MasonLiu/PyBot
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

Compare commits

base: MasonLiu:main
Branches Tags
MasonLiu:main
MasonLiu:V2.0稳定版
MasonLiu:V2.0新版
MasonLiu:V1.3稳定版
MasonLiu:V1.2
MasonLiu:V1.1
MasonLiu:V1.0
MasonLiu:beta0.1
..
compare: MasonLiu:beta0.1
Branches Tags
MasonLiu:main
MasonLiu:V2.0稳定版
MasonLiu:V2.0新版
MasonLiu:V1.3稳定版
MasonLiu:V1.2
MasonLiu:V1.1
MasonLiu:V1.0
MasonLiu:beta0.1

No commits in common. "main" and "beta0.1" have entirely different histories.
main ... beta0.1

111 changed files with 972 additions and 12828 deletions
Show Stats Expand all files Collapse all files

389
Core.py
View File

@ -14,13 +14,9 @@ import requests
from datetime import datetime, timedelta from datetime import datetime, timedelta
from SendCore.FeishuSendBot import SendToFeishu, gen_sign from SendCore.FeishuSendBot import SendToFeishu, gen_sign
from SendCore.QiweiSendBot import SendToWX from SendCore.QiweiSendBot import SendToWX
from spider.common import run, seebug_main, M_4hou_main, anquanke_main, sec_wiki_main, huawei_main, doonsec_main, qianxin_main from media.common import run, seebug_main, M_4hou_main, anquanke_main, sec_wiki_main, huawei_main, doonsec_main, qianxin_main
from spider.freebuf import freebuf_main from media.freebuf import freebuf_main
from spider.xianzhi import xianzhi_main from media.xianzhi import xianzhi_main
from spider.sougou_wx import sougou_wx_main
from spider.github import github_main, load_github_config
from spider.baidu import baidu_main
from spider.uni import uni_spider
from GotoSend.M_4hou import Src_4hou from GotoSend.M_4hou import Src_4hou
from GotoSend.anquanke import Src_anquanke from GotoSend.anquanke import Src_anquanke
from GotoSend.doonsec import Src_doonsec from GotoSend.doonsec import Src_doonsec
@ -28,180 +24,148 @@ from GotoSend.xianzhi import Src_xianzhi
from GotoSend.freebuf import Src_freebuf from GotoSend.freebuf import Src_freebuf
from GotoSend.qianxin import Src_qianxin from GotoSend.qianxin import Src_qianxin
from GotoSend.seebug import Src_seebug from GotoSend.seebug import Src_seebug
from GotoSend.sougou_wx import Src_sougou_wx
from GotoSend.github import Src_github
from GotoSend.baidu import Src_baidu
from GotoSend.uni_rss import Src_uni_rss
from config.check_config import get_core_config, get_debug_config, get_keywords_config
from loguru import logger from loguru import logger
# 清除所有已有的日志记录器配置 # 清除所有已有的日志记录器配置
logger.remove() logger.remove()
logger.add("./resources/log/core.log", logger.add("./log/core.log",
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}", format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}",
rotation="100 MB", rotation="100 MB",
compression="zip", compression="zip",
encoding="utf-8") encoding="utf-8")
# shell终端打印日志 # shell终端打印日志
debug = get_debug_config() # logger.add(lambda msg: print(msg),
if debug == "True": # format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}")
logger.add(lambda msg: print(msg),
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}") # 加载参数
with open('./config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file)
# sleep_time = int(f"{config['sleep_time']}")
e_hour = int(f"{config['e_hour']}")
choice = int(f"{config['circle']}")
fs_activate = f"{config['fs_activate']}"
wx_activate = f"{config['wx_activate']}"
ding_activate = f"{config['ding_activate']}"
lx_activate = f"{config['lx_activate']}"
webhook_url_once, timestamp_once, sign_once = gen_sign()
def check_avaliable(info_long, info_short, title, webhook_url, timestamp, sign):
if info_long: # 发送完整文章相关内容
# logger.info(f"{title} 递送中(飞书):")
result = SendToFeishu(info_long, title, webhook_url, timestamp, sign)
logger.info(result)
time.sleep(15)
else:
pass
if info_short: # 发送精简文章相关内容
# 企业微信相关
if wx_activate == "True":
# logger.info(f"{title} 递送中(企业微信):")
result = SendToWX(info_short, title)
logger.info(result)
time.sleep(15)
else:
pass
# 钉钉相关
if ding_activate == "True":
# logger.info(f"{title} 递送中(钉钉):")
# result = SendToWX(info_short, title) # 待完善
logger.info(result)
time.sleep(15)
else:
pass
if not info_long and not info_short:
logger.info(f"{title}数据为空,跳过执行。")
def send_job(time_1):
# 爬取数据
logger.info(f"发送程序启动,当前时间为:{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}")
logger.info("正在启动各爬虫并获取资源中...")
seebug_main()
anquanke_main()
huawei_main()
doonsec_main()
qianxin_main()
freebuf_main()
xianzhi_main()
M_4hou_main()
# 分析各个数据源的结果(输出长结果)
result_4hou_long = Src_4hou(time_1, False)
result_anquanke_long = Src_anquanke(time_1, False)
result_doonsec_long = Src_doonsec(time_1, False)
result_xianzhi_long = Src_xianzhi(time_1, False)
result_freebuf_long = Src_freebuf(time_1, False)
result_qianxin_long = Src_qianxin(time_1, False)
result_seebug_long = Src_seebug(time_1, False)
# 分析各个数据源的结果(输出短结果)
result_4hou_short = Src_4hou(time_1, True)
result_anquanke_short = Src_anquanke(time_1, True)
result_doonsec_short = Src_doonsec(time_1, True)
result_xianzhi_short = Src_xianzhi(time_1, True)
result_freebuf_short = Src_freebuf(time_1, True)
result_qianxin_short = Src_qianxin(time_1, True)
result_seebug_short = Src_seebug(time_1, True)
webhook_url, timestamp, sign = gen_sign()
check_avaliable(result_4hou_long, result_4hou_short, "嘶吼资讯", webhook_url, timestamp, sign)
check_avaliable(result_anquanke_long, result_anquanke_short, "安全客资讯", webhook_url, timestamp, sign)
check_avaliable(result_doonsec_long, result_doonsec_short, "洞见微信安全资讯", webhook_url, timestamp, sign)
check_avaliable(result_xianzhi_long, result_xianzhi_short, "先知社区资讯", webhook_url, timestamp, sign)
check_avaliable(result_freebuf_long, result_freebuf_short, "FreeBuf资讯", webhook_url, timestamp, sign)
check_avaliable(result_qianxin_long, result_qianxin_short, "奇安信攻防社区资讯", webhook_url, timestamp, sign)
check_avaliable(result_seebug_long, result_seebug_short, "Seebug社区资讯", webhook_url, timestamp, sign)
if fs_activate == "True":
send_result = SendToFeishu("[点此访问](https://info.masonliu.com)网站以查看全部文章。", "单次运行结束", webhook_url, timestamp, sign)
logger.info(send_result)
else:
pass
if wx_activate == "True":
send_result = SendToWX("[点此访问](https://info.masonliu.com)网站以查看全部文章。", "单次运行结束")
logger.info(send_result)
else:
pass
logger.info("执行完毕,等待下一次执行...")
def signal_handler(sig, frame): def signal_handler(sig, frame):
logger.info("接收到退出信号,程序即将退出...") logger.info("接收到退出信号,程序即将退出...")
sys.exit(0) sys.exit(0)
# 全局变量
signal.signal(signal.SIGINT, signal_handler) # Ctrl+C signal.signal(signal.SIGINT, signal_handler) # Ctrl+C
signal.signal(signal.SIGTERM, signal_handler) # kill命令 signal.signal(signal.SIGTERM, signal_handler) # kill命令
webhook_url_once, timestamp_once, sign_once = gen_sign()
e_hour, time_choice, choice, fs_activate, wx_activate, ding_activate, lx_activate, url_web = get_core_config()
def check_avaliable(info_long, info_short, title): def main_loop(choice):
if info_long: # 发送完整文章相关内容 if choice == 1:
if fs_activate == "True": while True:
# logger.info(f"{title} 递送中(飞书):") try:
webhook_url, timestamp, sign = gen_sign() # 执行任务
result = SendToFeishu(info_long, title, webhook_url, timestamp, sign) send_job(e_hour)
logger.info(result) time.sleep(e_hour * 60 * 60 - 3 * 60)
time.sleep(15)
if info_short: # 发送精简文章相关内容 except Exception as e:
# 企业微信相关 logger.error(f"发生错误: {e}, 程序已暂停")
if wx_activate == "True": # result = SendToFeishu(f"发生错误: {e}, 程序已退出", "报错信息")
# logger.info(f"{title} 递送中(企业微信):") # logger.info(result)
for info in info_short: exit()
result = SendToWX(info, title)
logger.info(result)
time.sleep(15)
elif choice == 0:
# 设置每天的特定时间点执行job函数
schedule.every().day.at("09:00").do(send_job, 12)
schedule.every().day.at("12:00").do(send_job, 3)
schedule.every().day.at("15:00").do(send_job, 3)
schedule.every().day.at("18:00").do(send_job, 3)
schedule.every().day.at("21:00").do(send_job, 3)
# 钉钉相关 while True:
if ding_activate == "True": schedule.run_pending()
# logger.info(f"{title} 递送中(钉钉):") time.sleep(60) # 每分钟检查一次是否有任务需要执行
# for info in info_short: # 开发中,暂未实现
# result = SendToDD(info, title)
# logger.info(result)
time.sleep(15)
def send_job_RSS(time_1):
Doonsec_switch, Doonsec = get_keywords_config('Doonsec')
uni_switch, Unity = get_keywords_config('Unity')
# Seebug数据获取分发
seebug_main()
seebug_results = Src_seebug(time_1)
if seebug_results != False:
result_seebug_long, result_seebug_short = seebug_results
check_avaliable(result_seebug_long, result_seebug_short, "Seebug社区资讯")
else:
logger.info("Seebug数据为空跳过执行。")
# 安全客数据获取分发
anquanke_main()
anquanke_results = Src_anquanke(time_1)
if anquanke_results != False:
result_anquanke_long, result_anquanke_short = anquanke_results
check_avaliable(result_anquanke_long, result_anquanke_short, "安全客资讯")
else:
logger.info("安全客数据为空,跳过执行。")
# 华为数据获取分发
huawei_main()
# 奇安信数据获取分发
qianxin_main()
qianxin_results = Src_qianxin(time_1)
if qianxin_results != False:
result_qianxin_long, result_qianxin_short = qianxin_results
check_avaliable(result_qianxin_long, result_qianxin_short, "奇安信攻防社区资讯")
else:
logger.info("奇安信数据为空,跳过执行。")
# FreeBuf数据获取分发
freebuf_main()
freebuf_results = Src_freebuf(time_1)
if freebuf_results != False:
result_freebuf_long, result_freebuf_short = freebuf_results
check_avaliable(result_freebuf_long, result_freebuf_short, "FreeBuf资讯")
else:
logger.info("FreeBuf数据为空跳过执行。")
# 先知数据获取分发
xianzhi_main()
xianzhi_results = Src_xianzhi(time_1)
if xianzhi_results != False:
result_xianzhi_long, result_xianzhi_short = xianzhi_results
check_avaliable(result_xianzhi_long, result_xianzhi_short, "先知社区资讯")
else:
logger.info("先知数据为空,跳过执行。")
# 4hou数据获取分发
M_4hou_main()
M_4hou_results = Src_4hou(time_1)
if M_4hou_results != False:
result_4hou_long, result_4hou_short = M_4hou_results
check_avaliable(result_4hou_long, result_4hou_short, "嘶吼资讯")
else:
logger.info("嘶吼数据为空,跳过执行。")
# 洞见微信安全数据获取分发
doonsec_main()
doonsec_results = Src_doonsec(Doonsec_switch, Doonsec)
if doonsec_results != False:
result_doonsec_long, result_doonsec_short = doonsec_results
check_avaliable(result_doonsec_long, result_doonsec_short, "洞见微信安全资讯")
else:
logger.info("洞见微信安全数据为空,跳过执行。")
# 聚合RSS数据获取分发
uni_spider()
rss_results = Src_uni_rss(uni_switch, Unity)
if rss_results != False:
result_rss_long, result_rss_short = rss_results
check_avaliable(result_rss_long, result_rss_short, "聚合RSS资讯")
else:
logger.info("聚合RSS数据为空跳过执行。")
def send_job_SX():
Sogou_WX = get_keywords_config('Sogou-WX')
sougou_wx_main(Sogou_WX)
results = Src_sougou_wx()
if results != False:
result_sx_long, result_sx_short = results
check_avaliable(result_sx_long, result_sx_short, "微信公众号关键词相关内容")
else:
logger.info("微信公众号数据为空,跳过执行。")
def send_job_github(time_1):
keyword_list, tool_list, user_list, black_words = load_github_config()
github_main(keyword_list, tool_list, user_list, black_words)
results = Src_github(time_1)
# 解构返回的结果
result_github_1_long, result_github_1_short = results[0]
result_github_2_long, result_github_2_short = results[1]
result_github_3_long, result_github_3_short = results[2]
result_github_4_long, result_github_4_short = results[3]
# 检查并处理结果
check_avaliable(result_github_1_long, result_github_1_short, "Github项目监控-关键词监控")
check_avaliable(result_github_2_long, result_github_2_short, "Github项目监控-项目更新情况")
check_avaliable(result_github_3_long, result_github_3_short, "Github项目监控-大佬工具")
check_avaliable(result_github_4_long, result_github_4_short, "Github项目监控-项目版本发布监测")
def send_job_baidu():
Baidu = get_keywords_config('Baidu')
baidu_main(Baidu)
results = Src_baidu()
if results != False:
result_baidu_long, result_baidu_short = results
check_avaliable(result_baidu_long, result_baidu_short, "百度搜索关键词相关内容")
else:
logger.info("百度搜索数据为空,跳过执行。")
# 探测rss源状态 # 探测rss源状态
def check_rss_status(url): def check_rss_status(url):
@ -238,109 +202,36 @@ def test_rss_source():
return rss_info return rss_info
def main_job(e_hour): if __name__ == "__main__":
logger.info(f"发送程序启动,当前时间为:{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}") print("程序正在运行当中。")
logger.info("正在启动各爬虫并获取资源中...") time.sleep(5) # 添加短暂的延迟
if 0 in choice: rss_info = test_rss_source()
send_job_RSS(e_hour)
if 1 in choice:
send_job_SX()
if 2 in choice:
send_job_github(e_hour)
if 3 in choice:
send_job_baidu()
logger.info("单次运行结束,等待下一次运行...")
def main_loop(time_choice):
if time_choice == 1:
while True:
try:
# 执行任务
main_job(e_hour)
time.sleep(e_hour * 60 * 60 - 3 * 60)
except Exception as e:
logger.error(f"发生错误: {e}, 程序已暂停")
# result = SendToFeishu(f"发生错误: {e}, 程序已退出", "报错信息")
# logger.info(result)
exit()
elif time_choice == 0:
# 设置每天的特定时间点执行job函数
schedule.every().day.at("09:00").do(main_job, 12)
schedule.every().day.at("12:00").do(main_job, 3)
schedule.every().day.at("15:00").do(main_job, 3)
schedule.every().day.at("18:00").do(main_job, 3)
schedule.every().day.at("21:00").do(main_job, 3)
while True:
schedule.run_pending()
time.sleep(60) # 每分钟检查一次是否有任务需要执行
def send_first_message():
start_info = "" start_info = ""
start_info += "程序已启动,当前时间为:" + datetime.now().strftime("%Y-%m-%d %H:%M:%S") + "\n" start_info += "程序已启动,当前时间为:" + datetime.now().strftime("%Y-%m-%d %H:%M:%S") + "\n"
start_info += "程序作者MasonLiu \t 开源地址:[GM-gitea](https://git.masonliu.com/MasonLiu/PyBot)" + "\n" start_info += "程序作者MasonLiu \t 开源地址:[GM-gitea](https://git.masonliu.com/MasonLiu/PyBot)" + "\n"
if time_choice == 1: if choice == 1:
start_info += "时间配置:每隔" + str(e_hour) + "小时执行一次推送\n" start_info += "时间配置:每隔" + str(e_hour) + "小时执行一次推送\n"
elif time_choice == 0: else:
start_info += "时间配置:每天固定时间点执行推送\n" start_info += "时间配置:每天固定时间点执行推送\n"
start_info += "开启状态:\n"
if 0 in choice:
start_info += "RSS源监测\n"
if 1 in choice:
# start_info += "搜狗-微信公众号监测\n"
Sogou_WX = get_keywords_config('Sogou-WX')
start_info += f"微信公众号监测关键词:{Sogou_WX}\n"
if 2 in choice:
# start_info += "Github项目监测\n"
with open('./config/github_config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file)
tool_list = config['tool_list']
start_info += f"Github监控项目{tool_list}\n"
keyword_list = config['keyword_list']
start_info += f"Github监控关键词{keyword_list}\n"
user_list = config['user_list']
start_info += f"Github监控用户{user_list}\n"
if 3 in choice:
# start_info += "百度搜索关键词内容监测\n"
Baidu = get_keywords_config('Baidu')
start_info += f"百度搜索关键词:{Baidu}\n"
if fs_activate == "True": if fs_activate == "True":
result = SendToFeishu(start_info, "程序信息", webhook_url_once, timestamp_once, sign_once) result = SendToFeishu(start_info, "程序信息", webhook_url_once, timestamp_once, sign_once)
logger.info(result) logger.info(result)
send_result = SendToFeishu(f"[点此访问]({url_web})网站以查看全部文章。", "首次运行提醒", webhook_url_once, timestamp_once, sign_once) result = SendToFeishu(rss_info, "RSS源状态", webhook_url_once, timestamp_once, sign_once)
logger.info(send_result) # logger.info(rss_info)
logger.info(result)
else:
pass
if wx_activate == "True": if wx_activate == "True":
result = SendToWX(start_info, "程序信息") result = SendToWX(start_info, "程序信息")
logger.info(result) logger.info(result)
send_result = SendToWX(f"[点此访问]({url_web})网站以查看全部文章,若未开启网站请忽略本条消息。", "首次运行提醒") result = SendToWX(rss_info, "RSS源状态")
logger.info(send_result) # logger.info(rss_info)
logger.info(result)
if 0 in choice: else:
rss_info = test_rss_source() pass
if fs_activate == "True":
result = SendToFeishu(rss_info, "RSS源状态", webhook_url_once, timestamp_once, sign_once)
# logger.info(rss_info)
logger.info(result)
else:
pass
if wx_activate == "True":
result = SendToWX(rss_info, "RSS源状态")
# logger.info(rss_info)
logger.info(result)
else:
pass
if __name__ == "__main__":
logger.info("程序正在运行当中。")
time.sleep(5) # 添加短暂的延迟
# 首次运行先暂停两分钟 # 首次运行先暂停两分钟
# time.sleep(2 * 60) # time.sleep(2 * 60)
# 主程序 # 主程序
# send_first_message() main_loop(choice)
main_loop(time_choice)

188
Dev_test.py
View File

@ -1,186 +1,10 @@
# -*- coding: utf-8 -*-
"""
@Author: MasonLiu
@Description: 本程序可以爬取各安全资讯源并发送到飞书群组
"""
from math import log
import schedule
import os
import signal
import sys
import time
import yaml
import requests
from datetime import datetime, timedelta
from SendCore.FeishuSendBot import SendToFeishu, gen_sign from SendCore.FeishuSendBot import SendToFeishu, gen_sign
from SendCore.QiweiSendBot import SendToWX
from spider.common import run, seebug_main, M_4hou_main, anquanke_main, sec_wiki_main, huawei_main, doonsec_main, qianxin_main
from spider.freebuf import freebuf_main
from spider.xianzhi import xianzhi_main
from spider.sougou_wx import sougou_wx_main
from spider.github import github_main, load_github_config
from spider.baidu import baidu_main
from spider.uni import uni_spider
from GotoSend.M_4hou import Src_4hou
from GotoSend.anquanke import Src_anquanke
from GotoSend.doonsec import Src_doonsec
from GotoSend.xianzhi import Src_xianzhi
from GotoSend.freebuf import Src_freebuf
from GotoSend.qianxin import Src_qianxin
from GotoSend.seebug import Src_seebug
from GotoSend.sougou_wx import Src_sougou_wx
from GotoSend.github import Src_github
from GotoSend.baidu import Src_baidu
from GotoSend.uni_rss import Src_uni_rss
from config.check_config import get_core_config, get_debug_config, get_keywords_config
from loguru import logger
# 清除所有已有的日志记录器配置 webhook_url, timestamp, sign = gen_sign()
logger.remove()
logger.add("./resources/log/core.log", # 测试用消息体
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}", test_msg = {
rotation="100 MB", "请单件文档查看昨天讨论的方案相关飞书文档,注意作者为 <font color=red> **张三** <font> 版本为 \n*002* ,版本 ~~001~~ 已经删除。文件地址是 [https://www.feishu.cn](https://www.feishu.cn),打开次数:1次"
compression="zip", }
encoding="utf-8")
# shell终端打印日志
debug = get_debug_config()
if debug == "True":
logger.add(lambda msg: print(msg),
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}")
def signal_handler(sig, frame): SendToFeishu(test_msg, "先知社区资讯递送", webhook_url, timestamp, sign)
logger.info("接收到退出信号,程序即将退出...")
sys.exit(0)
# 全局变量
signal.signal(signal.SIGINT, signal_handler) # Ctrl+C
signal.signal(signal.SIGTERM, signal_handler) # kill命令
webhook_url_once, timestamp_once, sign_once = gen_sign()
e_hour, time_choice, choice, fs_activate, wx_activate, ding_activate, lx_activate, url_web = get_core_config()
def check_avaliable(info_long, info_short, title):
if info_long: # 发送完整文章相关内容
if fs_activate == "True":
# logger.info(f"{title} 递送中(飞书):")
# webhook_url, timestamp, sign = gen_sign()
# result = SendToFeishu(info_long, title, webhook_url, timestamp, sign)
# logger.info(result)
time.sleep(15)
if info_short: # 发送精简文章相关内容
# 企业微信相关
if wx_activate == "True":
# logger.info(f"{title} 递送中(企业微信):")
for info in info_short:
result = SendToWX(info, title)
logger.info(result)
time.sleep(15)
# 钉钉相关
if ding_activate == "True":
# logger.info(f"{title} 递送中(钉钉):")
# for info in info_short: # 开发中,暂未实现
# result = SendToDD(info, title)
# logger.info(result)
time.sleep(15)
def send_job_RSS(time_1):
uni_switch, Unity = get_keywords_config('Unity')
# 聚合RSS数据获取分发
# uni_spider()
rss_results = Src_uni_rss(uni_switch, Unity)
if rss_results != False:
result_rss_long, result_rss_short = rss_results
check_avaliable(result_rss_long, result_rss_short, "聚合RSS资讯")
else:
logger.info("聚合RSS数据为空跳过执行。")
def send_job_SX():
Sogou_WX = get_keywords_config('Sogou-WX')
# sougou_wx_main(Sogou_WX)
results = Src_sougou_wx()
if results != False:
logger.info("微信公众号数据获取完成")
else:
logger.info("微信公众号数据为空,跳过执行。")
def send_job_github(time_1):
keyword_list, tool_list, user_list, black_words = load_github_config()
# github_main(keyword_list, tool_list, user_list, black_words)
results = Src_github(time_1)
# 解构返回的结果
result_github_1_long, result_github_1_short = results[0]
result_github_2_long, result_github_2_short = results[1]
result_github_3_long, result_github_3_short = results[2]
result_github_4_long, result_github_4_short = results[3]
def send_job_baidu():
Baidu = get_keywords_config('Baidu')
# baidu_main(Baidu)
results = Src_baidu()
if results != False:
logger.info("百度搜索已完成")
else:
logger.info("百度搜索数据为空,跳过执行。")
def main_job(e_hour):
logger.info(f"发送程序启动,当前时间为:{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}")
logger.info("正在启动各爬虫并获取资源中...")
if 0 in choice:
send_job_RSS(e_hour)
if 1 in choice:
send_job_SX()
if 2 in choice:
send_job_github(e_hour)
if 3 in choice:
send_job_baidu()
logger.info("单次运行结束,等待下一次运行...")
def main_loop(time_choice):
if time_choice == 1:
while True:
try:
# 执行任务
main_job(e_hour)
time.sleep(e_hour * 60 * 60 - 3 * 60)
except Exception as e:
logger.error(f"发生错误: {e}, 程序已暂停")
# result = SendToFeishu(f"发生错误: {e}, 程序已退出", "报错信息")
# logger.info(result)
exit()
elif time_choice == 0:
# 设置每天的特定时间点执行job函数
schedule.every().day.at("09:00").do(main_job, 12)
schedule.every().day.at("12:00").do(main_job, 3)
schedule.every().day.at("15:00").do(main_job, 3)
schedule.every().day.at("18:00").do(main_job, 3)
schedule.every().day.at("21:00").do(main_job, 3)
while True:
schedule.run_pending()
time.sleep(60) # 每分钟检查一次是否有任务需要执行
if __name__ == "__main__":
logger.info("程序正在运行当中。")
# time.sleep(5) # 添加短暂的延迟
# 首次运行先暂停两分钟
# time.sleep(2 * 60)
send_job_RSS(2400)
# send_job_baidu()
# send_job_github(2400)
# send_job_SX()

135
GotoSend/M_4hou.py
View File

@ -6,7 +6,7 @@ import os
from datetime import datetime, timedelta from datetime import datetime, timedelta
def create_database(): def create_database():
conn = sqlite3.connect('./resources/db/4hou.db') conn = sqlite3.connect('./db/4hou.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles ( cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -20,7 +20,7 @@ def create_database():
conn.close() conn.close()
def insert_data(data): def insert_data(data):
conn = sqlite3.connect('./resources/db/4hou.db') conn = sqlite3.connect('./db/4hou.db')
cursor = conn.cursor() cursor = conn.cursor()
for entry in data: for entry in data:
try: try:
@ -41,16 +41,12 @@ def insert_data(data):
def get_4hou_json(): def get_4hou_json():
# 检查文件是否存在 # 检查文件是否存在
if not os.path.exists('./resources/JSON/4hou.json'): if not os.path.exists('./JSON/4hou.json'):
raise FileNotFoundError(f"4hou.json文件不存在请检查程序是否运行正常") raise FileNotFoundError(f"4hou.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件 # 打开并读取JSON文件
with open('./resources/JSON/4hou.json', 'r', encoding='utf-8') as file: with open('./JSON/4hou.json', 'r', encoding='utf-8') as file:
content = file.read() data = json.load(file)
if not content:
pass
else:
data = json.loads(content)
# 假设data是一个包含多个JSON对象的列表 # 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list): if not isinstance(data, list):
@ -72,7 +68,7 @@ def get_4hou_json():
return total_data return total_data
def select_articles(e_hour): def select_articles(e_hour):
conn = sqlite3.connect('./resources/db/4hou.db') conn = sqlite3.connect('./db/4hou.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
@ -91,79 +87,50 @@ def select_articles(e_hour):
return results return results
def clear_table(): def clear_table():
conn = sqlite3.connect('./resources/db/4hou.db') conn = sqlite3.connect('./db/4hou.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('DELETE FROM articles') cursor.execute('DELETE FROM articles')
conn.commit() conn.commit()
conn.close() conn.close()
def record(title, link, author, upload_time, description=None, source=None, category=None): def record_md(result, filename="./history/sec_news.md"):
db_path = './resources/db/web.db' # 读取现有内容
conn = sqlite3.connect(db_path) if os.path.exists(filename):
cursor = conn.cursor() with open(filename, 'r', encoding='utf-8') as file:
existing_content = file.read()
else:
existing_content = ""
# 创建表(如果不存在) # 将新内容插入到现有内容的开头
cursor.execute('''CREATE TABLE IF NOT EXISTS sec_news ( new_content = result + existing_content
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
author TEXT,
description TEXT,
source TEXT,
upload_time DATETIME,
category TEXT
)''')
# 插入数据
cursor.execute('''
INSERT INTO sec_news (article_title, link, author, description, source, upload_time, category)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (title, link, author, description, source, upload_time, category))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
short_results = []
# 写回文件
with open(filename, 'w', encoding='utf-8') as file:
file.write(new_content)
def get_filtered_articles(entries, Is_short):
result = ""
record = ""
for entry in entries: for entry in entries:
# 构建长文本结果 if Is_short == False:
result_long += f"文章:[{entry[1]}]({entry[2]})\n作者:{entry[5]}\n" result += f"作者:{entry[5]}\n文章:{entry[1]}\n"
result_long += f"上传时间:{entry[4]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[4]}\n"
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
if Is_short == True:
result += f"文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[4]}\n"
result += "\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理 record += f"#### 文章:{entry[1]}\n"
current_entry = ( record += f"**作者**{entry[5]}\n"
f"文章:[{entry[1]}]({entry[2]})\n" record += f"**链接**{entry[2]}\n"
f"链接:{entry[2]}\n上传时间:{entry[4]}\n" record += f"**上传时间**{entry[4]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章 record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
) record_md(record)
temp_result = result_short + current_entry return result
if len(temp_result.encode('utf-8')) > 4096:
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(
title=entry[1],
link=entry[2],
author=entry[5],
upload_time=entry[4],
description=None,
source="嘶吼"
)
# 处理最后一个结果 def Src_4hou(e_hour, Is_short):
if result_short: if not os.path.exists('./db/4hou.db'):
short_results.append(result_short)
return result_long, short_results
def Src_4hou(e_hour):
if not os.path.exists('./resources/db/4hou.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
@ -181,27 +148,17 @@ def Src_4hou(e_hour):
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles, Is_short)
return result_long, short_results return results
else: else:
return False return ""
if __name__ == "__main__": if __name__ == "__main__":
results = Src_4hou(4) reslts = Src_4hou(4, False)
if results != False: if reslts != "":
result_long, short_results = results print(reslts)
# 打印长文本结果
print("长文本结果:")
print(result_long)
print("\n" + "-" * 40 + "\n")
# 打印分块的短文本结果
print("分块的短文本结果:")
for short_result in short_results:
print(short_result)
print("\n" + "-" * 40 + "\n")
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
print("-" * 40) print("-" * 40)
print("嘶吼数据为空,跳过执行。") print("嘶吼数据为空,跳过执行。")

BIN
GotoSend/__pycache__/M_4hou.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/anquanke.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/baidu.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/doonsec.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/freebuf.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/github.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/qianxin.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/seebug.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/sougou_wx.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/uni_rss.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/xianzhi.cpython-312.pyc
View File

Binary file not shown.

142
GotoSend/anquanke.py
View File

@ -7,7 +7,7 @@ from datetime import datetime, timedelta
def create_database(): def create_database():
conn = sqlite3.connect('./resources/db/anquanke.db') conn = sqlite3.connect('./db/anquanke.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles ( cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -22,7 +22,7 @@ def create_database():
conn.close() conn.close()
def insert_data(data): def insert_data(data):
conn = sqlite3.connect('./resources/db/anquanke.db') conn = sqlite3.connect('./db/anquanke.db')
cursor = conn.cursor() cursor = conn.cursor()
for entry in data: for entry in data:
cursor.execute(''' cursor.execute('''
@ -34,18 +34,12 @@ def insert_data(data):
def get_anquanke_json(): def get_anquanke_json():
# 检查文件是否存在 # 检查文件是否存在
if not os.path.exists('./resources/JSON/anquanke.json'): if not os.path.exists('./JSON/anquanke.json'):
data = [] raise FileNotFoundError(f"anquanke.json文件不存在请检查程序是否运行正常")
# logger.error(f"anquanke.json文件不存在请检查爬虫程序是否运行正常")
print(f"anquanke.json文件不存在请检查爬虫程序是否运行正常") # 打开并读取JSON文件
else: with open('./JSON/anquanke.json', 'r', encoding='utf-8') as file:
# 打开并读取JSON文件 data = json.load(file)
with open('./resources/JSON/anquanke.json', 'r', encoding='utf-8') as file:
content = file.read()
if not content:
pass
else:
data = json.loads(content)
# 假设data是一个包含多个JSON对象的列表 # 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list): if not isinstance(data, list):
@ -68,7 +62,7 @@ def get_anquanke_json():
return total_data return total_data
def select_articles(e_hour): def select_articles(e_hour):
conn = sqlite3.connect('./resources/db/anquanke.db') conn = sqlite3.connect('./db/anquanke.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
@ -87,81 +81,52 @@ def select_articles(e_hour):
return results return results
def clear_table(): def clear_table():
conn = sqlite3.connect('./resources/db/anquanke.db') conn = sqlite3.connect('./db/anquanke.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('DELETE FROM articles') cursor.execute('DELETE FROM articles')
conn.commit() conn.commit()
conn.close() conn.close()
def record_md(result, filename="./history/sec_news.md"):
# 读取现有内容
if os.path.exists(filename):
with open(filename, 'r', encoding='utf-8') as file:
existing_content = file.read()
else:
existing_content = ""
def record(title, link, author, upload_time, description=None, source=None, category=None): # 将新内容插入到现有内容的开头
db_path = './resources/db/web.db' new_content = result + existing_content
conn = sqlite3.connect(db_path)
cursor = conn.cursor()
# 创建表(如果不存在) # 写回文件
cursor.execute('''CREATE TABLE IF NOT EXISTS sec_news ( with open(filename, 'w', encoding='utf-8') as file:
id INTEGER PRIMARY KEY AUTOINCREMENT, file.write(new_content)
article_title TEXT,
link TEXT,
author TEXT,
description TEXT,
source TEXT,
upload_time DATETIME,
category TEXT
)''')
# 插入数据
cursor.execute('''
INSERT INTO sec_news (article_title, link, author, description, source, upload_time, category)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (title, link, author, description, source, upload_time, category))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
# record = ""
short_results = []
def get_filtered_articles(entries, Is_short):
result = ""
record = ""
for entry in entries: for entry in entries:
# 构建长文本结果 if Is_short == False:
result_long += f"文章:[{entry[1]}]({entry[2]})\n作者:{entry[6]}\n来源:{entry[3]}\n" result += f"作者:{entry[6]}\n来源:{entry[3]}\n文章:{entry[1]}\n"
result_long += f"上传时间:{entry[5]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n"
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
elif Is_short == True:
result += f"文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n"
result += "\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理 record += f"#### 文章:{entry[1]}\n"
current_entry = ( record += f"**作者**{entry[6]}\n"
f"文章:[{entry[1]}]({entry[2]})\n" record += f"**来源**{entry[3]}\n"
f"上传时间:{entry[5]}\n" record += f"**链接**{entry[2]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章 record += f"**上传时间**{entry[5]}\n"
) record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
temp_result = result_short + current_entry record_md(record)
if len(temp_result.encode('utf-8')) > 4096: return result
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(
title=entry[1],
link=entry[2],
author=entry[6],
source="安全客",
upload_time=entry[5]
)
# 处理最后一个结果
if result_short:
short_results.append(result_short)
return result_long, short_results def Src_anquanke(e_hour, Is_short):
if not os.path.exists('./db/anquanke.db'):
def Src_anquanke(e_hour):
if not os.path.exists('./resources/db/anquanke.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
@ -179,26 +144,15 @@ def Src_anquanke(e_hour):
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles, Is_short)
return result_long, short_results return results
else: else:
return False return False
if __name__ == "__main__": if __name__ == "__main__":
results = Src_anquanke(4) reslts = Src_anquanke(4, False)
if results != False: if reslts != False:
result_long, short_results = results print(reslts)
# 打印长文本结果
print("长文本结果:")
print(result_long)
print("\n" + "-" * 40 + "\n")
# 打印分块的短文本结果
print("分块的短文本结果:")
for short_result in short_results:
print(short_result)
print("\n" + "-" * 40 + "\n")
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
print("-" * 40) print("-" * 40)

