆向相关的漏洞挖掘。",
"author": "李白你好", "author": "李白你好",
"category": "李白你好", "category": "李白你好",
"pubDate": "2024-12-03T08:02:42" "pubDate": "2024-12-04T08:02:42"
}, },
{ {
"title": "LLVM Pass转储类或结构的内存布局", "title": "LLVM Pass转储类或结构的内存布局",
@ -341,7 +341,7 @@
"description": "面向LLVM Pass小白提供完整可操作示例", "description": "面向LLVM Pass小白提供完整可操作示例",
"author": "青衣十三楼飞花堂", "author": "青衣十三楼飞花堂",
"category": "青衣十三楼飞花堂", "category": "青衣十三楼飞花堂",
"pubDate": "2024-12-03T08:00:35" "pubDate": "2024-12-04T08:00:35"
}, },
{ {
"title": "漏洞预警 | PAN-OS Web管理界面身份认证绕过漏洞", "title": "漏洞预警 | PAN-OS Web管理界面身份认证绕过漏洞",
@ -349,7 +349,7 @@
"description": "PAN-OS设备管理Web界面中存在身份认证绕过漏洞未经身份验证的远程攻击者可以通过网络访问管理Web界面从而进行后续活动包括修改设备配置、访问其他管理功能。", "description": "PAN-OS设备管理Web界面中存在身份认证绕过漏洞未经身份验证的远程攻击者可以通过网络访问管理Web界面从而进行后续活动包括修改设备配置、访问其他管理功能。",
"author": "浅安安全", "author": "浅安安全",
"category": "浅安安全", "category": "浅安安全",
"pubDate": "2024-12-03T08:00:13" "pubDate": "2024-12-04T08:00:13"
}, },
{ {
"title": "AUTOSAR OS模块详解(二) Counter", "title": "AUTOSAR OS模块详解(二) Counter",
@ -357,7 +357,7 @@
"description": "本文主要介绍AUTOSAR OS的Counter并对基于英飞凌Aurix TC3XX系列芯片的Vector Microsar代码和配置进行部分讲解。", "description": "本文主要介绍AUTOSAR OS的Counter并对基于英飞凌Aurix TC3XX系列芯片的Vector Microsar代码和配置进行部分讲解。",
"author": "汽车电子嵌入式", "author": "汽车电子嵌入式",
"category": "汽车电子嵌入式", "category": "汽车电子嵌入式",
"pubDate": "2024-12-03T07:40:28" "pubDate": "2024-12-04T07:40:28"
}, },
{ {
"title": "DedeCMS v5.7 SP2后台SSTI到RCE再到GetShell", "title": "DedeCMS v5.7 SP2后台SSTI到RCE再到GetShell",
@ -365,7 +365,7 @@
"description": "影响范围DedeCMS v5.7 SP2利用条件登陆后台(有点鸡肋但是可以结合DedeCMS的其他漏洞进行", "description": "影响范围DedeCMS v5.7 SP2利用条件登陆后台(有点鸡肋但是可以结合DedeCMS的其他漏洞进行",
"author": "七芒星实验室", "author": "七芒星实验室",
"category": "七芒星实验室", "category": "七芒星实验室",
"pubDate": "2024-12-03T07:01:03" "pubDate": "2024-12-04T07:01:03"
}, },
{ {
"title": "Windows钓鱼演练工具 -- xiao_fishing", "title": "Windows钓鱼演练工具 -- xiao_fishing",
@ -373,7 +373,7 @@
"description": null, "description": null,
"author": "Web安全工具库", "author": "Web安全工具库",
"category": "Web安全工具库", "category": "Web安全工具库",
"pubDate": "2024-12-03T06:44:33" "pubDate": "2024-12-04T06:44:33"
}, },
{ {
"title": "文末获取 | 基于卡巴斯基虚拟化技术实现内核Hook", "title": "文末获取 | 基于卡巴斯基虚拟化技术实现内核Hook",
@ -381,7 +381,7 @@
"description": null, "description": null,
"author": "星落安全团队", "author": "星落安全团队",
"category": "星落安全团队", "category": "星落安全团队",
"pubDate": "2024-12-03T00:00:48" "pubDate": "2024-12-04T00:00:48"
}, },
{ {
"title": "什么CNVD证书批量化挖掘 ", "title": "什么CNVD证书批量化挖掘 ",

View File

@ -2,7 +2,7 @@
{ {
"title": "记一次RAT的感染过程详细分析", "title": "记一次RAT的感染过程详细分析",
"link": "https://xz.aliyun.com/t/16502", "link": "https://xz.aliyun.com/t/16502",
"published": "2024-12-01T23:10:00+08:00", "published": "2024-12-04T23:10:00+08:00",
"id": "https://xz.aliyun.com/t/16502", "id": "https://xz.aliyun.com/t/16502",
"summary": { "summary": {
"@type": "html", "@type": "html",
@ -12,7 +12,7 @@
{ {
"title": "条件竞争glibc堆的详细讲解", "title": "条件竞争glibc堆的详细讲解",
"link": "https://xz.aliyun.com/t/16498", "link": "https://xz.aliyun.com/t/16498",
"published": "2024-12-01T18:24:00+08:00", "published": "2024-12-04T18:24:00+08:00",
"id": "https://xz.aliyun.com/t/16498", "id": "https://xz.aliyun.com/t/16498",
"summary": { "summary": {
"@type": "html", "@type": "html",
@ -22,7 +22,7 @@
{ {
"title": "记某次金融小程序数据加密及签名逆向", "title": "记某次金融小程序数据加密及签名逆向",
"link": "https://xz.aliyun.com/t/16497", "link": "https://xz.aliyun.com/t/16497",
"published": "2024-12-01T17:20:00+08:00", "published": "2024-12-04T17:20:00+08:00",
"id": "https://xz.aliyun.com/t/16497", "id": "https://xz.aliyun.com/t/16497",
"summary": { "summary": {
"@type": "html", "@type": "html",
@ -32,7 +32,7 @@
{ {
"title": "动态逃逸杀软的艺术", "title": "动态逃逸杀软的艺术",
"link": "https://xz.aliyun.com/t/16486", "link": "https://xz.aliyun.com/t/16486",
"published": "2024-12-01T10:12:00+08:00", "published": "2024-12-04T10:12:00+08:00",
"id": "https://xz.aliyun.com/t/16486", "id": "https://xz.aliyun.com/t/16486",
"summary": { "summary": {
"@type": "html", "@type": "html",

View File

@ -2,6 +2,4 @@ key: 22b68f21-def4-4bd5-96eb-71d78ee995f7
secret: 9gE9j1kT5bh9HvCyoPcIHc secret: 9gE9j1kT5bh9HvCyoPcIHc
sleep_time: 35 # 秒数 sleep_time: 35 # 秒数
# 结算时间范围 # 结算时间范围
s_hour: 11 # 开始时间,前一天的*点 e_hour: 4 # 程序运行时间间隔
e_hour: 11 # 结束时间,当天的*点
c_hour: 11 # 程序运行时间,当天的*点建议与e_hour一致

Binary file not shown.

Binary file not shown.

BIN
db/xianzhi.db Normal file

Binary file not shown.