Compare commits

..

No commits in common. "de298b6809d66ed1fa7da199a484af863d9f0ae5" and "0ab5c380c2bebf202aaef92c607d82965b37f6b4" have entirely different histories.

39 changed files with 3104 additions and 548 deletions

2633
1.txt Normal file

File diff suppressed because one or more lines are too long

101
Core.py
View File

@ -4,14 +4,13 @@
@Description: 本程序可以爬取各安全资讯源并发送到飞书群组 @Description: 本程序可以爬取各安全资讯源并发送到飞书群组
""" """
import schedule
import os import os
import signal import signal
from datetime import datetime, timedelta
import sys import sys
import time import time
import yaml import yaml
import requests import requests
from datetime import datetime, timedelta
from SendBot import SendToFeishu, gen_sign from SendBot import SendToFeishu, gen_sign
from media.common import run, seebug_main, M_4hou_main, anquanke_main, sec_wiki_main, huawei_main, doonsec_main, qianxin_main from media.common import run, seebug_main, M_4hou_main, anquanke_main, sec_wiki_main, huawei_main, doonsec_main, qianxin_main
from media.freebuf import freebuf_main from media.freebuf import freebuf_main
@ -25,12 +24,9 @@ from GotoSend.qianxin import Src_qianxin
from GotoSend.seebug import Src_seebug from GotoSend.seebug import Src_seebug
from loguru import logger from loguru import logger
# 清除所有已有的日志记录器配置
logger.remove()
logger.add("./log/spider.log", logger.add("./log/spider.log",
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}", format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}",
rotation="100 MB", rotation="10 MB",
compression="zip", compression="zip",
encoding="utf-8") encoding="utf-8")
# shell终端打印日志 # shell终端打印日志
@ -42,10 +38,22 @@ with open('./config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file) config = yaml.safe_load(file)
# sleep_time = int(f"{config['sleep_time']}") # sleep_time = int(f"{config['sleep_time']}")
e_hour = int(f"{config['e_hour']}") e_hour = int(f"{config['e_hour']}")
choice = int(f"{config['circle']}")
webhook_url_once, timestamp_once, sign_once = gen_sign() webhook_url_once, timestamp_once, sign_once = gen_sign()
def rename_log_with_timestamp():
timestamp = datetime.now().strftime("%Y%m%d%H%M%S")
original_filename = "./log/spider.log"
new_filename = f"./log/spider_{timestamp}.log"
try:
os.rename(original_filename, new_filename)
logger.info(f"旧日志文件已成功重命名为: {new_filename}")
except FileNotFoundError:
logger.error(f"旧日志文件 {original_filename} 未找到。")
except Exception as e:
logger.error(f"重命名旧日志文件时发生错误: {e}")
def send_job(time_1): def send_job(time_1):
# 爬取数据 # 爬取数据
logger.info("正在启动各爬虫并获取资源中...") logger.info("正在启动各爬虫并获取资源中...")
@ -72,87 +80,87 @@ def send_job(time_1):
# 发送嘶吼资讯 # 发送嘶吼资讯
if reslt_4hou: if reslt_4hou:
# print("-" * 40) print("-" * 40)
logger.info("嘶吼资讯递送中:") logger.info("嘶吼资讯递送中:")
result = SendToFeishu(reslt_4hou, "嘶吼资讯递送", webhook_url, timestamp, sign) result = SendToFeishu(reslt_4hou, "嘶吼资讯递送", webhook_url, timestamp, sign)
logger.info(result) logger.info(result)
# print("-" * 40 + "\n") print("-" * 40 + "\n")
time.sleep(60) time.sleep(60)
else: else:
# print("-" * 40) print("-" * 40)
logger.info("嘶吼数据为空,跳过执行。") logger.info("嘶吼数据为空,跳过执行。")
# 发送安全客资讯 # 发送安全客资讯
if reslt_anquanke: if reslt_anquanke:
# print("-" * 40) print("-" * 40)
logger.info("安全客资讯递送中:") logger.info("安全客资讯递送中:")
result = SendToFeishu(reslt_anquanke, "安全客资讯递送", webhook_url, timestamp, sign) result = SendToFeishu(reslt_anquanke, "安全客资讯递送", webhook_url, timestamp, sign)
logger.info(result) logger.info(result)
# print("-" * 40 + "\n") print("-" * 40 + "\n")
time.sleep(60) time.sleep(60)
else: else:
# print("-" * 40) print("-" * 40)
logger.info("安全客数据为空,跳过执行。") logger.info("安全客数据为空,跳过执行。")
# 发送洞见微信安全资讯 # 发送洞见微信安全资讯
if reslt_doonsec: if reslt_doonsec:
# print("-" * 40) print("-" * 40)
logger.info("洞见微信安全资讯递送中:") logger.info("洞见微信安全资讯递送中:")
result = SendToFeishu(reslt_doonsec, "洞见微信安全资讯递送", webhook_url, timestamp, sign) result = SendToFeishu(reslt_doonsec, "洞见微信安全资讯递送", webhook_url, timestamp, sign)
logger.info(result) logger.info(result)
# print("-" * 40 + "\n") print("-" * 40 + "\n")
time.sleep(60) time.sleep(60)
else: else:
# print("-" * 40) print("-" * 40)
logger.info("洞见微信安全数据为空,跳过执行。") logger.info("洞见微信安全数据为空,跳过执行。")
# 发送先知社区资讯 # 发送先知社区资讯
if reslt_xianzhi: if reslt_xianzhi:
# print("-" * 40) print("-" * 40)
logger.info("先知社区资讯递送中:") logger.info("先知社区资讯递送中:")
result = SendToFeishu(reslt_xianzhi, "先知社区资讯递送", webhook_url, timestamp, sign) result = SendToFeishu(reslt_xianzhi, "先知社区资讯递送", webhook_url, timestamp, sign)
logger.info(result) logger.info(result)
# print("-" * 40 + "\n") print("-" * 40 + "\n")
time.sleep(60) time.sleep(60)
else: else:
# print("-" * 40) print("-" * 40)
logger.info("先知社区数据为空,跳过执行。") logger.info("先知社区数据为空,跳过执行。")