232
GotoSend/baidu.py
View File

@ -1,232 +0,0 @@
import os
import json
import sqlite3
from datetime import datetime, timedelta
def clear_table():
conn = sqlite3.connect('./resources/db/baidu.db')
cursor = conn.cursor()
cursor.execute('DELETE FROM articles')
conn.commit()
conn.close()
def create_database():
conn = sqlite3.connect('./resources/db/baidu.db')
cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT,
link TEXT,
description TEXT,
pubDate DATETIME,
author TEXT,
keyword TEXT,
is_sended BOOLEAN
)''')
conn.commit()
conn.close()
def insert_data(data):
conn = sqlite3.connect('./resources/db/baidu.db')
cursor = conn.cursor()
for entry in data:
# 检查是否存在相同 title 的记录
cursor.execute('''
SELECT 1 FROM articles WHERE title = ? AND author = ?
''', (entry['title'], entry['author']))
if cursor.fetchone() is None:
# 如果没有找到相同记录,则插入新记录
cursor.execute('''
INSERT INTO articles (title, link, description, pubDate, author, keyword)
VALUES (?, ?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['description'], entry['pubDate'], entry['author'], entry['keyword']))
conn.commit()
conn.close()
def get_json():
# 检查文件是否存在
if not os.path.exists('./resources/JSON/baidu.json'):
data = []
# logger.error("baidu.json文件不存在请检查程序是否运行正常")
else:
# 打开并读取JSON文件
with open('./resources/JSON/baidu.json', 'r', encoding='utf-8') as file:
content = file.read()
if not content:
pass
else:
data = json.loads(content)
# 假设data是一个包含多个关键词的字典
total_data = []
for keyword, keyword_data in data.items():
# 检查关键词对应的数据是否为列表
if not isinstance(keyword_data, list):
raise ValueError(f"关键词 {keyword} 对应的数据格式错误,请检查爬取程序是否异常!")
# 提取所需字段并编号
for index, item in enumerate(keyword_data, start=1):
entry = {
"id": index,
"title": item.get("title", ""),
"link": item.get("link", ""),
"description": item.get("description", ""),
"pubDate": item.get("pubDate", ""),
"author": item.get("author", ""),
"keyword": keyword
}
total_data.append(entry)
return total_data
def select_articles():
conn = sqlite3.connect('./resources/db/baidu.db')
cursor = conn.cursor()
# 获取当前日期和时间
now = datetime.now()
two_months_ago = now - timedelta(days=60) # 假设两个月大约60天
try:
# 查询最近且未被标记为True的消息且发布时间不超过两个月
cursor.execute('''
SELECT * FROM articles
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
ORDER BY pubDate DESC
''', (two_months_ago.strftime('%Y-%m-%d'), now.strftime('%Y-%m-%d')))
# 查询最近且未被标记为True的消息
# cursor.execute('''
# SELECT * FROM articles
# WHERE is_sended IS NULL
# ORDER BY pubDate DESC
# ''')
results = cursor.fetchall()
# print(results)
if results:
for row in results:
article_id = row[0]
cursor.execute('''
UPDATE articles
SET is_sended = True
WHERE id = ?
''', (article_id,))
conn.commit() # 提交事务
except Exception as e:
conn.rollback() # 回滚事务
print(f"Error: {e}")
finally:
cursor.close()
conn.close()
return results
def record(title, link, description, upload_time, source=None, keyword=None):
db_path = './resources/db/web.db'
conn = sqlite3.connect(db_path)
cursor = conn.cursor()
# 创建表(如果不存在)
cursor.execute('''CREATE TABLE IF NOT EXISTS baidu (
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
description TEXT,
source TEXT,
upload_time DATETIME,
keyword TEXT
)''')
# 插入数据
cursor.execute('''
INSERT INTO baidu (article_title, link, description, source, upload_time, keyword)
VALUES (?, ?, ?, ?, ?, ?)
''', (title, link, description, source, upload_time, keyword))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
short_results = []
for entry in entries:
# 构建长文本结果
result_long += f"文章:[{entry[1]}]({entry[2]})\n描述:{entry[3]}\n"
result_long += f"发布时间:{entry[4]}\n"
result_long += f"来源:{entry[5]}\n"
result_long += f"关键词:{entry[6]}\n"
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理
current_entry = (
f"文章:[{entry[1]}]({entry[2]})\n"
f"关键词:{entry[6]}\n"
f"上传时间:{entry[4]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
)
temp_result = result_short + current_entry
if len(temp_result.encode('utf-8')) > 4096:
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(entry[1], entry[2], entry[3], entry[4], entry[5], entry[6])
# 处理最后一个结果
if result_short:
short_results.append(result_short)
return result_long, short_results
def Src_baidu():
if not os.path.exists('./resources/db/baidu.db'):
# 创建数据库和表
create_database()
# 清空表
# clear_table()
# 获取 JSON 数据
baidu_data = get_json()
# 插入数据到数据库
insert_data(baidu_data)
# 查询指定时间段内的数据
filtered_articles = select_articles()
# print(filtered_articles)
if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles)
return result_long, short_results
else:
return False
if __name__ == "__main__":
results = Src_baidu()
if results != False:
result_long, short_results = results
# 打印长文本结果
print("长文本结果:")
print(result_long)
print("\n" + "-" * 40 + "\n")
# 打印分块的短文本结果
print("分块的短文本结果:")
for short_result in short_results:
print(short_result)
print("\n" + "-" * 40 + "\n")
else:
# 如果为空,则跳过执行
print("-" * 40)
print("百度数据为空,跳过执行。")

207
GotoSend/doonsec.py
View File

@ -7,7 +7,7 @@ from datetime import datetime, timedelta
def create_database(): def create_database():
conn = sqlite3.connect('./resources/db/doonsec.db') conn = sqlite3.connect('./db/doonsec.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles ( cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -15,14 +15,13 @@ def create_database():
link TEXT, link TEXT,
description TEXT, description TEXT,
pubDate DATETIME, pubDate DATETIME,
author TEXT, author TEXT
is_sended BOOLEAN
)''') )''')
conn.commit() conn.commit()
conn.close() conn.close()
def insert_data(data): def insert_data(data):
conn = sqlite3.connect('./resources/db/doonsec.db') conn = sqlite3.connect('./db/doonsec.db')
cursor = conn.cursor() cursor = conn.cursor()
for entry in data: for entry in data:
try: try:
@ -35,30 +34,20 @@ def insert_data(data):
formatted_pub_date = entry['pubDate'] formatted_pub_date = entry['pubDate']
cursor.execute(''' cursor.execute('''
SELECT 1 FROM articles WHERE title = ? AND author = ? INSERT INTO articles (title, link, description, pubDate, author)
''', (entry['title'], entry['author'])) VALUES (?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['description'], formatted_pub_date, entry['author']))
if cursor.fetchone() is None:
cursor.execute('''
INSERT INTO articles (title, link, description, pubDate, author)
VALUES (?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['description'], formatted_pub_date, entry['author']))
conn.commit() conn.commit()
conn.close() conn.close()
def get_doonsec_json(): def get_doonsec_json():
# 检查文件是否存在 # 检查文件是否存在
if not os.path.exists('./resources/JSON/doonsec.json'): if not os.path.exists('./JSON/doonsec.json'):
raise FileNotFoundError(f"doonsec.json文件不存在请检查程序是否运行正常") raise FileNotFoundError(f"doonsec.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件 # 打开并读取JSON文件
with open('./resources/JSON/doonsec.json', 'r', encoding='utf-8') as file: with open('./JSON/doonsec.json', 'r', encoding='utf-8') as file:
content = file.read() data = json.load(file)
if not content:
pass
else:
# print(content)
data = json.loads(content)
# 假设data是一个包含多个JSON对象的列表 # 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list): if not isinstance(data, list):
@ -79,171 +68,99 @@ def get_doonsec_json():
return total_data return total_data
def select_articles(Doonsec_switch, Doonsec): def select_articles(e_hour):
conn = sqlite3.connect('./resources/db/doonsec.db') conn = sqlite3.connect('./db/doonsec.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
now = datetime.now() now = datetime.now()
two_days_ago = now - timedelta(days=2) start_time = now - timedelta(hours=e_hour)
end_time = now
if Doonsec_switch == False: # 查询指定时间段内的数据
# 查询指定时间段内的数据 cursor.execute('''
cursor.execute(''' SELECT * FROM articles
SELECT * FROM articles WHERE pubDate BETWEEN ? AND ?
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ? ''', (start_time.strftime('%Y-%m-%d %H:%M:%S'), end_time.strftime('%Y-%m-%d %H:%M:%S')))
ORDER BY pubDate DESC
''', (two_days_ago.strftime('%Y-%m-%d %H:%M:%S'), now.strftime('%Y-%m-%d %H:%M:%S')))
elif Doonsec_switch == True:
# 查询指定时间段内且title包含特定关键词的数据
like_conditions = ' OR '.join([f"title LIKE ?"] * len(Doonsec))
# 完整的查询语句
query = f'''
SELECT * FROM articles
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
AND ({like_conditions})
ORDER BY pubDate DESC
'''
# 构建参数列表
params = [
two_days_ago.strftime('%Y-%m-%d %H:%M:%S'),
now.strftime('%Y-%m-%d %H:%M:%S')
] + [f'%{keyword}%' for keyword in Doonsec]
# 执行查询
cursor.execute(query, params)
results = cursor.fetchall() results = cursor.fetchall()
if results:
for row in results:
user_id = row[0]
cursor.execute('''
UPDATE articles
SET is_sended = True
WHERE id = ?
''', (user_id,))
conn.commit() # 提交事务
conn.close() conn.close()
return results return results
def clear_table(): def clear_table():
conn = sqlite3.connect('./resources/db/doonsec.db') conn = sqlite3.connect('./db/doonsec.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('DELETE FROM articles') cursor.execute('DELETE FROM articles')
conn.commit() conn.commit()
conn.close() conn.close()
def record(title=None, link=None, author=None, upload_time=None, description=None, category=None, source=None): def record_md(result, filename="./history/tech_passage.md"):
db_path = './resources/db/web.db' # 读取现有内容
conn = sqlite3.connect(db_path) if os.path.exists(filename):
cursor = conn.cursor() with open(filename, 'r', encoding='utf-8') as file:
existing_content = file.read()
else:
existing_content = ""
# 创建表(如果不存在) # 将新内容插入到现有内容的开头
cursor.execute('''CREATE TABLE IF NOT EXISTS tech_passage ( new_content = result + existing_content
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
author TEXT,
description TEXT,
upload_time DATETIME,
category TEXT,
source TEXT
)''')
# 插入数据 # 写回文件
cursor.execute(''' with open(filename, 'w', encoding='utf-8') as file:
INSERT INTO tech_passage (article_title, link, author, description, upload_time, category, source) file.write(new_content)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (title, link, author, description, upload_time, category, source))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
short_results = []
def get_filtered_articles(entries, Is_short):
result = ""
record = ""
for entry in entries: for entry in entries:
# 构建长文本结果 if Is_short == False:
result_long += f"文章:[{entry[1]}]({entry[2]})\n" result += f"作者:{entry[5]}\n文章:{entry[1]}\n"
result_long += f"作者:{entry[5]}\n" result += f"链接:[点此访问]({entry[2]})\n上传时间:{entry[4]}\n"
result_long += f"上传时间:{entry[4]}\n" result += f"简介:{entry[3]}\n"
result_long += f"简介:{entry[3]}\n" result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 if Is_short == True:
result += f"文章:{entry[1]}\n"
result += f"链接:[点此访问]({entry[2]})\n上传时间:{entry[4]}\n"
result += "\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理 record += f"#### 文章:{entry[1]}\n"
current_entry = ( record += f"**作者**{entry[5]}\n"
f"文章:[{entry[1]}]({entry[2]})\n" record += f"**链接**[点此访问]({entry[2]})\n"
f"上传时间:{entry[4]}\n" record += f"**上传时间**{entry[4]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章 record += f"**简介**{entry[3]}\n"
) record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
temp_result = result_short + current_entry record_md(record)
if len(temp_result.encode('utf-8')) > 4096: return result
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(
title=entry[1],
link=entry[2],
author=entry[5],
upload_time=entry[4],
description=entry[3],
source="洞见微信安全"
)
# 处理最后一个结果
if result_short:
short_results.append(result_short)
return result_long, short_results
def Src_doonsec(Doonsec_switch, Doonsec): def Src_doonsec(e_hour, Is_short):
if not os.path.exists('./resources/db/doonsec.db'): if not os.path.exists('./db/doonsec.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
# 清空表 # 清空表
# clear_table() clear_table()
# 获取 JSON 数据 # 获取 JSON 数据
doonsec_data = get_doonsec_json() M_doonsec_data = get_doonsec_json()
# 插入数据到数据库 # 插入数据到数据库
insert_data(doonsec_data) insert_data(M_doonsec_data)
# 查询指定时间段内的数据 # 查询指定时间段内的数据
filtered_articles = select_articles(Doonsec_switch, Doonsec) filtered_articles = select_articles(e_hour)
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles, Is_short)
return result_long, short_results return results
else: else:
return False return False
if __name__ == "__main__": if __name__ == "__main__":
results = Src_doonsec(False, ["webshell", "2000", "POC", "SQL", "XSS", "CSRF", "漏洞"]) reslts = Src_doonsec(4, False)
if results != False: if reslts != False:
result_long, short_results = results print(reslts)
# 写入长文本结果
with open("./1.txt", "a", encoding="utf-8") as f:
f.write(result_long)
f.write("\n" + "-" * 40 + "\n")
# 写入分块的短文本结果
for short_result in short_results:
with open("./2.txt", "a", encoding="utf-8") as f:
f.write(short_result)
f.write("\n" + "-" * 40 + "\n")
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
print("-" * 40) print("-" * 40)

134
GotoSend/freebuf.py
View File

@ -6,7 +6,7 @@ import os
from datetime import datetime, timedelta from datetime import datetime, timedelta
def create_database(): def create_database():
conn = sqlite3.connect('./resources/db/freebuf.db') conn = sqlite3.connect('./db/freebuf.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles ( cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -20,7 +20,7 @@ def create_database():
conn.close() conn.close()
def insert_data(data): def insert_data(data):
conn = sqlite3.connect('./resources/db/freebuf.db') conn = sqlite3.connect('./db/freebuf.db')
cursor = conn.cursor() cursor = conn.cursor()
for entry in data: for entry in data:
try: try:
@ -41,20 +41,16 @@ def insert_data(data):
def get_freebuf_json(): def get_freebuf_json():
# 检查文件是否存在 # 检查文件是否存在
if not os.path.exists('./resources/JSON/freebuf.json'): if not os.path.exists('./JSON/freebuf.json'):
raise FileNotFoundError(f"freebuf.json文件不存在请检查程序是否运行正常") raise FileNotFoundError(f"freebuf.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件 # 打开并读取JSON文件
with open('./resources/JSON/freebuf.json', 'r', encoding='utf-8') as file: with open('./JSON/freebuf.json', 'r', encoding='utf-8') as file:
content = file.read() data = json.load(file)
if not content:
pass
else:
data = json.loads(content)
# 假设data是一个包含多个JSON对象的列表 # 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list): if not isinstance(data, list):
raise ValueError("JSON文件格式错误请检查爬取程序是否异常!") raise ValueError("JSON文件格式错误请检查common.py是否异常")
# 提取所需字段并编号 # 提取所需字段并编号
total_data = [] total_data = []
@ -72,7 +68,7 @@ def get_freebuf_json():
return total_data return total_data
def select_articles(e_hour): def select_articles(e_hour):
conn = sqlite3.connect('./resources/db/freebuf.db') conn = sqlite3.connect('./db/freebuf.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
@ -91,80 +87,51 @@ def select_articles(e_hour):
return results return results
def clear_table(): def clear_table():
conn = sqlite3.connect('./resources/db/freebuf.db') conn = sqlite3.connect('./db/freebuf.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('DELETE FROM articles') cursor.execute('DELETE FROM articles')
conn.commit() conn.commit()
conn.close() conn.close()
def record(title, link, author, upload_time, description=None, source=None, category=None): def record_md(result, filename="./history/sec_news.md"):
db_path = './resources/db/web.db' # 读取现有内容
conn = sqlite3.connect(db_path) if os.path.exists(filename):
cursor = conn.cursor() with open(filename, 'r', encoding='utf-8') as file:
existing_content = file.read()
else:
existing_content = ""
# 创建表(如果不存在) # 将新内容插入到现有内容的开头
cursor.execute('''CREATE TABLE IF NOT EXISTS sec_news ( new_content = result + existing_content
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
author TEXT,
description TEXT,
source TEXT,
upload_time DATETIME,
category TEXT
)''')
# 插入数据 # 写回文件
cursor.execute(''' with open(filename, 'w', encoding='utf-8') as file:
INSERT INTO sec_news (article_title, link, author, description, source, upload_time, category) file.write(new_content)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (title, link, author, description, source, upload_time, category))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
short_results = []
def get_filtered_articles(entries, Is_short):
result = ""
record = ""
for entry in entries: for entry in entries:
# 构建长文本结果 if Is_short == False:
result_long += f"文章:[{entry[1]}]({entry[2]})\n类型:{entry[5]}\n" result += f"类型:{entry[5]}\n文章:{entry[1]}\n"
result_long += f"上传时间:{entry[4]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[4]}\n"
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
elif Is_short == True:
result += f"文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[4]}\n"
result += "\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理 record += f"#### 文章:{entry[1]}\n"
current_entry = ( record += f"**类型**{entry[5]}\n"
f"文章:[{entry[1]}]({entry[2]})\n" record += f"**链接**{entry[2]}\n"
f"上传时间:{entry[4]}\n" record += f"**上传时间**{entry[4]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章 record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
) record_md(record)
temp_result = result_short + current_entry return result
if len(temp_result.encode('utf-8')) > 4096:
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(
title=entry[1],
link=entry[2],
author=None,
upload_time=entry[4],
description=entry[3],
source="Freebuf",
category=entry[5]
)
# 处理最后一个结果 def Src_freebuf(e_hour, Is_short):
if result_short: if not os.path.exists('./db/freebuf.db'):
short_results.append(result_short)
return result_long, short_results
def Src_freebuf(e_hour):
if not os.path.exists('./resources/db/freebuf.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
@ -182,26 +149,15 @@ def Src_freebuf(e_hour):
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles, Is_short)
return result_long, short_results return results
else: else:
return False return False
if __name__ == "__main__": if __name__ == "__main__":
results = Src_freebuf(24) reslts = Src_freebuf(4, False)
if results != False: if reslts != False:
result_long, short_results = results print(reslts)
# 打印长文本结果
print("长文本结果:")
print(result_long)
print("\n" + "-" * 40 + "\n")
# 打印分块的短文本结果
print("分块的短文本结果:")
for short_result in short_results:
print(short_result)
print("\n" + "-" * 40 + "\n")
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
print("-" * 40) print("-" * 40)

509
GotoSend/github.py
View File

@ -1,509 +0,0 @@
# -*- coding: utf-8 -*-
import json
import sqlite3
import os
from datetime import datetime, timedelta
def create_database():
conn = sqlite3.connect('./resources/db/github.db')
cursor = conn.cursor()
cursor.executescript('''
CREATE TABLE IF NOT EXISTS keywords (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT,
link TEXT,
description TEXT,
pubDate DATETIME,
author TEXT,
keyword TEXT,
language TEXT,
is_sended BOOLEAN
);
CREATE TABLE IF NOT EXISTS repos (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT,
link TEXT,
description TEXT,
pubDate DATETIME,
author TEXT,
keyword TEXT,
link2 TEXT
);
CREATE TABLE IF NOT EXISTS releases (
id INTEGER PRIMARY KEY AUTOINCREMENT,
link TEXT,
pubDate DATETIME,
author TEXT,
keyword TEXT
);
CREATE TABLE IF NOT EXISTS users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT,
link TEXT,
description TEXT,
pubDate DATETIME,
author TEXT,
keyword TEXT,
language TEXT,
is_sended BOOLEAN
);
''')
conn.commit()
conn.close()
def insert_data():
# 检查文件是否存在
# 打开并读取JSON文件
# 假设data是一个包含多个JSON对象的列表然后校验JSON格式是否异常
if not os.path.exists('./resources/JSON/github_keyword.json'):
raise FileNotFoundError(f"github_keyword文件不存在请检查程序是否运行正常")
with open('./resources/JSON/github_keyword.json', 'r', encoding='utf-8') as file:
content = file.read()
if not content:
pass
else:
data_keyword = json.loads(content)
if not isinstance(data_keyword, list):
raise ValueError("JSON文件格式错误请检查爬取程序是否异常")
if not os.path.exists('./resources/JSON/github_repo.json'):
raise FileNotFoundError(f"github_repo文件不存在请检查程序是否运行正常")
with open('./resources/JSON/github_repo.json', 'r', encoding='utf-8') as file:
content = file.read()
if not content:
pass
else:
data_repo = json.loads(content)
if not isinstance(data_repo, list):
raise ValueError("JSON文件格式错误请检查爬取程序是否异常")
if not os.path.exists('./resources/JSON/github_release.json'):
raise FileNotFoundError(f"github_release文件不存在请检查程序是否运行正常")
with open('./resources/JSON/github_release.json', 'r', encoding='utf-8') as file:
content = file.read()
if not content:
pass
else:
data_release = json.loads(content)
if not isinstance(data_release, list):
raise ValueError("JSON文件格式错误请检查爬取程序是否异常")
if not os.path.exists('./resources/JSON/github_user.json'):
raise FileNotFoundError(f"github_user文件不存在请检查程序是否运行正常")
with open('./resources/JSON/github_user.json', 'r', encoding='utf-8') as file:
content = file.read()
if not content:
pass
else:
data_user = json.loads(content)
if not isinstance(data_user, list):
raise ValueError("JSON文件格式错误请检查爬取程序是否异常")
conn = sqlite3.connect('./resources/db/github.db')
cursor = conn.cursor()
# 提取所需字段并编号
for index, item in enumerate(data_keyword, start=1):
entry = {
"id": index,
"title": item.get("name", ""),
"link": item.get("link", ""),
"description": item.get("description", ""),
"pubDate": item.get("created_at", ""),
"author": item.get("author", ""),
"keyword": item.get("keyword", ""),
"language": item.get("language", "")
}
try:
pub_date = datetime.strptime(entry['pubDate'], '%Y-%m-%dT%H:%M:%SZ')
pub_date += timedelta(hours=8)
formatted_pub_date = pub_date.strftime('%Y-%m-%d %H:%M:%S')
except ValueError:
# 如果解析失败,使用原始 pubDate 字符串
formatted_pub_date = entry['pubDate']
# 检查是否存在相同 title 和 author 的记录
cursor.execute('''
SELECT 1 FROM keywords WHERE title = ? AND author = ?
''', (entry['title'], entry['author']))
if cursor.fetchone() is None:
# 如果没有找到相同记录,则插入新记录
cursor.execute('''
INSERT INTO keywords (title, link, description, pubDate, author, language, keyword)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['description'], formatted_pub_date, entry['author'], entry['language'], entry['keyword']))
for index, item in enumerate(data_repo, start=1):
entry = {
"id": index,
"title": item.get("name", ""),
"link": f"https://github.com/{item.get('keyword', '')}",
"description": item.get("description", ""),
"pubDate": item.get("updated_at", ""),
"author": item.get("author", ""),
"keyword": item.get("keyword", ""),
"link2": item.get("link_2", "")
}
try:
pub_date = datetime.strptime(entry['pubDate'], '%Y-%m-%dT%H:%M:%SZ')
pub_date += timedelta(hours=8)
formatted_pub_date = pub_date.strftime('%Y-%m-%d %H:%M:%S')
except ValueError:
# 如果解析失败,使用原始 pubDate 字符串
formatted_pub_date = entry['pubDate']
cursor.execute('''
INSERT INTO repos (title, link, description, pubDate, author, link2, keyword)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['description'], formatted_pub_date, entry['author'], entry['link2'], entry['keyword']))
for index, item in enumerate(data_release, start=1):
entry = {
"id": index,
"link": item.get("link", ""),
"pubDate": item.get("published_at", ""),
"author": item.get("author", ""),
"keyword": item.get("keyword", "")
}
try:
pub_date = datetime.strptime(entry['pubDate'], '%Y-%m-%dT%H:%M:%SZ')
pub_date += timedelta(hours=8)
formatted_pub_date = pub_date.strftime('%Y-%m-%d %H:%M:%S')
except ValueError:
# 如果解析失败,使用原始 pubDate 字符串
formatted_pub_date = entry['pubDate']
cursor.execute('''
INSERT INTO releases (link, pubDate, author, keyword)
VALUES (?, ?, ?, ?)
''', (entry['link'], formatted_pub_date, entry['author'], entry['keyword']))
# 插入 users 数据
for index, item in enumerate(data_user, start=1):
entry = {
"id": index,
"title": item.get("name", ""),
"link": item.get("link", ""),
"description": item.get("description", ""),
"pubDate": item.get("created_at", ""),
"author": item.get("author", ""),
"keyword": item.get("keyword", ""),
"language": item.get("language", "")
}
try:
pub_date = datetime.strptime(entry['pubDate'], '%Y-%m-%dT%H:%M:%SZ')
pub_date += timedelta(hours=8)
formatted_pub_date = pub_date.strftime('%Y-%m-%d %H:%M:%S')
except ValueError:
# 如果解析失败,使用原始 pubDate 字符串
formatted_pub_date = entry['pubDate']
# 检查是否存在相同 title 和 author 的记录
cursor.execute('''
SELECT 1 FROM users WHERE title = ? AND author = ?
''', (entry['title'], entry['author']))
if cursor.fetchone() is None:
# 如果没有找到相同记录,则插入新记录
cursor.execute('''
INSERT INTO users (title, link, description, pubDate, author, keyword, language)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['description'], formatted_pub_date, entry['author'], entry['keyword'], entry['language']))
conn.commit()
conn.close()
def select_articles(e_hour):
conn = sqlite3.connect('./resources/db/github.db')
cursor = conn.cursor()
# 获取当前日期和时间
now = datetime.now()
two_months_ago = now - timedelta(days=60) # 假设两个月大约60天
start_time = now - timedelta(hours=e_hour, minutes=3)
# 查询指定时间段内的数据
cursor.execute('''
SELECT * FROM keywords
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
ORDER BY pubDate DESC
''', (start_time.strftime('%Y-%m-%d %H:%M:%S'), now.strftime('%Y-%m-%d %H:%M:%S')))
result_1 = cursor.fetchall()
if result_1:
for row in result_1:
keyword_id = row[0]
cursor.execute('''
UPDATE keywords
SET is_sended = True
WHERE id = ?
''', (keyword_id,))
conn.commit()
cursor.execute('''
SELECT * FROM repos
WHERE pubDate BETWEEN ? AND ?
''', (start_time.strftime('%Y-%m-%d %H:%M:%S'), now.strftime('%Y-%m-%d %H:%M:%S')))
result_2 = cursor.fetchall()
# 查询最近的5条未被标记为True的消息且发布时间不超过两个月
cursor.execute('''
SELECT * FROM users
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
ORDER BY pubDate DESC
LIMIT 5
''', (two_months_ago.strftime('%Y-%m-%d %H:%M:%S'), now.strftime('%Y-%m-%d %H:%M:%S')))
result_3 = cursor.fetchall()
# print(results)
if result_3:
for row in result_3:
user_id = row[0]
cursor.execute('''
UPDATE users
SET is_sended = True
WHERE id = ?
''', (user_id,))
conn.commit() # 提交事务
cursor.execute('''
SELECT * FROM releases
WHERE pubDate BETWEEN ? AND ?
''', (start_time.strftime('%Y-%m-%d %H:%M:%S'), now.strftime('%Y-%m-%d %H:%M:%S')))
result_4 = cursor.fetchall()
cursor.close()
conn.close()
return result_1, result_2, result_3, result_4
def clear_table():
conn = sqlite3.connect('./resources/db/github.db')
cursor = conn.cursor()
cursor.execute('DELETE FROM repos')
cursor.execute('DELETE FROM releases')
conn.commit()
conn.close()
def record(title, link, description, upload_time, author, keyword, language, source):
db_path = './resources/db/web.db'
conn = sqlite3.connect(db_path)
cursor = conn.cursor()
# 创建表(如果不存在)— 添加 language 字段
cursor.execute('''CREATE TABLE IF NOT EXISTS github (
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
description TEXT,
author TEXT,
upload_time DATETIME,
keyword TEXT,
language TEXT,
source TEXT
)''')
# 插入数据 — 添加 author 和 language 字段
cursor.execute('''
INSERT INTO github (article_title, link, description, author, upload_time, keyword, language, source)
VALUES (?, ?, ?, ?, ?, ?, ?, ?)
''', (title, link, description, author, upload_time, keyword, language, source))
conn.commit()
conn.close()
def get_filtered_articles(entries, choice):
result_long = ""
result_short = ""
short_results = []
for entry in entries:
if choice == 1:
# 构建长文本结果
result_long += f"关键词【{entry[6]}】发现新项目:[{entry[1]}]({entry[2]})\n"
result_long += f"项目描述:{entry[3]}\n"
result_long += f"上传时间:{entry[4]}\n"
result_long += f"开发语言:{entry[7]}\t\t作者:{entry[5]}\n"
result_long += "\n" + "-" * 10 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理
current_entry = (
f"关键词【{entry[6]}】发现新项目:[{entry[1]}]({entry[2]})\n"
f"上传时间:{entry[4]}\n"
f"开发语言:{entry[7]}\t\t作者:{entry[5]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
)
# 存入数据库
record(
title=entry[1],
link=entry[2],
description=entry[3],
upload_time=entry[4],
author=entry[5],
keyword=entry[6],
language=entry[7],
source="New project"
)
elif choice == 2:
# 构建长文本结果
result_long += f"项目:[{entry[1]}]({entry[2]})存在更新!!!\n"
result_long += f"更新描述:{entry[3]}\n"
result_long += f"更新时间:{entry[4]}\n"
result_long += f"提交者:{entry[5]}[点此查看提交详情]({entry[7]})\n"
result_long += "\n" + "-" * 10 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理
current_entry = (
f"项目:[{entry[1]}]({entry[2]})存在更新!!!\n"
f"更新时间:{entry[4]}\n"
f"提交者:{entry[5]}[点此查看提交详情]({entry[7]})\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
)
# 存入数据库
record(
title=entry[1],
link=entry[2],
description=entry[3],
upload_time=entry[4],
author=entry[5],
keyword=entry[7],
language=None,
source="Project update"
)
elif choice == 3:
# 构建长文本结果
result_long += f"大佬 {entry[5]} 上传了一个新工具:[{entry[1]}]({entry[2]})\n"
result_long += f"项目描述:{entry[3]}\n"
result_long += f"上传时间:{entry[4]}\n"
result_long += "\n" + "-" * 10 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理
current_entry = (
f"大佬 {entry[5]} 上传了一个新工具:[{entry[1]}]({entry[2]})\n"
f"上传时间:{entry[4]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
)
# 存入数据库
record(
title=entry[1],
link=entry[2],
description=entry[3],
upload_time=entry[4],
author=entry[5],
keyword=None,
language=None,
source="New tool"
)
elif choice == 4:
# 构建长文本结果
result_long += f"{entry[3]}】为[{entry[4]}]({entry[1]})发布了新版本,请及时查收!\n"
result_long += f"发布时间:{entry[2]}\n"
result_long += "\n" + "-" * 10 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理
current_entry = (
f"{entry[3]}】为[{entry[4]}]({entry[1]})发布了新版本,请及时查收!\n"
f"发布时间:{entry[2]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
)
# 存入数据库
record(
title=entry[4],
link=entry[1],
description=None,
upload_time=entry[2],
author=entry[3],
keyword=None,
language=None,
source="New version"
)
temp_result = result_short + current_entry
if len(temp_result.encode('utf-8')) > 4096:
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
# 处理最后一个结果
if result_short:
short_results.append(result_short)
return result_long, short_results
def Src_github(e_hour):
if not os.path.exists('./resources/db/github.db'):
# 创建数据库和表
create_database()
# 清空表
clear_table()
# 插入数据到数据库
insert_data()
# 查询指定时间段内的数据
keyword_data, repo_data, user_data, release_data = select_articles(e_hour)
results = []
if keyword_data:
result_long_1, short_results_1 = get_filtered_articles(keyword_data, 1)
results.append((result_long_1, short_results_1))
else:
results.append(("", []))
if repo_data:
result_long_2, short_results_2 = get_filtered_articles(repo_data, 2)
results.append((result_long_2, short_results_2))
else:
results.append(("", []))
if user_data:
result_long_3, short_results_3 = get_filtered_articles(user_data, 3)
results.append((result_long_3, short_results_3))
else:
results.append(("", []))
if release_data:
result_long_4, short_results_4 = get_filtered_articles(release_data, 4)
results.append((result_long_4, short_results_4))
else:
results.append(("", []))
return results
if __name__ == "__main__":
results = Src_github(240)
for i, (result_long, short_results) in enumerate(results, start=1):
if result_long != "":
print(f"长文本结果 {i}")
print(result_long)
print("\n" + "-" * 10 + "\n")
if short_results:
print(f"分块的短文本结果 {i}")
for short_result in short_results:
print(short_result)
print("\n" + "-" * 10 + "\n")
if all(result_long == "" and not short_results for result_long, short_results in results):
# 如果为空,则跳过执行
print("-" * 10)
print("github数据为空跳过执行。")

133
GotoSend/qianxin.py
View File

@ -6,7 +6,7 @@ import os
from datetime import datetime, timedelta from datetime import datetime, timedelta
def create_database(): def create_database():
conn = sqlite3.connect('./resources/db/qianxin.db') conn = sqlite3.connect('./db/qianxin.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles ( cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -20,7 +20,7 @@ def create_database():
conn.close() conn.close()
def insert_data(data): def insert_data(data):
conn = sqlite3.connect('./resources/db/qianxin.db') conn = sqlite3.connect('./db/qianxin.db')
cursor = conn.cursor() cursor = conn.cursor()
for entry in data: for entry in data:
cursor.execute(''' cursor.execute('''
@ -32,16 +32,12 @@ def insert_data(data):
def get_qianxin_json(): def get_qianxin_json():
# 检查文件是否存在 # 检查文件是否存在
if not os.path.exists('./resources/JSON/qianxin.json'): if not os.path.exists('./JSON/qianxin.json'):
raise FileNotFoundError(f"qianxin.json文件不存在请检查程序是否运行正常") raise FileNotFoundError(f"qianxin.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件 # 打开并读取JSON文件
with open('./resources/JSON/qianxin.json', 'r', encoding='utf-8') as file: with open('./JSON/qianxin.json', 'r', encoding='utf-8') as file:
content = file.read() data = json.load(file)
if not content:
pass
else:
data = json.loads(content)
# 假设data是一个包含多个JSON对象的列表 # 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list): if not isinstance(data, list):
@ -63,7 +59,7 @@ def get_qianxin_json():
return total_data return total_data
def select_articles(e_hour): def select_articles(e_hour):
conn = sqlite3.connect('./resources/db/qianxin.db') conn = sqlite3.connect('./db/qianxin.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
@ -82,79 +78,53 @@ def select_articles(e_hour):
return results return results
def clear_table(): def clear_table():
conn = sqlite3.connect('./resources/db/qianxin.db') conn = sqlite3.connect('./db/qianxin.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('DELETE FROM articles') cursor.execute('DELETE FROM articles')
conn.commit() conn.commit()
conn.close() conn.close()
def record(title=None, link=None, author=None, upload_time=None, description=None, category=None, source=None): def record_md(result, filename="./history/tech_passage.md"):
db_path = './resources/db/web.db' # 读取现有内容
conn = sqlite3.connect(db_path) if os.path.exists(filename):
cursor = conn.cursor() with open(filename, 'r', encoding='utf-8') as file:
existing_content = file.read()
else:
existing_content = ""
# 创建表(如果不存在) # 将新内容插入到现有内容的开头
cursor.execute('''CREATE TABLE IF NOT EXISTS tech_passage ( new_content = result + existing_content
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
author TEXT,
description TEXT,
upload_time DATETIME,
category TEXT,
source TEXT
)''')
# 插入数据 # 写回文件
cursor.execute(''' with open(filename, 'w', encoding='utf-8') as file:
INSERT INTO tech_passage (article_title, link, author, description, upload_time, category, source) file.write(new_content)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (title, link, author, description, upload_time, category, source))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
short_results = []
def get_filtered_articles(entries, Is_short):
result = ""
record = ""
for entry in entries: for entry in entries:
# 构建长文本结果 if Is_short == False:
result_long += f"文章:[{entry[1]}]({entry[2]})\n来源:{entry[3]}\n" result += f"来源:{entry[3]}\n文章:{entry[1]}\n"
result_long += f"上传时间:{entry[5]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n"
result_long += f"描述:{entry[4]}\n" result += f"描述:{entry[4]}\n"
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
if Is_short == False:
result += f"文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n"
result += "\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理 record += f"#### 文章:{entry[1]}\n"
current_entry = ( record += f"**来源**{entry[3]}\n"
f"文章:[{entry[1]}]({entry[2]})\n" record += f"**链接**{entry[2]}\n"
f"上传时间:{entry[5]}\n" record += f"**上传时间**{entry[5]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章 record += f"**描述**{entry[4]}\n"
) record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
temp_result = result_short + current_entry record_md(record)
if len(temp_result.encode('utf-8')) > 4096: return result
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(
title=entry[1],
link=entry[2],
upload_time=entry[5],
description=entry[4],
source="奇安信攻防社区"
)
# 处理最后一个结果 def Src_qianxin(e_hour, Is_short):
if result_short: if not os.path.exists('./db/qianxin.db'):
short_results.append(result_short)
return result_long, short_results
def Src_qianxin(e_hour):
if not os.path.exists('./resources/db/qianxin.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
@ -172,26 +142,15 @@ def Src_qianxin(e_hour):
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles, Is_short)
return result_long, short_results return results
else: else:
return False return False
if __name__ == "__main__": if __name__ == "__main__":
results = Src_qianxin(4) reslts = Src_qianxin(4, False)
if results != False: if reslts != False:
result_long, short_results = results print(reslts)
# 打印长文本结果
print("长文本结果:")
print(result_long)
print("\n" + "-" * 40 + "\n")
# 打印分块的短文本结果
print("分块的短文本结果:")
for short_result in short_results:
print(short_result)
print("\n" + "-" * 40 + "\n")
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
print("-" * 40) print("-" * 40)

135
GotoSend/seebug.py
View File

@ -8,7 +8,7 @@ import email.utils
def create_database(): def create_database():
conn = sqlite3.connect('./resources/db/seebug.db') conn = sqlite3.connect('./db/seebug.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles ( cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -23,7 +23,7 @@ def create_database():
def insert_data(data): def insert_data(data):
conn = sqlite3.connect('./resources/db/seebug.db') conn = sqlite3.connect('./db/seebug.db')
cursor = conn.cursor() cursor = conn.cursor()
for entry in data: for entry in data:
# 解析并格式化时间 # 解析并格式化时间
@ -39,16 +39,12 @@ def insert_data(data):
def get_seebug_json(): def get_seebug_json():
# 检查文件是否存在 # 检查文件是否存在
if not os.path.exists('./resources/JSON/seebug.json'): if not os.path.exists('./JSON/seebug.json'):
raise FileNotFoundError(f"seebug.json文件不存在请检查程序是否运行正常") raise FileNotFoundError(f"seebug.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件 # 打开并读取JSON文件
with open('./resources/JSON/seebug.json', 'r', encoding='utf-8') as file: with open('./JSON/seebug.json', 'r', encoding='utf-8') as file:
content = file.read() data = json.load(file)
if not content:
pass
else:
data = json.loads(content)
# 假设data是一个包含多个JSON对象的列表 # 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list): if not isinstance(data, list):
@ -70,7 +66,7 @@ def get_seebug_json():
return total_data return total_data
def select_articles(e_hour): def select_articles(e_hour):
conn = sqlite3.connect('./resources/db/seebug.db') conn = sqlite3.connect('./db/seebug.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
@ -89,81 +85,53 @@ def select_articles(e_hour):
return results return results
def clear_table(): def clear_table():
conn = sqlite3.connect('./resources/db/seebug.db') conn = sqlite3.connect('./db/seebug.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('DELETE FROM articles') cursor.execute('DELETE FROM articles')
conn.commit() conn.commit()
conn.close() conn.close()
def record(title, link, author, upload_time, description=None, source=None, category=None): def record_md(result, filename="./history/sec_news.md"):
db_path = './resources/db/web.db' # 读取现有内容
conn = sqlite3.connect(db_path) if os.path.exists(filename):
cursor = conn.cursor() with open(filename, 'r', encoding='utf-8') as file:
existing_content = file.read()
else:
existing_content = ""
# 创建表(如果不存在) # 将新内容插入到现有内容的开头
cursor.execute('''CREATE TABLE IF NOT EXISTS sec_news ( new_content = result + existing_content
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
author TEXT,
description TEXT,
source TEXT,
upload_time DATETIME,
category TEXT
)''')
# 插入数据 # 写回文件
cursor.execute(''' with open(filename, 'w', encoding='utf-8') as file:
INSERT INTO sec_news (article_title, link, author, description, source, upload_time, category) file.write(new_content)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (title, link, author, description, source, upload_time, category))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
short_results = []
def get_filtered_articles(entries, Is_short):
result = ""
record = ""
for entry in entries: for entry in entries:
# 构建长文本结果 if Is_short == False:
result_long += f"文章:[{entry[1]}]({entry[2]})\n类型:{entry[3]}\n" result += f"类型:{entry[3]}\n文章:{entry[1]}"
result_long += f"上传时间:{entry[5]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n"
result_long += f"{entry[4]}\n" result += f"{entry[4]}\n"
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
if Is_short == True:
result += f"文章:{entry[1]}"
result += f"链接:{entry[2]}\n上传时间:{entry[5]}\n"
result += "\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理 record += f"#### 文章:{entry[1]}\n"
current_entry = ( record += f"**类型**{entry[3]}\n"
f"文章:[{entry[1]}]({entry[2]})\n" record += f"**链接**{entry[2]}\n"
f"上传时间:{entry[5]}\n" record += f"**上传时间**{entry[5]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章 record += f"{entry[4]}\n"
) record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
temp_result = result_short + current_entry record_md(record)
if len(temp_result.encode('utf-8')) > 4096: return result
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(
title=entry[1],
link=entry[2],
author=None,
upload_time=entry[5],
description=entry[4],
source="Seebug",
category=entry[3]
)
# 处理最后一个结果 def Src_seebug(e_hour, Is_short):
if result_short: if not os.path.exists('./db/seebug.db'):
short_results.append(result_short)
return result_long, short_results
def Src_seebug(e_hour):
if not os.path.exists('./resources/db/seebug.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
@ -181,26 +149,15 @@ def Src_seebug(e_hour):
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles, Is_short)
return result_long, short_results return results
else: else:
return False return False
if __name__ == "__main__": if __name__ == "__main__":
results = Src_seebug(100) reslts = Src_seebug(100, False)
if results != False: if reslts != False:
result_long, short_results = results print(reslts)
# 打印长文本结果
print("长文本结果:")
print(result_long)
print("\n" + "-" * 40 + "\n")
# 打印分块的短文本结果
print("分块的短文本结果:")
for short_result in short_results:
print(short_result)
print("\n" + "-" * 40 + "\n")
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
print("-" * 40) print("-" * 40)

232
GotoSend/sougou_wx.py
View File

@ -1,232 +0,0 @@
import os
import json
import sqlite3
from datetime import datetime, timedelta
def clear_table():
conn = sqlite3.connect('./resources/db/sougou-wx.db')
cursor = conn.cursor()
cursor.execute('DELETE FROM articles')
conn.commit()
conn.close()
def create_database():
conn = sqlite3.connect('./resources/db/sougou-wx.db')
cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT,
link TEXT,
description TEXT,
pubDate DATETIME,
author TEXT,
keyword TEXT,
is_sended BOOLEAN
)''')
conn.commit()
conn.close()
def insert_data(data):
conn = sqlite3.connect('./resources/db/sougou-wx.db')
cursor = conn.cursor()
for entry in data:
# 检查是否存在相同 title 和 author 的记录
cursor.execute('''
SELECT 1 FROM articles WHERE title = ? AND author = ?
''', (entry['title'], entry['author']))
if cursor.fetchone() is None:
# 如果没有找到相同记录,则插入新记录
cursor.execute('''
INSERT INTO articles (title, link, description, pubDate, author, keyword)
VALUES (?, ?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['description'], entry['pubDate'], entry['author'], entry['keyword']))
conn.commit()
conn.close()
def get_json():
# 检查文件是否存在
if not os.path.exists('./resources/JSON/sougou-wx.json'):
raise FileNotFoundError(f"sougou-wx.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件
with open('./resources/JSON/sougou-wx.json', 'r', encoding='utf-8') as file:
content = file.read()
if not content:
pass
else:
data = json.loads(content)
# 假设data是一个包含多个关键词的字典
total_data = []
for keyword, keyword_data in data.items():
# 检查关键词对应的数据是否为列表
if not isinstance(keyword_data, list):
raise ValueError(f"关键词 {keyword} 对应的数据格式错误,请检查爬取程序是否异常!")
# 提取所需字段并编号
for index, item in enumerate(keyword_data, start=1):
entry = {
"id": index,
"title": item.get("title", ""),
"link": item.get("link", ""),
"description": item.get("description", ""),
"pubDate": item.get("pubDate", ""),
"author": item.get("author", ""),
"keyword": keyword
}
total_data.append(entry)
return total_data
def select_articles():
conn = sqlite3.connect('./resources/db/sougou-wx.db')
cursor = conn.cursor()
# 获取当前日期和时间
now = datetime.now()
two_months_ago = now - timedelta(days=60) # 假设两个月大约60天
try:
# 查询最近的3条未被标记为True的消息且发布时间不超过两个月
cursor.execute('''
SELECT * FROM articles
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
ORDER BY pubDate DESC
LIMIT 3
''', (two_months_ago.strftime('%Y-%m-%d %H:%M:%S'), now.strftime('%Y-%m-%d %H:%M:%S')))
results = cursor.fetchall()
# print(results)
if results:
for row in results:
article_id = row[0]
cursor.execute('''
UPDATE articles
SET is_sended = True
WHERE id = ?
''', (article_id,))
conn.commit() # 提交事务
except Exception as e:
conn.rollback() # 回滚事务
print(f"Error: {e}")
finally:
cursor.close()
conn.close()
return results
def record(title, link, description, upload_time, author, keyword):
db_path = './resources/db/web.db'
conn = sqlite3.connect(db_path)
cursor = conn.cursor()
# 创建表(如果不存在)
cursor.execute('''CREATE TABLE IF NOT EXISTS wx_news (
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
description TEXT,
upload_time DATETIME,
author TEXT,
keyword TEXT
)''')
# 插入数据
cursor.execute('''
INSERT INTO wx_news (article_title, link, description, upload_time, author, keyword)
VALUES (?, ?, ?, ?, ?, ?)
''', (title, link, description, upload_time, author, keyword))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
short_results = []
for entry in entries:
# 构建长文本结果
result_long += f"文章:[{entry[1]}]({entry[2]})\n描述:{entry[3]}\n"
result_long += f"上传时间:{entry[4]}\n"
result_long += f"作者:{entry[5]}\n"
result_long += f"关键词:{entry[6]}\n"
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理
current_entry = (
f"文章:[{entry[1]}]({entry[2]})\n"
f"关键词:{entry[6]}\n"
f"上传时间:{entry[4]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
)
temp_result = result_short + current_entry
if len(temp_result.encode('utf-8')) > 4096:
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(
title=entry[1],
link=entry[2],
description=entry[3],
upload_time=entry[4],
author=entry[5],
keyword=entry[6]
)
# 处理最后一个结果
if result_short:
short_results.append(result_short)
return result_long, short_results
def Src_sougou_wx():
if not os.path.exists('./resources/db/sougou-wx.db'):
# 创建数据库和表
create_database()
# 清空表
# clear_table()
# 获取 JSON 数据
sougou_wx_data = get_json()
# 插入数据到数据库
insert_data(sougou_wx_data)
# 查询指定时间段内的数据
filtered_articles = select_articles()
# print(filtered_articles)
if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles)
return result_long, short_results
else:
return False
if __name__ == "__main__":
results = Src_sougou_wx()
if results != False:
result_long, short_results = results
# 写入长文本结果
with open("./1.txt", "a", encoding="utf-8") as f:
f.write(result_long)
f.write("\n" + "-" * 40 + "\n")
# 写入分块的短文本结果
for short_result in short_results:
with open("./2.txt", "a", encoding="utf-8") as f:
f.write(short_result)
f.write("\n" + "-" * 40 + "\n")
else:
# 如果为空,则跳过执行
print("-" * 40)
print("微信公众号数据为空,跳过执行。")

278
GotoSend/uni_rss.py
View File

@ -1,278 +0,0 @@
# -*- coding: utf-8 -*-
import json
import sqlite3
import os
from datetime import datetime, timedelta
def create_database():
conn = sqlite3.connect('./resources/db/uni_rss.db')
cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT,
link TEXT,
author TEXT,
description TEXT,
pubDate DATETIME,
source TEXT,
is_sended BOOLEAN
)''')
conn.commit()
conn.close()
def parse_pub_date(pub_date_str):
if not pub_date_str:
return pub_date_str
# 定义多种日期格式
date_formats = [
# ISO 8601 格式(带 T
'%Y-%m-%dT%H:%M:%S',
'%Y-%m-%dT%H:%M:%S%z',
# 标准日期时间格式
'%Y-%m-%d %H:%M:%S',
'%Y-%m-%d %H:%M',
'%Y-%m-%d',
# RFC 822/1123 格式(英文星期和月份)
'%a, %d %b %Y %H:%M:%S %z',
'%a, %d %b %Y %H:%M:%S GMT',
'%a, %d %b %Y %H:%M:%S',
# 其他常见格式
'%d %b %Y %H:%M:%S %z',
'%d %b %Y %H:%M:%S',
]
for fmt in date_formats:
try:
pub_date = datetime.strptime(pub_date_str, fmt)
# 格式化输出为统一格式
return pub_date.strftime('%Y-%m-%d %H:%M:%S')
except ValueError:
continue
# 如果所有格式都失败,返回原始字符串
return pub_date_str
def insert_data(data):
conn = sqlite3.connect('./resources/db/uni_rss.db')
cursor = conn.cursor()
for entry in data:
# 使用新的日期解析函数
formatted_pub_date = parse_pub_date(entry['published'])
cursor.execute('''
SELECT 1 FROM articles WHERE title = ? AND author = ?
''', (entry['title'], entry['author']))
if cursor.fetchone() is None:
cursor.execute('''
INSERT INTO articles (title, link, author, description, pubDate, source)
VALUES (?, ?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['author'], entry['description'], formatted_pub_date, entry['source']))
conn.commit()
conn.close()
def get_uni_rss_json():
# 检查文件是否存在
if not os.path.exists('./resources/JSON/uni_rss.json'):
raise FileNotFoundError(f"uni_rss.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件
with open('./resources/JSON/uni_rss.json', 'r', encoding='utf-8') as file:
content = file.read()
if not content:
pass
else:
data = json.loads(content)
# 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list):
raise ValueError("JSON文件格式错误请检查common.py是否异常")
# 提取所需字段并编号
total_data = []
for index, item in enumerate(data, start=1):
entry = {
"id": index,
"title": item.get("title", ""),
"link": item.get("link", ""),
"author": item.get("author", ""),
"description": item.get("description", ""),
"published": item.get("published", ""),
"source": item.get("source", ""),
}
total_data.append(entry)
return total_data
def select_articles(uni_rss_switch, Unity):
conn = sqlite3.connect('./resources/db/uni_rss.db')
cursor = conn.cursor()
# 获取当前日期和时间
now = datetime.now()
two_days_ago = now - timedelta(days=200)
if uni_rss_switch == False:
# 查询指定时间段内的数据
cursor.execute('''
SELECT * FROM articles
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
ORDER BY pubDate DESC
''', (two_days_ago.strftime('%Y-%m-%d %H:%M:%S'), now.strftime('%Y-%m-%d %H:%M:%S')))
elif uni_rss_switch == True:
# 查询指定时间段内且title包含特定关键词的数据
like_conditions = ' OR '.join([f"title LIKE ?"] * len(Unity))
# 完整的查询语句
query = f'''
SELECT * FROM articles
WHERE is_sended IS NULL AND pubDate BETWEEN ? AND ?
AND ({like_conditions})
ORDER BY pubDate DESC
'''
# 构建参数列表
params = [
two_days_ago.strftime('%Y-%m-%d %H:%M:%S'),
now.strftime('%Y-%m-%d %H:%M:%S')
] + [f'%{keyword}%' for keyword in Unity]
# 执行查询
cursor.execute(query, params)
results = cursor.fetchall()
if results:
for row in results:
user_id = row[0]
cursor.execute('''
UPDATE articles
SET is_sended = True
WHERE id = ?
''', (user_id,))
conn.commit() # 提交事务
conn.close()
return results
def clear_table():
conn = sqlite3.connect('./resources/db/uni_rss.db')
cursor = conn.cursor()
cursor.execute('DELETE FROM articles')
conn.commit()
conn.close()
def record(title, link, description, upload_time, author, source):
db_path = './resources/db/web.db'
conn = sqlite3.connect(db_path)
cursor = conn.cursor()
# 创建表(如果不存在)
cursor.execute('''CREATE TABLE IF NOT EXISTS uni_rss (
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
description TEXT,
upload_time DATETIME,
author TEXT,
source TEXT
)''')
# 插入数据
cursor.execute('''
INSERT INTO uni_rss (article_title, link, description, upload_time, author, source)
VALUES (?, ?, ?, ?, ?, ?)
''', (title, link, description, upload_time, author, source))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
short_results = []
for entry in entries:
# 构建长文本结果
result_long += f"文章:[{entry[1]}]({entry[2]})\n"
result_long += f"作者:{entry[3]}\n"
result_long += f"描述:{entry[4]}\n"
result_long += f"上传时间:{entry[5]}\n"
result_long += f"来源:{entry[6]}\n"
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理
current_entry = (
f"文章:[{entry[1]}]({entry[2]})\n"
f"上传时间:{entry[5]}\n"
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
)
temp_result = result_short + current_entry
if len(temp_result.encode('utf-8')) > 4096:
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(
title=entry[1],
link=entry[2],
description=entry[4],
upload_time=entry[5],
author=entry[3],
source=entry[6]
)
# 处理最后一个结果
if result_short:
short_results.append(result_short)
return result_long, short_results
def Src_uni_rss(uni_rss_switch, Unity):
if not os.path.exists('./resources/db/uni_rss.db'):
# 创建数据库和表
create_database()
# 清空表
# clear_table()
# 获取 JSON 数据
uni_rss_data = get_uni_rss_json()
# 插入数据到数据库
insert_data(uni_rss_data)
# 查询指定时间段内的数据
filtered_articles = select_articles(uni_rss_switch, Unity)
# print(filtered_articles)
if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles)
return result_long, short_results
else:
return False
if __name__ == "__main__":
results = Src_uni_rss(False, ["webshell", "2000", "POC", "SQL", "XSS", "CSRF", "漏洞"])
if results:
result_long, short_results = results
# 写入长文本结果
with open("./1.txt", "a", encoding="utf-8") as f:
f.write(result_long)
f.write("\n" + "-" * 40 + "\n")
# 写入分块的短文本结果
for short_result in short_results:
with open("./2.txt", "a", encoding="utf-8") as f:
f.write(short_result)
f.write("\n" + "-" * 40 + "\n")
else:
# 如果为空,则跳过执行
print("-" * 40)
print("聚合RSS数据为空跳过执行。")

128
GotoSend/xianzhi.py
View File

@ -6,7 +6,7 @@ import os
from datetime import datetime, timedelta from datetime import datetime, timedelta
def create_database(): def create_database():
conn = sqlite3.connect('./resources/db/xianzhi.db') conn = sqlite3.connect('./db/xianzhi.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('''CREATE TABLE IF NOT EXISTS articles ( cursor.execute('''CREATE TABLE IF NOT EXISTS articles (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@ -18,7 +18,7 @@ def create_database():
conn.close() conn.close()
def insert_data(data): def insert_data(data):
conn = sqlite3.connect('./resources/db/xianzhi.db') conn = sqlite3.connect('./db/xianzhi.db')
cursor = conn.cursor() cursor = conn.cursor()
for entry in data: for entry in data:
try: try:
@ -40,16 +40,12 @@ def insert_data(data):
def get_xianzhi_json(): def get_xianzhi_json():
# 检查文件是否存在 # 检查文件是否存在
if not os.path.exists('./resources/JSON/xianzhi.json'): if not os.path.exists('./JSON/xianzhi.json'):
raise FileNotFoundError(f"xianzhi.json文件不存在请检查程序是否运行正常") raise FileNotFoundError(f"xianzhi.json文件不存在请检查程序是否运行正常")
# 打开并读取JSON文件 # 打开并读取JSON文件
with open('./resources/JSON/xianzhi.json', 'r', encoding='utf-8') as file: with open('./JSON/xianzhi.json', 'r', encoding='utf-8') as file:
content = file.read() data = json.load(file)
if not content:
pass
else:
data = json.loads(content)
# 假设data是一个包含多个JSON对象的列表 # 假设data是一个包含多个JSON对象的列表
if not isinstance(data, list): if not isinstance(data, list):
@ -69,7 +65,7 @@ def get_xianzhi_json():
return total_data return total_data
def select_articles(e_hour): def select_articles(e_hour):
conn = sqlite3.connect('./resources/db/xianzhi.db') conn = sqlite3.connect('./db/xianzhi.db')
cursor = conn.cursor() cursor = conn.cursor()
# 获取当前日期和时间 # 获取当前日期和时间
@ -88,77 +84,50 @@ def select_articles(e_hour):
return results return results
def clear_table(): def clear_table():
conn = sqlite3.connect('./resources/db/xianzhi.db') conn = sqlite3.connect('./db/xianzhi.db')
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute('DELETE FROM articles') cursor.execute('DELETE FROM articles')
conn.commit() conn.commit()
conn.close() conn.close()
def record(title=None, link=None, author=None, upload_time=None, description=None, category=None, source=None): def record_md(result, filename="./history/tech_passage.md"):
db_path = './resources/db/web.db' # 读取现有内容
conn = sqlite3.connect(db_path) if os.path.exists(filename):
cursor = conn.cursor() with open(filename, 'r', encoding='utf-8') as file:
existing_content = file.read()
else:
existing_content = ""
# 创建表(如果不存在) # 将新内容插入到现有内容的开头
cursor.execute('''CREATE TABLE IF NOT EXISTS tech_passage ( new_content = result + existing_content
id INTEGER PRIMARY KEY AUTOINCREMENT,
article_title TEXT,
link TEXT,
author TEXT,
description TEXT,
upload_time DATETIME,
category TEXT,
source TEXT
)''')
# 插入数据 # 写回文件
cursor.execute(''' with open(filename, 'w', encoding='utf-8') as file:
INSERT INTO tech_passage (article_title, link, author, description, upload_time, category, source) file.write(new_content)
VALUES (?, ?, ?, ?, ?, ?, ?)
''', (title, link, author, description, upload_time, category, source))
conn.commit()
conn.close()
def get_filtered_articles(entries):
result_long = ""
result_short = ""
short_results = []
def get_filtered_articles(entries, Is_short):
result = ""
record = ""
for entry in entries: for entry in entries:
# 构建长文本结果 if Is_short == False:
result_long += f"文章:[{entry[1]}]({entry[2]})\n" result += f"文章:{entry[1]}\n"
result_long += f"上传时间:{entry[3]}\n" result += f"链接:{entry[2]}\n上传时间:{entry[3]}\n"
result_long += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章 result += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
if Is_short == False:
result += f"文章:{entry[1]}\n"
result += f"链接:{entry[2]}\n上传时间:{entry[3]}\n"
result += "\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章
# 构建短文本结果并进行分块处理 record += f"#### 文章:{entry[1]}\n"
current_entry = ( record += f"**链接**{entry[2]}\n"
f"文章:[{entry[1]}]({entry[2]})\n" record += f"**上传时间**{entry[3]}\n"
f"上传时间:{entry[3]}\n" record += "\n" + "-" * 40 + "\n" # 添加分隔线以便区分不同文章
"\n" + "-" * 3 + "\n" # 添加分隔线以便区分不同文章 record_md(record)
) return result
temp_result = result_short + current_entry
if len(temp_result.encode('utf-8')) > 4096:
short_results.append(result_short)
result_short = current_entry
else:
result_short = temp_result
record(
title=entry[1],
link=entry[2],
upload_time=entry[3],
source="先知安全技术社区"
)
# 处理最后一个结果 def Src_xianzhi(e_hour, Is_short):
if result_short: if not os.path.exists('./db/xianzhi.db'):
short_results.append(result_short)
return result_long, short_results
def Src_xianzhi(e_hour):
if not os.path.exists('./resources/db/xianzhi.db'):
# 创建数据库和表 # 创建数据库和表
create_database() create_database()
@ -176,26 +145,15 @@ def Src_xianzhi(e_hour):
# print(filtered_articles) # print(filtered_articles)
if filtered_articles: if filtered_articles:
result_long, short_results = get_filtered_articles(filtered_articles) results = get_filtered_articles(filtered_articles, Is_short)
return result_long, short_results return results
else: else:
return False return False
if __name__ == "__main__": if __name__ == "__main__":
results = Src_xianzhi(124) reslts = Src_xianzhi(4, False)
if results != False: if reslts != False:
result_long, short_results = results print(reslts)
# 打印长文本结果
print("长文本结果:")
print(result_long)
print("\n" + "-" * 40 + "\n")
# 打印分块的短文本结果
print("分块的短文本结果:")
for short_result in short_results:
print(short_result)
print("\n" + "-" * 40 + "\n")
else: else:
# 如果为空,则跳过执行 # 如果为空,则跳过执行
print("-" * 40) print("-" * 40)

0
resources/log/core.log → JSON/xianzhi.json
View File

88
README.md
View File

@ -1,46 +1,12 @@
<div align="center"> ## 持续更新中 <br>
# 🛡️ SecPulse - 赛博脉动
> 面向网络安全领域的智能资讯聚合与推送系统
[![Python](https://img.shields.io/badge/Python-3.6+-blue.svg)](https://www.python.org/)
[![License](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
**实时感知安全领域的脉搏跳动** 🔔
</div>
## 🚀 快速开始 <br>
RSS订阅链接来源https://github.com/zhengjim/Chinese-Security-RSS <br> RSS订阅链接来源https://github.com/zhengjim/Chinese-Security-RSS <br>
使用python-json进行格式化然后使用飞书webhook机器人进行发送 <br> 使用python-json进行格式化然后使用飞书webhook机器人进行发送 <br>
./config/config.yaml 可指定发送渠道、运行方式等基础配置信息 <br> config.yaml可指定大部分可能需要的参数 <br>
./config/keywords.yaml 可指定关键词参数(支持热修改) <br>
./config/github_config.yaml 可指定Github相关参数支持热修改 <br>
更新记录请查看./UpdateLOG.md
### 📱 推送渠道 <br> ### 日志相关
请查看./log文件夹下内容 <br>
目前支持以下推送渠道: <br> ### 使用建议: <br>
- 飞书Feishu <br>
- 企业微信WeChat Work <br>
#### 后续更新渠道: <br>
- 钉钉DingTalk <br>
- 蓝信Lanxin <br>
#### 停更渠道: <br>
邮件Email中断开发 <br>
### 项目特色 <br>
- 模块化爬虫获取信息部分、分析对获取的json信息进行筛选分析存储、推送推送至各渠道、网页等各模块均可单独运行。 <br>
- 轻量化默认使用sqlite以及其他常见的各系统自带的库用户仅需配置python环境不会占用过多内存。 <br>
- 简单化配置好config后即可一步运行效率极高。 <br>
### 日志相关 <br>
请查看./resources/log文件夹下内容 <br>
### 🖥️ Linux后台运行建议 <br>
Linux系统建议下载screen于后台持续运行本脚本。 <br> Linux系统建议下载screen于后台持续运行本脚本。 <br>
debian/ubuntu/kali: `apt install screen` <br> debian/ubuntu/kali: `apt install screen` <br>
centos: `yum install screen` <br> centos: `yum install screen` <br>
@ -49,47 +15,25 @@ centos: `yum install screen` <br>
重新进入会话:`screen -r 会话名称` <br> 重新进入会话:`screen -r 会话名称` <br>
结束对话:进入会话后输入`exit` <br> 结束对话:进入会话后输入`exit` <br>
当然您也可以直接使用install脚本一键注册systemd服务注意请将Core.py主函数中的send_first_message()注释掉,防止反复触发首次运行效果) <br>
### 使用方法: <br> ### 使用方法: <br>
先下载支持库:`pip install -r requirements.txt` <br> 先下载支持库:`pip install -r requirements.txt` <br>
随后便可直接运行:`python Core.py` <br> 随后便可直接运行:`python Core.py` <br>
web运行直接将本程序包放置于支持php的网站路径下然后访问即可 <br> web运行`python ./web/app.py` <br>
随后web网页将会在本地5000端口启动访问即可使用反向代理即可以域名映射到外网 <br>
直接运行install.sh即可注册system服务持续化运行目前脚本存在一定问题正在尽力修复。 <br> 直接访问web域名即可查看历史推送访问路径/log即可查看程序运行日志 <br>
### 配置 <br> ### 配置 <br>
首先先在飞书中创建群组然后再创建WebHook机器人 <br> 首先先在飞书中创建群组然后再创建WebHook机器人 <br>
<center><img src="./resources/imgs/group.jpg" width="50%" alt="群组"/></center><br> <center><img src="./imgs/group.jpg" width="50%" alt="群组"/></center><br>
<center><img src="./resources/imgs/add_bot.jpg" width="50%" alt="添加机器人"/></center><br> <center><img src="./imgs/add_bot.jpg" width="50%" alt="添加机器人"/></center><br>
随后在配置机器人时可打开签名验证您也可自行选择IP白名单 <br> 随后在配置机器人时可打开签名验证您也可自行选择IP白名单 <br>
<center><img src="./resources/imgs/bot_config.jpg" width="50%" alt="机器人配置"/></center><br> <center><img src="./imgs/bot_config.jpg" width="50%" alt="机器人配置"/></center><br>
再之后将配置信息填入config.yaml文件当中 <br> 再之后将配置信息填入config.yaml文件当中 <br>
<center><img src="./resources/imgs/config.jpg" width="50%" alt="配置"/></center><br> <center><img src="./imgs/config.jpg" width="50%" alt="配置"/></center><br>
那么现在,您就可以开始运行使用了。 <br> 那么现在,您就可以开始运行使用了。 <br>
### Github访问限制配置 <br>
若短时间内请求次数过多可能会被github限制可参考以下配置 <br>
- 对于未经身份验证的请求github 速率限制允许每小时最多 60 个请求 <br>
- 而通过使用基本身份验证的 API 请求,每小时最多可以发出 5,000 个请求 <br>
- https://github.com/settings/tokens/new 创建token时间建议选择无限制。<br>
<center><img src="./resources/imgs/github-token.png" width="80%" alt="飞书运行提示"/></center><br>
`./config/github_config.yaml`中可配置github_token <br>
### 运行结果 <br>
### 📊 运行效果展示 <br> <center><img src="./imgs/start.jpg" width="50%" alt="飞书运行提示"/></center><br>
<center><img src="./resources/imgs/run.jpg" width="50%" alt="后端"/></center><br> <center><img src="./imgs/result.jpg" width="50%" alt="飞书运行展示"/></center><br>
<center><img src="./resources/imgs/start.jpg" width="50%" alt="飞书运行提示"/></center><br> <center><img src="./imgs/run.jpg" width="50%" alt="后端"/></center><br>
<center><img src="./resources/imgs/result.jpg" width="50%" alt="飞书运行展示"/></center><br>
<center><img src="./resources/imgs/result_mobile.jpg" width="70%" alt="飞书运行展示-安卓"/></center><br>
### 📝 更新日志 <br>
详细的更新记录请查看 [UpdateLOG.md](./UpdateLOG.md)
### 🤝 贡献指南 <br>
欢迎提交Issue和Pull Request来改进本项目<br>
您也可以通过QQ2857911564或者发送邮件admin@masonliu.com给我反馈问题。<br>
### 🙏 致谢 <br>
RSS订阅链接来源[Chinese-Security-RSS](https://github.com/zhengjim/Chinese-Security-RSS) <br>
感谢所有为开源社区做出贡献的开发者 <br>

3
SendCore/DocGeneBot.py
View File

@ -1,3 +0,0 @@
'''
文档生成功能暂无开发计划
'''

2
SendCore/FeishuSendBot.py
View File

@ -9,7 +9,7 @@ import time
import yaml import yaml
def gen_sign(): def gen_sign():
with open('./config/config.yaml', 'r', encoding="utf-8") as file: with open('./config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file) config = yaml.safe_load(file)
secret = f"{config['fs_secret']}" secret = f"{config['fs_secret']}"
# print(secret) # print(secret)

5
SendCore/MailSendBot.py
View File

@ -1,8 +1,5 @@
#!/usr/bin/python #!/usr/bin/python
# -*- coding: UTF-8 -*- # -*- coding: UTF-8 -*-
'''
邮件发送功能开发流程已中断无实际利用场景
'''
import yaml import yaml
import smtplib import smtplib
@ -10,7 +7,7 @@ from email.mime.text import MIMEText
from email.header import Header from email.header import Header
# 加载参数 # 加载参数
with open('./config/config.yaml', 'r', encoding="utf-8") as file: with open('./config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file) config = yaml.safe_load(file)
mail_host = f"{config['mail_host']}" mail_host = f"{config['mail_host']}"
mail_user = f"{config['mail_user']}" mail_user = f"{config['mail_user']}"

2
SendCore/QiweiSendBot.py
View File

@ -9,7 +9,7 @@ import hmac
import time import time
import yaml import yaml
with open('./config/config.yaml', 'r', encoding="utf-8") as file: with open('./config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file) config = yaml.safe_load(file)
webhook_url = f"https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key={config['wx_key']}" webhook_url = f"https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key={config['wx_key']}"
# print(webhook_url) # print(webhook_url)

BIN
SendCore/__pycache__/FeishuSendBot.cpython-312.pyc
View File

Binary file not shown.

BIN
SendCore/__pycache__/QiweiSendBot.cpython-312.pyc
View File

Binary file not shown.

67
UpdateLOG.md
View File

@ -1,56 +1,21 @@
### 问题反馈 ### 从2024年12月15日开始记录
- 准点发送的文章在定点推送模式下可能会被遗漏推送
`已通过增加时间范围功能改善此问题,彻底解决需要重构代码`
- 钉钉/企业微信/蓝信webhook存在字节长度限制需要优化程序推送逻辑
`重构了短文本推送机制已解决此bug`
- 首次运行时若抓取RSS源失败筛选模块无法获取json文件时会导致中断
`为项目添加一个初始json文件`
- 程序运行会产生越来越巨大的DB文件与Markdown文件同时web网页显示的内容也会非常长不利于节省服务器流量与加载速度
`为系统添加性能限制模块`
### 下一步计划(待完成) ### 问题反馈 <br>
- 添加更多推送方式,如邮件、微信等 - 准点发送的文章在定点推送模式下可能会被遗漏推送 <br>
- 添加谷歌搜索等更多相关检测源,后续将支持谷歌语法 - 钉钉/企业微信/蓝信webhook存在字节长度限制需要优化程序推送逻辑 <br>
### 下一步计划 <br>
### 下一步计划(已完成) - 添加更多RSS订阅源持续进行中 <br>
- 将所有打印信息转为logging info并存档已完成<br> - 将所有打印信息转为logging info并存档已完成<br>
- 将logging info转为异步的loguru已完成 - 将logging info转为异步的loguru已完成 <br>
- 探查异常中断原因已解决获取rss源时的请求未做超时检测 - 探查异常中断原因已发现获取rss源时的请求未做超时 <br>
- 添加超时机制,防止程序异常卡死(已完成) - 添加超时机制,防止程序异常卡死(已完成) <br>
- 存档所有推送文章方便以后查看(已完成) - 存档所有推送文章方便以后查看(已完成) <br>
- 创建Web网页以展示最新推送info.masonliu.com已完成 - 添加更多推送方式,如邮件、微信等 <br>
- 更换筛选模块,由时段筛选改为历史记录筛选以确保不会有资讯漏报(筛选条件增加了时间筛选和是否已发送筛选) - 创建Web网页以展示最新推送info.masonliu.com <br>
- 添加GitHub等监测源重构参考项目逻辑并上线
- 添加百度监测源
- 添加性能限制模块(限制每次读取数量)
- 将搜狗-微信和GitHub同步上网站推送
### 下一步计划(已作废)
- 添加Mysql作为数据库存储现有sqlite已满足使用
### 更新日志 ### 更新日志
#### 从2024年12月15日开始记录 - 2024年12月15日早优化了文件结构修复了日志记录时的小BUG添加web展示日志功能 <br>
- 2024年12月15日早优化了文件结构修复了日志记录时的小BUG添加web展示日志功能 - 2024年12月15日晚修复了单次运行结束时的校验错误问题 <br>
- 2024年12月15日晚修复了单次运行结束时的校验错误问题 - 2024年12月18日早添加了短文本推送机制一定程度上解决了长字节推送问题解决办法正在思考中 <br>
- 2024年12月18日早添加了短文本推送机制一定程度上解决了长字节推送问题解决办法正在思考中 - 2024年12月24日晚上传了测试0.1版本,修复了报错问题 <br>
- 2024年12月24日晚上传了测试0.1版本,修复了报错问题
- 2024年12月25日早优化了代码逻辑和表现
- 2024年12月25日晚优化了推送报文格式
- 2024年12月30日添加并完善了基于搜狗搜索的微信公众号文章监测
- 2024年12月30日晚为洞见微信资讯推送添加了关键词筛选
- 2025年01月02日更新并上线了Github项目监测功能readme后续更新中
- 2025年01月02日晚再次优化了文件结构提高可读性
- 2025年01月05日晚修复了doonsec相关配置的bug程序现已可正常运行
- 2025年01月06日更新了配置信息自动获取的逻辑添加关键词等现可在运行时添加重要配置信息config.yaml仍需暂停重新运行
- 2025年01月10日上午修复了github推送的问题时区消息配置错误等
- 2025年01月10日下午上线了百度搜索内容监测
- 2025年01月14日晚添加了网站读取文件逻辑仅读取限制数量的文件避免文件过大导致程序崩溃或是阅读困难
- 2025年01月15日早优化并精简了web程序的代码
- 2025年01月22日完善短文本推送机制现已可完美支持推送至企业微信、钉钉、蓝信、微信等等待后续开发
- 2025年01月24日早修复了json文件为空时程序中断的问题并优化了报错逻辑
- 2025年03月10日早为程序添加了通用rss接口可支持更多rss源
- 2025年03月14日晚为程序添加了通用rss发送程序同时修复了一个神奇的bug现可支持更多rss源
- 2026年05月04日晚更新了当前的WEB UI样式并重新启动程序开发计划
- 2026年05月11日晚稍微更新了一下sh脚本项目更名为SecPulse赛博脉动
- 2026年05月19日晚重大版本更新网页优化修复bugsqlite支持度提升

24
config.yaml Normal file
View File

@ -0,0 +1,24 @@
# 飞书相关配置信息
fs_activate: True
fs_key: # 此处填写token记得冒号后空一格如aa04a02f-d7bf-4279-bd48-44c4f28c8f74
fs_secret: # 此处填写签名密钥记得冒号后空一格如4tq65T4jm1MO2IlxvHxBWe
# 企业微信相关配置信息
wx_activate: True
wx_key: # 此处填写token记得冒号后空一格如9a3dd6ff-75d6-4208-bc4b-77724a5805d6
# 钉钉相关配置信息
ding_activate: False
# 蓝信相关配置信息
lx_activate: False
# 邮件配置,邮件推送正在完善中
mail_host: smtp.masonliu.com #设置服务器
mail_user: test@masonliu.com #用户名
mail_pass: Test123456 #口令
sender: test@masonliu.com
receivers: ['2857911564@qq.com']
# 结算时间范围
e_hour: 4 # 程序运行时间间隔
circle: 1 # 是否启用循环设置为0后将设置为特定时间点运行

BIN
config/__pycache__/check_config.cpython-312.pyc
View File

Binary file not shown.