# 发送FreeBuf资讯 # 发送FreeBuf资讯
if reslt_freebuf: if reslt_freebuf:
# print("-" * 40) print("-" * 40)
logger.info("FreeBuf资讯递送中") logger.info("FreeBuf资讯递送中")
result = SendToFeishu(reslt_freebuf, "FreeBuf资讯递送", webhook_url, timestamp, sign) result = SendToFeishu(reslt_freebuf, "FreeBuf资讯递送", webhook_url, timestamp, sign)
logger.info(result) logger.info(result)
# print("-" * 40 + "\n") print("-" * 40 + "\n")
time.sleep(60) time.sleep(60)
else: else:
# print("-" * 40) print("-" * 40)
logger.info("FreeBuf数据为空跳过执行。") logger.info("FreeBuf数据为空跳过执行。")
# 发送奇安信攻防社区资讯 # 发送奇安信攻防社区资讯
if reslt_qianxin: if reslt_qianxin:
# print("-" * 40) print("-" * 40)
logger.info("奇安信攻防社区资讯递送中:") logger.info("奇安信攻防社区资讯递送中:")
result = SendToFeishu(reslt_qianxin, "奇安信攻防社区资讯递送", webhook_url, timestamp, sign) result = SendToFeishu(reslt_qianxin, "奇安信攻防社区资讯递送", webhook_url, timestamp, sign)
logger.info(result) logger.info(result)
# print("-" * 40 + "\n") print("-" * 40 + "\n")
time.sleep(60) time.sleep(60)
else: else:
# print("-" * 40) print("-" * 40)
logger.info("奇安信攻防社区数据为空,跳过执行。") logger.info("奇安信攻防社区数据为空,跳过执行。")
# 发送Seebug资讯 # 发送Seebug资讯
if reslt_seebug: if reslt_seebug:
reslt_seebug = Src_seebug(1000) reslt_seebug = Src_seebug(1000)
webhook_url, timestamp, sign = gen_sign() webhook_url, timestamp, sign = gen_sign()
# print("-" * 40) print("-" * 40)
logger.info("Seebug社区资讯递送中") logger.info("Seebug社区资讯递送中")
result = SendToFeishu(reslt_seebug, "Seebug社区资讯递送", webhook_url, timestamp, sign) result = SendToFeishu(reslt_seebug, "Seebug社区资讯递送", webhook_url, timestamp, sign)
logger.info(result) logger.info(result)
# print("-" * 40 + "\n") print("-" * 40 + "\n")
else: else:
# print("-" * 40) print("-" * 40)
logger.info("Seebug社区数据为空跳过执行。") logger.info("Seebug社区数据为空跳过执行。")
def signal_handler(sig, frame): def signal_handler(sig, frame):
@ -164,15 +172,15 @@ signal.signal(signal.SIGINT, signal_handler) # Ctrl+C
signal.signal(signal.SIGTERM, signal_handler) # kill命令 signal.signal(signal.SIGTERM, signal_handler) # kill命令
def main_loop(choice): def main_loop():
n = 0 n = 1
if choice == 1:
while True: while True:
try: try:
# 执行任务 # 执行任务
logger.info(f"{n+1}次执行,当前时间为:{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}") logger.info(f"{n}次执行,当前时间为:{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}")
send_job(e_hour) send_job(e_hour)
logger.info("执行完毕,等待下一次执行...") logger.info("执行完毕,等待下一次执行...")
n += 1
time.sleep(e_hour * 60 * 60 - 5 * 60) time.sleep(e_hour * 60 * 60 - 5 * 60)
except Exception as e: except Exception as e:
@ -180,19 +188,6 @@ def main_loop(choice):
# result = SendToFeishu(f"发生错误: {e}, 程序已退出", "报错信息") # result = SendToFeishu(f"发生错误: {e}, 程序已退出", "报错信息")
# logger.info(result) # logger.info(result)
exit() exit()
elif choice == 0:
# 设置每天的特定时间点执行job函数
logger.info(f"{n+1}次执行准备开始。")
schedule.every().day.at("09:00").do(send_job, 12)
schedule.every().day.at("11:31").do(send_job, 3)
schedule.every().day.at("15:00").do(send_job, 3)
schedule.every().day.at("18:00").do(send_job, 3)
schedule.every().day.at("21:00").do(send_job, 3)
while True:
schedule.run_pending()
n += 1
time.sleep(60) # 每分钟检查一次是否有任务需要执行
# 探测rss源状态 # 探测rss源状态
def check_rss_status(url): def check_rss_status(url):
@ -230,26 +225,24 @@ def test_rss_source():
return rss_info return rss_info
if __name__ == "__main__": if __name__ == "__main__":
# print("程序正在运行当中。") print("程序正在运行当中。")
time.sleep(5) # 添加短暂的延迟
rss_info = test_rss_source() rss_info = test_rss_source()
start_info = "" start_info = ""
start_info += "程序已启动,当前时间为:" + datetime.now().strftime("%Y-%m-%d %H:%M:%S") + "\n" start_info += "程序已启动,当前时间为:" + datetime.now().strftime("%Y-%m-%d %H:%M:%S") + "\n"
start_info += "程序作者MasonLiu \t 开源地址:[GM-gitea](https://git.masonliu.com/MasonLiu/PyBot)" + "\n" start_info += "程序作者MasonLiu \t 开源地址:[GM-gitea](https://git.masonliu.com/MasonLiu/PyBot)" + "\n"
if choice == 1:
start_info += "时间配置:每隔" + str(e_hour) + "小时执行一次推送\n" start_info += "时间配置:每隔" + str(e_hour) + "小时执行一次推送\n"
else:
start_info += "时间配置:每天固定时间点执行推送\n"
result = SendToFeishu(start_info, "程序信息", webhook_url_once, timestamp_once, sign_once) result = SendToFeishu(start_info, "程序信息", webhook_url_once, timestamp_once, sign_once)
logger.info(result) logger.info(result)
# print("-" * 40) print("-" * 40)
# print(start_info)
result = SendToFeishu(rss_info, "RSS源状态", webhook_url_once, timestamp_once, sign_once) result = SendToFeishu(rss_info, "RSS源状态", webhook_url_once, timestamp_once, sign_once)
# logger.info(rss_info) logger.info(rss_info)
logger.info(result) logger.info(result)
# print("-" * 40) print("-" * 40)
# print(rss_info)
# 首次运行先暂停两分钟 # 首次运行先暂停两分钟
# time.sleep(2 * 60) # time.sleep(2 * 60)
# 主程序 # 主程序
main_loop(choice) main_loop()