88
config/check_config.py
View File

@ -1,88 +0,0 @@
import yaml
from loguru import logger
# 清除所有已有的日志记录器配置
logger.remove()
logger.add("./resources/log/core.log",
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}",
rotation="100 MB",
compression="zip",
encoding="utf-8")
# shell终端打印日志
logger.add(lambda msg: print(msg),
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}")
def get_core_config():
# 加载参数
with open('./config/config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file)
debug = config.get('debug', 'False') # 使用 get 方法提供默认值
if str(debug).lower() == "true": # 统一转换为小写进行比较
logger.debug("Debug mode is on")
# logger.debug(f"Loaded config: {config}") # 输出加载的配置,可能导致密钥泄露,请勿取消注释
time_choice = int(f"{config['time_mode']}")
choice = config['mode'] # 假设 mode 是一个列表
e_hour = int(config.get('e_hour', '4')) # 默认循环时间为4小时
fs_activate = f"{config['fs_activate']}"
if fs_activate == "True":
fs_key = config.get('fs_key')
fs_secret = config.get('fs_secret')
if not fs_key or not fs_secret:
logger.error("飞书相关配置不能为空,请检查配置文件./config/config.yaml")
exit(5)
wx_activate = f"{config['wx_activate']}"
if wx_activate == "True":
wx_key = config.get('wx_key')
if not wx_key:
logger.error("企业微信相关配置不能为空,请检查配置文件./config/config.yaml")
exit(5)
ding_activate = f"{config['ding_activate']}"
if ding_activate == "True":
ding_key = config.get('ding_key')
if not ding_key:
logger.error("钉钉相关配置不能为空,请检查配置文件./config/config.yaml")
exit(5)
lx_activate = f"{config['lx_activate']}"
if lx_activate == "True":
lx_key = config.get('lx_key')
if not lx_key:
logger.error("蓝信相关配置不能为空,请检查配置文件./config/config.yaml")
exit(5)
url_web = f"{config['url']}"
return e_hour, time_choice, choice, fs_activate, wx_activate, ding_activate, lx_activate, url_web
def get_debug_config():
with open('./config/config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file)
debug = f"{config['debug']}"
return debug
def get_keywords_config(item):
with open('./config/keywords.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file)
if item == 'Doonsec':
Doonsec_switch = config.get('Doonsec-switch', False)
Doonsec = config['Doonsec']
return Doonsec_switch, Doonsec
elif item == 'Sogou-WX':
Sogou_WX = config['Sogou-WX']
return Sogou_WX
elif item == 'Baidu':
Baidu = config['Baidu']
return Baidu
elif item == 'Unity':
uni_switch = config.get('uni-switch', False)
Unity = config['Unity']
return uni_switch, Unity
else:
logger.error("参数错误,请检查./config/keywords.yaml")

40
config/config.yaml
View File

@ -1,40 +0,0 @@
# 飞书相关配置信息
# fs_activate: True
fs_activate: True
fs_key: aa04a02f-d7bf-4279-bd48-44c4f28c8f74 # 此处填写token记得冒号后空一格如aa04a02f-d7bf-4279-bd48-44c4f28c8f74
fs_secret: 4tq65T4jm1MO2IlxvHxBWe # 此处填写签名密钥记得冒号后空一格如4tq65T4jm1MO2IlxvHxBWe
# 企业微信相关配置信息
wx_activate: False
wx_key: 9a3dd6ff-75d6-4208-bc4b-77724a5805d6 # 此处填写token记得冒号后空一格如9a3dd6ff-75d6-4208-bc4b-77724a5805d6
# 钉钉相关配置信息
ding_activate: False
ding_key:
# 蓝信相关配置信息
lx_activate: False
lx_key:
# 邮件配置,邮件推送正在完善中
mail_host: smtp.masonliu.com #设置服务器
mail_user: test@masonliu.com #用户名
mail_pass: Test123456 #口令
sender: test@masonliu.com
receivers: ['2857911564@qq.com']
# 结算时间范围
e_hour: 4 # 程序运行时间间隔
time_mode: 1
# 0定时运行模式仅在指定时间运行参照Core.py中设置
# 1启用循环一定间隔时间后运行
mode: [0, 1, 2, 3] # 运行模式,可多选
# 0启用RSS抓取模式
# 1启用搜狗-微信公众号文章监测
# 2启用github项目监测
# 3启用百度搜索内容监测
# 网址配置
url: https://info.masonliu.com/ # 请设置为您自己反代的域名,或者改为 http://127.0.0.1:5000 或者对应IP域名
# 调试模式
debug: True

32
config/github_config.yaml
View File

@ -1,32 +0,0 @@
# github相关配置信息
github_token: # 此处填写github-token在高速率获取github资源时有效防止403封禁
translate: False # 是否开启翻译
# 监控列表
tool_list: # 监控已创建的仓库是否更新
keyword_list: # 监控关键词
- 未授权
- POC
- RCE
- 反序列化
- webshell
- CVE-2026
- 内网渗透
- 漏洞检测
- 钓鱼
user_list: # 监控用户
black_words: # 监控违禁词
- 反共
- 反中共
- 反华
- 香港独立
- 港独
- 共产党
- 毛泽东
- 习近平
- 台独

6
config/keywords.yaml
View File

@ -1,6 +0,0 @@
Doonsec-switch: False
Doonsec: ["逆向", "解包", "POC"] # 洞见微信安全资讯关键词
uni-switch: False
Unity: ["逆向", "解包", "POC", "漏洞"] # 聚合RSS资讯关键词
Sogou-WX: ["银行测试", "APP逆向", "渗透测试", "手机银行漏洞", "银行漏洞", "支付漏洞"] # 基于搜狗引擎搜索特定关键词的微信公众号文章
Baidu: ["银行测试", "APP逆向", "渗透测试", "手机银行漏洞", "银行漏洞", "支付漏洞"] # 基于百度搜索特定关键词的文章

9
config/uni_rss.yaml
View File

@ -1,9 +0,0 @@
link:
- 美团技术团队|https://tech.meituan.com/feed
- 360 Netlab Blog|https://blog.netlab.360.com/rss # 当前无法处理该时间格式
- 知道创宇404实验室|https://paper.seebug.org/rss
- 腾讯安全响应中心|https://security.tencent.com/index.php/feed/blog
- Hacker News|https://hnrss.org/frontpage
wechat:
- 美团技术团队|https://wechat2rss.xlab.app/feed/294bc034c9941529cd86a8a4b8999d100186c04d.xml

46
db/Format_to_txt.py Normal file
View File

@ -0,0 +1,46 @@
import os
import sqlite3
def read_sqlite_and_append_to_file(folder_path, output_file='./1.txt'):
"""
读取指定文件夹下所有SQLite数据库中的数据并将其按照列名: 内容的格式
追加到指定的文本文件中
:param folder_path: 包含SQLite数据库的文件夹路径
:param output_file: 输出文件的路径默认为'1.txt'
"""
# 遍历文件夹中的所有文件
for filename in os.listdir(folder_path):
if filename.endswith('.db'):
db_path = os.path.join(folder_path, filename)
# 连接到SQLite数据库
conn = sqlite3.connect(db_path)
cursor = conn.cursor()
# 获取所有表名
cursor.execute("SELECT name FROM sqlite_master WHERE type='table';")
tables = cursor.fetchall()
for table_name in tables:
table_name = table_name[0]
# 获取表的列名
cursor.execute(f"PRAGMA table_info({table_name});")
columns = cursor.fetchall()
column_names = [col[1] for col in columns]
# 查询表中的所有数据
cursor.execute(f"SELECT * FROM {table_name};")
rows = cursor.fetchall()
for row in rows:
# 将每一行的数据按照“列名: 内容”的格式写入文件
with open(output_file, 'a', encoding='utf-8') as file:
for col_name, value in zip(column_names, row):
file.write(f"{col_name}: {value}\n")
file.write("\n") # 每一行数据之间添加一个空行
# 关闭数据库连接
conn.close()
# 示例使用
read_sqlite_and_append_to_file('./db/')

0
history/sec_news.md Normal file
View File

0
history/tech_passage.md Normal file
View File

0
resources/imgs/add_bot.jpg → imgs/add_bot.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 267 KiB

After

Width:  |  Height:  |  Size: 267 KiB

0
resources/imgs/bot_config.jpg → imgs/bot_config.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 113 KiB

After

Width:  |  Height:  |  Size: 113 KiB

0
resources/imgs/config.jpg → imgs/config.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 109 KiB

After

Width:  |  Height:  |  Size: 109 KiB

0
resources/imgs/group.jpg → imgs/group.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 275 KiB

After

Width:  |  Height:  |  Size: 275 KiB

0
resources/imgs/result.jpg → imgs/result.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 199 KiB

After

Width:  |  Height:  |  Size: 199 KiB

0
resources/imgs/run.jpg → imgs/run.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 117 KiB

After

Width:  |  Height:  |  Size: 117 KiB

0
resources/imgs/start.jpg → imgs/start.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 95 KiB

After

Width:  |  Height:  |  Size: 95 KiB

1279
index.php
View File

File diff suppressed because it is too large Load Diff

85
install.sh
View File

@ -1,85 +0,0 @@
#!/bin/bash
set -e
BASE_DIR=$(cd "$(dirname "$0")"; pwd)
USER_NAME=$(whoami)
ehco -e "███████ ███████ ██████ ██████ ██ ██ ██ ███████ ███████
██ ██ ██ ██ ██ ██ ██ ██ ██ ██
███████ █████ ██ ██████ ██ ██ ██ ███████ █████
██ ██ ██ ██ ██ ██ ██ ██ ██
███████ ███████ ██████ ██ ██████ ███████ ███████ ███████
"
echo "欢迎使用 SecPulse 赛博脉动监控推送系统"
echo "项目路径: $BASE_DIR"
# 检测 Python
if command -v python3 >/dev/null 2>&1; then
PYTHON_CMD=python3
elif command -v python >/dev/null 2>&1; then
PYTHON_CMD=python
else
echo "❌ 未检测到 Python请先安装 Python 3.6+"
exit 1
fi
VERSION=$($PYTHON_CMD -c 'import sys; print(".".join(map(str, sys.version_info[:3])))')
MAJOR=$(echo $VERSION | cut -d. -f1)
MINOR=$(echo $VERSION | cut -d. -f2)
if [ "$MAJOR" -lt 3 ] || { [ "$MAJOR" -eq 3 ] && [ "$MINOR" -lt 6 ]; }; then
echo "❌ Python 版本过低(需要 >= 3.6),当前版本: $VERSION"
exit 1
fi
echo "✅ 检测到 Python: $PYTHON_CMD ($VERSION)"
# 检查 pip
if ! $PYTHON_CMD -m pip --version >/dev/null 2>&1; then
echo "❌ pip 未安装或不可用"
exit 1
fi
# 安装依赖
if [ -f "$BASE_DIR/requirements.txt" ]; then
echo "📦 安装 Python 依赖..."
$PYTHON_CMD -m pip install --upgrade pip -q
$PYTHON_CMD -m pip install -r "$BASE_DIR/requirements.txt" -q
echo "✅ 依赖安装完成"
else
echo "⚠️ 未找到 requirements.txt跳过依赖安装"
fi
# 创建 systemd 服务
sudo tee /etc/systemd/system/secpulse.service > /dev/null <<EOF
[Unit]
Description=SecPulse Core Service
After=network.target
[Service]
Type=simple
User=$USER_NAME
WorkingDirectory=$BASE_DIR
ExecStart=$PYTHON_CMD $BASE_DIR/Core.py
Restart=always
RestartSec=3
Environment=PYTHONUNBUFFERED=1
[Install]
WantedBy=multi-user.target
EOF
# 重载并启动服务
sudo systemctl daemon-reload
sudo systemctl enable --now secpulse
echo ""
echo "===================================="
echo "✅ SecPulse 服务已安装并启动"
echo "📄 日志查看: sudo journalctl -u SecPulse -f"
echo "🌐 访问 index.php 获取网页服务"
echo "===================================="

239
log.php
View File

@ -1,239 +0,0 @@
<?php
// log.php - 日志查看页面
// 设置字符编码
header('Content-Type: text/html; charset=utf-8');
// 日志文件路径
$logFile = './resources/log/core.log';
// 检查日志文件是否存在
if (!file_exists($logFile)) {
$logContent = "日志文件不存在: " . htmlspecialchars($logFile);
} else {
// 读取日志文件内容
$logContent = file_get_contents($logFile);
// 如果文件为空
if (empty($logContent)) {
$logContent = "日志文件为空";
}
// 对内容进行HTML转义以防止XSS攻击
$logContent = htmlspecialchars($logContent, ENT_QUOTES, 'UTF-8');
}
// 获取最后修改时间
$lastModified = file_exists($logFile) ? date("Y-m-d H:i:s", filemtime($logFile)) : "未知";
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="shortcut icon" href="./static/favicon.ico" type="image/x-icon">
<title>SecPulse运行日志</title>
<!-- 引入 Layui CSS -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/layui-src/dist/css/layui.css">
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: "Microsoft YaHei", Arial, sans-serif;
background-color: #f5f5f5;
padding: 20px;
line-height: 1.6;
}
.container {
max-width: 1200px;
margin: 0 auto;
background: white;
border-radius: 8px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
overflow: hidden;
}
.header {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
padding: 20px;
text-align: center;
}
.header h1 {
font-size: clamp(1.5rem, 4vw, 2.5rem);
margin-bottom: 10px;
}
.header p {
font-size: clamp(0.9rem, 2vw, 1.1rem);
opacity: 0.9;
}
.info-bar {
background: #f8f9fa;
padding: 15px 20px;
border-bottom: 1px solid #eee;
display: flex;
justify-content: space-between;
align-items: center;
flex-wrap: wrap;
gap: 10px;
}
.info-item {
font-size: 0.9rem;
color: #666;
}
.log-container {
padding: 20px;
max-height: 70vh;
overflow-y: auto;
}
.log-content {
background: #2d2d2d;
color: #f8f8f2;
padding: 20px;
border-radius: 6px;
font-family: 'Consolas', 'Monaco', monospace;
font-size: clamp(0.8rem, 1.5vw, 0.95rem);
line-height: 1.5;
white-space: pre-wrap;
word-wrap: break-word;
overflow-x: auto;
}
.footer {
text-align: center;
padding: 15px;
background: #f8f9fa;
color: #666;
font-size: 0.85rem;
border-top: 1px solid #eee;
}
/* 响应式设计 */
@media (max-width: 768px) {
body {
padding: 10px;
}
.header {
padding: 15px;
}
.info-bar {
flex-direction: column;
align-items: flex-start;
gap: 5px;
}
.log-container {
padding: 15px;
max-height: 60vh;
}
.log-content {
padding: 15px;
font-size: 0.85rem;
}
}
@media (max-width: 480px) {
.header h1 {
font-size: 1.3rem;
}
.header p {
font-size: 0.85rem;
}
.log-content {
font-size: 0.8rem;
padding: 10px;
}
}
/* 滚动条样式 */
.log-container::-webkit-scrollbar {
width: 8px;
}
.log-container::-webkit-scrollbar-track {
background: #f1f1f1;
border-radius: 4px;
}
.log-container::-webkit-scrollbar-thumb {
background: #c1c1c1;
border-radius: 4px;
}
.log-container::-webkit-scrollbar-thumb:hover {
background: #a8a8a8;
}
</style>
</head>
<body>
<div class="container">
<div class="header">
<h1>📋 程序运行日志</h1>
<p>实时监控系统运行状态</p>
</div>
<div class="info-bar">
<div class="info-item">
<strong>日志文件:</strong> <?php echo htmlspecialchars(basename($logFile)); ?>
</div>
<div class="info-item">
<strong>最后更新:</strong> <?php echo $lastModified; ?>
</div>
<div class="info-item">
<strong>文件大小:</strong> <?php echo formatFileSize(file_exists($logFile) ? filesize($logFile) : 0); ?>
</div>
</div>
<div class="log-container">
<div class="log-content"><?php echo $logContent; ?></div>
</div>
<div class="footer">
<p>© 2026 SecPulse 日志系统 | 自动刷新间隔: 30</p>
</div>
</div>
<script>
// 自动刷新功能
setTimeout(function() {
location.reload();
}, 30000); // 30秒自动刷新
// 滚动到底部
window.addEventListener('load', function() {
const logContainer = document.querySelector('.log-container');
if (logContainer) {
logContainer.scrollTop = logContainer.scrollHeight;
}
});
</script>
<?php
// 格式化文件大小函数
function formatFileSize($bytes) {
if ($bytes === 0) return '0 Bytes';
$k = 1024;
$sizes = ['Bytes', 'KB', 'MB', 'GB'];
$i = floor(log($bytes) / log($k));
return round($bytes / pow($k, $i), 2) . ' ' . $sizes[$i];
}
?>
</body>
</html>

0
log/core.log Normal file
View File

0
log/spider.log Normal file
View File

62
spider/common.py → media/common.py
View File

@ -6,13 +6,26 @@ import json
from requests.exceptions import RequestException from requests.exceptions import RequestException
from loguru import logger from loguru import logger
logger.add("./log/spider.log",
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}",
rotation="10 MB",
compression="zip",
encoding="utf-8")
# shell终端打印日志
# logger.add(lambda msg: print(msg),
# format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}")
# 测试用爬虫请求头 # 测试用爬虫请求头
headers = { headers = {
"Content-Type": "application/json", "Content-Type": "application/json",
"Cache-Control": "no-cache", "Cache-Control": "no-cache",
"Upgrade-Insecure-Requests": "1", "Upgrade-Insecure-Requests": "1",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0", "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
"Sec-Fetch-Site": "same-origin",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-User": "?1",
"Sec-Fetch-Dest": "document",
"Accept-Language": "zh-CN,zh;q=0.9" "Accept-Language": "zh-CN,zh;q=0.9"
} }
@ -40,7 +53,7 @@ def fetch_rss(url, headers, timeout=60):
logger.warning(f"请求 {url} 超时,跳过保存操作。") logger.warning(f"请求 {url} 超时,跳过保存操作。")
return None return None
except RequestException as e: except RequestException as e:
logger.warning(f"请求 {url} 时发生错误: {e}") logger.error(f"请求 {url} 时发生错误: {e}")
return None # 返回None表示请求失败 return None # 返回None表示请求失败
def parse_rss(rss_content): def parse_rss(rss_content):
@ -69,11 +82,11 @@ def seebug_main():
items = parse_rss(rss_content) items = parse_rss(rss_content)
# 确保目录存在 # 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/seebug.json'), exist_ok=True) os.makedirs(os.path.dirname('./JSON/seebug.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件 # 将解析后的数据保存到 JSON 文件
save_to_json(items, './resources/JSON/seebug.json') save_to_json(items, './JSON/seebug.json')
logger.info("数据已保存到 ./resources/JSON/seebug.json") logger.info("数据已保存到 ./JSON/seebug.json")
# 4hou 爬虫 # 4hou 爬虫
def M_4hou_main(): def M_4hou_main():
@ -87,11 +100,11 @@ def M_4hou_main():
items = parse_rss(rss_content) items = parse_rss(rss_content)
# 确保目录存在 # 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/4hou.json'), exist_ok=True) os.makedirs(os.path.dirname('./JSON/4hou.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件 # 将解析后的数据保存到 JSON 文件
save_to_json(items, './resources/JSON/4hou.json') save_to_json(items, './JSON/4hou.json')
logger.info("数据已保存到 ./resources/JSON/4hou.json") logger.info("数据已保存到 ./JSON/4hou.json")
# 安全客 爬虫 # 安全客 爬虫
def anquanke_main(): def anquanke_main():
@ -105,11 +118,11 @@ def anquanke_main():
items = parse_rss(rss_content) items = parse_rss(rss_content)
# 确保目录存在 # 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/anquanke.json'), exist_ok=True) os.makedirs(os.path.dirname('./JSON/anquanke.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件 # 将解析后的数据保存到 JSON 文件
save_to_json(items, './resources/JSON/anquanke.json') save_to_json(items, './JSON/anquanke.json')
logger.info("数据已保存到 ./resources/JSON/anquanke.json") logger.info("数据已保存到 ./JSON/anquanke.json")
# sec_wiki 爬虫 # sec_wiki 爬虫
def sec_wiki_main(): def sec_wiki_main():
@ -123,11 +136,11 @@ def sec_wiki_main():
items = parse_rss(rss_content) items = parse_rss(rss_content)
# 确保目录存在 # 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/sec_wiki.json'), exist_ok=True) os.makedirs(os.path.dirname('./JSON/sec_wiki.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件 # 将解析后的数据保存到 JSON 文件
save_to_json(items, './resources/JSON/sec_wiki.json') save_to_json(items, './JSON/sec_wiki.json')
logger.info("数据已保存到 ./resources/JSON/sec_wiki.json") logger.info("数据已保存到 ./JSON/sec_wiki.json")
# 华为 爬虫 # 华为 爬虫
def huawei_main(): def huawei_main():
@ -141,11 +154,11 @@ def huawei_main():
items = parse_rss(rss_content) items = parse_rss(rss_content)
# 确保目录存在 # 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/huawei.json'), exist_ok=True) os.makedirs(os.path.dirname('./JSON/huawei.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件 # 将解析后的数据保存到 JSON 文件
save_to_json(items, './resources/JSON/huawei.json') save_to_json(items, './JSON/huawei.json')
logger.info("数据已保存到 ./resources/JSON/huawei.json") logger.info("数据已保存到 ./JSON/huawei.json")
# 洞见微信聚合爬虫 # 洞见微信聚合爬虫
def doonsec_main(): def doonsec_main():
@ -159,11 +172,11 @@ def doonsec_main():
items = parse_rss(rss_content) items = parse_rss(rss_content)
# 确保目录存在 # 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/doonsec.json'), exist_ok=True) os.makedirs(os.path.dirname('./JSON/doonsec.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件 # 将解析后的数据保存到 JSON 文件
save_to_json(items, './resources/JSON/doonsec.json') save_to_json(items, './JSON/doonsec.json')
logger.info("数据已保存到 ./resources/JSON/doonsec.json") logger.info("数据已保存到 ./JSON/doonsec.json")
# 奇安信攻防社区 爬虫 # 奇安信攻防社区 爬虫
def qianxin_main(): def qianxin_main():
@ -177,11 +190,11 @@ def qianxin_main():
items = parse_rss(rss_content) items = parse_rss(rss_content)
# 确保目录存在 # 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/qianxin.json'), exist_ok=True) os.makedirs(os.path.dirname('./JSON/qianxin.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件 # 将解析后的数据保存到 JSON 文件
save_to_json(items, './resources/JSON/qianxin.json') save_to_json(items, './JSON/qianxin.json')
logger.info("数据已保存到 ./resources/JSON/qianxin.json") logger.info("数据已保存到 ./JSON/qianxin.json")
def run(): def run():
seebug_main() seebug_main()
@ -191,6 +204,3 @@ def run():
huawei_main() huawei_main()
doonsec_main() doonsec_main()
qianxin_main() qianxin_main()
if __name__ == "__main__":
run()

83
media/freebuf.py Normal file
View File

@ -0,0 +1,83 @@
# -*- coding: utf-8 -*-
import os
import requests
import xml.etree.ElementTree as ET
import json
from requests.exceptions import RequestException
from loguru import logger
logger.add("./log/spider.log",
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}",
rotation="10 MB",
compression="zip",
encoding="utf-8")
# shell终端打印日志
# logger.add(lambda msg: print(msg),
# format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}")
# 测试用爬虫请求头
headers = {
"Content-Type": "application/json",
"Cache-Control": "no-cache",
"Upgrade-Insecure-Requests": "1",
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
"Sec-Fetch-Site": "same-origin",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-User": "?1",
"Sec-Fetch-Dest": "document",
"Accept-Language": "zh-CN,zh;q=0.9"
}
def fetch_rss(url, headers, timeout=20):
try:
response = requests.get(url, headers=headers, timeout=timeout)
response.raise_for_status() # 检查请求是否成功
return response.content
except requests.Timeout:
logger.warning(f"请求 {url} 超时,跳过保存操作。")
return None
except RequestException as e:
logger.error(f"请求 {url} 时发生错误: {e}")
return None # 返回None表示请求失败
def parse_rss(rss_content):
items = []
root = ET.fromstring(rss_content)
for item in root.findall('.//item'):
item_dict = {}
for child in item:
tag = child.tag
# 将一标签替换名称方便处理
if tag.startswith('{http://purl.org/rss/1.0/modules/content/}'):
tag = 'body'
item_dict[tag] = child.text
items.append(item_dict)
return items
def save_to_json(data, filename):
with open(filename, 'w', encoding='utf-8') as f:
json.dump(data, f, ensure_ascii=False, indent=4)
def freebuf_main():
url = "https://www.freebuf.com/feed"
rss_content = fetch_rss(url, headers)
if rss_content is None:
logger.warning("无法获取Freebuf RSS内容跳过保存操作。")
return
try:
items = parse_rss(rss_content)
# 确保目录存在
os.makedirs(os.path.dirname('./JSON/freebuf.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件
save_to_json(items, './JSON/freebuf.json')
logger.info("数据已保存到 ./JSON/freebuf.json")
except Exception as e:
logger.error(f"解析或保存Freebuf RSS内容时发生错误: {e}")
if __name__ == '__main__':
freebuf_main()

17
spider/xianzhi.py → media/xianzhi.py
View File

@ -5,6 +5,15 @@ import xmltodict
import json import json
from loguru import logger from loguru import logger
logger.add("./log/spider.log",
format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}",
rotation="10 MB",
compression="zip",
encoding="utf-8")
# shell终端打印日志
# logger.add(lambda msg: print(msg),
# format="{time:YYYY-MM-DD HH:mm:ss} - {level} - {name}:{function}:{line} - {message}")
# 测试用爬虫请求头 # 测试用爬虫请求头
headers = { headers = {
"Content-Type": "application/atom+xml; charset=utf-8", "Content-Type": "application/atom+xml; charset=utf-8",
@ -24,7 +33,7 @@ def fetch_rss(url, headers, timeout=20):
logger.warning(f"请求 {url} 超时,跳过保存操作。") logger.warning(f"请求 {url} 超时,跳过保存操作。")
return None return None
except requests.exceptions.RequestException as e: except requests.exceptions.RequestException as e:
logger.warning(f"请求 {url} 时发生错误: {e}") logger.error(f"请求 {url} 时发生错误: {e}")
return None # 返回None表示请求失败 return None # 返回None表示请求失败
# 先知社区 爬虫 # 先知社区 爬虫
@ -61,12 +70,12 @@ def xianzhi_main():
json_data = json.dumps(entries_json, ensure_ascii=False, indent=4) json_data = json.dumps(entries_json, ensure_ascii=False, indent=4)
# 保存 JSON 数据到文件 # 保存 JSON 数据到文件
with open('./resources/JSON/xianzhi.json', 'w', encoding='utf-8') as json_file: with open('./JSON/xianzhi.json', 'w', encoding='utf-8') as json_file:
json_file.write(json_data) json_file.write(json_data)
logger.info("数据已保存到 ./resources/JSON/xianzhi.json") logger.info("数据已保存到 ./JSON/xianzhi.json")
except Exception as e: except Exception as e:
logger.warning(f"解析或保存先知社区RSS内容时发生错误: {e}") logger.error(f"解析或保存先知社区RSS内容时发生错误: {e}")
# 示例调用 # 示例调用
if __name__ == "__main__": if __name__ == "__main__":

431
monitor.php
View File

@ -1,431 +0,0 @@
<?php
// monitor.php - 系统文件监控页面
// 设置字符编码
header('Content-Type: text/html; charset=utf-8');
// 格式化文件大小函数
function formatFileSize($bytes) {
if ($bytes === 0) return '0 Bytes';
$k = 1024;
$sizes = ['Bytes', 'KB', 'MB', 'GB'];
$i = floor(log($bytes) / log($k));
return round($bytes / pow($k, $i), 2) . ' ' . $sizes[$i];
}
// 格式化时间函数
function formatTime($timestamp) {
if (!$timestamp) return '未知';
return date("Y-m-d H:i:s", $timestamp);
}
// 获取目录信息的函数
function getDirectoryInfo($dirPath, $displayName) {
$files = [];
if (!is_dir($dirPath)) {
return [
'name' => $displayName,
'path' => $dirPath,
'exists' => false,
'files' => [],
'totalSize' => 0,
'fileCount' => 0
];
}
$items = glob($dirPath . '/*');
$totalSize = 0;
$fileCount = 0;
foreach ($items as $item) {
if (is_file($item)) {
$fileInfo = [
'name' => basename($item),
'path' => $item,
'size' => filesize($item),
'modified' => filemtime($item),
'extension' => strtolower(pathinfo($item, PATHINFO_EXTENSION))
];
$files[] = $fileInfo;
$totalSize += $fileInfo['size'];
$fileCount++;
}
}
// 按修改时间降序排列
usort($files, function($a, $b) {
return $b['modified'] - $a['modified'];
});
return [
'name' => $displayName,
'path' => $dirPath,
'exists' => true,
'files' => $files,
'totalSize' => $totalSize,
'fileCount' => $fileCount
];
}
// 定义要监控的目录
$directories = [
getDirectoryInfo('./resources/log', 'SecPulse运行日志'),
getDirectoryInfo('./resources/db', '数据库文件'),
getDirectoryInfo('./resources/JSON', '中转JSON文件')
];
// 计算总体统计信息
$totalFiles = 0;
$totalSize = 0;
foreach ($directories as $dir) {
$totalFiles += $dir['fileCount'];
$totalSize += $dir['totalSize'];
}
$currentTime = date("Y-m-d H:i:s");
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="shortcut icon" href="./static/favicon.ico" type="image/x-icon">
<title>SecPulse系统文件监控</title>
<!-- 引入 Layui CSS -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/layui-src/dist/css/layui.css">
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: "Microsoft YaHei", Arial, sans-serif;
background-color: #f5f5f5;
padding: 20px;
line-height: 1.6;
}
.container {
max-width: 1200px;
margin: 0 auto;
background: white;
border-radius: 8px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
overflow: hidden;
}
.header {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
padding: 20px;
text-align: center;
}
.header h1 {
font-size: clamp(1.5rem, 4vw, 2.5rem);
margin-bottom: 10px;
}
.header p {
font-size: clamp(0.9rem, 2vw, 1.1rem);
opacity: 0.9;
}
.stats-bar {
background: #f8f9fa;
padding: 15px 20px;
border-bottom: 1px solid #eee;
display: flex;
justify-content: space-around;
align-items: center;
flex-wrap: wrap;
gap: 15px;
}
.stat-item {
text-align: center;
min-width: 120px;
}
.stat-value {
font-size: 1.5rem;
font-weight: bold;
color: #667eea;
}
.stat-label {
font-size: 0.85rem;
color: #666;
margin-top: 5px;
}
.directory-section {
margin: 20px;
border: 1px solid #eee;
border-radius: 6px;
overflow: hidden;
}
.directory-header {
background: linear-gradient(135deg, #f093fb 0%, #f5576c 100%);
color: white;
padding: 15px 20px;
display: flex;
justify-content: space-between;
align-items: center;
flex-wrap: wrap;
gap: 10px;
}
.directory-title {
font-size: 1.2rem;
font-weight: bold;
}
.directory-info {
font-size: 0.9rem;
opacity: 0.9;
}
.file-table {
width: 100%;
border-collapse: collapse;
}
.file-table th {
background: #f8f9fa;
padding: 12px 15px;
text-align: left;
font-weight: 600;
color: #333;
border-bottom: 2px solid #eee;
}
.file-table td {
padding: 12px 15px;
border-bottom: 1px solid #f0f0f0;
color: #666;
}
.file-table tr:hover {
background: #f8f9ff;
}
.file-name {
font-weight: 500;
color: #333;
}
.file-size {
font-family: 'Consolas', monospace;
color: #667eea;
}
.file-time {
font-size: 0.85rem;
color: #888;
}
.empty-directory {
padding: 30px;
text-align: center;
color: #999;
font-style: italic;
}
.footer {
text-align: center;
padding: 15px;
background: #f8f9fa;
color: #666;
font-size: 0.85rem;
border-top: 1px solid #eee;
}
/* 响应式设计 */
@media (max-width: 768px) {
body {
padding: 10px;
}
.header {
padding: 15px;
}
.stats-bar {
flex-direction: column;
gap: 10px;
}
.stat-item {
min-width: auto;
}
.directory-section {
margin: 15px;
}
.directory-header {
flex-direction: column;
align-items: flex-start;
gap: 8px;
}
.file-table {
font-size: 0.85rem;
}
.file-table th,
.file-table td {
padding: 8px 10px;
}
}
@media (max-width: 480px) {
.header h1 {
font-size: 1.3rem;
}
.header p {
font-size: 0.85rem;
}
.directory-title {
font-size: 1rem;
}
.file-table {
font-size: 0.8rem;
}
.file-table th,
.file-table td {
padding: 6px 8px;
}
}
/* 滚动条样式 */
::-webkit-scrollbar {
width: 8px;
height: 8px;
}
::-webkit-scrollbar-track {
background: #f1f1f1;
border-radius: 4px;
}
::-webkit-scrollbar-thumb {
background: #c1c1c1;
border-radius: 4px;
}
::-webkit-scrollbar-thumb:hover {
background: #a8a8a8;
}
</style>
</head>
<body>
<div class="container">
<div class="header">
<h1>📊 系统文件监控</h1>
<p>实时监控系统资源文件状态</p>
</div>
<div class="stats-bar">
<div class="stat-item">
<div class="stat-value"><?php echo count($directories); ?></div>
<div class="stat-label">监控目录</div>
</div>
<div class="stat-item">
<div class="stat-value"><?php echo $totalFiles; ?></div>
<div class="stat-label">文件总数</div>
</div>
<div class="stat-item">
<div class="stat-value"><?php echo formatFileSize($totalSize); ?></div>
<div class="stat-label">总大小</div>
</div>
<div class="stat-item">
<div class="stat-value"><?php echo $currentTime; ?></div>
<div class="stat-label">更新时间</div>
</div>
</div>
<?php foreach ($directories as $dir): ?>
<div class="directory-section">
<div class="directory-header">
<div class="directory-title">📁 <?php echo htmlspecialchars($dir['name']); ?></div>
<div class="directory-info">
<?php if ($dir['exists']): ?>
<?php echo $dir['fileCount']; ?> 个文件 |
总大小: <?php echo formatFileSize($dir['totalSize']); ?>
<?php else: ?>
目录不存在
<?php endif; ?>
</div>
</div>
<?php if ($dir['exists'] && !empty($dir['files'])): ?>
<table class="file-table">
<thead>
<tr>
<th>文件名称</th>
<th>文件大小</th>
<th>更新时间</th>
<th>文件类型</th>
</tr>
</thead>
<tbody>
<?php foreach ($dir['files'] as $file): ?>
<tr>
<td class="file-name"><?php echo htmlspecialchars($file['name']); ?></td>
<td class="file-size"><?php echo formatFileSize($file['size']); ?></td>
<td class="file-time"><?php echo formatTime($file['modified']); ?></td>
<td><?php echo strtoupper(htmlspecialchars($file['extension'])); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php elseif ($dir['exists']): ?>
<div class="empty-directory">
该目录下暂无文件
</div>
<?php else: ?>
<div class="empty-directory">
目录路径: <?php echo htmlspecialchars($dir['path']); ?><br>
该目录不存在或无法访问
</div>
<?php endif; ?>
</div>
<?php endforeach; ?>
<div class="footer">
<p>© 2026 SecPulse 文件监控系统 | 自动刷新间隔: 60</p>
</div>
</div>
<script>
// 自动刷新功能
setTimeout(function() {
location.reload();
}, 60000); // 60秒自动刷新
// 添加加载动画效果
window.addEventListener('load', function() {
const container = document.querySelector('.container');
container.style.opacity = '0';
container.style.transform = 'translateY(20px)';
container.style.transition = 'all 0.5s ease';
setTimeout(() => {
container.style.opacity = '1';
container.style.transform = 'translateY(0)';
}, 100);
});
</script>
</body>
</html>

2
requirements.txt
View File

@ -5,5 +5,3 @@ schedule
requests requests
python-dateutil python-dateutil
loguru loguru
beautifulsoup4
feedparser

142
resources/JSON/4hou.json
View File

File diff suppressed because one or more lines are too long

162
resources/JSON/anquanke.json
View File

@ -1,162 +0,0 @@
[
{
"guid": "https://www.anquanke.com/post/id/315489",
"title": "科技云报到智算千亿赛道向何方一文读懂信通院《2026智能算力服务研究报告》",
"author": " 科技云报到",
"description": null,
"source": null,
"pubDate": "2026-05-12 16:57:09"
},
{
"guid": "https://www.anquanke.com/post/id/315487",
"title": "亿格云完成数亿元B轮融资加码“人+AI”统一安全治理",
"author": " 亿格云",
"description": null,
"source": null,
"pubDate": "2026-05-12 16:36:31"
},
{
"guid": "https://www.anquanke.com/post/id/315417",
"title": "安全进入“AI自主攻击”时代瑞数信息如何用AI对抗AI",
"author": " 科技云报到",
"description": null,
"source": null,
"pubDate": "2026-04-29 16:51:10"
},
{
"guid": "https://www.anquanke.com/post/id/315419",
"title": "智能体关键年Agent扎根业务流AI生产力正在形成",
"author": " 科技云报到",
"description": null,
"source": null,
"pubDate": "2026-04-29 16:50:36"
},
{
"guid": "https://www.anquanke.com/post/id/315390",
"title": "深度分析Sorry勒索软件的加密实现与行为特征",
"author": " 安全客",
"description": null,
"source": null,
"pubDate": "2026-04-29 13:32:51"
},
{
"guid": "https://www.anquanke.com/post/id/315341",
"title": "科技云报到当AI闯入特教行业一场颠覆变革正在发生",
"author": " 科技云报到",
"description": null,
"source": null,
"pubDate": "2026-04-21 10:21:50"
},
{
"guid": "https://www.anquanke.com/post/id/315337",
"title": "科技云报到AI云逻辑变了吗",
"author": " 科技云报到",
"description": null,
"source": null,
"pubDate": "2026-04-20 16:21:23"
},
{
"guid": "https://www.anquanke.com/post/id/315292",
"title": "工程化实战思维在红队技战术中的应用",
"author": " 蔚(Yù)谛",
"description": null,
"source": null,
"pubDate": "2026-04-13 11:15:45"
},
{
"guid": "https://www.anquanke.com/post/id/315277",
"title": "鸿蒙NEXT应用一键加固——AI Agent助力安全开发",
"author": " 三六零天御",
"description": null,
"source": null,
"pubDate": "2026-04-10 16:25:22"
},
{
"guid": "https://www.anquanke.com/post/id/315253",
"title": "科技云报到AI算力革命终结云计算20年降价史",
"author": " 科技云报到",
"description": null,
"source": null,
"pubDate": "2026-04-03 17:38:08"
},
{
"guid": "https://www.anquanke.com/post/id/315234",
"title": "科技云报到:“龙虾”入笼:为何金融行业不敢“养”?",
"author": " 科技云报到",
"description": null,
"source": null,
"pubDate": "2026-03-27 10:44:02"
},
{
"guid": "https://www.anquanke.com/post/id/315195",
"title": "科技云报到“龙虾”OpenClaw狂欢之下需要一针清醒剂",
"author": " 科技云报到",
"description": null,
"source": null,
"pubDate": "2026-03-19 16:04:44"
},
{
"guid": "https://www.anquanke.com/post/id/315209",
"title": "瑞数信息入选IDC两大AI安全报告防御OpenClaw小龙虾裸奔危机",
"author": " 科技云报到",
"description": null,
"source": null,
"pubDate": "2026-03-19 16:04:10"
},
{
"guid": "https://www.anquanke.com/post/id/315197",
"title": "2026首届汽车安全白帽黑客大会圆满收官共筑车联网安全新生态",
"author": " 泽鹿安全",
"description": null,
"source": null,
"pubDate": "2026-03-19 12:15:49"
},
{
"guid": "https://www.anquanke.com/post/id/315140",
"title": "Ally WordPress插件高危SQL注入漏洞 威胁40万个网站",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2026-03-13 10:34:49"
},
{
"guid": "https://www.anquanke.com/post/id/315145",
"title": "OpenAI战略调整Sora视频AI将直接接入ChatGPT",
"author": " 安全客",
"description": null,
"source": "webpronews",
"pubDate": "2026-03-13 10:34:23"
},
{
"guid": "https://www.anquanke.com/post/id/315148",
"title": "HPE发布Aruba OS高危漏洞预警 可未授权重置密码",
"author": " 安全客",
"description": null,
"source": "webpronews",
"pubDate": "2026-03-13 10:34:00"
},
{
"guid": "https://www.anquanke.com/post/id/315152",
"title": "能感知自身正在被测试的AI Anthropic关于Claude自我意识的惊人发现",
"author": " 安全客",
"description": null,
"source": "webpronews",
"pubDate": "2026-03-13 10:33:36"
},
{
"guid": "https://www.anquanke.com/post/id/315155",
"title": "GitLab发布紧急安全更新 修复高危XSS与API拒绝服务漏洞",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2026-03-13 10:33:13"
},
{
"guid": "https://www.anquanke.com/post/id/315158",
"title": "Telegram的黑色面 网络罪犯利用机器人API隐秘窃取数据",
"author": " 安全客",
"description": null,
"source": "securityonline",
"pubDate": "2026-03-13 10:32:51"
}
]