View File

@ -93,24 +93,12 @@ def clear_table():
conn.commit() conn.commit()
conn.close() conn.close()
def record_md(result, filename="./history/sec_news.md"):
with open(filename, 'a', encoding='utf-8') as file:
file.write(result)
def get_filtered_articles(entries): def get_filtered_articles(entries):
result = "" result = ""
record = ""
for entry in entries: for entry in entries:
result += f"作者:{entry[5]}\n文章:{entry[1]}\n" result += f"作者:{entry[5]}\n文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[4]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[4]}\n"
result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record += f"#### 文章:{entry[1]}\n"
record += f"**作者**{entry[5]}\n"
record += f"**链接**{entry[2]}\n"
record += f"**上传时间**{entry[4]}\n"
record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record_md(record)
return result return result

View File

@ -87,25 +87,12 @@ def clear_table():
conn.commit() conn.commit()
conn.close() conn.close()
def record_md(result, filename="./history/sec_news.md"):
with open(filename, 'a', encoding='utf-8') as file:
file.write(result)
def get_filtered_articles(entries): def get_filtered_articles(entries):
result = "" result = ""
record = ""
for entry in entries: for entry in entries:
result += f"作者:{entry[6]}\n来源:{entry[3]}\n文章:{entry[1]}\n" result += f"作者:{entry[6]}\n来源:{entry[3]}\n文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n"
result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record += f"#### 文章:{entry[1]}\n"
record += f"**作者**{entry[6]}\n"
record += f"**来源**{entry[3]}\n"
record += f"**链接**{entry[2]}\n"
record += f"**上传时间**{entry[5]}\n"
record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record_md(record)
return result return result