749
resources/JSON/baidu.json
View File

@ -1,749 +0,0 @@
{
"银行测试": [
{
"title": "银行压力测试- 百度百科",
"link": "https://baike.baidu.com/item/%E9%93%B6%E8%A1%8C%E5%8E%8B%E5%8A%9B%E6%B5%8B%E8%AF%95/2786826",
"description": "银行 压力 测试 是以定量分析为主的风险分析方法涵盖信用风险、市场风险、流动性风险和操作风险等领域要求商业银行综合评估不同风险的相互作用。该方法由美国财长盖特纳在2009年提出的金融稳定计划中列为重点欧盟要求大型银行通过压力测试检测资产负债表隐患。国际货币基金组织和世界银行于1999年将压力测试纳入金融部门评估计划作为核心工具",
"author": "百度快照",
"pubDate": "2025-11-29"
},
{
"title": "【学习】银行测试项目和普通测试有哪些区别?_银行测试和普通项目...",
"link": "https://blog.csdn.net/qdguozhixin/article/details/137777453",
"description": "此外, 银行测试 项目还需对数据进行加密和保护,以防止信息泄露。而常规测试项目在风险控制方面的要求相对较低。 四、监管要求 银行业务受到严格的监管,因此银行测试项目必须满足相关法规和政策要求。例如,银行测试项目需要对反洗钱、反恐怖融资等方面进行测试,以确保系统符合相关法律法规。而常规测试项目在监管要求方面相对宽...",
"author": "百度快照",
"pubDate": "2024-04-15"
},
{
"title": "银行项目测试_银行验收测试-CSDN博客",
"link": "https://blog.csdn.net/2301_76679169/article/details/130297869",
"description": "测试 独立在UAT环境测试;配合业务需求人员在UAT环境验收测试;设计和选取:主流程主要业务功能进行测试,以真实使用系统用户的角度测试,以用户体验角度测试系统,发现系统的功能操作是否简单容易,是否符合用户的操作习惯。 准(预)生产测试 准生产测试的环境配置与生产环境接近;测试时主要检查项目版本是否正确完整发布到该环境,主...",
"author": "百度快照",
"pubDate": "2023-04-21"
},
{
"title": "【银行测试】银行项目-系统性能测试总结(最详细汇总) - 知乎",
"link": "https://zhuanlan.zhihu.com/p/676034641",
"description": "测试 前对铺底数据的构造可从以下四个方面考虑: 表分区情况: 确认测试环境与生产环境(或预计投产后)的表分区和索引分区规划一致,结合表清理策略确认典型场景中各分区、各表中的数据存量大小和分布情况。 表清理策略: 确认生产环境(或预计投产后)的数据库表(尤其业务热表)清理和备份策略,与表分区情况配合,预铺数据并...",
"author": "百度快照",
"pubDate": "2024-01-04"
},
{
"title": "银行金融测试与金融项目测试要点全面解析",
"link": "http://word.baidu.com/noteview/b3ee5f1da36e58fafab069dc5022aaea998f4148.html",
"description": "银行 金融 测试 全攻略 解锁测试新技能 银行金融测试是金融科技领域的守护神 确保系统安全又可靠 从功能到性能 从安全到合规 全方位验证 让金融系统稳如泰山 功能测试 基础中的基础 每个业务场景都要细致入微 转账 贷款 理财...一个都不能少 性能测试 模拟真实场景...",
"author": "百度快照",
"pubDate": "2026-04-09"
},
{
"title": "银行测试是做什么的",
"link": "https://aiqicha.baidu.com/details/ugknowledge?id=c321e1a3a1eef3056844dff7106b588d",
"description": "银行测试 是针对银行软件系统(如柜面、信贷、网银系统)和专用设备(如ATM机)进行的一系列测试工作,旨在确保系统的功能正确性、业务流畅性、性能稳定性和安全性,以保障金融业务正常运行和用户资金安全。 1 测试对象与核心目的 测试对象:主要包括银行核心业务系统(如柜面、信贷、核心系统)、渠道系统(如手机银行、网上银行...",
"author": "百度快照",
"pubDate": "2026-03-10"
},
{
"title": "银行测试是干什么 - 百度知道",
"link": "https://zhidao.baidu.com/question/1972182363540511500.html",
"description": "银行测试 是银行为了确保其业务运营的稳健性、合规性以及客户服务质量的持续提升而进行的各项测试活动。以下是银行测试的主要目的和类型1. 风险管理测试:信用风险测试:主要评估借款人的信用状况,确保贷款发放的合理性,降低信用风险。市场风险测试:监控市场波动对银行资产和负债价值的影响,帮助银行制定应对...",
"author": "百度快照",
"pubDate": "2025-04-07"
},
{
"title": "银行测试主要测试什么",
"link": "https://localsite.baidu.com/site/wjzsorv8/8cd47d9a-7797-42f3-9306-b902ded71161?qaId=3460778&categoryLv1=%E6%95%99%E8%82%B2%E5%9F%B9%E8%AE%AD&efs=1&ch=54&srcid=10014&source=natural&category=%E9%93%B6%E8%A1%8C%E4%BB%8E%E4%B8%9A%E8%B5%84%E6%A0%BC&eduFrom=136&botSourceType=46",
"description": "银行测试 主要围绕应聘者的多维能力展开评估,涵盖逻辑思维、专业素养、性格适配性等多个层面。其核心目的在于筛选出既具备扎实知识储备,又能适应银",
"author": "百度快照",
"pubDate": "2024-12-06"
},
{
"title": "最新!软件测试-银行测试全面实战详解,全程干货一套带你上手!_哔哩...",
"link": "https://www.bilibili.com/video/av113424499541375/",
"description": "【银行 测试 】最新版软件测试-银行测试项目实战教程,即学即会攻破银行岗!31671506:04:36app 【完整】pytest自动化测试框架实战教程,从0到1自动化测试框架封装,即学即会!57215101:08:43app 一套拿下!web自动化测试-docker+git+jenkins容器自动化集成,即学即上手!121.2万2.7万50:31:07百万播放 app 最新最全花1w...",
"author": "百度快照",
"pubDate": "2024-11-04"
},
{
"title": "银行软件测试有哪些测试点?一般银行的软件测试工作流程有哪些...",
"link": "https://www.zhihu.com/question/351055762/answer/99418952429",
"description": "一、 银行 软件 测试 的测试点 1.功能测试 账户管理:开户、销户、账户信息查询等。转账汇款:行内转账、跨...",
"author": "百度快照",
"pubDate": "2025-02-12"
},
{
"title": "银行测评避坑10条!性格测试千万别踩雷💥",
"link": "https://mbd.baidu.com/newspage/data/dtlandingsuper?nid=dt_3780407932263043684",
"description": "\"占小便宜\"\"讲闲话\"\"逃避问题\"这类描述,毫不犹豫选\"不符合\",别给 银行 留下坏印象哦!🙅9⃣ 结果与过程都要抓!📈 选\"重结果也重成长\"的平衡项,银行可是希望员工能兼顾结果和过程的哦!😎🔟 不计分但致命!💥 性格测试是面试的重要参考,必须认真对待!别以为它不计分就无所谓,这可是会刷人的关键",
"author": "百度快照",
"pubDate": "2026-04-22"
},
{
"title": "银行测试工作内容 - 百度文库",
"link": "https://wenku.baidu.com/view/82df1f8ebbf67c1cfad6195f312b3169a451eacb.html",
"description": "银行测试 工作内容 银行测试工作内容 银行测试工作是指对银行系统进行各种测试以确保其运行稳定、数据安全、功能完备、用户友好等方面的质量。银行测试工作内容包括以下方面1.功能测试测试银行系统的各个模块功能是否符合需求如账户开户、存取款、转账汇款、贷款申请等。2.性能测试:测试银行系统的性能指标,如响应...",
"author": "百度快照",
"pubDate": "2023-05-01"
},
{
"title": "全程软件测试(八十七):银行业务测试基础—读书笔记",
"link": "https://baijiahao.baidu.com/s?id=1719903831467634475&wfr=spider&for=pc",
"description": "银行测试 介绍 1.银行测试简介及前景 银行测试主要是给银行软件系统或是银行专用设备进行测试的工作。一般银行的系统多为中标公司或合作公司承担开发维护的工作现在很多银行也成立了自己的科技部并进行了资源扩充其主要负责银行项目管理及部分开发的工作但是90%的系统开发维护工作仍然由合作公司来负责。为了保证最终...",
"author": "百度快照",
"pubDate": "2021-12-23"
},
{
"title": "银行核心项目之测试阶段 - zouhui - 博客园",
"link": "https://www.cnblogs.com/finer/p/10871988.html",
"description": "一、 银行测试 的主要任务 二、银行测试的分类和依据 三、银行测试的案例设计 四、银行测试执行要求及准则 1 银行测试的主要任务 银行作为大家的理财顾问,对金钱非常敏感,频繁甚至偶尔出现的软件故障都会打击顾客的信心,如果来个黑客攻击,个人财产受到威胁,银行也必然蒙受损失。所以银行对系统的质量要求非常高,追求功能稳定...",
"author": "百度快照",
"pubDate": "2019-05-15"
},
{
"title": "银行软件测试全景:流程、侧重点与关键步骤",
"link": "https://baijiahao.baidu.com/s?id=1858891011651889936&wfr=spider&for=pc",
"description": "流程顺畅、数据一致、系统间“不卡壳”是 银行测试 的硬指标;任何一笔转账、一笔贷款、一次还款,只要业务链路里涉及多家系统,测试就必须把整条链路跑通。银行测试团队通常由行方人员与非行方人员(外包)共同组成:非行方人员:需求吃透、用例设计、手工执行、缺陷跟踪、复测,是测试执行的主力;行方人员:更多扮演“...",
"author": "百度快照",
"pubDate": "2026-03-06"
},
{
"title": "银行软件测试有哪些测试点?一般银行的软件测试工作流程有哪些...",
"link": "http://quan.51testing.com/pcQuan/article/147715?name=%E6%9B%BC%E5%80%A9%E8%AF%99%E8%B0%90",
"description": "银行测试 行业前景广阔,随着金融科技的快速发展和银行业务的不断创新,银行对软件测试的需求也在持续增长。软件测试在确保银行系统软件的稳定性、安全性和可靠性方面起着至关重要的作用,因此,银行测试岗位一直受到广泛的关注和重视。 此外,随着数字化转型的加速推进,银行测试领域也在逐步向自动化、智能化和云化方向发展,...",
"author": "百度快照",
"pubDate": "2025-05-23"
},
{
"title": "转行做银行测试,需要了解哪些?_业务_系统_人员",
"link": "https://business.sohu.com/a/777791280_121943715",
"description": "转行做 银行测试 ,需要了解哪些? 在这个内卷严重的时代,银行的业务不断增加,随着软件信息化的要求越来越高,银行对软件测试人员也提出了非常高的要求。 银行的软件测试是针对银行的软件系统(如柜面系统、信贷系统)和银行专用设备(如ATM机、自助柜员机等)进行的一系列测试工作。",
"author": "百度快照",
"pubDate": "2024-05-10"
},
{
"title": "AI 24小时测试银行核心系统!润和软件的“原子化”将终结金融人海...",
"link": "https://baijiahao.baidu.com/s?id=1865224685631595250&wfr=spider&for=pc",
"description": "当AI智能体开始7×24小时自动 测试银行 核心系统,金融行业的“人海战术”时代真要终结了吗?传统金融测试正面临前所未有的困境。随着数字金融的深入发展,银行产品迭代速度越来越快,测试任务随之激增。为了守住金融安全、客户隐私的底线,银行软件测试必须做到极致严谨。然而,传统测试模式高度依赖人力、周期长、场景覆盖有限...",
"author": "百度快照",
"pubDate": "2026-05-15"
},
{
"title": "银行测试工程师主要测试什么 PingCode",
"link": "https://docs.pingcode.com/ask/149641.html",
"description": "银行测试 工程师主要负责对银行系统软件进行功能性、性能、安全性、兼容性等方面的测试,确保软件的稳定性、可靠性和用户体验。这些测试关键点包括但不限于:ATM系统、网上银行系统、支付系统、核心银行业务系统等。其中,核心银行业务系统的测试尤为重要,因为它涉及到账户管理、贷款业务、存取款操作等银行的基础服务,直接影...",
"author": "百度快照",
"pubDate": "2024-04-30"
},
{
"title": "【银行测试】银行金融测试+金融项目测试点汇总..._金融支付系统测...",
"link": "https://blog.csdn.net/m0_70102063/article/details/135130005",
"description": "1、 银行 金融 测试 是做什么? 银行金融测试是指对银行和金融机构的软件系统、应用和服务进行测试和验证,以确保其安全、可靠、符合法规,并提供良好的用户体验。 银行金融测试的主要目标是评估系统的功能、性能、安全性、合规性和用户体验,以及确认系统在真实环境中的稳定性和可用性。",
"author": "百度快照",
"pubDate": "2023-12-21"
}
],
"APP逆向": [
{
"title": "把AndroidApp 逆向分为几步?三步-腾讯云开发者社区-腾讯云",
"link": "https://cloud.tencent.com/developer/article/1541448",
"description": "逆向作为一项与应用开发者对抗的网络安全技术,其手段花样多端,有时甚至不需要代码也可以完成逆向,所以这个概括仅对应文中的遇到情况。 定位目标 本次逆向是针对某款 App 的订单接口,首先我们使用抓包工具捕获订单列表请求,下图为 Charles 界面: 可以看到参数里的 data 字段是密文,我们就使用这个API作为目标切入点。 反编译 APK 这里使",
"author": "百度快照",
"pubDate": "2025-10-11"
},
{
"title": "Python爬虫进阶:APP逆向技术与实战-百度开发者中心",
"link": "https://developer.baidu.com/article/details/3258071",
"description": "APP逆向技术是指通过反编译、调试等手段,获取APP的内部逻辑、数据结构、加密算法等信息,进而实现对APP功能的扩展或数据抓取 。APP逆向技术主要涉及以下几个方面: 反编译技术:将APP的二进制文件转换回源代码,便于分析和理解。 动态调试技术:在APP运行过程中,通过插入断点、查看变量值等手段,实时了解APP的运行状态。 加密...",
"author": "百度快照",
"pubDate": "2024-03-22"
},
{
"title": "Android逆向实战:一款APP的深度探索与逆向解析",
"link": "https://cloud.baidu.com/article/3305461",
"description": "随着移动互联网的普及,Android平台上的应用数量与日俱增。但你是否想过,这些 APP 是如何运作的?它们的源代码是否如我们所见的那般简单?今天,我们将通过一款实际的APP,来探讨其 逆向 过程,解析其中的奥秘。",
"author": "百度快照",
"pubDate": "2024-04-09"
},
{
"title": "app逆向(1)| 为什么要进行app逆向_APP逆向-CSDN专栏",
"link": "https://download.csdn.net/blog/column/11648365/123086013",
"description": "1.为什么要进行 app逆向 ? 比如你看到别人写的某个程序能够做出某种漂亮的动画效果,通过反汇编、反编译和动态跟踪等方法分析出其动画效果的实现过程这种行为就是逆向工程。 2.什么是软件逆向? 软件逆向也叫逆向工程,英文名是reverse engineering,大意是根据已有的东西和结果,通过分析来推导出具体实现方法。 3.逆向工程的...",
"author": "百度快照",
"pubDate": "2026-04-12"
},
{
"title": "APP逆向工程,核心原理与移动应用逆向技术全景解析",
"link": "https://baijiahao.baidu.com/s?id=1859991585185227373&wfr=spider&for=pc",
"description": "APP逆向工程是指通过分析已编译的应用程序二进制代码推导其内部工作原理、算法实现或业务逻辑的技术过程 。这一技术领域处于法律与技术的交叉地带,需要工程师深刻理解其边界。从技术本质来看,逆向工程包含三个核心层次:行为分析层:通过监控应用输入输出、网络通信等外部表现推断功能代码逻辑层:反编译可执行文件还原高级...",
"author": "百度快照",
"pubDate": "2026-03-18"
},
{
"title": "APP遭遇逆向破解、恶意篡改有解决办法吗?-CSDN博客",
"link": "https://blog.csdn.net/2301_78078966/article/details/160988475",
"description": "APP 遭遇 逆向 破解和恶意篡改(比如植入木马、插入广告、重打包)确实是移动安全领域的“重灾区”。一旦APP被破解,不仅开发者的知识产权(核心算法、商业逻辑)会裸奔,用户的隐私数据和资金安全也会面临极大威胁。 要想彻底解决这个问题,不存在“一劳永逸”的银弹,但我们可以通过一套“纵深防御体系”,把破解成本无限拉高,让...",
"author": "百度快照",
"pubDate": "2026-05-11"
},
{
"title": "App逆向-CSDN博客",
"link": "https://blog.csdn.net/u011513939/article/details/151721721",
"description": "1 app 逆向 入门 # 1 逆向设备与root-真机和模拟器-解BL锁-fastboot刷机和root-twrp刷root-面具和常见模块# 2 Python虚拟环境-系统解释器环境-virtualenv虚拟环境-解释器配置常见错误# 3 抓包与配置-charles介绍配置和安装-https证书-用户证书与系统证书-解锁system分区-Magisk+moveCert# 4 反编译工具和配置-apk文件...",
"author": "百度快照",
"pubDate": "2025-09-15"
},
{
"title": "安卓逆向实战:某App360脱壳、加密协议还原与请求伪造全记录(学...",
"link": "https://www.52pojie.cn/thread-2081208-1-1.html",
"description": "“这是我第一篇关于 App 逆向 的学习笔记,属于是一篇新手学习记录帖,文中可能存在术语使用不当或逻辑...",
"author": "百度快照",
"pubDate": "2025-12-20"
},
{
"title": "某音乐APP逆向实战(上篇):协议发现与 params 加密破解 - 知乎",
"link": "https://zhuanlan.zhihu.com/p/2018406728010593387",
"description": "某音乐 APP逆向 实战(上篇):协议发现与 params 加密破解 免责声明:本文所有分析内容仅用于安全研究与学习目的,不涉及任何商业利用或恶意攻击行为。文中涉及的技术方法遵循”最小必要”原则,所有密钥、接口等敏感信息均已脱敏处理。请勿将本文内容用于任何违法用途,读者需自行承担相关法律责任。",
"author": "百度快照",
"pubDate": "2026-03-20"
},
{
"title": "APP逆向入门(adb和Charles抓包) - 凫弥 - 博客园",
"link": "https://www.cnblogs.com/fuminer/p/17300854.html",
"description": "1. 逆向 基本流程 常见 app 的逆向的基本流程: 安装运行 抓包分析 反编译apk 在Java代码中定位 + Hook校验 基于Python还原算法 2.安装运行 后续我们对手机会经常进行:安装、卸载、上传、下载等操作。 【电脑】下载adb 【手机】开启开发者模式 + 打开usb调试 + USB线连接手机 ...",
"author": "百度快照",
"pubDate": "2023-04-09"
},
{
"title": "APP逆向工程实战笔记:石货APP逆向分析与Hook技术实现",
"link": "http://word.baidu.com/noteview/e35be1150f4e767f5acfa1c7aa00b52acfc79c4b.html",
"description": "APP逆向 工程干货分享 石货 APP逆向 全攻略 在移动互联网时代 APP逆向 工程超重要 本文带你深入了解石货APP逆向分析全过程 从环境配置到强制更新绕过 再到网络抓包 满满都是实战经验 实验环境搭建 Windows 10 雷电模拟器 root版 JD GUI IDA Pro Frida Charles等工具一应俱全 模拟器环境还做了特别配置哦 强制更新",
"author": "百度快照",
"pubDate": "2026-03-30"
},
{
"title": "安卓APP逆向(五)APP逆向实战-CSDN博客",
"link": "http://famensi.com/about_content.asp?haownn=.shtml20260418925462220",
"description": "安卓 APP逆向 (五)APP逆向实战-CSDN博客在数字时代,学习安卓APP逆向工程就像开启一扇通往创新之门的窗户。它不仅仅是技术技能,更是培养耐心、逻辑思维和问题解决能力的绝佳方式。今天,我们以79777.app为例,来一场积极向上的实战之旅,共同探索如何通过合法、正向的方法剖析APP结构,提升自己的编程素养。首先,理解APP逆向...",
"author": "百度快照",
"pubDate": "2026-04-18"
},
{
"title": "超赞!发现一个APP逆向神器!",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjUyNDQ5OA==&mid=2653580341&idx=1&sn=6ebc99379b3c421d81a8dda62c347925&chksm=806e4288b719cb9e82a8808cf287c6149575c0f6529430d2ff1756644b113bd884539b6d24e2&scene=27",
"description": "此次特训为期3天,专为高阶爬虫 逆向 技术速成而设计。课程内包含多项业界难觅的真实项目,每个项目都是对当下最热门的网站& APP 的深入破解,对应每一项案例都有代码级的拆分详解,深入浅出干货满满,理解和掌握起来很轻松。 顶尖名师的专业指导与规划,搭配最前沿的爬虫逆向实战项目边...",
"author": "百度快照",
"pubDate": "2022-08-01"
},
{
"title": "APP遭遇逆向破解、恶意篡改有解决办法",
"link": "https://baijiahao.baidu.com/s?id=1840307627260533639&wfr=spider&for=pc",
"description": "APP 遭遇 逆向 破解、恶意篡改,后果往往直接且严重:源代码被窃取导致核心功能仿冒,植入恶意代码后推送诈骗广告,甚至窃取用户隐私数据 —— 这些不仅损害用户体验,更会让企业品牌声誉扫地,造成直接经济损失。对移动应用而言,传统的服务器端防护难以覆盖客户端安全,而移动应用安全方案能从源头构建防护,成为应对这类威胁的...",
"author": "百度快照",
"pubDate": "2025-08-13"
},
{
"title": "Web逆向、软件逆向、安卓逆向、APP逆向是什么?-知了爱学",
"link": "https://localsite.baidu.com/article-detail.html?articleId=20186873&ucid=n1DvP1c3nHf&categoryLv1=%E6%95%99%E8%82%B2%E5%9F%B9%E8%AE%AD&ch=54&srcid=10004",
"description": "Web逆向、软件逆向、安卓逆向和 APP逆向 都是指对不同类型的软件或应用进行反向工程,从而了解其内部运行机制、破解或修改其功能的技术和方法。 Web逆向主要是指对Web应用程序进行逆向工程,获取其源代码或数据库信息。常见的Web逆向技术包括爬虫、抓包分析、JavaScript反混淆、反编译前端代码等。Web逆向工程常用于...",
"author": "百度快照",
"pubDate": "2024-03-19"
},
{
"title": "移动应用防逆向破解安全加固-移动应用安全加固-移动开发平台...",
"link": "https://help.aliyun.com/document_detail/173377.html",
"description": "移动应用安全加固(Mobile Security Armor,简称 MSA)为移动应用(下文简称 App )提供稳定、简单、有效的安全保护,提高 App 的整体安全水平,力保应用不被 逆向 破解。 产品背景 Android 应用安全加固 由于Android 系统本身的开源特性,应用极易遭到盗版侵袭、反编译破解等攻击,严重影响应用的数据与隐私安全。mPaaS 移动应用安全...",
"author": "百度快照",
"pubDate": "2025-12-11"
},
{
"title": "Android逆向技术揭秘:从入门到实践-百度开发者中心",
"link": "https://developer.baidu.com/article/details/3305419",
"description": "一、Android 逆向 入门 Android逆向,简而言之,就是对已经打包好的APK文件进行反编译、源码分析,了解 APP 实现逻辑的一门技术。我们可以把APK文件看作一个加密后的压缩包,逆向就是要最大程度地还原出APK打包之前的源码。逆向需要用到解密、反编译、解压缩等技术,虽然无法100%还原APK的源码,但可以根据实际需求,分析出APK的...",
"author": "百度快照",
"pubDate": "2024-04-09"
},
{
"title": "ios逆向-app登录协议逆向分析破解-腾讯云开发者社区-腾讯云",
"link": "https://cloud.tencent.com/developer/article/1902084",
"description": "某 app 登录协议 逆向 分析 设备 iphone 5s Mac Os app:神奇的字符串57qm5Y2V 本文主要通过frida-trace、fridaHook、lldb动态调试完成破解相应的登录算法,从达到登录成功,并根据该步骤完成ios逆向分析,文中所有涉及的脚本都已经放在github上面。 弟弟建了一个ios逆向学习交流群,互相学习交流。",
"author": "百度快照",
"pubDate": "2021-11-16"
},
{
"title": "Android逆向工具篇—反编译工具的选择与使用-腾讯云开发者社区...",
"link": "https://cloud.tencent.com/developer/article/1548700",
"description": "原因很简单,在技术娴熟和精通之前, APP逆向 是门不折不扣的玄学,既然是玄学,就会有很多不可控、随机、稀奇古怪的状况。当JADX中一个变量模糊不清的时候,你就需要去JEB中看一下它的反编译结果,或者使用JEB进行动态调试。当使用JEB 遇到头疼的APK混淆时,就可以试一下开启JADX的反混淆功能。因为这几个软件的逆向原理是...",
"author": "百度快照",
"pubDate": "2019-12-04"
},
{
"title": "App逆向实战:从查壳到动态Hook的完整流程解析-CSDN博客",
"link": "https://blog.csdn.net/weixin_28732953/article/details/159819675",
"description": "1. 逆向 工程入门:从APK获取到查壳 当你拿到一个陌生的APK文件时,第一反应可能是直接扔进反编译工具。但现实往往没那么简单——就像拆快递时发现包裹被层层胶带缠绕,很多APK都会使用加壳技术保护核心代码。我去年分析某电商 App 时就踩过坑,直接用Jadx打开看到的全是混淆代码,根本找不到业务逻辑入口。",
"author": "百度快照",
"pubDate": "2026-04-04"
}
],
"渗透测试": [
{
"title": "渗透测试- 百度百科",
"link": "https://baike.baidu.com/item/%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95/7363639",
"description": "渗透测试 是一项在计算机系统上进行的授权模拟攻击旨在对其安全性进行评估是为了证明网络防御按照预期计划正常运行而提供的一种机制。人工渗透测试的目的就是为了验证系统和各种Web应用是否存在后门。随着网络犯罪防治立法趋势从事后追责转向生态防控渗透测试等专业安全服务被纳入法律监管框架。不妨假设你的公司定期更新安全策略和程序时时",
"author": "百度快照",
"pubDate": "2026-04-17"
},
{
"title": "什么是渗透测试? | IBM",
"link": "https://www.ibm.com/cn-zh/topics/penetration-testing",
"description": "渗透测试 是一种重要的信息安全测试方法,通过渗透测试技术发起模拟的网络攻击,以系统化地查找计算机系统、应用程序或网络中的安全漏洞。",
"author": "百度快照",
"pubDate": "2026-02-11"
},
{
"title": "渗透测试业务简介",
"link": "https://www.itsec.gov.cn/qtyw/ywjs/201205/t20120509_15231.html",
"description": "渗透测试 业务简介 渗透测试是指测试人员尽可能完整地模拟攻击者使用的漏洞发现技术和攻击手段,从攻击者的角度对目标网络、系统、主机应用的安全性作深入的非破坏性的探测, 发现系统最脆弱环节的过程。渗透测试通常能以非常明显、直观的结果来反映出系统的安全现状,其目的是能够让管理人员直观地知道自己网络所面临的问题。",
"author": "百度快照",
"pubDate": "2012-05-09"
},
{
"title": "渗透(IT术语) - 百度百科",
"link": "https://baike.baidu.com/item/%E6%B8%97%E9%80%8F/9457427",
"description": "渗透测试 Penetration Testing简称PenTest是一种获得授权的模拟黑客攻击的安全评估方法用于评估计算机系统、网络、主机或应用程序的安全性。渗透测试旨在从攻击者角度发现系统最脆弱环节直观反映安全现状为管理人员提供决策依据并支持合规性要求如PCI DSS、等保2.0)。渗透测试为避免对目标造成损害,通常排除...",
"author": "百度快照",
"pubDate": "2026-02-12"
},
{
"title": "产品-渗透测试",
"link": "https://www.jl.10086.cn/ecloud/product-introduction/safefusion.html",
"description": "渗透测试 是经客户授权模拟黑客可能使用的攻击技术和漏洞发现技术,对目标系统的安全做深入的探测,能够发现逻辑性更强,更深层次的弱点,让管理者能够直观的了解自己网络和系统的安全状态,分为标准版和专业版。敬请期待 敬请期待 产品优势 产品功能 应用场景 ...",
"author": "百度快照",
"pubDate": "2026-05-10"
},
{
"title": "渗透测试服务简介_渗透测试服务购买指南_渗透测试服务操作指南...",
"link": "https://cloud.tencent.com/document/product/1489",
"description": "渗透测试 服务 渗透测试服务(Penetration Test Service, PTS),为用户提供针对于 Web 应用、移动 App、微信小程序的黑盒安全测试内容;可以覆盖安全漏洞全生命周期,包括漏洞的发现、利用、修复以及修复后的验证。使用腾讯云渗透测试服务,可以随时将安全测试这一动作加入到您的产品研发、应用上线、安全自检等计划中来。不仅...",
"author": "百度快照",
"pubDate": "2026-05-03"
},
{
"title": "每日一问丨什么是渗透测试-腾讯云开发者社区-腾讯云",
"link": "https://cloud.tencent.com/developer/article/2580536",
"description": "渗透测试 (Penetration Testing),又称“渗透性测试”或“道德黑客攻击”,是一种通过模拟恶意攻击者的技术手段,对目标系统、网络或应用程序进行安全性评估的方法。其核心目的是发现系统中存在的漏洞和弱点,并提供修复建议,从而提升整体安全防护能力。渗透测试不仅是网络安全领域的重要实践,也是企业合规性(如等保2.0、GDPR等...",
"author": "百度快照",
"pubDate": "2025-10-23"
},
{
"title": "什么是渗透测试,为什么需要做渗透测试-百度开发者中心",
"link": "https://developer.baidu.com/article/detail.html?id=3370896",
"description": "虽然 渗透测试 需要一定的投入,但与潜在的数据泄露、法律诉讼、业务损失相比,其成本效益显著。 6.验证安全措施的有效性 渗透测试可以验证现有的安全措施是否有效,包括防火墙、入侵检测系统、数据加密和其他安全控制。这有助于确保安全投资得到合理利用,并针对实际威胁进行调整。",
"author": "百度快照",
"pubDate": "2024-11-24"
},
{
"title": "渗透测试是什么意思?一文带你轻松了解",
"link": "https://www.ruijie.com.cn/fw/wt/89621/",
"description": "渗透测试 是什么意思?是指通过模拟恶意黑客的攻击方法,来评估计算机网络系统安全的一种评估方法,是为了证明网络防御按照预期计划正常运行的一种机制。测试渗透从一个攻击者可能存在的位置来主动分析系统的弱点、技术缺陷或漏洞,并且从这个位置有条件主动防范安全漏洞。",
"author": "百度快照",
"pubDate": "2022-08-30"
},
{
"title": "13种常见物理渗透测试方法-西安工业大学-信息化管理处",
"link": "https://nsinfo.xatu.edu.cn/info/1007/1682.htm",
"description": "天线和接收器– 如果 渗透测试 人员想要窃听公司内的电线以拦截员工通信,则需要使用天线来拦截电磁波并将电流传递到接收器。一旦信号通过,接收器就可以提取所需的信息。 进行物理渗透测试需要多长时间? 大多数物理渗透测试从最初的发现呼叫到提供最终报告需要两到六周的时间才能完成。",
"author": "百度快照",
"pubDate": "2024-02-27"
},
{
"title": "渗透测试全面解析与实战思路",
"link": "https://cloud.baidu.com/article/3406693",
"description": "渗透测试 作为网络安全领域的重要一环,对于评估系统安全性、发现潜在漏洞具有重要意义。本文将详细探讨渗透测试的相关术语、必备工具、导航流程,并总结入侵网站的实战思路,为读者提供一份全面的渗透测试指南。",
"author": "百度快照",
"pubDate": "2024-11-29"
},
{
"title": "渗透测试基础(全)(3)-阿里云开发者社区",
"link": "https://developer.aliyun.com/article/1525433",
"description": "无论您是在内部工作还是作为顾问/承包商,在执行 渗透测试 时,沟通都是至关重要的。你需要有一个联系点,这样你可以让他们知道你在做什么,以防他们需要通知某人潜在的中断,如果这是他们关心的事情。作为渗透测试人员,您可能会采取许多可能导致系统中断的措施,包括利用漏洞。其中一些漏洞可能会导致服务崩溃,而不允许您控制...",
"author": "百度快照",
"pubDate": "2024-05-31"
},
{
"title": "【网安】渗透测试教程(非常详细),0基础从入门到精通,看完这一篇就...",
"link": "https://zhuanlan.zhihu.com/p/687602989",
"description": "一:什么是 渗透测试 ? 渗透测试(Penetration Testing)是一种安全评估技术,旨在评估信息系统的安全性并确定潜在的安全威胁。具体来说,它是一项在计算机系统上进行的授权模拟攻击,通过模拟恶意黑客的攻击方法,来评估计算机网络系统安全。 与黑客攻击不一样的是,渗透测试的目的是尽可能多地发现安全漏洞,而真实黑客攻击只要发现...",
"author": "百度快照",
"pubDate": "2024-03-18"
},
{
"title": "渗透测试的8个步骤(超详细),小白必看!(非常详细)从零基础到精通,...",
"link": "https://blog.csdn.net/weixin_57514792/article/details/149115214",
"description": "渗透测试 :以安全为基本原则,通过攻击者以及防御者的角度去分析目标所存在的安全隐患以及脆弱性,以保护系统安全为最终目标。 入侵:通过各种方法,甚至破坏性的操作,来获取系统权限以及各种敏感信息。 一般渗透测试流程 编辑 1. 明确目标 l 确定范围:测试目标的范围、ip、域名、内外网、测试账户。",
"author": "百度快照",
"pubDate": "2025-07-04"
},
{
"title": "什么是渗透测试(Penetration Testing) - zhencool - 博客园",
"link": "https://www.cnblogs.com/zhencool/p/11195454.html",
"description": "渗透测试 (Penetration Testing),也称为Pen Testing,是测试计算机系统、网络或Web应用程序以发现攻击者可能利用的安全漏洞的实践。渗透测试可以通过软件应用自动化或手动执行。无论哪种方式,该过程都包括在测试之前收集关于目标的信息,识别可能的入口点,试图闯入(虚拟的或真实的)并报告结果。",
"author": "百度快照",
"pubDate": "2019-07-16"
},
{
"title": "计算机网络渗透测试研究",
"link": "http://xueshu.baidu.com/s?wd=paperuri:(a5af98d7302af075bc6767856028dc51)&filter=sc_long_sign&sc_ks_para=q%3D%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%BD%91%E7%BB%9C%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95%E7%A0%94%E7%A9%B6&tn=SE_baiduxueshu_c1gjeupa&ie=utf-8&sc_us=8921007187115454744",
"description": "渗透测试 作为网络安全防范的一种新技术,对于网络安全具有重大的实际应用价值。但要找到一家合适的信息安全公司实施渗透测试并不容易。因为现在渗透测试还处于少数网络安全专家独立利用自己的经验和能力解决问题的阶段,远没有实现标准化,渗透测试理论和技术还处于不断的变化发展之中。 渗透测试作为一种专业的安全服务,在...",
"author": "百度快照",
"pubDate": "2024-08-28"
},
{
"title": "干货|渗透测试核心思路-边界突破",
"link": "http://www.topsec.com.cn/newsx/2821",
"description": "渗透测试 的目标可以是单个主机,也可以是整个内网。在实战中,比如最近如火如荼的HW行动,更多的是对一个目标的内网进行渗透,争取获得所有有价值的资产。完整的内网渗透涉及的步骤如下图所示",
"author": "百度快照",
"pubDate": "2022-09-01"
},
{
"title": "渗透性测试- 百度百科",
"link": "https://baike.baidu.com/item/%E6%B8%97%E9%80%8F%E6%80%A7%E6%B5%8B%E8%AF%95/3960442",
"description": "标准化流程包含三个阶段通过攻击路径构建实施漏洞挖掘基于漏洞成因分析制定防御方案最终通过回归测试验证修复效果并形成闭环报告。英国CBEST测试框架由英格兰银行与CREST组织联合开发专为银行机构打造的网络攻防压力测试体系整合威胁情报分析、实战化 渗透测试 及整改效果追踪三大核心模块。渗透测试即服务PTaaS通过...",
"author": "百度快照",
"pubDate": "2026-03-27"
},
{
"title": "渗透测试工具 - 百度百科",
"link": "https://baike.baidu.com/item/%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95%E5%B7%A5%E5%85%B7/1649873",
"description": "渗透测试 工具是通过模拟黑客攻击方式评估计算机网络系统安全性能的专用软件,其工作原理聚焦于预攻击阶段的信息收集与脆弱性探查,不实施实际入侵行为。渗透测试流程包括明确目标、信息收集、漏洞探测、验证与权限提升等阶段,产出的结果以报告形式输出。该工具可分为网络扫描、通用漏洞检测和应用漏洞检测三类。网络扫描工具主要...",
"author": "百度快照",
"pubDate": "2025-09-18"
},
{
"title": "App上线前的安全\"体检\":一文读懂移动应用渗透测试全流程-腾讯云...",
"link": "https://cloud.tencent.com/developer/article/2668831",
"description": "一次全面的App 渗透测试 ,覆盖客户端和服务端的11大检测项,支持iOS和Android双平台,从反编译保护到API安全再到业务逻辑——只有这样的\"全面体检\",才能真正确保你的App在上线时具备足够的安全防护能力。 腾讯云App渗透测试服务由腾讯安全实验室专家执行,覆盖客户端安全、组件安全、数据存储、通信安全、API安全等11大检测项...",
"author": "百度快照",
"pubDate": "2026-05-14"
}
],
"手机银行漏洞": [
{
"title": "北京某银行储蓄员携巨款潜逃近20年从未离京终落网_手机新浪网",
"link": "https://news.sina.cn/gn/2022-06-21/detail-imizirau9700372.d.html",
"description": "发现 银行漏洞 ,他伺机实施蓄谋已久的计划 时间拨回到20多年前。1997年7月毕业后,20岁的李伟进入招商银行北京分行某支行工作,担任储蓄员。2001年,经朋友介绍,李伟与做护士的刘芳认识,并于次年结婚。 婚后,李伟虽也度过了一段甜蜜的生活,但与妻子之间渐渐产生了一些摩擦,他认为妻子总是歇斯底里地说他,令他无法忍受,于是产生了离婚的念头。",
"author": "百度快照",
"pubDate": "2022-06-21"
},
{
"title": "安全专家发现ATM机NFC功能漏洞,仅用一台手机就可改变金额,甚至强...",
"link": "https://dy.163.com/article/GE5D5QC605118OGM.html",
"description": "一般来说, 银行 在考虑到ATM存在被抢风险的情况下,都会把ATM机建造的很坚固,但是依然有人选择“硬来”; 当然,也有人选择智取。近期,一位安全公司的研究人员发现了现在ATM机中NFC功能的 漏洞 ,利用这个漏洞,可以修改交易金额,甚至可以让ATM直接吐钱。 安全顾问入侵ATM机多, 修改金额只需一部 手机 安全公司IOActive的研究...",
"author": "百度快照",
"pubDate": "2021-07-05"
},
{
"title": "手机被盗后,你以为挂失手机号、冻结银行卡就安全了? - 简书",
"link": "https://www.jianshu.com/p/bf3ac424e367",
"description": "案件中存在的主要 漏洞 : 1.四川电信电话挂失、解挂业务,未考虑到 手机 被盗后身份信息泄露的情况,目前电信部门已作出调整。 2.部分网站和app通过短信验证码登入后,即可看到身份证号、 银行 卡号全部数位,目前各省社保官网已作出调整,其他有类似风险的网站和app,逐个摸排并进行安全改进的速度是比较慢的。 3.部分网贷平台提供...",
"author": "百度快照",
"pubDate": "2021-03-03"
},
{
"title": "2014年浙江大妈发现银行漏洞,一月内偷走5亿,警方:银行的责任|储户...",
"link": "https://www.163.com/dy/article/HSLTP6A90553LFQF.html",
"description": "她成功找到 银行 的 漏洞 ,在一个月之内挪走了多家银行近五亿元的存款,直到一年后才东窗事发。 事发后,涉事银行却推卸责任,引起众怒。 最终,警方经过调查,确定这次事件完全是银行的责任。 那么,这位大妈是如何转走他人存款的?为什么这些受害者直到一年后才发现自己存款不见了?这些储户的损失最终又由谁来买单? 一 消...",
"author": "百度快照",
"pubDate": "2023-02-03"
},
{
"title": "电信诈骗频发,多家银行调整个人账户限额堵漏洞|洗钱|反诈|交易|...",
"link": "http://k.sina.com.cn/article_1684012053_645ffc1501901cua6.html",
"description": "在此之中,并非所有客户受到影响,徽商银行在其公告中对所调整的个人账户作出了界定范围:一年以上(含一年)未发生取现、转账等主动交易,账户余额在50元(含)以下的I类个人银行结算账户(包含借记卡、存折);一年以上(含一年)未登录过 手机银行 或个人网银,账户余额在10元(含)以下的Ⅰ类个人银行结算账户。",
"author": "百度快照",
"pubDate": "2023-08-22"
},
{
"title": "银行行长被骗26次,共计3.5亿元,却不敢报警?_手机新浪网",
"link": "https://news.sina.com.cn/c/2022-07-14/doc-imizirav3354658.shtml",
"description": "受赵某河这句并不高明的谎言蛊惑,心忧女儿学业的某 银行 行长李某先后26次上当受骗,成了一名可怜的受害者,并一步步从一名领导干部蜕变成了骗取贷款、违法发放贷款的“蛀虫”。 近日,李某因犯骗取贷款罪、违法发放贷款罪,被法院判处有期徒刑七年。 在此之前的3月11日,山东省高级法院对赵某河诈骗案作出终审裁定,...",
"author": "百度快照",
"pubDate": "2022-07-14"
},
{
"title": "啥信号?有银行“叫停”ATM二维码存款 “黑科技”不仅要酷炫更要...",
"link": "https://view.inews.qq.com/qd/20220816A09ZY400?refer=wx_hot",
"description": "从安全性来看,ATM二维码存取款业也需要多种交叉验证来保障用户安全,例如 手机银行 App登录密码、现场扫码、扫码后仍需要在ATM机上输入银行卡交易密码等等;出于安全考虑,部分银行也对无卡取款设置了一定的取款限额,如,二维码取款要求日累计取款金额不超5000元,预约取款的单笔限额为1000元等。",
"author": "百度快照",
"pubDate": "2022-08-16"
},
{
"title": "...一觉睡醒存款被掏空|支付宝|银行卡|手机免密支付功能_网易订阅",
"link": "https://www.163.com/dy/article/KS69574V0553TDXU.html",
"description": "这是本次盗刷最核心 漏洞 。 银行 、微信、支付宝等正规软件,完全不需要这个权限。 一旦开启,诈骗分子就能远程模拟点击 手机 屏幕,点开软件、跳转页面、确认支付,和本人手动操作一模一样。 第二个:短信读取、通知拦截权限 木马可以实时查看所有银行验证码、余额变动提醒,同时自动删除、屏蔽异常短信。",
"author": "百度快照",
"pubDate": "2026-05-05"
},
{
"title": "15楼财经|崇左幼专上千名学生莫名被开账户 农行致歉承认操作不...",
"link": "https://new.qq.com/omn/20211211/20211211A06TME00.html",
"description": "不难发现,在农行 手机银行 上开立Ⅱ、Ⅲ类账户,需要验证身份证、手机号,还要进行人脸识别并阅读同意相关协议,这些程序都符合央行的要求。 聚焦 农行崇左江州支行为何得以“瞒着”学生开户? 业内人士质疑道歉声明“避重就轻” 学生们之前怀疑学校泄露了个人信息,但学校已经公开声明予以否定。那么银行如何得知这些学生的个人...",
"author": "百度快照",
"pubDate": "2021-12-11"
},
{
"title": "豆包手机漏洞,银行验证码被盗?官方回应:已修复,但有黑公关!|黑客_...",
"link": "https://dy.163.com/article/KMPRD57M0511DG68.html",
"description": "简单来说,想要 银行 验证码被外人盗取,前提是需要先用 手机 AI去读取恶意短信的内容才可以,其实这个与之前网上流传人们去点击恶意短信链接,遭到银行卡被盗刷案件相似,只不过从人的操作,变成了AI的操作,对于这个 漏洞 ,豆包手机助手官方也升级了相应防护措施。 而对于网上大批量对于豆包手机助手安全恐吓的内容,豆包手机助手认为...",
"author": "百度快照",
"pubDate": "2026-02-27"
},
{
"title": "长沙银行系统漏洞成敛财工具?3人用外挂造4万非法账户获利16万|商...",
"link": "https://www.163.com/dy/article/H0SPDVU8055280CT.html",
"description": "近日,裁判文书网披露的一则裁定书显示,3人利用长沙 银行 系统的 漏洞 ,短时间内开设异常账户4万多个,非法获利16万余元,3人最终均获刑。 2019年2月间,经营软件公司的尚某等人将内含公民身份证号码、姓名、手机号码等信息内容及串码、一个固定银行卡号、Fiddler应用程序软件提供给司某、刘某,利用Fiddler应用程序软件能够拦截由长沙银",
"author": "百度快照",
"pubDate": "2022-02-23"
},
{
"title": "案例研究 | 刘仁文、车浩、时延安、田宏杰等:利用银行系统漏洞...",
"link": "https://new.qq.com/rain/a/20240826A06P2W00",
"description": "2022年2月24日17时许,刘某甲通过操作其母亲李某中国 银行手机 APP发现,李某中国银行积利金账户内黄金克数由原本的26克增长为900克,并将上述情况告知其父刘某乙、其母李某。三人商议后将该900克黄金点击卖出,发现出售后账户内黄金克数仍显示为900克,后该三人于15分钟内连续24次点击出售账户内黄金得款共计人民币86...",
"author": "百度快照",
"pubDate": "2024-08-26"
},
{
"title": "别让去银行存款成为“危险之旅”_手机新浪网",
"link": "https://news.sina.cn/2016-03-03/detail-ifxqafrm6791021.d.html",
"description": "面对“1万元进去1700元出来”的典型案例,监管部门也应及时介入,一是要进行调查,查清其中是否存在违规操作的问题;二是要加强相关知识的宣传,引导公众增强对类似行为的警惕性和免疫力;三是要排查 银行 管理方面存在的问题,及时堵塞 漏洞 ,不要让消费者去银行存款成为一场考验智商的“危险之旅”。",
"author": "百度快照",
"pubDate": "2016-03-03"
},
{
"title": "乐山商业银行APP违规遭通报,为何中小银行数据治理漏洞频现?_用户...",
"link": "https://www.sohu.com/a/864346760_387251",
"description": "近日,国家计算机病毒应急处理中心监测发现14款违规移动应用,乐山商业银行APP因“未经明示同意收集个人信息”“未列出个人信息收集用途”“处理敏感个人信息未取得个人的单独同意”等五项问题被通报,在一众软件中格外显眼。2月25日,乐山市商业银行回应称,将加强 手机银行 APP隐私保护。此外,全国已有多家中小银行APP因隐私问题...",
"author": "百度快照",
"pubDate": "2017-03-01"
},
{
"title": "手机被远程控制盗刷银行有责任吗安全吗",
"link": "https://ailegal.baidu.com/legalarticle/qadetail?id=311b17f8516a7d250205",
"description": "手机 被远程控制盗刷, 银行 是否承担责任需分情况讨论,具体如下: 一、银行可能承担责任的情形 技术 漏洞 或安全缺陷:若银行系统存在安全漏洞,如未及时更新加密技术、防火墙存在缺陷,或未对异常交易进行预警,导致客户资金被盗刷,银行需承担赔偿责任。法律依据:《中华人民共和国民法典》第一千一百九十八条规定,银行作为经营场所...",
"author": "百度快照",
"pubDate": "2026-05-12"
},
{
"title": "交通银行手机银行到底有没有漏洞?我损失的钱该不该由交通银行赔付",
"link": "https://weibo.com/ttarticle/p/show?id=2309404698741067350401",
"description": "交通银行借记卡通过 手机银行 被盗刷,交通银行偷换概念,绝口不提没有尽到保管义务。 说实话,现在回想起来还觉得事情挺梦幻的,卡在我手里,手机没丢过(旧手机也一直放在家里,)也没有收到任何登录、验证码等信息,钱没了……真的没有任何提示,交通银行短信除了孜孜不倦的卖理财,任何任何提示都没有。如果不...",
"author": "百度快照",
"pubDate": "2021-11-01"
},
{
"title": "长沙银行系统漏洞致4万异常账户开设,或须承担民事责任|中小银行|...",
"link": "https://m.163.com/dy/article/H21OIFLS0550EWRZ.html",
"description": "日前,一则有关长沙 银行 系统 漏洞 被利用的消息引发关注。中国裁判文书网披露的一则湖南省长沙市中级人民法院刑事裁定书显示,3名犯罪分子利用长沙银行系统漏洞,对计算机信息系统中传输的数据进行删除、修改,短时间内开设异常账户4万多个,非法获利16万余元,三人均获刑。",
"author": "百度快照",
"pubDate": "2022-03-09"
},
{
"title": "部分银行收紧无卡取款业务,记者探访多数银行仍可扫码或刷脸取款...",
"link": "https://new.qq.com/rain/a/20240707A0418P00",
"description": "记者梳理发现,在全国范围内取消ATM扫码取款的银行并不算多,更多的银行只是暂停了手机预约取款功能,扫码取款功能并未取消。例如,交通银行公告称:“从5月24日起,停止个人 手机银行 中无卡取款功能中的预约取款服务。客户仍可通过该行智能机具办理有卡取款、扫码取款或前往该行营业网点办理取款业务。”农业银行于5月9日起...",
"author": "百度快照",
"pubDate": "2024-07-07"
},
{
"title": "315金融消费者权益保护|金融消费投诉频发 “止损、报警、维权”三...",
"link": "https://new.qq.com/omn/20210313/20210313A02T4B00.html",
"description": "通联支付与建设 银行 在该事件中可能存在管理和技术方面的过错,其中管理过错是指通联支付与银行是否按照双方指定的协议进行管理;技术过错是指平台是否因技术 漏洞 导致相关问题的出现,银行或通联支付是否尽到了维护客户资金安全的义务,是否对平台技术进行定期巡查,接到修先生此类投诉后是否进行及时处理等。",
"author": "百度快照",
"pubDate": "2021-03-13"
},
{
"title": "银行的手机银行安全防护漏洞如何修复??-和讯网",
"link": "http://insurance.hexun.com/2025-05-10/218949278.html",
"description": "在数字化时代, 手机银行 已成为人们日常金融交易的重要工具,然而其安全防护问题也备受关注。当发现手机银行存在安全防护 漏洞 时,可从以下几个方面进行修复。 首先是技术层面的修复。银行应定期对手机银行系统进行全面的安全评估和漏洞扫描。利用先进的漏洞扫描工具,对系统代码、数据库等进行深度检测,及时发现潜在的安全漏洞。",
"author": "百度快照",
"pubDate": "2025-05-10"
}
],
"银行漏洞": [
{
"title": "300亿上市银行系统漏洞被利用,开设4万多个异常账户!非法获利16万...",
"link": "https://www.163.com/dy/article/H15DMK220539LWQ1.html",
"description": "日前,一则有关长沙 银行 系统 漏洞 被利用的消息引发关注。 中国裁判文书网披露的一则湖南省长沙市中级人民法院刑事裁定书显示,3名犯罪分子利用长沙银行系统漏洞,对计算机信息系统中传输的数据进行删除、修改,短时间内开设异常账户4万多个,非法获利16万余元,三人均获刑。 长沙银行系统存在哪些漏洞?“被开户”的户主会否遭受损失?长沙银行要负",
"author": "百度快照",
"pubDate": "2022-02-26"
},
{
"title": "2014年浙江大妈发现银行漏洞,一月内偷走5亿,警方:银行的责任|储户...",
"link": "https://www.163.com/dy/article/HSLTP6A90553LFQF.html",
"description": "她成功找到 银行 的 漏洞 ,在一个月之内挪走了多家银行近五亿元的存款,直到一年后才东窗事发。 事发后,涉事银行却推卸责任,引起众怒。 最终,警方经过调查,确定这次事件完全是银行的责任。 那么,这位大妈是如何转走他人存款的?为什么这些受害者直到一年后才发现自己存款不见了?这些储户的损失最终又由谁来买单? 一 消...",
"author": "百度快照",
"pubDate": "2023-02-03"
},
{
"title": "银行网络惊魂“大劫案”|银行|资产|腾讯安全_新浪新闻",
"link": "https://news.sina.com.cn/sx/2022-12-30/detail-imxymmtq9354405.shtml",
"description": "两边的工作人员打起了传切配合,像一支球队快速奔袭全场,同时不断填补防守 漏洞 。 72小时内, 银行 的互联网资产完成全面排查。腾讯安全团队帮助客户发现互联网暴露资产共15万左右,其中包括域名资产和IP资产11万左右、影子资产2000多、小程序和公众号3万多等等。 这么短时间梳理出如此多资产类型和数量,银行客户也表示惊叹。",
"author": "百度快照",
"pubDate": "2022-12-30"
},
{
"title": "2013年,浙江大妈利用漏洞,偷走6家银行5亿元,她是怎么做到的?_腾讯...",
"link": "https://new.qq.com/rain/a/20220821A03XXT00",
"description": "“后来我也是偶然发现了 银行 的 漏洞 ,所以才生了歪心思。” 邱某口中所说的“漏洞”,其实就是银行转账业务的一个小纰漏。原本银行工作人员是没有这么大的权限进行大额转账交易,但是却可以通过同事授权来完成。而祝某也就是通过这一点,一次次地骗走了储户的存款。 由于大家都是同事,所以根本没有人会怀疑祝某是在...",
"author": "百度快照",
"pubDate": "2022-08-26"
},
{
"title": "电信诈骗频发,多家银行调整个人账户限额堵漏洞|洗钱|反诈|交易|...",
"link": "http://k.sina.com.cn/article_1684012053_645ffc1501901cua6.html",
"description": "在此之中,并非所有客户受到影响,徽商 银行 在其公告中对所调整的个人账户作出了界定范围:一年以上(含一年)未发生取现、转账等主动交易,账户余额在50元(含)以下的I类个人银行结算账户(包含借记卡、存折);一年以上(含一年)未登录过手机银行或个人网银,账户余额在10元(含)以下的Ⅰ类个人银行结算账户。",
"author": "百度快照",
"pubDate": "2023-08-22"
},
{
"title": "银行监管体系存漏洞女嫌犯趁机拉拢银行“内鬼”",
"link": "https://www.sohu.com/a/1019079_116897",
"description": "当一个违法操作被当成正常业务来办理的时候,大额资金就这样突破临柜监督、远程监控,而无从控制。这就是 银行 监管体系可笑的地方。 银行的一些 “坏习惯” 银行监管体系的脆弱,不仅仅发生在柜台业务办理那一刻。钱江晚报记者在调查中发现,杭州联合银行案情曝光是在2014年初,据浙江省银监局有关工作人员说,杭州联合银行事...",
"author": "百度快照",
"pubDate": "2007-02-06"
},
{
"title": "案例研究 | 刘仁文、车浩、时延安、田宏杰等:利用银行系统漏洞...",
"link": "https://new.qq.com/rain/a/20240826A06P2W00",
"description": "当系统 漏洞 存在时,往往基于公民一种认识在于,由于 银行 系统存在过错,进而应当由银行承担相应后果,行为人的行为属于合法行为而不构成犯罪。因此应当明确,虽然行为人第一次取款行为属于合法行为,但是由于其后续主观意图的转变,对于资金的占有存在恶意利用系统的目的,导致了合法行为向非法行为的转变。即使存在合法形式也不能...",
"author": "百度快照",
"pubDate": "2024-08-26"
},
{
"title": "2014年浙江大妈发现银行漏洞,1个月盗取5亿资金,最终结果如何?|储...",
"link": "https://dy.163.com/article/H7GK5GA705534K6C.html",
"description": "通过中间人,这笔钱会被直接存入 银行 ,方先生能够立刻拿到15%的利息。 这个数字让方先生很是心动,银行为了资金周转,通过中间人找大客户去存款的事情时有发生。 方先生以前也进行过类似的业务,他不仅拿到了比普通存款方式更高的利息,本金也没有受损。 通过这个朋友,方先生和中间人取得了联系,让方先生感到欣慰的是,对...",
"author": "百度快照",
"pubDate": "2022-05-17"
},
{
"title": "北京某银行储蓄员携巨款潜逃近20年从未离京 靠卖房款过日子_手机...",
"link": "https://news.sina.cn/gn/2022-06-21/detail-imizirau9700403.d.html",
"description": "发现 银行漏洞 ,他伺机实施蓄谋已久的计划 时间拨回到20多年前。1997年7月毕业后,20岁的李伟进入招商银行北京分行某支行工作,担任储蓄员。2001年,经朋友介绍,李伟与做护士的刘芳认识,并于次年结婚。 婚后,李伟虽也度过了一段甜蜜的生活,但与妻子之间渐渐产生了一些摩擦,他认为妻子总是歇斯底里地说他,令他无法忍受...",
"author": "百度快照",
"pubDate": "2022-06-21"
},
{
"title": "杭州“日光盘”烂尾背后:多家银行卷入预售金监管漏洞--房产--人民网",
"link": "http://house.people.com.cn/n/2015/0505/c164220-26948515.html",
"description": "原标题:杭州“日光盘”烂尾背后:多家 银行 卷入预售金监管 漏洞 2013年12月18日,杭州田逸之星公寓三号楼和四号楼的业主们收到一纸延时交付书,原定2013年12月30日前交付使用的房子被告知延后,延时交付书称,“我公司力争于2014年4月30日前交房,最迟于2014年6月30日前交房”。",
"author": "百度快照",
"pubDate": "2015-05-05"
},
{
"title": "2018年,沈阳男子发现银行系统漏洞,半年内用小额存款套取3000万|银...",
"link": "https://www.163.com/dy/article/H0LBPPP80550TA0M.html",
"description": "梦想着自己能够在 银行 的系统中找到它们的 漏洞 ,修改自己在 银行 账户的存款余额,把银行变为自己的免费取款机,从此一劳永逸。 在膨胀的贪婪心的驱使下,这个二手车销售员变身为“银行系统测试员”,他在2013年到2018年这5年的时间里,不停地在银行系统上尝试。 就在2018年的5月份,他这个天马行空,看似不可能的想法,竟然被他实现了,一张余额只有5",
"author": "百度快照",
"pubDate": "2022-02-20"
},
{
"title": "长沙银行系统漏洞成敛财工具?3人用外挂造4万非法账户获利16万_中...",
"link": "http://finance.ce.cn/bank12/scroll/202202/23/t20220223_37350803.shtml",
"description": "在老百姓的心目中, 银行 是最受信任的金融机构,中国老百姓大部分的金融资产都放在银行当中。但最近却发生一起因银行系统 漏洞 而引发的恶性违法事件,有一家上市银行因存在系统漏洞成了他人的敛财工具。 01 银行系统漏洞被利用 3人开设4万异常账户赚16万 近日,裁判文书网披露的一则裁定书显示,3人利用长沙银行系统的漏洞...",
"author": "百度快照",
"pubDate": "2022-02-23"
},
{
"title": "疑案精解 | 利用银行系统漏洞获得财物的行为判断-钟兴刚律师团队...",
"link": "https://lawyers.66law.cn/s2a142327f7077_i1443873.aspx",
"description": "行为人利用 银行 系统 漏洞 造成银行损失的行为如何评价,是犯罪行为,还是民事不当得利,实践中存在分歧。行为人主观上是否具有非法占有目的、客观上是否具有转移占有行为成为此类案件定性的关键因素。实践中应以个案证据为基础,严格按照犯罪构成要件分析行为人的客观行为性质和主观目的,坚持主客观相一致的原则,对案件作出准确定性...",
"author": "百度快照",
"pubDate": "2024-06-29"
},
{
"title": "别人开的二类账户却致自己工资卡被盗刷,北京一男子将银行告上法庭...",
"link": "https://www.jfdaily.com.cn/news/detail?id=404736",
"description": "富滇 银行 认为,在这个过程当中中国银行存在 漏洞 ,没有尽到审核义务,“如果有个短信验证之类的,让客户知道钱要出去了,就不会出现后面的消费了。” 对此,中国银行解释,这个机制是为了方便客户消费和资金流转的顺畅,已经通过报文核验后,系统接到支付指令,就会无条件地及时通过,“在一类账户向二类账户支付的过程中,不要求再...",
"author": "百度快照",
"pubDate": "2021-09-12"
},
{
"title": "客户212万分20多笔被转走银行系统存漏洞担责七成_新闻频道_中国...",
"link": "http://news.youth.cn/sh/201708/t20170814_10508759.htm",
"description": "当天,其 银行 卡内212万元分成20多笔被转走。陈女士起诉开户行,认为银行系统存在安全 漏洞 。银行辩称,案件没有侦破,款项是否被骗未知,即使被骗也是因为诈骗分子的行为,以及陈女士的严重过失所致。天河区法院一审认为,陈女士预留了电话号码,银行未全面推行实施转账验证码,并告知不开通该功能的风险责任自负,也未对跨行多笔...",
"author": "百度快照",
"pubDate": "2017-08-14"
},
{
"title": "金融犯罪频发 凸显银行监管的漏洞_手机新浪网",
"link": "http://finance.sina.cn/sa/2006-06-07/detail-ikknscsi3443890.d.html",
"description": "银川市公安局经侦支队于今年5月中旬成功破获一起截留20余万元 银行 预存款案。宁夏大学政法学院院长张秉民和西北第二民族大学法学教授王幽深等专家指出,近年来,宁夏一直大力打击金融犯罪,可如今一个职员却能连续3次截留银行预存款,并且在长达近一个月的时间内未被发现,暴露出银行的监管 漏洞 。",
"author": "百度快照",
"pubDate": "2006-06-07"
},
{
"title": "澳小伙发现ATM无限吐钱! 租飞机办派对, 带陌生人挥霍!",
"link": "https://weibo.com/ttarticle/p/show?id=2309404996342547349998",
"description": "意外发现 银行漏洞 从一个普通的调酒师摇身一变成为百万富翁,每天都能过着纸醉金迷的奢华生活,这或许是电影里才有的情节。 只能说艺术源于生活,一位澳洲小哥的经历,比电影清洁更加精彩。 Dan Saunders出生在墨尔本,曾经是一名职业调酒师,在维州Wangaratta小镇的酒吧上班,几乎过着昼夜颠倒的生活,每天下班都可能是微醺甚...",
"author": "百度快照",
"pubDate": "2024-01-31"
},
{
"title": "中信银行因泄露艺人账户明细发布致歉信 储户隐私如何保护?|商业银...",
"link": "https://news.hsw.cn/system/2020/0508/1182718.shtml",
"description": "律师说法:个案折射出 银行 管理 漏洞 必须严惩 陕西恒达律师事务所高级合伙人、知名公益律师赵良善认为:“中信银行未经持卡人授权、未经正当程序泄露持卡人银行账户交易明细,依据《商业银行法》第二十九条‘商业银行办理个人储蓄存款业务,应当遵循存款自愿、取款自由、存款有息、为存款人保密的原则。对个人储蓄存款,商业银行有...",
"author": "百度快照",
"pubDate": "2020-05-08"
},
{
"title": "兰州银行信贷业务内控或存漏洞管理人员在外兼职拷问人员独立性...",
"link": "https://new.qq.com/rain/a/20211216A0CH9N00",
"description": "此外,兰州 银行 曾要求未以个人名义签订保证合同的相关方承担连带清偿责任,但其对视为夫妻共同债务的债权未取得夫妻双方的签字,也未能提供文件证明此债务为夫妻双方共同意思表示,最终上诉遭驳回。对此,兰州银行信贷业务内控是否存在 漏洞 ?一波未停一波又起,兰州银行管理人员或在外兼任董事、监事,人员独立性或遭拷问。",
"author": "百度快照",
"pubDate": "2021-12-16"
},
{
"title": "2.5亿元银行存款被盗 知情人:年息24%揽存后销户 银行流程有漏洞...",
"link": "https://new.qq.com/omn/20220318/20220318A08IQI00.html",
"description": "近日,南宁工行2.5亿存款不翼而飞事件引发网友高度关注,储户丢失的存款为何追不回来?3月17日,上游新闻记者向案件相关知情人以及一位当事人代理律师了解情况发现,该案涉及到第三方经济犯罪,而受害人被24%的不正常年息所诱为起因,但 银行 流程上存在 漏洞 。",
"author": "百度快照",
"pubDate": "2022-03-18"
}
],
"支付漏洞": [
{
"title": "25%银行类网站存高危风险小银行和P2P平台成重灾区_中央网络安全和...",
"link": "https://www.cac.gov.cn/2015-01/26/c_1114126337.htm",
"description": "另据360补天 漏洞 响应平台提供的信息,此前,国内P2P平台小米贷存多个高危 漏洞 ,黑客可直接控制服务器;普资华企P2P理财网站存在XSS漏洞,使得数十万会员信息存在隐患;易网融通金融综合服务平台存在用户信息泄露风险;点点理财P2P平台存在万能密码,黑客可进入后台操作,泄露所有用户资料;长沙大定财富理财网站存在的漏洞可导致泄露多个数据库信息。目前,",
"author": "百度快照",
"pubDate": "2015-01-26"
},
{
"title": "人民银行提示:网络支付小心信息泄露风险_中央网络安全和信息化...",
"link": "https://www.cac.gov.cn/2016-02/18/c_1118077447.htm",
"description": "非银行 支付 机构方面,应加强规范化管理。支付机构应引入多重安全验证方式,对于小额支付可支持消费者采用较简单的交易安全验证手段;对于大额支付应要求消费者采用安全保障高的交易验证手段,有效防止消费者因不慎遗失个人金融信息而导致的资金安全 漏洞 。鼓励支付机构向客户提供账户资金安全保险服务。消费者在接受支付机构支付服务...",
"author": "百度快照",
"pubDate": "2016-02-18"
},
{
"title": "财付通被爆存安全性漏洞:资金频被盗刷赔付解决难_中央网络安全和...",
"link": "https://www.cac.gov.cn/2015-09/06/c_1116476475.htm",
"description": "在网络第三方 支付 平台方面,有行业专家指出,资金遭冻结并难以解决和资金遭盗刷仍旧是用户投诉热点。同时,记者采访发现,小额资金被盗刷的情况,在实际中更是难以得到有效解决。 某第三方网络支付平台过去的用户小朱(化名)说,在经历了一次被盗刷事件后,他就注销了在该平台的支付业务。 用户:刚打进过一笔钱,第二天早上...",
"author": "百度快照",
"pubDate": "2015-09-06"
},
{
"title": "@所有人,这些网络安全“漏洞”,你堵好了吗?_中央网络安全和信息化...",
"link": "https://www.cac.gov.cn/2021-10/13/c_1635718065867728.htm",
"description": "如果收到了来自信任的朋友或者同事的邮件,你对邮件内容表示怀疑,可直接拨打电话向其核实。 漏洞 五: 扫描来路不明的网站或APP上的二维码 移动 支付 时代,扫描二维码已经成为我们生活中最稀松平常的事儿。可是,这些二维码看起来方便,但是一不小心,你可能就要付出钱财损失的代价。 以下是常见的几种二维码诈骗伎俩: 1、在商...",
"author": "百度快照",
"pubDate": "2021-10-13"
},
{
"title": "聚焦“金融日”:网上支付有风险 陌生链接不要点-中央网络安全和...",
"link": "https://www.cac.gov.cn/2015-06/03/c_1115503708.htm",
"description": "聚焦“金融日”:网上 支付 有风险 陌生链接不要点 便捷的网银支付已渗透到我们生活的方方面面。昨天,在第二届国家网络安全宣传周的“金融日”上,中国工商银行数据中心(北京)安全部总经理敦宏程坦言,信息泄露、恶意软件、钓鱼网站等在不断的威胁到网银安全服务。",
"author": "百度快照",
"pubDate": "2015-06-03"
}
]
}

1602
resources/JSON/doonsec.json
View File

File diff suppressed because it is too large Load Diff

162
resources/JSON/freebuf.json
View File

@ -1,162 +0,0 @@
[
{
"title": "黑客利用单字母拼写错误的Go模块部署基于DNS的后门",
"link": "https://www.freebuf.com/articles/481976.html",
"description": "黑客利用单字母拼写错误的Go模块潜伏3年植入隐蔽DNS后门",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779282821948311_b79b9afbfa6c4129be05629890d868a1.webp!small\" alt=\"\"></p>\n<p>一个看似无害的Go模块拼写错误已悄然充当活跃后门近三年。安全研究人员发现名为<code>github.com/shopsprint/deci",
"category": "技术",
"pubDate": "Wed, 20 May 2026 12:30:23 +0800"
},
{
"title": "GitHub证实被入侵4000个私有仓库被窃取",
"link": "https://www.freebuf.com/news/481866.html",
"description": "GitHub通过官方X原Twitter账号发布声明确认正在调查针对其内部代码仓库的未授权访问事件。",
"body": "<p>5月20日GitHub通过官方X原Twitter账号发布声明确认正在调查针对其内部代码仓库的未授权访问事件。该回应直接指向威胁组织“TeamPCP”此前宣称的大规模数据窃取行为。</p><h2 id=\"h2-1\">官方回应:客户数据暂未受影响</h2><p><img src=\"https://image.3001.net/images/20260520/1779249234_6a0d",
"category": "资讯",
"pubDate": "Wed, 20 May 2026 11:51:03 +0800"
},
{
"title": "NGINX 安全分析CVE202642945 漏洞解析",
"link": "https://www.freebuf.com/articles/web/481861.html",
"description": "该漏洞在 NGINX 源代码中存在 长达 18 年之久,波及几十亿请求路径和数百万服务实例。",
"body": "<h2 id=\"h2-1\">一、背景简介:互联网核心组件的历史性缺陷</h2><p>NGINX 是全球部署最广泛的高性能 HTTP 服务器、反向代理和负载均衡器承载无数网站、API、微服务等关键业务。2026 年安全界爆出一个震惊业界的漏洞——<strong>CVE202642945</strong>,该漏洞在 NGINX 源代码中存在 <strong>长达 18 年</strong>之久,",
"category": "Web安全",
"pubDate": "Wed, 20 May 2026 11:19:25 +0800"
},
{
"title": "组件投毒预警atool npm 维护者账户被接管317个包遭凭证蠕虫攻击",
"link": "https://www.freebuf.com/articles/vuls/481859.html",
"description": "此次受影响的软件包覆盖面极广,既包括前端开发中的高频基础依赖,也包括大量企业常用的数据可视化与图分析组件。",
"body": "<h1 id=\"activity-name\"><span>事件概述</span></h1><p id=\"js_content\"></p><p>近日安全玻璃盒供应链安全威胁情报中心检测到npm生态爆发一起高危供应链投毒事件。公开情报显示npm账户 <strong>atooli@hust.cc</strong>于 <strong>2026 年 5 月 19 日</strong>被攻击者劫持,随",
"category": "漏洞",
"pubDate": "Wed, 20 May 2026 11:11:09 +0800"
},
{
"title": "职等你来,同花顺招聘安全工程师",
"link": "https://www.freebuf.com/articles/481850.html",
"description": "职等你来,同花顺招聘安全工程师",
"body": "<h2 class=\"tinymce-p\" id=\"h2-1\">招聘岗位</h2><h3 id=\"h3-1\">基础安全工程师/专家 (30-90K)</h3><p class=\"tinymce-p\"><strong>岗位职责:</strong></p><p class=\"tinymce-p\">1.负责公司基础信息系统安全建设。以黑客视角对基础设施进行安全风险识别与评估,并给出安全加固建议;</p>",
"category": "安全招聘",
"pubDate": "Wed, 20 May 2026 10:06:54 +0800"
},
{
"title": "CVE Lite CLI开源依赖项漏洞扫描工具",
"link": "https://www.freebuf.com/articles/development/481895.html",
"description": "\"开源工具CVE Lite CLI让依赖漏洞扫描提前到开发终端秒级定位高危风险\"",
"body": "\n<p>在 JavaScript 和 TypeScript 项目中,依赖项漏洞扫描长期以来都处于开发管道的末端。开发者提交拉取请求后,持续集成系统开始运行,安全扫描器返回一系列 CVE 编号,而此时开发者往往需要花费数小时甚至数天时间来处理这些漏洞。作为 OWASP 官方认证的孵化项目CVE Lite CLI 将这项检查工作提前到了开发者终端阶段。</p>\n<p>这款由 Sonu Kapoor ",
"category": "开发安全",
"pubDate": "Wed, 20 May 2026 06:00:59 +0800"
},
{
"title": "华为0Day漏洞被指导致2025年卢森堡全国通信瘫痪",
"link": "https://www.freebuf.com/articles/ics-articles/481893.html",
"description": "华为0Day漏洞致卢森堡全国通信瘫痪漏洞未修复仍存隐患",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779260600782542_674120c2a01844d08d096249af3caf3f.jpg!small\" alt=\"\"></p>\n<h2>华为路由器0Day漏洞引发卢森堡全国通信中断</h2>\n<p>2025年7月23日卢森堡遭遇全国性通信中断事件据调查由华为企业路由器中一",
"category": "关基安全",
"pubDate": "Wed, 20 May 2026 05:30:04 +0800"
},
{
"title": "GitHub 遭入侵:员工设备遭恶意扩展攻击致内部源码仓库泄露",
"link": "https://www.freebuf.com/articles/database/481971.html",
"description": "GitHub员工遭恶意扩展攻击3800个内部源码仓库泄露",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779280305659712_201420402a6c414ea57c5a7ab5e56403.webp!small\" alt=\"\"></p>\n<p>2026年5月20日GitHub通过系列官方声明证实其检测到某员工设备因安装恶意Visual Studio Code扩展而遭入侵导致内",
"category": "数据安全",
"pubDate": "Wed, 20 May 2026 04:47:29 +0800"
},
{
"title": "AI Agent 安全:自动化工作流时如何规避提示注入与数据泄露风险",
"link": "https://www.freebuf.com/articles/ai-security/481829.html",
"description": "AI Agent权限越大风险越高提示注入可致数据泄露",
"body": "<p class=\"tinymce-p\"><img src=\"https://image.3001.net/images/20260520/1779246191_6a0d246fa6e1d68d408d0.jpg!small\" width=\"690\" height=\"388\" alt=\"\" />AI Agent 安全始于一个简单事实Agent 权限越大,其访问控制就需越严格。仅能总结文档的 AI",
"category": "AI安全",
"pubDate": "Tue, 19 May 2026 21:13:08 +0800"
},
{
"title": "FreeBuf早报 | Mythos Preview 实现自动化漏洞研究中 PoC 漏洞利用链构建n8n漏洞使自动化节点面临完整RCE风险",
"link": "https://www.freebuf.com/news/481732.html",
"description": "AI模型可自动构建漏洞利用链安全边界面临重构。",
"body": "<h2 id=\"h2-1\">全球网安事件速递</h2><h3 id=\"h3-1\">1. Mythos Preview 实现自动化漏洞研究中 PoC 漏洞利用链构建</h3><p>Anthropic的AI模型Mythos Preview实现突破能串联漏洞生成可验证的PoC利用链填补漏洞发现与利用间的技术鸿沟。需定制化框架优化结果但安全防护仍需额外措施凸显攻防时间窗缩短的紧迫性。【<a hre",
"category": "资讯",
"pubDate": "Tue, 19 May 2026 18:17:06 +0800"
},
{
"title": "DirtyDecrypt Linux 内核漏洞 PoC 利用代码公开",
"link": "https://www.freebuf.com/articles/system/481812.html",
"description": "高危漏洞DirtyDecrypt曝光Linux本地提权风险加剧容器逃逸威胁企业安全。",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779213934717431_fbd338cb0e024d0ba4f1d28e73d86e72.webp!small\" alt=\"\"></p>\n<p>针对一个被命名为 DirtyDecrypt亦被追踪为 DirtyCBC的高危 Linux 内核本地提权漏洞的概念验证PoC利用代码已",
"category": "系统安全",
"pubDate": "Tue, 19 May 2026 17:18:30 +0800"
},
{
"title": "威胁情报落地的三大SOC战术",
"link": "https://www.freebuf.com/articles/es/481821.html",
"description": "被动安全难抵风险累积三大SOC战术让威胁情报落地提速",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779217503385468_e8ec77053d1742bcb9a4f775553f99f9.webp!small\" alt=\"3 SOC Tactics for Threat Intelligence\"></p>\n<p>数据泄露事件可能只会上头条一天,但其造成的损害却会持续数年。关键业",
"category": "企业安全",
"pubDate": "Tue, 19 May 2026 17:12:12 +0800"
},
{
"title": "新型钓鱼点击OAuth授权如何绕过多因素认证",
"link": "https://www.freebuf.com/articles/ai-security/481770.html",
"description": "OAuth钓鱼攻击绕过MFA窃取企业数据刷新令牌成黑客新武器",
"body": "\n<p><img src=\"https://image.3001.net/images/20260519/1779195846621043_1d6c880720b84255aa9dbabb26ac1bf0.jpg!small\" alt=\"image\"></p>\n<p>2026年2月名为EvilTokens的钓鱼即服务PhaaS平台开始运作。短短五周内该平台就成功入侵了五个国家超过340家微",
"category": "AI安全",
"pubDate": "Tue, 19 May 2026 17:00:00 +0800"
},
{
"title": "Pwn2Own Berlin 2026落幕0Day漏洞奖金总额达130万美元",
"link": "https://www.freebuf.com/articles/481792.html",
"description": "Pwn2Own柏林赛狂揽47个0Day奖金近130万美元",
"body": "<p><img src=\"https://image.3001.net/images/20260520/1779245390_6a0d214e84c1e53d92ea6.jpg!small\" width=\"690\" height=\"388\" alt=\"\" /></p><p>2026年5月16日备受期待的Pwn2Own Berlin 2026黑客大赛在OffensiveCon会议期间经过三天激烈角",
"category": "技术",
"pubDate": "Tue, 19 May 2026 15:59:01 +0800"
},
{
"title": "Orchid Security安全报告三分之二非人类账户处于失控状态",
"link": "https://www.freebuf.com/articles/es/481795.html",
"description": "&quot;企业身份暗物质失控AI时代埋下致命隐患&quot;",
"body": "<p><img src=\"https://image.3001.net/images/20260520/1779207353112015_f86eae1a3ccd4966a6209094af950edf.webp!small\" alt=\"\" /></p><p><strong>美国纽约2026年5月19日CyberNewswire电</strong><strong>新研究表明身份暗物质持续扩张,",
"category": "企业安全",
"pubDate": "Tue, 19 May 2026 15:37:57 +0800"
},
{
"title": "GitHub缩减漏洞赏金计划提醒用户安全责任需共担",
"link": "https://www.freebuf.com/articles/ai-security/481793.html",
"description": "GitHub因AI垃圾报告泛滥缩减漏洞赏金警告用户需自担安全风险。",
"body": "\n<h2>代码托管平台呼吁研究者减少AI生成的低质报告</h2>\n<p><img src=\"https://image.3001.net/images/20260520/1779207203294546_1db731e7b91849f687c029395a13791e.jpg!small\" alt=\"通过GitHub供应链发起的攻击\"></p>\n<p>面对漏洞赏金计划提交量的激增GitHub正对",
"category": "AI安全",
"pubDate": "Tue, 19 May 2026 15:28:48 +0800"
},
{
"title": "Apache Flink 高危漏洞可导致远程代码执行攻击",
"link": "https://www.freebuf.com/articles/database/481799.html",
"description": "高危漏洞Apache Flink SQL注入可致集群沦陷速升级",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779207728416657_85c769744ebd4e9ba16508b0f2df642c.webp!small\" alt=\"\"></p>\n<p>Apache Flink 近日披露一个编号为 CVE-2026-35194 的高危漏洞,该漏洞通过平台代码生成引擎中的 SQL 注入缺陷,使",
"category": "数据安全",
"pubDate": "Tue, 19 May 2026 15:03:10 +0800"
},
{
"title": "Linux应急响应入侵排查篇",
"link": "https://www.freebuf.com/articles/defense/481696.html",
"description": "在日常安全运营中Linux 服务器被入侵是非常常见的应急场景。",
"body": "<p>在日常安全运营中Linux 服务器被入侵是非常常见的应急场景。攻击者通过弱口令、Web 漏洞、组件漏洞、密钥泄露等方式进入主机,随后进行提权、植入后门、横向移动、挖矿、代理转发或数据窃取。</p><h2 id=\"h2-1\"><strong>一、Linux入侵排查思路</strong></h2><p><strong>1.系统信息收集</strong></p><p>主要是收集系统的版本内核信息",
"category": "攻防演练",
"pubDate": "Tue, 19 May 2026 15:01:07 +0800"
},
{
"title": "攻击者利用Cloudflare存储节点从被入侵网络窃取文件",
"link": "https://www.freebuf.com/articles/database/481791.html",
"description": "攻击者利用Cloudflare存储节点窃取政府企业数据定制化工具规避检测。",
"body": "<p><img src=\"https://image.3001.net/images/20260519/1779203091162279_635083f446bd4b7e9241ec9f5e05ffb4.webp!small\" alt=\"\" /></p><p>攻击者发现了一种从被入侵网络静默窃取数据的新方法——这次他们隐藏在人们熟悉的Cloudflare服务背后。安全研究人员发现一起针对性入侵行动",
"category": "数据安全",
"pubDate": "Tue, 19 May 2026 14:01:55 +0800"
},
{
"title": "CVE-2026-42945 深度解析 NGINX Rift 潜伏18年的堆溢出漏洞分析与防御指南",
"link": "https://www.freebuf.com/articles/vuls/481654.html",
"description": "NGINX Rift漏洞极其罕见地在 NGINX 的核心源码库中潜伏了大约 18 年之久。据溯源分析,该缺陷最早在 2008 年左右的提交中被引入。",
"body": "<p>在全球互联网基础设施的底层架构中NGINX 凭借其极致的异步非阻塞事件驱动模型和极低的内存消耗,长期占据着 Web 服务器、反向代理、负载均衡器以及 API 网关领域的统治地位。NGINX的安全性影响全球数以千万计在线服务。2026年5月13日一项被正式命名为 “NGINX Rift” 的严重内存破坏漏洞CVE-2026-42945的公开披露在网络安全业界引发了强烈的震动。</p>",
"category": "漏洞",
"pubDate": "Tue, 19 May 2026 09:33:04 +0800"
}
]

1586
resources/JSON/github_keyword.json
View File

File diff suppressed because it is too large Load Diff

8
resources/JSON/github_release.json
View File

@ -1,8 +0,0 @@
[
{
"link": "https://github.com/BeichenDream/Godzilla/releases/tag/v4.0.1-godzilla",
"published_at": "2021-11-01T08:54:13Z",
"author": "BeichenDream",
"keyword": "BeichenDream/Godzilla"
}
]

11
resources/JSON/github_repo.json
View File

@ -1,11 +0,0 @@
[
{
"link": "https://api.github.com/BeichenDream/Godzilla",
"name": "BeichenDream/Godzilla",
"updated_at": "2023-03-07T07:33:10Z",
"description": "Update README.md",
"author": "beichen",
"link_2": "https://github.com/BeichenDream/Godzilla/commit/a5558e6c37139ebb0b7b4491dc3ea7ce8d8f9e49",
"keyword": "BeichenDream/Godzilla"
}
]

11
resources/JSON/github_user.json
View File

@ -1,11 +0,0 @@
[
{
"link": "https://github.com/su18/POC",
"name": "POC",
"created_at": "2023-01-08T01:56:47Z",
"description": "收集整理漏洞EXP/POC,大部分漏洞来源网络目前收集整理了1400多个poc/exp长期更新。",
"author": "su18",
"language": null,
"keyword": "su18"
}
]

102
resources/JSON/huawei.json
View File

@ -1,102 +0,0 @@
[
{
"title": " 安全预警-华为E585设备web server模块漏洞 ",
"pubDate": "2026-03-25T16:27:29",
"link": "www.huawei.com/cn/psirt/security-advisories/2012/hw-198237"
},
{
"title": " 安全通告 - 华为PC产品存在认证绕过漏洞 ",
"pubDate": "2026-03-25T16:27:29",
"link": "www.huawei.com/cn/psirt/security-advisories/2025/huawei-sa-20250325-01-pc-cn"
},
{
"title": " 安全通告 - 涉及华为全屋音乐系统产品的路径穿越漏洞 ",
"pubDate": "2026-03-25T16:27:27",
"link": "www.huawei.com/cn/psirt/security-advisories/2024/huawei-sa-ptvihhms-91f7c6fa-cn"
},
{
"title": " 安全预警 - 涉及华为部分产品的缓冲区错误漏洞 ",
"pubDate": "2026-03-25T16:27:26",
"link": "www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180418-01-enum-cn"
},
{
"title": " 安全预警 - CPU漏洞“Meltdown”和“Spectre” ",
"pubDate": "2026-02-25T16:59:51",
"link": "www.huawei.com/cn/psirt/security-advisories/2018/huawei-sa-20180106-01-cpu-cn"
},
{
"title": " 安全通告 - 涉及华为EnzoH产品的系统命令注入漏洞 ",
"pubDate": "2025-07-23T17:08:33",
"link": "www.huawei.com/cn/psirt/security-advisories/2025/huawei-sa-OCIViHEP-1bcbfffa"
},
{
"title": " 安全通告 - 涉及华为EnzoH产品的系统命令注入漏洞 ",
"pubDate": "2025-07-23T15:28:50",
"link": "www.huawei.com/cn/psirt/security-advisories/2025/huawei-sa-OCIViHEP-cn"
},
{
"title": " 安全通告 - 涉及华为EnzoH产品的系统命令注入漏洞 ",
"pubDate": "2025-07-23T14:18:29",
"link": "www.huawei.com/cn/psirt/security-advisories/2025/huawei-sa-OCIViHEP-e73ab538"
},
{
"title": " 安全预警 - 涉及部分华为产品的三个缓冲区溢出漏洞 ",
"pubDate": "2025-06-30T23:46:31",
"link": "www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171108-02-http-cn"
},
{
"title": " 安全预警 - 华为产品存在七层HTTP Chunked报文解析漏洞 ",
"pubDate": "2025-02-11T15:28:02",
"link": "www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20160301-01-http-cn"
},
{
"title": " 安全预警 - 某些华为产品中的CGI应用安全漏洞 ",
"pubDate": "2025-02-10T11:01:55",
"link": "www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171129-01-httpproxy-cn"
},
{
"title": " 安全预警 - 涉及华为部分产品的HTTP请求解析不一致漏洞 ",
"pubDate": "2025-02-10T11:01:17",
"link": "www.huawei.com/cn/psirt/security-advisories/2021/huawei-sa-20210120-01-http-cn"
},
{
"title": " 安全通告 - 华为某产品存在权限提升漏洞 ",
"pubDate": "2025-01-10T15:55:33",
"link": "www.huawei.com/cn/psirt/security-advisories/2022/huawei-sa-20220216-01-priesc-cn"
},
{
"title": " 安全预警 华为E5756s产品存在WebUI接口鉴权机制不完善漏洞 ",
"pubDate": "2024-12-29T01:09:01",
"link": "www.huawei.com/cn/psirt/security-advisories/2015/hw-441176"
},
{
"title": " 安全预警 - FusionAccess产品缓冲区溢出漏洞 ",
"pubDate": "2024-12-29T01:09:01",
"link": "www.huawei.com/cn/psirt/security-advisories/2015/hw-453536"
},
{
"title": " 安全预警 - 华为移动宽带产品中存在的DoS安全漏洞 ",
"pubDate": "2024-12-29T01:08:10",
"link": "www.huawei.com/cn/psirt/security-advisories/2015/hw-450878"
},
{
"title": " 安全预警 - 华为手机FRP绕过安全漏洞 ",
"pubDate": "2024-12-29T01:08:10",
"link": "www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161207-01-smartphone-cn"
},
{
"title": " 安全预警 - 华为FusionAccess的命令注入漏洞 ",
"pubDate": "2024-12-29T01:08:10",
"link": "www.huawei.com/cn/psirt/security-advisories/2016/huawei-sa-20161130-01-ldap-cn"
},
{
"title": " 安全预警 - 华为WLAN AC产品存在mDNS消息处理不当漏洞 ",
"pubDate": "2024-12-29T01:08:10",
"link": "www.huawei.com/cn/psirt/security-advisories/2015/hw-453514"
},
{
"title": " 安全预警 - FusionAccess产品输入校验漏洞 ",
"pubDate": "2024-12-29T01:08:10",
"link": "www.huawei.com/cn/psirt/security-advisories/2015/hw-453538"
}
]

72
resources/JSON/qianxin.json
View File

@ -1,72 +0,0 @@
[
{
"guid": "https://forum.butian.net/share/4870",
"title": "XXL-Job GlueFactory classCache 跨任务类残留漏洞",
"description": "XXL-Job GlueFactory classCache 跨任务类残留漏洞",
"source": "subject",
"pubDate": "2026-05-12 09:00:01"
},
{
"guid": "https://forum.butian.net/share/4860",
"title": "ActiveMQ CVE-2026-34197 漏洞分析与利用详解",
"description": "来学习一下这个据说由 ai 大人发现的存在 13 年之久的漏洞。",
"source": "subject",
"pubDate": "2026-05-11 09:00:03"
},
{
"guid": "https://forum.butian.net/share/4813",
"title": "BADUSB的制作以及关于解决BADUSB输入法和大小写问题",
"description": "现在有很多badusb制作的相关文章以及解决输入法问题的文章但是我没能找到能够使badusb在所有情况都能成功运行的方法经过我的研究我发现了以下的方法能够让badusb在所有情况下都能使用。",
"source": "subject",
"pubDate": "2026-05-08 09:00:01"
},
{
"guid": "https://forum.butian.net/share/4851",
"title": "从POC到EXP从0基础到v8 CVE-2021-38003复现",
"description": "从POC到EXP从0基础到v8 CVE-2021-38003复现",
"source": "subject",
"pubDate": "2026-04-29 15:17:30"
},
{
"guid": "https://forum.butian.net/share/4843",
"title": "Psexec是怎么工作的Psexec与官方服务端组件PsexeSvc.exe的交互",
"description": "本文详细讲解psexec时怎么和PsexeSvc.exe交互初始化然后建立互相通讯的管道的以及psexec和PsexeSvc.exe交互实现的python实现最后讲解了psexec防御技巧。",
"source": "subject",
"pubDate": "2026-04-24 09:00:01"
},
{
"guid": "https://forum.butian.net/share/4841",
"title": "Android移动安全第六章_UI欺骗与钓鱼",
"description": "Android 的窗口系统允许多个 App 的界面叠加显示,这个设计本身是为了多任务体验,但也给 UI 欺骗提供了条件",
"source": "subject",
"pubDate": "2026-04-23 09:56:31"
},
{
"guid": "https://forum.butian.net/share/4840",
"title": "Android移动安全第五章_WebView安全",
"description": "前四章围绕 Android 原生组件展开,这一章进入 Web 领域——WebView 把浏览器引擎嵌入了 App也把 Web 的攻击面带了进来。",
"source": "subject",
"pubDate": "2026-04-17 09:00:00"
},
{
"guid": "https://forum.butian.net/share/4842",
"title": "【病毒分析】深度剖析粉丝投稿海莲花APT超级间谍组织最新免杀样本从白加黑落地到定制化RUST远控",
"description": "一、背景概述与海莲花组织简介\n在深入剖析本次的恶意样本之前我们有必要先了解本次攻击事件的幕后黑手海莲花(Ocean Lotus),在安全业界也被称为 APT32 或 Canvas Assassin。\n自 2012 年首次...",
"source": "subject",
"pubDate": "2026-04-14 09:36:01"
},
{
"guid": "https://forum.butian.net/share/4836",
"title": "Vue新攻击面-动态路由实战狩猎",
"description": "本文实战案例通过学习0xsdeo师傅文章学习而来,建议通读0xsdeo师傅公众号文章了解动态路由这一攻击面分享一部分简单基础场景Hook案例简单的调试往往能打开更多的攻击面。",
"source": "subject",
"pubDate": "2026-04-14 09:30:10"
},
{
"guid": "https://forum.butian.net/share/4835",
"title": "「JavaWeb审计盲点」List 集合误区:批量操作下的权限逃逸",
"description": "本文将深入剖析 List 集合在批量查询、批量更新、批量导出等场景下的典型越权模式。这些风险并非源于明显的代码缺陷,而是藏在\"合理的业务逻辑\"与\"容器特性的误用\"之间——属于最难被自动化工具发现、却最易被攻击者利用的 Corner Case。",
"source": "subject",
"pubDate": "2026-04-09 09:00:01"
}
]

122
resources/JSON/seebug.json
View File

@ -1,122 +0,0 @@
[
{
"title": "GLiGuard面向大语言模型安全防护的模式条件分类方法",
"link": "https://paper.seebug.org/3485",
"description": "作者Urchade Zaratiana, Mary Newhauser, George Hurn-Maloney, Ash Lewis 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2605.07982v1 摘要 保障大语言模型LLM输出安全合规、符合政策要求需要能跨多安全维度实时扩展的内容审核机制。然而当前最优的安全护栏模型均基于70亿27...",
"pubDate": "Mon, 11 May 2026 16:40:13 +0800",
"guid": "https://paper.seebug.org/3485",
"category": "AI安全"
},
{
"title": "基于大语言模型的 AI 智能体安全威胁与防御系统性综述——分层攻击面框架",
"link": "https://paper.seebug.org/3484",
"description": "作者Kexin Chu 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/pdf/2604.23338v2 摘要 智能体AI系统可跨多会话规划、保留记忆、调用外部工具并与对等智能体协同无状态大语言模型则不具备这些能力。现有安全分类体系按攻击类型如提示注入、越狱划分威胁却未说明脆弱的架构组件或威胁显现的时间尺度。本文直接解决这些结构性问题提出分层攻击面模型...",
"pubDate": "Sat, 09 May 2026 16:53:56 +0800",
"guid": "https://paper.seebug.org/3484",
"category": "AI安全"
},
{
"title": "ReTokSync面向生成式语言隐写的自同步分词消歧方法",
"link": "https://paper.seebug.org/3481",
"description": "作者Yaofei Wang, Rui Wang, Weilong Pang等 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2604.25486v1 摘要 生成式语言隐写GLS通过将秘密信息嵌入自然语言生成过程实现隐蔽通信。然而在实际部署中GLS易受分词歧义影响相同的表层文本在接收端可能被重新分词为不同的token序列破坏通信双方共享的解码状...",
"pubDate": "Fri, 08 May 2026 16:42:48 +0800",
"guid": "https://paper.seebug.org/3481",
"category": "AI安全"
},
{
"title": "素域 PINI后量子 NTT 掩码的机器验证合成定理",
"link": "https://paper.seebug.org/3480",
"description": "作者Ray IskanderKhaled Kirah 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/abs/2604.25878v1 摘要 本文是后量子密码掩码数论变换NTT硬件形式化验证分析系列论文的第六篇。第一篇论文[1]建立了 QANARY 平台的结构依赖分析,第二篇论文[2]量化了部分 NTT 掩码下的安全裕度。布尔掩码的合成理论通过无干扰NI...",
"pubDate": "Wed, 06 May 2026 16:44:36 +0800",
"guid": "https://paper.seebug.org/3480",
"category": "AI安全"
},
{
"title": "Google DeepMindAI 智能体陷阱",
"link": "https://paper.seebug.org/3479",
"description": "作者Matija Franklin, Nenad Tomašev等 译者知道创宇404实验室翻译组 原文链接https://blog.qiaomu.ai/api/images/document/2026/04/603f0cae8cd8ab94-ai-agent-trap.pdf 摘要 自主AI智能体日益在网络中自主行动它们面临一种全新挑战信息环境本身。由此产生了一个关键安全漏洞我们称之...",
"pubDate": "Fri, 24 Apr 2026 16:54:27 +0800",
"guid": "https://paper.seebug.org/3479",
"category": "AI安全"
},
{
"title": "合法终端管理软件遭滥用:疑似银狐攻击事件分析与溯源",
"link": "https://paper.seebug.org/3478",
"description": "作者:知道创宇高级威胁情报团队 一、事件概述 近期,我们在客户现场应急响应中排查到一起新型攻击事件。攻击者伪造常用工具安装包诱导执行,随即部署一款带有合法数字签名的终端管理软件。经技术溯源确认,该程序具备主机信息收集、远程控制等完整恶意能力,其 C2 基础设施与 “银狐” 高度关联。由于合法数字签名的天然 “免杀” 特性,该恶意程序可轻易绕过主流杀毒软件检测,实现隐蔽入侵与长期控制。 银狐简介 银...",
"pubDate": "Wed, 15 Apr 2026 03:31:00 +0800",
"guid": "https://paper.seebug.org/3478",
"category": "威胁情报"
},
{
"title": "SkillTrojan针对基于技能的智能体系统的后门攻击",
"link": "https://paper.seebug.org/3477",
"description": "作者Yunhao Feng, Yifan Ding, Yingshui Tan等 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2604.06811v1/https://arxiv.org/html/2604.06811v1 摘要 基于技能的智能体系统通过组合可复用技能完成复杂任务,在提升模块化与可扩展性的同时,引入了尚未被充分研究的安全攻击面。本文提...",
"pubDate": "Thu, 09 Apr 2026 08:26:00 +0800",
"guid": "https://paper.seebug.org/3477",
"category": "AI安全"
},
{
"title": "GUARDSLM面向小语言模型、基于令牌激活的越狱攻击防御方法",
"link": "https://paper.seebug.org/3476",
"description": "作者Md. Jueal Mia1, Joaquin Molto1, Yanzhao Wu1, M. Hadi Amini 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2603.28817v1/https://arxiv.org/html/2603.28817v1 摘要 小语言模型SLM正成为大语言模型LLM高效且经济可行的替代方案在计算成本...",
"pubDate": "Fri, 03 Apr 2026 02:48:00 +0800",
"guid": "https://paper.seebug.org/3476",
"category": "AI安全"
},
{
"title": "静默颠覆:通过卫星系统供应链植入物实施的传感器欺骗攻击",
"link": "https://paper.seebug.org/3475",
"description": "作者Jack Vanlyssel, Gruia-Catalin Roman, Afsah Anwar 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2603.10388v1/https://arxiv.org/html/2603.10388v1 摘要 欺骗攻击是地面系统最具破坏性的网络威胁之一,而在太空中这类威胁愈发危险——卫星难以在轨维修,且运营方依...",
"pubDate": "Tue, 24 Mar 2026 09:47:00 +0800",
"guid": "https://paper.seebug.org/3475",
"category": "AI安全"
},
{
"title": "增强网络入侵检测系统:一种抵御对抗攻击的多层集成方法",
"link": "https://paper.seebug.org/3474",
"description": "作者Nasim Soltani, Shayan Nejadshamsi等 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2603.10413v1/https://arxiv.org/html/2603.10413v1 摘要 对抗样本会对机器学习ML算法构成严重威胁。若被用于操控基于机器学习的网络入侵检测系统NIDS行为将危及网络安全。本研究旨...",
"pubDate": "Mon, 23 Mar 2026 08:31:00 +0800",
"guid": "https://paper.seebug.org/3474",
"category": "AI安全"
},
{
"title": "CUDA Agent面向高性能 CUDA 内核生成的大规模智能体强化学习",
"link": "https://paper.seebug.org/3473",
"description": "作者Weinan Dai, Hanlin Wu, Qiying Yu等 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2602.24286v1/https://arxiv.org/html/2602.24286v1 摘要 GPU内核优化是现代深度学习的基础但仍是一项高度专业化的任务需要深厚的硬件专业知识。尽管大语言模型LLM在通用编程任务中表现...",
"pubDate": "Tue, 17 Mar 2026 09:50:00 +0800",
"guid": "https://paper.seebug.org/3473",
"category": "AI安全"
},
{
"title": "Unmasking SilverFoxs New Trends: Decoding Evasion Tactics, Domain Impersonation, and Mass-Generated Fake Software",
"link": "https://paper.seebug.org/3472",
"description": "Author: Knownsec 404 Advanced Threat Intelligence Team I. Introduction SilverFox has become one of the most active cyber threats in recent years, targeting managerial and finance staff in organization...",
"pubDate": "Fri, 13 Mar 2026 08:30:00 +0800",
"guid": "https://paper.seebug.org/3472",
"category": "威胁情报"
},
{
"title": "基于图像的提示注入:通过视觉嵌入的对抗性指令劫持多模态大语言模型",
"link": "https://paper.seebug.org/3471",
"description": "作者Neha Nagaraja, Lan Zhang, Zhilong Wang 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2603.03637v1/https://arxiv.org/html/2603.03637v1 摘要多模态大语言模型MLLMs融合视觉与文本能力赋能各类应用但这种融合也引入了新的安全漏洞。本文研究基于图像的提示注入...",
"pubDate": "Wed, 11 Mar 2026 01:29:00 +0800",
"guid": "https://paper.seebug.org/3471",
"category": "AI安全"
},
{
"title": "虚假 OpenClaw 安装程序如何传播 GhostSocks 恶意软件",
"link": "https://paper.seebug.org/3470",
"description": "作者Jai Minton, Ryan Dowd 原文链接https://www.huntress.com/blog/openclaw-github-ghostsocks-infostealer/https://www.huntress.com/blog/openclaw-github-ghostsocks-infostealer 摘要 信息窃取型恶意软件是针对面向公众系统发起严重攻击的初始访问...",
"pubDate": "Tue, 10 Mar 2026 01:45:00 +0800",
"guid": "https://paper.seebug.org/3470",
"category": "情报分析"
},
{
"title": "当 AI Agent 拥有系统权限OpenClaw 安全风险全景分析",
"link": "https://paper.seebug.org/3469",
"description": "作者:知道创宇积极防御实验室 完整的 OpenClaw 安全实践 Skill、自动化审计工具已在 GitHub 开源。项目地址https://github.com/knownsec/openclaw-security/https://github.com/knownsec/openclaw-security 一、背景说明 随着 AI Agent 技术的快速演进,具备自动化决策与自主执行能力的开源...",
"pubDate": "Fri, 06 Mar 2026 07:34:00 +0800",
"guid": "https://paper.seebug.org/3469",
"category": "AI安全"
}
]