View File

@ -94,26 +94,13 @@ def clear_table():
conn.commit() conn.commit()
conn.close() conn.close()
def record_md(result, filename="./history/tech_passage.md"):
with open(filename, 'a', encoding='utf-8') as file:
file.write(result)
def get_filtered_articles(entries): def get_filtered_articles(entries):
result = "" result = ""
record = ""
for entry in entries: for entry in entries:
result += f"作者:{entry[5]}\n文章:{entry[1]}\n" result += f"作者:{entry[5]}\n文章:{entry[1]}\n"
result += f"链接:[点此访问]({entry[2]})\n上传时间:{entry[4]}\n" result += f"链接:[点此访问]({entry[2]})\n上传时间:{entry[4]}\n"
result += f"简介:{entry[3]}\n" result += f"简介:{entry[3]}\n"
result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record += f"#### 文章:{entry[1]}\n"
record += f"**作者**{entry[5]}\n"
record += f"**链接**[点此访问]({entry[2]})\n"
record += f"**上传时间**{entry[4]}\n"
record += f"**简介**{entry[3]}\n"
record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record_md(record)
return result return result

View File

@ -93,24 +93,12 @@ def clear_table():
conn.commit() conn.commit()
conn.close() conn.close()
def record_md(result, filename="./history/sec_news.md"):
with open(filename, 'a', encoding='utf-8') as file:
file.write(result)
def get_filtered_articles(entries): def get_filtered_articles(entries):
result = "" result = ""
record = ""
for entry in entries: for entry in entries:
result += f"类型:{entry[5]}\n文章:{entry[1]}\n" result += f"类型:{entry[5]}\n文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[4]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[4]}\n"
result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record += f"#### 文章:{entry[1]}\n"
record += f"**类型**{entry[5]}\n"
record += f"**链接**{entry[2]}\n"
record += f"**上传时间**{entry[4]}\n"
record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record_md(record)
return result return result

View File

@ -84,26 +84,13 @@ def clear_table():
conn.commit() conn.commit()
conn.close() conn.close()
def record_md(result, filename="./history/tech_passage.md"):
with open(filename, 'a', encoding='utf-8') as file:
file.write(result)
def get_filtered_articles(entries): def get_filtered_articles(entries):
result = "" result = ""
record = ""
for entry in entries: for entry in entries:
result += f"来源:{entry[3]}\n文章:{entry[1]}\n" result += f"来源:{entry[3]}\n文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n"
result += f"描述:{entry[4]}\n" result += f"描述:{entry[4]}\n"
result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record += f"#### 文章:{entry[1]}\n"
record += f"**来源**{entry[3]}\n"
record += f"**链接**{entry[2]}\n"
record += f"**上传时间**{entry[5]}\n"
record += f"**描述**{entry[4]}\n"
record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record_md(record)
return result return result

View File

@ -91,26 +91,13 @@ def clear_table():
conn.commit() conn.commit()
conn.close() conn.close()
def record_md(result, filename="./history/sec_news.md"):
with open(filename, 'a', encoding='utf-8') as file:
file.write(result)
def get_filtered_articles(entries): def get_filtered_articles(entries):
result = "" result = ""
record = ""
for entry in entries: for entry in entries:
result += f"类型:{entry[3]}\n文章:{entry[1]}" result += f"类型:{entry[3]}\n文章:{entry[1]}"
result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n"
result += f"{entry[4]}\n" result += f"{entry[4]}\n"
result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record += f"#### 文章:{entry[1]}\n"
record += f"**类型**{entry[3]}\n"
record += f"**链接**{entry[2]}\n"
record += f"**上传时间**{entry[5]}\n"
record += f"{entry[4]}\n"
record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record_md(record)
return result return result

View File

@ -90,23 +90,12 @@ def clear_table():
conn.commit() conn.commit()
conn.close() conn.close()
def record_md(result, filename="./history/tech_passage.md"):
with open(filename, 'a', encoding='utf-8') as file:
file.write(result)
def get_filtered_articles(entries): def get_filtered_articles(entries):
result = "" result = ""
record = ""
for entry in entries: for entry in entries:
result += f"文章:{entry[1]}\n" result += f"文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[3]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[3]}\n"
result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record += f"#### 文章:{entry[1]}\n"
record += f"**链接**{entry[2]}\n"
record += f"**上传时间**{entry[3]}\n"
record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
record_md(record)
return result return result

File diff suppressed because one or more lines are too long

View File

@ -1,76 +1,4 @@
[ [
{
"guid": "https://www.anquanke.com/post/id/302577",
"title": "供应链攻击恐慌后OpenWrt 下令更新路由器固件",
"author": " 安全客",
"description": null,
"source": "theregister",
"pubDate": "2024-12-10 11:30:29"
},
{
"guid": "https://www.anquanke.com/post/id/302574",
"title": "Socks5Systemz 僵尸网络利用 85,000 多台被黑设备为非法代理服务提供动力",
"author": " 安全客",
"description": null,
"source": "TheHackersNews",
"pubDate": "2024-12-10 11:20:28"
},
{
"guid": "https://www.anquanke.com/post/id/302571",
"title": "医疗设备公司表示,勒索软件攻击中断了运输流程",
"author": " 安全客",
"description": null,
"source": "therecord",
"pubDate": "2024-12-10 11:00:33"
},
{
"guid": "https://www.anquanke.com/post/id/302568",
"title": "日本水处理公司和绿茶制造商的美国子公司遭勒索软件攻击",
"author": " 安全客",
"description": null,
"source": "therecord",
"pubDate": "2024-12-10 10:54:12"
},
{
"guid": "https://www.anquanke.com/post/id/302565",
"title": "更新您的 OpenWrt 路由器!安全问题使供应链攻击成为可能",
"author": " 安全客",
"description": null,
"source": "helpnetsecurity",
"pubDate": "2024-12-10 10:40:09"
},
{
"guid": "https://www.anquanke.com/post/id/302562",
"title": "冒充警察的网络钓鱼者在数百万欧元的骗局中被捕",
"author": " 安全客",
"description": null,
"source": "hackread",
"pubDate": "2024-12-10 10:29:15"
},
{
"guid": "https://www.anquanke.com/post/id/302559",
"title": "严重的 Windows 零日警报:用户尚无补丁可用",
"author": " 安全客",
"description": null,
"source": "hackread",
"pubDate": "2024-12-10 10:22:39"
},
{
"guid": "https://www.anquanke.com/post/id/302554",
"title": "浅谈目录权限导致的文件劫持",
"author": " 360安全应急响应中心",
"description": null,
"source": null,
"pubDate": "2024-12-10 10:13:55"
},
{
"guid": "https://www.anquanke.com/post/id/302515",
"title": "混淆还原的几种方式实践",
"author": " 360安全应急响应中心",
"description": null,
"source": null,
"pubDate": "2024-12-10 10:13:31"
},
{ {
"guid": "https://www.anquanke.com/post/id/302547", "guid": "https://www.anquanke.com/post/id/302547",
"title": "年关将至这些单位用360安全大模型交上安全运营高分成绩单", "title": "年关将至这些单位用360安全大模型交上安全运营高分成绩单",
@ -158,5 +86,77 @@
"description": null, "description": null,
"source": "hackread", "source": "hackread",
"pubDate": "2024-12-06 16:51:03" "pubDate": "2024-12-06 16:51:03"
},
{
"guid": "https://www.anquanke.com/post/id/302505",
"title": "非洲执法部门抓获1000多名网络犯罪嫌疑人",
"author": " 安全客",
"description": null,
"source": "darkreading",
"pubDate": "2024-12-06 16:50:19"
},
{
"guid": "https://www.anquanke.com/post/id/302502",
"title": "NCA的破坏行动瓦解全球洗钱网络",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-06 16:49:32"
},
{
"guid": "https://www.anquanke.com/post/id/302499",
"title": "FBI 警告犯罪分子利用生成式人工智能进行欺诈活动",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-06 16:48:36"
},
{
"guid": "https://www.anquanke.com/post/id/302465",
"title": "印度尼西亚富士电机遭受勒索软件攻击: 业务合作伙伴数据可能泄露",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-06 15:41:27"
},
{
"guid": "https://www.anquanke.com/post/id/302496",
"title": "Lorex 2K安全摄像头的五个缺陷使黑客能够完全控制警告发布",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-06 15:17:22"
},
{
"guid": "https://www.anquanke.com/post/id/302459",
"title": "Veeam 备份与复制漏洞曝光: 高严重性漏洞使数据面临风险",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-06 15:16:35"
},
{
"guid": "https://www.anquanke.com/post/id/302511",
"title": "360数字安全集团携手上海东海职业技术学院共育实战型网络安全人才队伍",
"author": " 安全客",
"description": null,
"source": "微信",
"pubDate": "2024-12-06 15:16:11"
},
{
"guid": "https://www.anquanke.com/post/id/302493",
"title": "网络钓鱼狂潮Cloudflare 域在最新攻击中被利用",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-05 16:14:12"
},
{
"guid": "https://www.anquanke.com/post/id/302490",
"title": "可用的漏洞利用代码:在 WhatsUp Gold 中发现严重缺陷 - CVE-2024-8785 CVSS 9.8",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2024-12-05 16:06:53"
} }
] ]

View File

@ -1,100 +1,4 @@
[ [
{
"title": "Burpsuite存储桶配置不当漏洞检测插件",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486968&idx=1&sn=7ee147a6efd7c1a074d8acd00e67fe4a",
"description": null,
"author": "进击的HACK",
"category": "进击的HACK",
"pubDate": "2024-12-10T07:55:46"
},
{
"title": "渗透测试 | 记一次信息泄露到学工系统",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486968&idx=2&sn=826a2c400bb764439e925e53dfb1de78",
"description": null,
"author": "进击的HACK",
"category": "进击的HACK",
"pubDate": "2024-12-10T07:55:46"
},
{
"title": "敏感数据加密后如何实现模糊查询",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486968&idx=3&sn=147db9c25c1dbc344f5d45396e2f33ee",
"description": "敏感数据加密后如何实现模糊查询",
"author": "进击的HACK",
"category": "进击的HACK",
"pubDate": "2024-12-10T07:55:46"
},
{
"title": "CVE-2018-15664:Dockerxa0CP任意读写主机文件",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493826&idx=2&sn=2f70d68dfd020f5c120e5f7d596b9b81",
"description": "影响范围Docker 17.06.0-ce17.12.1-ce:rc2Docker 18.01.0-ce",
"author": "七芒星实验室",
"category": "七芒星实验室",
"pubDate": "2024-12-10T07:01:23"
},
{
"title": "Mandiant开发了一种使用QR码绕过浏览器隔离的技术",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247492912&idx=1&sn=1f965af8ed996b0c53edad9d397b7021",
"description": null,
"author": "黑猫安全",
"category": "黑猫安全",
"pubDate": "2024-12-10T07:00:58"
},
{
"title": "CVE-2024-48307JeecgBoot SQL 注入漏洞POC",
"link": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491216&idx=1&sn=390db568593214c3e21c608f9aac4946",
"description": null,
"author": "实战安全研究",
"category": "实战安全研究",
"pubDate": "2024-12-10T00:18:25"
},
{
"title": "浅谈xss2rce的一些实现",
"link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517604&idx=1&sn=a61345317ad41dece28e93038482f6f6",
"description": null,
"author": "船山信安",
"category": "船山信安",
"pubDate": "2024-12-10T00:01:18"
},
{
"title": "【免杀】过360核晶、火绒 运行mimikatz、上线CS的万能加载器XlAnyLoader v1.1正式发布!",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491680&idx=1&sn=5fac3da92a08ffecc0a205595f236328",
"description": "过360核晶、火绒 、微软、卡巴斯基(静态)\\\\x0d\\\\x0axlanyloader万能加载器",
"author": "星落安全团队",
"category": "星落安全团队",
"pubDate": "2024-12-10T00:00:14"
},
{
"title": "如何寻找隐藏的参数",
"link": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496545&idx=1&sn=f5fa3d991b8bce754f69af9bce39e422",
"description": null,
"author": "迪哥讲事",
"category": "迪哥讲事",
"pubDate": "2024-12-09T23:41:24"
},
{
"title": "渗透测试人员的 Burp SuiteHackBar",
"link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485872&idx=1&sn=2603f14c6fdd1c0d01adb361b18ffc13",
"description": "每次针对特定漏洞手动插入新的有效载荷并检查其响应,这不是有点耗时且无聊的任务吗?",
"author": "三沐数安",
"category": "三沐数安",
"pubDate": "2024-12-09T23:19:45"
},
{
"title": "【漏洞预警】SoftLab Integrate Google Drive身份认证绕过漏洞(CVE-2023-32117)",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489283&idx=1&sn=29b9004e3fdc168434fc378d44504590",
"description": null,
"author": "飓风网络安全",
"category": "飓风网络安全",
"pubDate": "2024-12-09T23:16:04"
},
{
"title": "【漏洞情报】海信智能公交企业管理系统AdjustWorkHours.aspx SQL注入漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489283&idx=2&sn=5c93a143e811b95e8b77abdcb97f6599",
"description": null,
"author": "飓风网络安全",
"category": "飓风网络安全",
"pubDate": "2024-12-09T23:16:04"
},
{ {
"title": "Zabbix SQL 注入漏洞CVE-2024-42327", "title": "Zabbix SQL 注入漏洞CVE-2024-42327",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486212&idx=1&sn=a25394ea5d523773aa1771aebc8872fc", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486212&idx=1&sn=a25394ea5d523773aa1771aebc8872fc",
@ -151,22 +55,6 @@
"category": "360威胁情报中心", "category": "360威胁情报中心",
"pubDate": "2024-12-09T17:54:21" "pubDate": "2024-12-09T17:54:21"
}, },
{
"title": "u200b潜藏在签名安装文件中的Koi Loader恶意软件",
"link": "https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513306&idx=1&sn=c196ec679f20bce97cec72e3aeae12f7",
"description": "近日我们使用奇安信情报沙箱分析可疑Inno Setup安装文件该文件带有数字签名沙箱结果显示样本启动后运行powershell代码从远程服务器下载JS脚本并执行JS脚本进一步调用powershell代码从同一个服务器下载其他载荷。",
"author": "奇安信威胁情报中心",
"category": "奇安信威胁情报中心",
"pubDate": "2024-12-09T17:43:03"
},
{
"title": "Windows进程",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247488931&idx=1&sn=b2ac667cb4bfa2ba329272b917c33369",
"description": null,
"author": "Relay学安全",
"category": "Relay学安全",
"pubDate": "2024-12-09T17:40:35"
},
{ {
"title": "\\\"多引擎\\\"的资产识别、信息收集 | 干货", "title": "\\\"多引擎\\\"的资产识别、信息收集 | 干货",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519358&idx=2&sn=053fe593848492102cf308e4ce93de7f", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519358&idx=2&sn=053fe593848492102cf308e4ce93de7f",
@ -1598,5 +1486,117 @@
"author": "风铃Sec", "author": "风铃Sec",
"category": "风铃Sec", "category": "风铃Sec",
"pubDate": "2024-12-04T22:15:59" "pubDate": "2024-12-04T22:15:59"
},
{
"title": "一种巧妙内核级可绕过EDR的入侵手段",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492675&idx=1&sn=2976f9793011ea7dacce961cadd32530",
"description": "这种攻击方式被称为BYOVD攻击, BYOVD 攻击的核心是攻击者将一个已知存在漏洞的内核驱动程序写入磁盘并加载,然后利用该漏洞执行特权操作。这些操作可能包括终止安全产品、绕过 EDR 防篡改保护、提取特权进程信息。",
"author": "二进制空间安全",
"category": "二进制空间安全",
"pubDate": "2024-12-04T21:45:51"
},
{
"title": "钓鱼网页散播银狐木马,远控后门威胁终端安全",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247520783&idx=1&sn=e6d18857c2b21d1bc8b80636051ff403",
"description": null,
"author": "火绒安全",
"category": "火绒安全",
"pubDate": "2024-12-04T21:44:58"
},
{
"title": "微软驱动程序关键漏洞已被APT组织利用",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247632689&idx=3&sn=3c9e08e5af95f26a73913ce6e7ded2bc",
"description": null,
"author": "商密君",
"category": "商密君",
"pubDate": "2024-12-04T20:25:28"
},
{
"title": "微软驱动程序关键漏洞已被APT组织利用",
"link": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651308802&idx=1&sn=ed99bbd47f1003dc1db38fa05309efca",
"description": "漏洞允许攻击者远程接管整个系统。",
"author": "FreeBuf",
"category": "FreeBuf",
"pubDate": "2024-12-04T19:03:41"
},
{
"title": "网安瞭望台第9期0day 情报OAuth 2.0授权流程学习",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTkwODU3Ng==&mid=2247513696&idx=1&sn=7c88b6b634b4ac1e28b987f2a9615627",
"description": "网安资讯分享\\\\x0d\\\\x0aDAILY NEWS AND KNOWLEDGE",
"author": "东方隐侠安全团队",
"category": "东方隐侠安全团队",
"pubDate": "2024-12-04T19:00:32"
},
{
"title": "APT-C-53Gamaredon组织广泛攻击活动分析",
"link": "https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505004&idx=1&sn=903d7e5ba2a23d6ecfbd81a1871a112c",
"description": "360高级威胁研究院对Gamaredon组织的几种常见攻击手段进行了深入分析发现该组织持续采用各种复杂的技术和策略包括使用恶意LNK文件、XHTML文件以及复杂的网络钓鱼活动",
"author": "360威胁情报中心",
"category": "360威胁情报中心",
"pubDate": "2024-12-04T18:30:26"
},
{
"title": "代码审计之XX系统二次注入到RCE",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODg3NzExNw==&mid=2247488383&idx=1&sn=b60391877f30cdcc8a9c845ab2954999",
"description": null,
"author": "WK安全",
"category": "WK安全",
"pubDate": "2024-12-04T18:00:52"
},
{
"title": "【Windbg】学习及在CTF中解题",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247551822&idx=1&sn=eac87a1389d7471aeaea09a7880d41b2",
"description": null,
"author": "蚁景网络安全",
"category": "蚁景网络安全",
"pubDate": "2024-12-04T17:35:34"
},
{
"title": "攻防|记一次溯源真实案例",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247518549&idx=1&sn=ff36cee17cf0dfe0f89bfe2646611f16",
"description": null,
"author": "亿人安全",
"category": "亿人安全",
"pubDate": "2024-12-04T17:30:44"
},
{
"title": "用友NC workflowService SQL注入1day代码分析",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTUxNzAxMg==&mid=2247484141&idx=1&sn=ab52db7afb078dc0594ae666b550a7e6",
"description": null,
"author": "深白网安",
"category": "深白网安",
"pubDate": "2024-12-04T17:17:45"
},
{
"title": "无文件攻击一览:利用 Powershell 和 Microsoft 合法应用程序进行攻击",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525324&idx=1&sn=d646d82ca9b9ae36275b2e08032383f8",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-04T17:16:13"
},
{
"title": "剖析 JA4H 以改进 Sliver C2 检测",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525324&idx=2&sn=6f8406f5c586e98597fce64b18cf8037",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-04T17:16:13"
},
{
"title": "Linux 恶意软件开发:使用 Python 构建基于 TLS/SSL 的反向 shell",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525324&idx=3&sn=c7f548eaca5b4c86c66a4551d0e0c465",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-04T17:16:13"
},
{
"title": "【漏洞预警】ProFTPD权限管理不当漏洞可导致权限提升",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489265&idx=1&sn=bfa7c936f79c9a65dfda98c9b44c5c6c",
"description": null,
"author": "飓风网络安全",
"category": "飓风网络安全",
"pubDate": "2024-12-04T16:48:38"
} }
] ]

View File

@ -1,28 +1,4 @@
[ [
{
"title": "SaaS巨头被勒索攻击泄露680GB数据",
"link": "https://www.freebuf.com/news/417312.html",
"description": "Termite 勒索软件团伙正式宣称对软件即服务SaaS提供商 Blue Yonder 的11 月攻击负责。",
"body": "<p>Termite 勒索软件团伙正式宣称对软件即服务SaaS提供商 Blue Yonder 的11 月攻击负责。Blue Yonder前身为 JDA Software作为 Panasonic 子公司运营)是总部位于亚利桑那州的供应链软件供应商,为零售商、制造商和物流供应商提供全球服务。</p><p><img src=\"https://image.3001.net/images/20241",
"category": "资讯",
"pubDate": "Tue, 10 Dec 2024 11:11:55 +0800"
},
{
"title": " 可接管账户权限DeepSeek 和 Claude AI 存在命令注入漏洞",
"link": "https://www.freebuf.com/news/417305.html",
"description": "本文揭示了 DeepSeek 人工智能聊天机器人中的一个现已修补的安全漏洞的详细信息。",
"body": "<p>本文揭示了 DeepSeek 人工智能聊天机器人中的一个现已修补的安全漏洞的详细信息,如果成功利用,黑客可通过输入注入攻击方式控制受害者的账户。</p><p><img src=\"https://image.3001.net/images/20241210/1733798584_6757aab87b3f982df37cd.png!small\" alt=\"\" /></p><p>安全研究人员 Jo",
"category": "资讯",
"pubDate": "Tue, 10 Dec 2024 10:43:31 +0800"
},
{
"title": "俄罗斯APT组织打击乌克兰国防企业",
"link": "https://www.freebuf.com/news/417299.html",
"description": "根据一份新的报告疑似俄罗斯的APT组织正在对乌克兰的军事和国防企业发动新的间谍活动。",
"body": "<p>根据一份新的报告疑似俄罗斯的APT组织正在对乌克兰的军事和国防企业发动新的间谍活动。</p><p>乌克兰军事计算机应急响应团队MIL.CERT-UA追踪到该活动的威胁行为者代号为 UAC-0185 。该组织通过伪装成邀请函的钓鱼邮件,诱骗人们参加上周在基辅举行的一场合法国防会议。<img src=\"https://image.3001.net/images/20241210/1733",
"category": "资讯",
"pubDate": "Tue, 10 Dec 2024 10:21:26 +0800"
},
{ {
"title": "腾讯云首届金融安全峰会圆满举办,让安全价值看得见", "title": "腾讯云首届金融安全峰会圆满举办,让安全价值看得见",
"link": "https://www.freebuf.com/articles/417280.html", "link": "https://www.freebuf.com/articles/417280.html",
@ -31,14 +7,6 @@
"category": "活动", "category": "活动",
"pubDate": "Mon, 09 Dec 2024 19:24:40 +0800" "pubDate": "Mon, 09 Dec 2024 19:24:40 +0800"
}, },
{
"title": "FreeBuf早报 | 普通用户手机发现间谍软件Pegasus软件供应链巨头被勒索软件入侵",
"link": "https://www.freebuf.com/news/417247.html",
"description": "Termite 勒索软件团伙已正式声称对软件即服务提供商 Blue Yonder 的攻击行为负责,称窃取了 680GB 文件。",
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 国家安全部“天之骄子”泄露重要涉密事项获刑10年</h3><p>据国家安全部微信号12月9日消息长期以来境外间谍情报机关将我党政机关、企事业单位工作人员视为拉拢策反、渗透利用的重点目标。近日国家安全机关破获一起间谍案涉案人员安某曾是众人眼中的“天之骄子”却因未能抵御境外间谍情报机关的圈套诱惑最终身陷囹圄",
"category": "资讯",
"pubDate": "Mon, 09 Dec 2024 16:10:28 +0800"
},
{ {
"title": "通过二维码实现命令与控制操作的新方法", "title": "通过二维码实现命令与控制操作的新方法",
"link": "https://www.freebuf.com/news/417227.html", "link": "https://www.freebuf.com/news/417227.html",
@ -158,5 +126,37 @@
"body": "<p>大家好我是一个在IT行业十余年的小菜鸟今天与大家聊一聊漏洞的挖掘与复现。</p><h2 id=\"h2-1\">一 漏洞复现。</h2><h3 id=\"h3-1\">1.NetScaler ADC </h3><p>例如我对CVE-2023-3519漏洞进行了分析该漏洞是Citrix ADC 和 Citrix Gateway 中存在未经身份验证的远程代码执行漏洞。</p><p>由于不同版本会导", "body": "<p>大家好我是一个在IT行业十余年的小菜鸟今天与大家聊一聊漏洞的挖掘与复现。</p><h2 id=\"h2-1\">一 漏洞复现。</h2><h3 id=\"h3-1\">1.NetScaler ADC </h3><p>例如我对CVE-2023-3519漏洞进行了分析该漏洞是Citrix ADC 和 Citrix Gateway 中存在未经身份验证的远程代码执行漏洞。</p><p>由于不同版本会导",
"category": "Web安全", "category": "Web安全",
"pubDate": "Fri, 06 Dec 2024 12:03:12 +0800" "pubDate": "Fri, 06 Dec 2024 12:03:12 +0800"
},
{
"title": "freebuf快速同步语雀文章",
"link": "https://www.freebuf.com/sectool/417015.html",
"description": "把时间花在重要的事情上,减少浪费时间在重复动作上",
"body": "<h1>1. 背景</h1><p>日常笔记使用语雀记录文章想要快速同步内容至freebuf寻找已有工具无果遂写了个工具方便快速同步文章。</p><h1>2. 工具</h1><pre><code># coding=gbk\nimport re\nimport requests\nfrom urllib.parse import urlparse, parse_qs\nimport os\nimport ",
"category": "工具",
"pubDate": "Fri, 06 Dec 2024 11:03:02 +0800"
},
{
"title": "I-O Data路由器0Day漏洞被利用无修复补丁",
"link": "https://www.freebuf.com/news/417010.html",
"description": "日本CERT发布公告称黑客正在利用I-O Data路由器设备中的零日漏洞来修改设备设置、执行命令甚至关闭防火墙。",
"body": "<p>日本计算机紧急响应小组CERT警告称 黑客正在利用I-O Data路由器设备中的零日漏洞来修改设备设置、执行命令甚至关闭防火墙。</p><p>I-O Data在其网站上发布的安全公告中承认确实存在三个零日漏洞但目前暂无完整的修复补丁预计将在2024年12月18日发布因此在此之前用户将面临比较严重的风险。<img src=\"https://image.3001.net/image",
"category": "资讯",
"pubDate": "Fri, 06 Dec 2024 10:48:56 +0800"
},
{
"title": "0day免杀 | rar远程代码执行漏洞CVE-2023-38831免杀与复现",
"link": "https://www.freebuf.com/vuls/416973.html",
"description": "授人以鱼不如授人以渔。在绕过杀软的同时利用漏洞,就是我接下来给大家讲的技术手段。",
"body": "<p>众所周知一个漏洞在出现之后会很快被各大杀软发现紧接着就会更新病毒库针对该漏洞进行检测。像rar之类并不会自动更新的软件这些漏洞却因为杀软而无法使用。</p><p>授人以鱼不如授人以渔。在绕过杀软的同时利用漏洞,就是我接下来给大家讲的技术手段。</p><h2 id=\"h2-1\">一 测试环境。</h2><h3 id=\"h3-1\">漏洞CVE-2023-38831</h3><p><s",
"category": "漏洞",
"pubDate": "Thu, 05 Dec 2024 17:59:46 +0800"
},
{
"title": "FreeBuf早报 | 数万台卫星接收器预装DDoS攻击工具美国检方起诉 19 岁少年黑客",
"link": "https://www.freebuf.com/news/416954.html",
"description": "真主党对讲机爆炸案后韩国再次曝出大规模“恶意硬件”案件数十万台销往全球市场的卫星接收器中暗藏DDoS攻击工具。",
"body": "<h2 id=\"h2-1\">全球动态</h2><h3 id=\"h3-1\">1. 上海全面开展个人信息保护,对“刷脸支付”等过度索取个人信息行为说“不”</h3><p>12月4日上海市网信办在“亮剑浦江·2024”消费领域个人信息权益保护专项执法行动总结交流会议上发布成效评估报告并透露今年全市范围3704家公共停车场全面落实停车缴费“纯净码”24家重点咖啡企业开展自查整改。 【<a href=",
"category": "资讯",
"pubDate": "Thu, 05 Dec 2024 16:53:55 +0800"
} }
] ]

View File

@ -1,18 +1,4 @@
[ [
{
"guid": "https://forum.butian.net/share/3902",
"title": "样本分析Trinity 勒索软件",
"description": "前言\nTrinity 勒索软件是一个相对较新的威胁行为者,以采用双重勒索策略而闻名。这种方法包括在加密文件之前窃取敏感数据,从而增加受害者支付赎金的压力。这种勒索软件使用 ChaCha20 加密算法...",
"source": "subject",
"pubDate": "2024-12-10 10:00:02"
},
{
"guid": "https://forum.butian.net/share/3974",
"title": "强网杯S8决赛Pyramid框架下内存马的分析构造及RS加密签名伪造",
"description": "这两天去线下参加了强网杯S8的决赛WEB一共两题这个题目代码并不多但是考察点很创新并且涉及了从没出现过的Pyramid框架下内存马线下时间紧张最后20分钟才调试出来特此记录本篇文章详细解析Pyramid框架下内存马的分析构造及RS加密签名伪造便于师傅们交流学习。",
"source": "subject",
"pubDate": "2024-12-10 09:36:25"
},
{ {
"guid": "https://forum.butian.net/share/3936", "guid": "https://forum.butian.net/share/3936",
"title": "解读 2024 年高通 GPU 漏洞细节及利用技术", "title": "解读 2024 年高通 GPU 漏洞细节及利用技术",
@ -68,5 +54,19 @@
"description": "周末的时候打了hkcert24的比赛里面很多题目设置很有趣这里挑选其中rev方向的的bashed和MBTI Radar 记录一下wp", "description": "周末的时候打了hkcert24的比赛里面很多题目设置很有趣这里挑选其中rev方向的的bashed和MBTI Radar 记录一下wp",
"source": "subject", "source": "subject",
"pubDate": "2024-12-02 10:05:50" "pubDate": "2024-12-02 10:05:50"
},
{
"guid": "https://forum.butian.net/share/3965",
"title": "【2024补天白帽城市沙龙-广州站】终端对抗的评估与验证实践",
"description": "演讲议题:终端对抗的评估与验证实践",
"source": "subject",
"pubDate": "2024-11-28 18:28:54"
},
{
"guid": "https://forum.butian.net/share/3964",
"title": "【2024补天白帽城市沙龙-广州站】蓝牙漏洞敞开大门:无需密码的致命安全隐患",
"description": "演讲议题:蓝牙漏洞敞开大门:无需密码的致命安全隐患",
"source": "subject",
"pubDate": "2024-11-28 18:21:29"
} }
] ]

View File

@ -1,124 +1,4 @@
[ [
{
"title": "代码审计 - MCMS v5.4.1 0day挖掘",
"link": "https://xz.aliyun.com/t/16630",
"published": "2024-12-08T15:33:10+08:00",
"id": "https://xz.aliyun.com/t/16630",
"summary": {
"@type": "html",
"#text": "代码审计 - MCMS v5.4.1 0day挖掘"
}
},
{
"title": "从HECTF ezjava 入手 Vaadin 调用链挖掘",
"link": "https://xz.aliyun.com/t/16627",
"published": "2024-12-08T13:06:14+08:00",
"id": "https://xz.aliyun.com/t/16627",
"summary": {
"@type": "html",
"#text": "从HECTF ezjava 入手 Vaadin 调用链挖掘"
}
},
{
"title": "x86汇编与编写shellcode",
"link": "https://xz.aliyun.com/t/16626",
"published": "2024-12-08T11:49:46+08:00",
"id": "https://xz.aliyun.com/t/16626",
"summary": {
"@type": "html",
"#text": "x86汇编与编写shellcode"
}
},
{
"title": "PolarCTF-2024冬季赛 WEB",
"link": "https://xz.aliyun.com/t/16624",
"published": "2024-12-08T10:49:52+08:00",
"id": "https://xz.aliyun.com/t/16624",
"summary": {
"@type": "html",
"#text": "PolarCTF-2024冬季赛 WEB"
}
},
{
"title": "PE 文件结构剖析:手工压缩与注入实战",
"link": "https://xz.aliyun.com/t/16622",
"published": "2024-12-08T02:05:35+08:00",
"id": "https://xz.aliyun.com/t/16622",
"summary": {
"@type": "html",
"#text": "PE 文件结构剖析:手工压缩与注入实战"
}
},
{
"title": "qwb-final-dataease代码审计",
"link": "https://xz.aliyun.com/t/16620",
"published": "2024-12-07T22:56:00+08:00",
"id": "https://xz.aliyun.com/t/16620",
"summary": {
"@type": "html",
"#text": "qwb-final-dataease代码审计"
}
},
{
"title": "2024 国城杯 WriteUp",
"link": "https://xz.aliyun.com/t/16615",
"published": "2024-12-07T19:16:17+08:00",
"id": "https://xz.aliyun.com/t/16615",
"summary": {
"@type": "html",
"#text": "2024 国城杯 WriteUp"
}
},
{
"title": "2024 国城杯取证 Just_F0r3n51Cs",
"link": "https://xz.aliyun.com/t/16612",
"published": "2024-12-07T17:25:45+08:00",
"id": "https://xz.aliyun.com/t/16612",
"summary": {
"@type": "html",
"#text": "2024 国城杯取证 Just_F0r3n51Cs"
}
},
{
"title": "如何HOST碰撞挖掘隐蔽资产",
"link": "https://xz.aliyun.com/t/16611",
"published": "2024-12-07T17:10:22+08:00",
"id": "https://xz.aliyun.com/t/16611",
"summary": {
"@type": "html",
"#text": "如何HOST碰撞挖掘隐蔽资产"
}
},
{
"title": "2024国城杯初赛 re部分wp",
"link": "https://xz.aliyun.com/t/16610",
"published": "2024-12-07T17:10:19+08:00",
"id": "https://xz.aliyun.com/t/16610",
"summary": {
"@type": "html",
"#text": "2024国城杯初赛 re部分wp"
}
},
{
"title": "分析探究Java原生链反序列化绕过高版本fastjson打Spring马",
"link": "https://xz.aliyun.com/t/16608",
"published": "2024-12-07T16:46:56+08:00",
"id": "https://xz.aliyun.com/t/16608",
"summary": {
"@type": "html",
"#text": "分析探究Java原生链反序列化绕过高版本fastjson打Spring马"
}
},
{
"title": "记一道CC6-TemplatesImpl链和Jackson原链打Spring内存马的利用",
"link": "https://xz.aliyun.com/t/16601",
"published": "2024-12-07T16:45:23+08:00",
"id": "https://xz.aliyun.com/t/16601",
"summary": {
"@type": "html",
"#text": "记一道CC6-TemplatesImpl链和Jackson原链打Spring内存马的利用"
}
},
{ {
"title": "强网杯S8决赛RW赛道", "title": "强网杯S8决赛RW赛道",
"link": "https://xz.aliyun.com/t/16607", "link": "https://xz.aliyun.com/t/16607",
@ -998,5 +878,125 @@
"@type": "html", "@type": "html",
"#text": "银狐黑产最新加载器利用破解版VPN为诱饵进行传播" "#text": "银狐黑产最新加载器利用破解版VPN为诱饵进行传播"
} }
},
{
"title": "\"多引擎\"的资产识别、信息收集工具",
"link": "https://xz.aliyun.com/t/16450",
"published": "2024-11-29T09:52:11+08:00",
"id": "https://xz.aliyun.com/t/16450",
"summary": {
"@type": "html",
"#text": "\"多引擎\"的资产识别、信息收集工具"
}
},
{
"title": "Discuz!x——3.5版本漏洞复现&代码审计",
"link": "https://xz.aliyun.com/t/16445",
"published": "2024-11-28T21:55:27+08:00",
"id": "https://xz.aliyun.com/t/16445",
"summary": {
"@type": "html",
"#text": "Discuz!x——3.5版本漏洞复现&代码审计"
}
},
{
"title": "堆学习之Tcache Stashing Unlink Attacke",
"link": "https://xz.aliyun.com/t/16444",
"published": "2024-11-28T21:45:49+08:00",
"id": "https://xz.aliyun.com/t/16444",
"summary": {
"@type": "html",
"#text": "堆学习之Tcache Stashing Unlink Attacke"
}
},
{
"title": "脱离C2的自动路由,实战中如何将4以上层内网的穿透,4dnat+新版frp+proxifier使用",
"link": "https://xz.aliyun.com/t/16443",
"published": "2024-11-28T20:01:00+08:00",
"id": "https://xz.aliyun.com/t/16443",
"summary": {
"@type": "html",
"#text": "脱离C2的自动路由,实战中如何将4以上层内网的穿透,4dnat+新版frp+proxifier使用"
}
},
{
"title": "Ubuntu needrestart权限提升漏洞(CVE-2024-48990)漏洞分析",
"link": "https://xz.aliyun.com/t/16442",
"published": "2024-11-28T18:19:43+08:00",
"id": "https://xz.aliyun.com/t/16442",
"summary": {
"@type": "html",
"#text": "Ubuntu needrestart权限提升漏洞(CVE-2024-48990)漏洞分析"
}
},
{
"title": "大模型多轮越狱技术分析与实现",
"link": "https://xz.aliyun.com/t/16441",
"published": "2024-11-28T17:22:22+08:00",
"id": "https://xz.aliyun.com/t/16441",
"summary": {
"@type": "html",
"#text": "大模型多轮越狱技术分析与实现"
}
},
{
"title": "2024NewStarCTF Week5 Pwn方向复现",
"link": "https://xz.aliyun.com/t/16439",
"published": "2024-11-28T16:51:11+08:00",
"id": "https://xz.aliyun.com/t/16439",
"summary": {
"@type": "html",
"#text": "2024NewStarCTF Week5 Pwn方向复现"
}
},
{
"title": "CVE-2024-22399 - SwingLazyValue利用链构造分析",
"link": "https://xz.aliyun.com/t/16436",
"published": "2024-11-28T14:53:03+08:00",
"id": "https://xz.aliyun.com/t/16436",
"summary": {
"@type": "html",
"#text": "CVE-2024-22399 - SwingLazyValue利用链构造分析"
}
},
{
"title": "第七届浙江省大学生网络与信息安全竞赛决赛 Misc方向全解",
"link": "https://xz.aliyun.com/t/16435",
"published": "2024-11-28T14:51:55+08:00",
"id": "https://xz.aliyun.com/t/16435",
"summary": {
"@type": "html",
"#text": "第七届浙江省大学生网络与信息安全竞赛决赛 Misc方向全解"
}
},
{
"title": "网鼎杯玄武 crypto 0解析变形的 Shamir 密钥分享机制",
"link": "https://xz.aliyun.com/t/16433",
"published": "2024-11-28T13:53:57+08:00",
"id": "https://xz.aliyun.com/t/16433",
"summary": {
"@type": "html",
"#text": "网鼎杯玄武 crypto 0解析变形的 Shamir 密钥分享机制"
}
},
{
"title": "记一次SSTI长度限制绕过",
"link": "https://xz.aliyun.com/t/16432",
"published": "2024-11-28T11:50:02+08:00",
"id": "https://xz.aliyun.com/t/16432",
"summary": {
"@type": "html",
"#text": "记一次SSTI长度限制绕过"
}
},
{
"title": "windows注入 r3级强制结束进程",
"link": "https://xz.aliyun.com/t/16427",
"published": "2024-11-27T23:46:31+08:00",
"id": "https://xz.aliyun.com/t/16427",
"summary": {
"@type": "html",
"#text": "windows注入 r3级强制结束进程"
}
} }
] ]

View File

@ -8,7 +8,7 @@ config.yaml可指定大部分可能需要的参数 <br>
- 将所有打印信息转为logging info并存档已完成<br> - 将所有打印信息转为logging info并存档已完成<br>
- 将logging info转为异步的loguru已完成 <br> - 将logging info转为异步的loguru已完成 <br>
- 探查异常中断原因暂未清楚发生原因猜测和4hou获取rss后的代码逻辑有关 <br> - 探查异常中断原因暂未清楚发生原因猜测和4hou获取rss后的代码逻辑有关 <br>
- 存档所有推送文章方便以后查看(已完成) <br> - 存档所有推送文章方便以后查看 <br>
- 添加更多推送方式,如邮件、微信等 <br> - 添加更多推送方式,如邮件、微信等 <br>
- 创建Web网页以展示最新推送 <br> - 创建Web网页以展示最新推送 <br>

Binary file not shown.

View File

@ -1,5 +1,4 @@
key: aa04a02f-d7bf-4279-bd48-44c4f28c8f74 key: aa04a02f-d7bf-4279-bd48-44c4f28c8f74
secret: 4tq65T4jm1MO2IlxvHxBWe secret: 4tq65T4jm1MO2IlxvHxBWe
# 结算时间范围 # 结算时间范围
e_hour: 4 # 程序运行时间间隔 e_hour: 12 # 程序运行时间间隔
circle: 0 # 是否启用循环设置为0后将设置为特定时间点运行

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

18
test.py Normal file
View File

@ -0,0 +1,18 @@
# -*- coding: utf-8 -*-
"""
@Author: MasonLiu
@Description: 测试程序的运行
"""
from SendBot import SendToFeishu, gen_sign
from GotoSend_seebug import Src_seebug
# reslt_seebug = Src_seebug(1000)
# webhook_url, timestamp, sign = gen_sign()
# print("-" * 40)
# print("Seebug社区资讯递送中")
# SendToFeishu(reslt_seebug, "Seebug社区资讯递送", webhook_url, timestamp, sign)
# print("-" * 40 + "\n")
from media.xianzhi import xianzhi_main
xianzhi_main()