434
resources/JSON/sougou-wx.json
View File

@ -1,434 +0,0 @@
{
"银行测试": [
{
"title": "一家银行最多8个APP!功能交叉重叠,是时候该瘦身了……",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm2kBDeULUmLOBXo1ZuiEXYlqXa8Fplpd9pdEXg9ndAl0MFtGwjAIFDaUAVAjIQYEidaZuDz_arhmjmFoX0IJWAlK_RSsxC-a_WwYrBC0fq0DAIfm6-VjGxT7iUZUFc7ayCamV0DmBzbQJxrgA7VEQFXUdfP0PDPn4nyq8w87zG6V3DTSYGuHLzSPqO2bQJfCmUi4QowZHOUxe0WC6Sbi7DA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "“你想买理财产品的话,请先下载注册我们银行的APP.”每当走进银行,这样的场景极为常见.近年来,为了增加获客,手机APP成...",
"author": "中国网财经",
"pubDate": "2019-06-14 17:18:12"
},
{
"title": "美联储最新消息!要求银行多备“家底”,特别是→",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm2kBDeULUmLOBXo1ZuiEXYlqXa8Fplpd9kSSRXd1XFKPwocVVJreq6in3TeBwZ25Awfwv10-chlDmTojPRE7dlo1wYntkNWk2Bh8z94TkhgOu8C_ZPLG2OmAE2xubqILJygikaeFMks7LuDkq6vF4lAHrTHfSxy_FJQh1ZBUIvg45BqPoEhg_I4rMX8TnYP70PEJMcaYkMAACYioxHkzTmA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "扩大美联储年度银行压力测试范围等. 美国银行业游说团体:更高的资本要求将推升借贷成本今年3月以来,美国硅谷银行、签名银行...",
"author": "央视财经",
"pubDate": "2023-07-12 16:15:05"
},
{
"title": "工商银行福建自贸试验区平潭片区分行、福州分行、福州鼓楼支行被处罚 累计罚款130万元",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm2kBDeULUmLOBXo1ZuiEXYlqXa8Fplpd92DsyGSRG_IpsUaCADzWxXjZ8_3_TYeUdWXC7cZ6IQBGhTzP-Fh-wWVKwjgKGPtzmHuVPs0lo3amUzRBeyWsrJ7aKyyMiGla4pvThK55Q4WVaCNNPzSbPpReiuAiwOH9KbEh18KPQzkTGJlXXhCgvcWbAIfmoD-lQngZIX6YwnEejotuuiAmOIg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "近日,福建省银保监局对工商银行福建自贸试验区平潭片区分行、福州分行、福州鼓楼支行开出罚单,罚款合计130万元,4名当事人被...",
"author": "观八闽",
"pubDate": "2022-02-22 15:30:56"
},
{
"title": "央行出手!支付宝们正式被“收编”了!",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm2kBDeULUmLOBXo1ZuiEXYlqXa8Fplpd9q7bb5rvJLvSK3xoKz0f873XbJWkJKAlk8lNHYmPWmHIlTLcgHtsDsWYEHu76vEk6vKC7eO0MGWTxV23GrIFx_hHbT3NqH1tJqO-jiSInhD0xCH8sleLVaGurGU6Gb5D2I1za94dA5pJgoLsy_TpvtYlVWDP6xrDDJ1K1cqA-1XI5eBgmN3LoYQ..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "根据央行要求,目前,已有20余家支付机构和银行完成了接入网联平台的工作.央行副行长范一飞此前曾强调,网联平台的目的即提高...",
"author": "人民网",
"pubDate": "2017-10-17 11:43:30"
},
{
"title": "【月榜】12月银行新媒体:工行成功问鼎 上海银行挤进前10",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DM67_A4ZyUtWNjS29GSUUdOVgrFeYQugDlpmUNjkvxgvOqXyesYm_zYIpLvlCDM0AmAb0chvsD2fNyhCa8My6Bb-qjlExxIFttyhUQaZsCVtv3xb71Sa6r9ZTma9nR-jBnBcq7_vYLV53c1tpARGY_wMmV95nnREF-XH7MSZGz6MxI276v7hj8etuA22uSlmmQLGdQeR7pI30zjJyWTb8ve3hOTaUWGAKQSSqPOKFzMb59qkpZokx0ZWOKbIAfIeFgs_J6eeUEqgiZqwg0yoRFw.&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "本榜单共对部分国内银行12月份的新媒体综合能力进行考核,涵盖包括政策性银行、邮政储蓄银行、国有商业银行、股份制商业银行、...",
"author": "人民网舆情数据中心",
"pubDate": "2017-01-12 17:06:08"
},
{
"title": "美国又一银行倒闭!美联储怎么办?中国受影响大吗?",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm2kBDeULUmLOBXo1ZuiEXYlqXa8Fplpd9iK6yh5BoAP74YcvTbAISl09faYhCoZ6ixT6OaOLLO-Od3-sksaq_FuMZbAS1pr7piJLaKPmmduT93DIwHBvIbfsfu1uD6IdG4Izaa99FFHqj9nBaOTEYVlF08YEBgu7JK3Z1zB4V7A1iVhxRV84rHsXt5UrKtBe_Y5CWXzP-6I5hWLv6O878UA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "规定资产超过500亿美元的银行必须参加美联储年度压力测试,旨在通过更严格监管避免2008年国际金融危机重演.特朗普上台后,将...",
"author": "新华网思客",
"pubDate": "2023-05-05 13:51:35"
},
{
"title": "平安银行、宁波银行等试水支付宝信用卡取现功能,缘何引发舆论争议?",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm2kBDeULUmLOBXo1ZuiEXYlqXa8Fplpd9RTmWOTzPtO2QUxKefz_jTLdWo1zgRnumPikcYLZ6jDt9-qQbRkrXfptbTmetMSkyBD5ioxN_S6CbWy5YCzvOj27TqpvHQLGiHyNQzwr6qZapRqC9eQqKa6eTCj-HnfsMQt6sDIvda6or_QhcUgy3nr3ktZnMYrdzJNds3P0Ny7089kyxDwoXvg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "话题#微信支付宝测试信用卡取现#与#有银行试水信用卡取现:年利率超18%#分别登上微博、头条热搜榜.(来源:人民众云)(来源...",
"author": "人民网舆情数据中心",
"pubDate": "2022-08-31 19:55:10"
},
{
"title": "银行月榜:大行拼命玩“七夕”,微博为何失宠了?",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm2kBDeULUmLOBXo1ZuiEXYlqXa8Fplpd9RTmWOTzPtO2QUxKefz_jTLdWo1zgRnumPikcYLZ6jDt9-qQbRkrXfpjCLQwsCzeoEWJ5DF3O-WaS7TUgOXZwPBNU0EmEGj2uxm78mUpQHV3_PfGBIbkcxGIXzt4WCKlOQzIGm8cOPEsH66egDXj6V1zeIuDHPGxR8mJ44HgdRhWfxjh3za6jWA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "新媒体管家中国银行业新媒体8月排行榜,进入总榜TOP10的银行分别是:中国工商银行、中国银行、中国建设银行、上海浦东发展银...",
"author": "人民网舆情数据中心",
"pubDate": "2017-09-14 08:16:46"
},
{
"title": "一周内连续三家美国银行“爆雷”!会否演变成金融危机?",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm2kBDeULUmLOBXo1ZuiEXYlqXa8Fplpd9iK6yh5BoAP74YcvTbAISl09faYhCoZ6ixT6OaOLLO-Od3-sksaq_FmTCorCmgluiCWsdFKgk5Vkle2Ih7Wd0V8bmfqaeEGW9RjLipG7z9hr2vUkGAoeq3eHbD0wZGeAFfrNlSWv2QMXQ-pCrvz4TEjT4JnC393aZk1WKEvHaASO54z_tGSZTqA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "“压力测试本是帮助银行评估资产风险的有效手段,这(监管“松绑”)为硅谷银行的关闭埋下了伏笔.”新加坡国立大学客座教授白...",
"author": "新华网思客",
"pubDate": "2023-03-16 10:44:22"
},
{
"title": "今年银行保险业监管工作14大要点:坚决落实“房住不炒”要求 深入推进网络借贷专项整治……",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm2kBDeULUmLOBXo1ZuiEXYlqXa8Fplpd9pdEXg9ndAl0MFtGwjAIFDaUAVAjIQYEidaZuDz_arhmjmFoX0IJWAo7QIapaZ1Sx9ZuArSRudDqn9cxsOGZ6tfWGmuOgkaOrGnMGa3UGTG8vMTfg97W7xuc8XiTa07E18w8wYkc_C0qH_tcz6jvIMvfLZFDBpGmZjcr1tqMu3SWE8RsmObDbtQ..&type=2&query=%E9%93%B6%E8%A1%8C%E6%B5%8B%E8%AF%95&token=BE5ED0431334522DF1F7A0D953F35271F28573016A0C650E",
"description": "稳妥处置高风险机构,压实各方责任,全力做好协调、配合和政策指导.继续拆解影子银行,特别要大力压降高风险影子银行业务,防止死灰复燃.坚决落实“房住不炒”要求,严格执行授信集中度等监管规则,严防信贷资金违规流入房地产领域.",
"author": "中国网财经",
"pubDate": "2020-01-12 13:33:01"
}
],
"APP逆向": [
{
"title": "AndroidApp常见逆向工具和使用技巧",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DM67_A4ZyUtWmCJmK-NkDquVgrFeYQugDrGFFTyF4j-fIHKmKiWmh_gT1RIk9nIJTomqza81rARJOjZaCXpGyzZr8ZRNe7_PnoyTi_CaSvQnwfm9fgyvvBMGMaUdyBm9-rIkYKlAX-Dj9vW8_i_qrPyk_5Ok-VIGL8Puv9ti7dcGDU1CviXYnFzuSNq_fyLpgrGOxwXysI1A--DSxMMJW25afjsDce3vzUf0ZWGpHETSFtzMifQSoswdDq99Pz1VF6H9R5UfwiN_iZqwg0yoRFw.&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "前言本文将主要介绍个人在AndroidApp逆向分析时常用到的一些工具和小技巧.说起Android 逆向,就不得不提到常用的逆向分析神...",
"author": "黑白之道",
"pubDate": "2016-10-26 10:17:15"
},
{
"title": "谭见君出席软件学院“东软杯”APP逆向需求分析推导大赛闭幕式",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm-6YnhadtZbuBXo1ZuiEXYlqXa8Fplpd9De0Y8bN4i9SrnBIRRcm6c_f5WCpyix4nOO7L143gLdjzPpwCAIkMT-G8Z9A6QWvPuaF0kah3b41cdiexXKEwxHMjhWcV4RXP_52qCKLnmnJjWgg02cVk_6guVxEzYq3v6OrUqIw5kLSJPAlv1u9Thcj3ZyHuDbO3IJw4bjp4woruL0unUdKkuw..&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "谭见君出席闭幕式并讲话谭见君为获奖选手颁奖5月18日,软件学院“东软杯”APP逆向需求分析推导大赛决赛在暮云校区多功能报告...",
"author": "湖南科技职业学院",
"pubDate": "2022-05-21 10:45:30"
},
{
"title": "APP逆向神器之Frida【Android初级篇】",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm-6YnhadtZbuBXo1ZuiEXYlqXa8Fplpd9Um9LoRcJ2c6bWBOPEm93GIq9eqha8sVHt99jw-hKwLaMh4p8E9vReeYSjlH-JhMx7KoT7EVlXJ2ThpgFZtz8cGm2AXM6hPS0a9M7Xk6EjUC7U7SzdWzUfUysoOsplbfh3CYP74cCg52jf8_plgoJ3qRuBASIScaEu1nKI6sRIkGTJmCU1UgHwQ..&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "说到逆向APP,很多人首先想到的都是反编译,但是单看反编译出来的代码很难得知某个函数在被调用时所传入的参数和它返回的值,...",
"author": "NightTeam",
"pubDate": "2019-07-03 09:00:11"
},
{
"title": "《Ghidra操作手册》带你玩转软件逆向!",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm-6YnhadtZbuBXo1ZuiEXYlqXa8Fplpd9pH7yDGgPpdSc9Kmj0ISIFr4YX24DxEtuAXwJNMdevlPmxqxs9qSDBDGcKxFYn_UFhitQAqKjqGyFsf7oG-y4dQycFTWcgM9YlusdB53J5I5i1MEOTwX3ViGlb21bIvyImDvgKoOQEYi5RriXXL7Ckh5UM_XTW8C76veTtFDxn8qfxjh3za6jWA..&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "Ghidra作为一个由美国国家安全局(NSA)开发的免费和开源的逆向工程工具,在去年的RSA正式发布,包含了一整套功能齐全的高级...",
"author": "看雪学苑",
"pubDate": "2020-12-10 17:58:43"
},
{
"title": "某文APP逆向抓取分析",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm-6YnhadtZbuBXo1ZuiEXYlqXa8Fplpd9OAp3DAUa5NEW-FehEPeDTNs-hlBr-6OscAB_vFeS6XPzA229oxAOJZK3u9bd8B16ArHkhr-11ozXszusUJMj8opeiqmxLyV7rMUm_B-kmDcGpUN67vTzwwXUWl8HuVzkP4c_84-w-dGIDCJaEVyvn9NwDclmJOBpqQYWz-BTCchQ_LeJW-Rhtg..&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "逆向app一定要多练习,这样才能在实践中找到自己的不懂之处,才能够成长.好啦,今天的逆向小文章就到此结束啦,童鞋们下篇文...",
"author": "猿人学Python",
"pubDate": "2020-05-07 20:19:43"
},
{
"title": "FlutterAPP逆向实践",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm-6YnhadtZbuBXo1ZuiEXYlqXa8Fplpd9pH7yDGgPpdSc9Kmj0ISIFr4YX24DxEtuAXwJNMdevlPmxqxs9qSDBNaweevaRNIl25kxGHMd-i4cTRUiUjy__HJiruX-odxDVwS-46YSCIBu8y0dStxaM5kjdHfu9IPv1mI530ZZcseK9CuOPHKHW78PxljgTttTHe_OOoPortnzAjcIGepUqA..&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "本文为看雪论坛优秀文章看雪论坛作者ID:Imyang很长一段时间对于Flutter的app逆向都比较头疼,它不像纯Java app那样可以使用jadx-...",
"author": "看雪学苑",
"pubDate": "2022-07-21 17:59:03"
},
{
"title": "APP爬虫|frida-某资讯app逆向过程",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm-6YnhadtZbuBXo1ZuiEXYlqXa8Fplpd9kVA-Zru5h9eMF4W3N9jcahsspGJmkuPYXmYlxrkKYYjmttrfiJSYhTVT7TC6Ly3liu1lqN9YO9v4QsB14VzuV8i7YjiTPvva5D_HGrhQYZu37Qdzl4Uu0bdlFH0lEbRtp62CkGx6hNU_V_ZXGNFy0vm8I0WjuLSC7cG81iKsDVD1AfaFW2DefQ..&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "查壳第一步,先别急着反编译,现在很多反爬都升级了,一般都进行了加壳,所以先用查壳工具进行查壳 下面使用查壳工具 ApkScan-PKID 查下目标 app 的采用了什么加固,结果如下: 知道加固的方式了,接下来就是脱壳了!脱壳方法:使用 FRIDA-DEXDump 进行脱壳获得 dex 文件jadx 使用 jadx 打开 dex 文件,并根据抓包路径(v3/newsFlash)进行搜索.结果如下,点击进去",
"author": "未闻Code",
"pubDate": "2020-05-07 23:04:07"
},
{
"title": "APP逆向系列(四)",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm-6YnhadtZbuBXo1ZuiEXYlqXa8Fplpd9PaJ6YaQsKcLwMDixlKP4g_drqq8GHiLaWu7zxOaTzqUbxQ-em_v1zbw3ck-XQ40J3f1A1kAllXHOMYuwc3nhSsmwSvGP4StNAsoJNM6sIa2_V_GBRJf0Evhx1HjWRyXd5HcG5khaAndVQIc2HxLnjKElnfETkmFeYMRyE8sAFV5Ae0f8bRARvQ..&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "(三)APP逆向系列学习(二)APP逆向系列(一)本文仅用于技术讨论与学习,利用此文所提供的信息而造成的任何直接或者间接的...",
"author": "呼啦啦安全",
"pubDate": "2024-04-24 11:06:43"
},
{
"title": "APP逆向系列(一)",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm-6YnhadtZbuBXo1ZuiEXYlqXa8Fplpd9PaJ6YaQsKcLwMDixlKP4g_drqq8GHiLaWu7zxOaTzqUbxQ-em_v1zRvaB-hF2JmYejgyaqkuU1DUX8X-7c5yRDw9zUuKpaFpxAZdtkc840x78y4vxJQHXu7nZlKBAgU2akIkwVy5RibjVICLHOYbauRDBd5bNZ7PirJFZ_PzhQzy08OLTBhW0A..&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "APP逆向系列(一)最近在解决APP逆向问题,之前都是不系统的学习,知道工具,知道hook,但是跟某些金融比起来还是差点意思...",
"author": "呼啦啦安全",
"pubDate": "2024-04-14 11:12:10"
},
{
"title": "APP逆向之SO必备分析手法",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm-6YnhadtZbuBXo1ZuiEXYlqXa8Fplpd9Es2salmYLRz-DYOWJRpZwcpKuMl7x2dpgE03FdTMd6jOV_4vhApN3pusTcutSkRvkp5j7wSU1c1idepjMpcPMbwkrnYyDCcMB1WhSg89If8yD1LH3lO_r3aQZnWr_WjECtWG5m6G5ULoP2CrUqIM3o16EQTJyraXmw7ci0MOsfO54z_tGSZTqA..&type=2&query=APP%E9%80%86%E5%90%91&token=BE5EEB2CAC88ED914D481F66EC14C5264E7BD42B6A0C6514",
"description": "APP逆向过程中,需要对dex文件和elf文件进行分析,又因现在各APP都有各种代码保护手法,因此都需要进行动态分析.今天就分享...",
"author": "编码安全",
"pubDate": "2023-04-07 08:31:00"
}
],
"渗透测试": [
{
"title": "200万年薪!人民网这个岗位等你来!",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9q7bb5rvJLvSK3xoKz0f873XbJWkJKAlk8lNHYmPWmHIlTLcgHtsDsSCvgDIjNXvCN7BvR_7MnlnGc3P3Q5IsPB3VKloDjq-SHVtnrobho9gvDPepbJEi2OJgSoYM0AblDN_2l-h-wWUryKxMqbP6iuwNfv2B-gkVEKwjFmQJ9xDS-e4Yz84xMA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "服务器及应用进行渗透测试等信息安全相关工作;3、关注最新的安全动态和漏洞信息,及时修复业务系统相关漏洞.任职资格:1、全...",
"author": "人民网",
"pubDate": "2018-08-03 15:22:17"
},
{
"title": "人社部拟新增10个新职业,看看自己能干点啥",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9_BudKFrNUVL8Zi0SVz-y_XaUWOp453_IXrqlsyeJ8hosLRVvo1NamsdvDCdBieOjxorb3LBx6HWn7NU7WxsYOSSibJWyERlnmFML1niH65iHYk-o9mlgWhja0bfhoxVu0Z9yQz_TRt8oiXiRScQUm80sCC_4PuEeEdiAC6zU6Ma54z_tGSZTqA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "直播销售员信息安全测试员通过对评测目标的网络和系统进行渗透测试,发现安全问题并提出改进建议,使网络和系统免受恶意攻击的...",
"author": "人民网海南频道",
"pubDate": "2020-05-13 14:27:12"
},
{
"title": "人社部拟新增10个新职业,网友疯狂@李佳琦",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9yqANqy1938L51J_hADGBd2j_l8m6t8PLYRM_vyu7d4C4j7fgu7qyEbyKNsVZmQ_w-0XFIQ-86tJ-HHXGTHqdg2anqADrkPn0cVOskaayMVL5-xGg-X7mHy4O_yxdSkZltM7gTekuSO34mUe805RTuOr2i0Axz6vtmhL42d8dGNOq3X8EKMKOIA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "信息安全测试员通过对评测目标的网络和系统进行渗透测试,发现安全问题并提出改进建议,使网络和系统免受恶意攻击的人员.社群...",
"author": "光明网",
"pubDate": "2020-05-12 18:12:17"
},
{
"title": "“徐玉玉案”涉案19岁黑客杜天禹受审 获刑6年",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9gRZHb_IYvKoV3z1vHPPsEkUQj6hXRj8CTI4cOxg9kFwCxlKHaRUDsQdP0IpAUitl1_Oyl3-aXyYLO57mKgU1FzKbHwsDKe2XUCVuJgnHSha0_GHENy003rb7zPje6ZrOPAyxdaQkdur9cuF9LAoAbLgKaRSGVNhY0vpe2GICNkZf_71bqkOtiw..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "他成为了一家公司的渗透测试程序技术员,“职责就是测试网站的漏洞,提出修复建议”,每月工资六七千元. 杜天禹业余时间经常...",
"author": "新华网",
"pubDate": "2017-08-24 14:13:15"
},
{
"title": "中新网招新了!打工人,速来!",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9t8wVvv5BP4IAWNmJPMmxoSge4nYYsXx85OdkCQGDhWxfaXR_mCEcaVYTEZ5vLqwpqaMtSB1p-ge6H1V8-7Ljrais4kOmgHjuWoUQR7IKFKhmN8HfQQ8rX_2EQ5rRmX9jCiNLzPb6_QCGdop8-4Ck7gTgRCmKN-4PugAFO8M_5NDuL0unUdKkuw..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "具备独立开展渗透测试的能力;2、熟悉常见Web和移动安全漏洞分析与防范,包括SQL注入、XSS、CSRF等OWASPTOP10 安全风...",
"author": "中国新闻网",
"pubDate": "2020-11-03 15:52:39"
},
{
"title": "【提醒】妹子们注意!上海消保委测试了40款知名面膜,结果...",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9kSSRXd1XFKPwocVVJreq6in3TeBwZ25Awfwv10-chlDmTojPRE7dlufUmQp_3KKVhaoiOsNRZWKgfsXArXNS0POrK_TL2RLws5NS7HXpLxYLXZvPklYqrYBi03cTINcjQjZ09ebdc6loVurVs0Z8RXIbfi52KKhlQ8NMhLpmnoDy08OLTBhW0A..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "4小时保湿功效分别进行了测试.全部样品均通过激素筛查今年6月国家药品监督管理局通告了27批次不合格化妆品,其中多批次为面膜...",
"author": "央视财经",
"pubDate": "2018-10-09 06:45:24"
},
{
"title": "妹子们注意!上海消保委测试了40款知名面膜,结果是……",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9gRZHb_IYvKoV3z1vHPPsEkUQj6hXRj8CTI4cOxg9kFwCxlKHaRUDsV2T-P2fNT5d6JHZhmx5J57GgNNMlKF7vmTFjlTR0KqU9kVrWO7tklEjvpukAH1xsj2TTJQ4VNv06xHditO7BK9seWwJIPbUxSGyUogoZl_B6oiXqp6OII8tPujwwRB2Pw..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "4小时保湿功效分别进行了测试.1全部样品均通过激素筛查今年6月国家药品监督管理局通告了27批次不合格化妆品,其中多批次为面...",
"author": "新华网",
"pubDate": "2018-10-06 16:53:48"
},
{
"title": "柠檬“上海户口、百万房补”?你也不是没有机会!",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9q7bb5rvJLvSK3xoKz0f873XbJWkJKAlk8lNHYmPWmHIlTLcgHtsDsf-i9RrYDE4FxiKlITF5Cymw3D7FGVhM1JvvvNHlecC-K5HcHjq6DBxXTATO08mfJ6BTbYIW26cqTSiDsEsIDYKF8dhCYdu_tJJld0niy-k84kaFk_qfFgE5eBgmN3LoYQ..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "信息安全攻防渗透测试和信息审核评估成为网络安全维护的关键环节,此次发布的5个工种里,信息安全测试员、互联网信息审核员的...",
"author": "人民网",
"pubDate": "2020-07-10 19:38:53"
},
{
"title": "撒贝宁惊现滑雪场!硬核测评来了→",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9kSSRXd1XFKPwocVVJreq6in3TeBwZ25Awfwv10-chlDmTojPRE7dlkr6FILP_YkSSANqrCW0Bs3M2LwfIxcGHgxwGzbjf69sJwmPM6dRaV3xpE5Ndbf4yLvcqO2y0OmTEmdSNHrrU8sTYN5ljlhRytmKAmbIkJPG4puaT310AI-rCDCayYmfpA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "试纸放入衣服内并进入淋水装置水珠在衣服面料表层滑过却始终无法渗透入小撒身上的羽绒服实验结束测验试纸整洁如新严苛如撒贝宁...",
"author": "央视财经",
"pubDate": "2022-12-30 15:14:23"
},
{
"title": "半天卖出几十万支!啥东西这么火?",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmBHnJaXMTZl-BXo1ZuiEXYlqXa8Fplpd9gRZHb_IYvKoV3z1vHPPsEkUQj6hXRj8CTI4cOxg9kFwCxlKHaRUDsRm3ZqpcbcqRST3h_kVp4P6i_gu9xYR64pghsn0fWorutQ5qnYkXKRUD1tvmKz4RhQ9tGA6LOXDLz_2fXvbN7jo7pN4PQYqXKy1dq1dNBbmlSbs5xCEJbx9e0WC6Sbi7DA..&type=2&query=%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95&token=BE5F060F6347225E8284D3A923334AD982C02D236A0C651A",
"description": "相较于欧美国家30%至40%的渗透率,拥有很大的提升空间.陈涛说:“面对14亿人口的大市场,未来很长一段时间都是机遇期.”...",
"author": "新华网",
"pubDate": "2019-08-16 06:30:28"
}
],
"手机银行漏洞": [
{
"title": "什么操作?一男子发现银行网银端漏洞,存50元取50万,收获3000万",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmnO5_-fwwO7iBXo1ZuiEXYlqXa8Fplpd9xS6-kHiaTCowA77By_0GgzsjkZM1Tcfldte0jwJd8K8-23Xrai8SvfWUGDkO7H934itqN6i7Fn79Ry4398IZPEFIHmFIe0yT6kZwwn95-o8zy9qxB3-HD7M6Vc0oJCEkRw89kttEmWXpzMK6Mc0AqC1cjZFNMnAzNxdIYIJzFj1FkDr8IT4KYw..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "他发现上海某银行的网银有漏洞,可以修改定期存单金额和贷款金额,比如存款改成50元,贷款改成50万,就能套现50万.半年内他...",
"author": "木火通明",
"pubDate": "2019-04-23 21:42:11"
},
{
"title": "手机银行漏洞:五行代码可转走银行250亿美元存款",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DM67_A4ZyUtWKv9O-vbqZkSVgrFeYQugDkbox_qHQILDSiF38SaauBfqy2K3HYei7upHkg-JUbg6cdKGl9uj14eWOwHcT_M6tCJqbi9mD7ihv-AKW45ZJaJjKVEYPEpjr3vMz_imG_YfMjZ6IcYXkYeyysg7Ep5txHE-1kFTdXu0k1i_7a7Piw-SzdHavYB6ZE67RWhLBFYs_xxZ2uzzreuGBRQx62m1JJ2WBjvbuZtDA_L3xOB-CVpX8jpB056yYS1zW0eetIqyiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "一名安全研究员发现印度一家大银行手机应用存在漏洞,可使他轻松偷走250亿美元.去年年末,安全研究员萨提亚·普拉卡什在一家...",
"author": "安全牛",
"pubDate": "2016-05-19 11:48:56"
},
{
"title": "警惕!手机银行APP也会存在高危漏洞",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DM67_A4ZyUtWKv9O-vbqZkSVgrFeYQugDtWJbbJ5gmKdyIb1BwsnXrNcyHcjzrvJNVi8JqrNdaI95E24oXpjz7s0tde0UUnVQU2wSvBGSiqEcBJf6JtGOEEuTsHBXh_3zfXPq_UwJRT6DOmgAA8E1-31epqYloXWzrX1ue8j2gDrpYPwWiONnLh_fKqELnf6cslD4qCPNdksL-oJo_zX2AVlHsZ9HUcDxA4KMzKg6W2kg7GzPwsCPdecnJJC9gOogZVnnHdKxpBjiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "实验室的工程师通过实验发现此次测试的手机银行APP普遍存在高危漏洞,用户在进行转账交易时,黑客能够通过一定的技术手段劫持...",
"author": "中国信通院CAICT",
"pubDate": "2017-03-15 14:13:34"
},
{
"title": "豆包手机漏洞,银行验证码被盗?官方回应:已修复,但有黑公关!",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmnO5_-fwwO7iBXo1ZuiEXYlqXa8Fplpd9M4tgUerhYHA1tmZx77XSR9h02j9xgh5RQr6xe1NsJAy2XFPjRWGvpz5eeDx38Z4_0VvbAPrDJi62jaG5yxp0Z52y7S_MnYZw_P7G_PNQeLv7xgD8iALXvnCzc3E1yA8T0TeOshwf-GuIWV7jSG35QPRiTFnufhmH1RjVJUry4pVhlgeRt7bSzA..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "从而进行手机银行的登录.这条视频也被豆包手机助手官方刷到了,今天给出相关回应.对于网传的漏洞视频,给出的答案是,需要用...",
"author": "ITheat热点科技",
"pubDate": "2026-02-27 20:52:48"
},
{
"title": "某银行手机APP现支付漏洞3天被盗刷40多万",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DM67_A4ZyUtWKv9O-vbqZkSVgrFeYQugDt6m0Zx5D-v1Rwjk3P2iLUhEZ-LRrvFkVfsvQ7RvizarNGtYcShVf1nwcLufi6L-Gk7jKfOPejPKPrq1E8X8xtcLtMuSAR7jeYn91RFWK5aCBjj3TewmabqUEL84ZxANtI9op8YjndHKzRF4Q4i9YVEPKrHFAjjttHYqLtFFSwSzsnQ72geaq1WaPKNtc0tTwdAasj5gBV8MViz6fSDOFH9--toGj4OEJh7EXN0eFbLdiZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "银行手机APP新上线的支付功能被人发现了漏洞,3天内数十名客户的信用卡遭盗刷,共损失40余万元!银行立即停止这项支付功能,...",
"author": "支付界",
"pubDate": "2016-06-16 09:00:18"
},
{
"title": "警惕!有人利用手机银行漏洞,在我市疯狂作案30余起...",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmnO5_-fwwO7iBXo1ZuiEXYlqXa8Fplpd95N0hDnoSAZ5iyJqwD0uHDR1z9OA8QEfozNOawBP2cIGpKPpUH7jusxbvvGKEtuAXJ6NxQMj3vmiD6ouRwJ_2_mSyAtt_Bm6d_t97rW4HlyioT2D2MiOdl39BY3cUb4AnH8UBkR4al_dA82xX2AakPzT2ORzBhlbm7z15fJGsqcx535pjGOOjYg..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "支付货款受害人手机接收到了到账信息可是到银行查询却未实际到账怀疑被诈骗刑侦大队民警接报后立即展开调查经民警努力追捕犯罪...",
"author": "赣州公安",
"pubDate": "2019-09-11 18:44:52"
},
{
"title": "警惕!有人利用手机银行漏洞疯狂作案30余起……",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmnO5_-fwwO7iBXo1ZuiEXYlqXa8Fplpd9ACTVoyFhzEGg0TuhwFzcDfaqbPmiXungPWM19_7q63rNw_I0Y203S8MpL3F3roWYGDq-aFYmgREDo4NS29N2MS45hRAarSHgXD2UIL8HKxRSAyYDGBVJHvk8_XCPJ039Yv_fzFRuEYkQNJdbQQlFoEb49c6u-BoUfFZjIjhpofq54z_tGSZTqA..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "行账号但受害人手机仍能接收到银行预转账信息此时受害人误认为钱款已到账实际上手机银行端比对银行账号错误后该笔银行转账会退...",
"author": "玉山生活",
"pubDate": "2019-09-15 17:21:04"
},
{
"title": "【警惕】当心!手机绑定银行卡,这个安全漏洞很危险!",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DM67_A4ZyUtWKv9O-vbqZkSVgrFeYQugDibtzWmjNxBtVVQdk0bYDh2I2V0fYBaY4964c3qVs00IYi0PRrVDUG0VsiyakpaPjz8b6EcO6e4sFMZtp7TY0cgI6qFbWRY287fuiHWKVHhAtJWPn9orQQizCy_pnEt8HKVEgJk6G2t6oGqCkbVU5bZOZ-9hS32ygSLff1YnhUUanWR-u-TkFmGqzaHeX5_Gqo4zkNru1DHVDqFKlfDCR7JWY6kBy4JeK8mSOfmA-5LviZqwg0yoRFw.&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "手机丢失后先做6件事↓↓↓01致电运营商挂失手机号02致电银行冻结手机网银网络时代,这点特别重要!重要!重要!03手机绑定过支...",
"author": "集宁佰事通",
"pubDate": "2017-01-20 11:26:29"
},
{
"title": "三星手机“指纹密码”现漏洞!已遭银行及微信支付宝禁用",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmnO5_-fwwO7iBXo1ZuiEXYlqXa8Fplpd93uAnvIKzlh3dhdZMs8aTyuMB0YrBrbnwnQdo1vAC1hOTEw6xwmD1tCnhOe8aLod-auXBKU-P1aYuItSdc4VulW6Wsl8Npxc3SWXHEtwh-bNafcot1QfNAiDcReZc32yTluEkv284-7JmNHCQl5w8aStuM5NihgnnITxON--z1krI3OTRHYU2og..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "10两款手机和Tab S6平板指纹识别存在漏洞.为保障用户登录安全,中国银行手机银行已暂时关闭该型号手机的指纹登录功能;其他...",
"author": "POS圈支付网",
"pubDate": "2019-10-24 14:56:29"
},
{
"title": "浅析某城商行手机银行水平授权漏洞问题",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmnO5_-fwwO7iBXo1ZuiEXYlqXa8Fplpd9XCYZVB00ChGLDzm4BQnzGGoDlL8sMJjWKsXFkR7ZnKSgh_1hS-hQVC55RrDXu8JWl_UFETuVQacVeAgs3E_UjIv52jOLNhu2KI0NC0jZx-Y3OVJDV_FmlU54B8pdttkarjYLZeqfp63uZXT8QMYDQw0fr8vmLw1P1lE8505ZRLMCYioxHkzTmA..&type=2&query=%E6%89%8B%E6%9C%BA%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F21182D09700FD0C99DFB72D7B308D0D939D06A0C651F",
"description": "也导致此城商行从2019年1月18日至今一直关闭手机银行APP软件中Ⅱ、Ⅲ类账户开户链接功能.-问题原因分析-水平越权缺陷漏洞是...",
"author": "51Testing软件测试网",
"pubDate": "2022-10-12 12:01:01"
}
],
"银行漏洞": [
{
"title": "银行漏洞改存单,50元变身50万,半年骗取3000万!这是什么骚操作?",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd9NvihChU_ODqHdz6s5l5kv90A-ZWlAjz5Wc4QY9GbN2kSbbkWTHbaTeR6-aqIuu_SpAooZWCExCyLQsw6q8VCbdDVjVDoXJIXAwzQX7kJyim-yHag3nnU24F6iNAs37ZWN2rX4vu0ru1kwDgcSESGVO4Nt5wM5d5gX4wRK20SPqSq3X8EKMKOIA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "犯罪嫌疑人马某最终如实交代了他利用银行漏洞进行贷款诈骗的行为.那么他又是如何发现银行这一漏洞的呢?据犯罪嫌疑人马某交代...",
"author": "测试届的LV",
"pubDate": "2019-06-10 08:18:15"
},
{
"title": "让人惊悚的网络诈骗系列之“银行漏洞骗局”",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd9lbn5kVLNX1pYON88Q2BRjpiNMlfIt7nGQNcso9jOZJZM5YmpVzQ9N8vfCRGox6Z8UGxUQo8Yq7BJgTYNJZyP-5kmBjdfVbs7sjc9lYcgNkEDlp_ery2HUpZYtG4kRbMLWkEEZDeulPTIjHzsk1armPjIYZq4bYq5R18OODv4EXAtPujwwRB2Pw..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "随着网络环境的日趋复杂,网络诈骗也愈演愈烈,骗子可能不用偷你的银行卡、不用拿走你的身份证,只需通过一些手段获取你的私人...",
"author": "火绒安全",
"pubDate": "2017-09-11 17:23:47"
},
{
"title": "日报:银行漏洞一张支票可兑付多次;专家提示不要指望会降息",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd982CelxtjnJBbm-nnWWbA-uCd5GNpIxNTyI21SBJWbBr_XUmiy9MlSLLKaEBXZNB82rNndM-uQmft6ripAJTndMB-_E64SfIgnD0RGbPldjZanjCQsoJurBMhBUkz9wKha2nQT_TVweNmDozzWGAox_YwsPr9olm_MPb0SCyIDm9S6t2rFt2rnA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "银行漏洞一张支票可兑付多次卑诗企业主以亲身经历发出警告,称该公司一名前员工多次使用手机银行兑现多张支票.Glacier Media报...",
"author": "城市知道温哥华",
"pubDate": "2023-10-09 06:55:35"
},
{
"title": "银行漏洞丢钱,中移动花式收费,谁来给我们一个交代?",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd9RhZMs_a_APFASfgnhDLTCArtlPPRofGhdmje6_zFs9XghCh4bB-fq8XR-TGthq2egheTItFtTsrF583_xAmyDdTRjiSN2UCfliQwRdjcSufgO8KNTGoA4zhYIM6pJg5b-Qy_qRycCqi2i6UgT_We5WqJvXjXMJT7jdFz8IAJ-kqq3X8EKMKOIA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "银行给出的回复也就是杂费、服务费之类的正常说法,具体是什么银行也说不出来.民警将该案件上报,总队也觉得有些蹊跷,案件升...",
"author": "纽扣资讯网",
"pubDate": "2018-08-21 19:29:05"
},
{
"title": "2013年,大妈发现银行漏洞,仅1个月就偷走银行5个亿",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd9HXGrrRyXew-tR-SBW0be8PGFtrEPa2A-GEOTXY1w_gwKvWevp0Z3g0jC2wtK1AoRCg4sZAhcyXmM6xmDpHEN34luiZiCSqd7eUpsWuLDnownSHJNYTZmNjxrOfA6Wuh4fXZiuauE_f_AHeyFM1ww5Bxpu3AwhPc99jGdPTY1x45j3x9Nw6p-Fg..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "2013年,大妈发现银行漏洞,仅1个月就偷走银行5个亿存到银行的钱,居然不翼而飞了?2013年3月,方德富在工商银行的天台支行,...",
"author": "灵枫历史阁",
"pubDate": "2023-06-04 17:49:26"
},
{
"title": "2013年,52岁大妈发现银行漏洞,一个月偷走银行5个亿,结局如何",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd9rbOu9GZO9gI-5IAz5ci8Zi0KKhexTYJ9XpEsI80EdqDDC0Pp4utmQZRFRaTWqUrffrP4tmRYHilDSdpwsLZTJ7lhlInwHqrF6lWLK9MQYdJriDS5blHXFdVGuomCSj6bPQ7KQAKI8lRdARXhz-qzZM8aOVl6sKxhKN5m37Ps4vCAFV_3u-a3OQ..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "然后就联合银行员工一起利用这个漏洞把别人的钱神不知鬼不觉的转到了自己手里.警方调查了邱姓大妈的账户后才惊讶地发现,在短...",
"author": "中外生活",
"pubDate": "2022-01-29 16:17:58"
},
{
"title": "男子发现银行漏洞,骗其贷款三千多万元:我只有高中学历",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd9-H-K2n1hrZfK3LXdHu1sJU6bf1P4M5pYj1ckkmBa6diBG_lwUUMx2HUNIQ0P4miA3kdSmUt8BKiXqqMy1uLovgqDH435vRkKS0vHeCSSQgTIpdwB6r5ohpTbo0CCQ4I3ZaVXgNVOWBIsOlu3w3ETo-hZSCXKbaALqxXkT-__Fr2q3X8EKMKOIA..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "这样的漏洞非同小可,可能还有更多的情况发生,银行也是第一次遇到这样的事情,于是立刻选择了报警,根据技术人员的调查,总共...",
"author": "顿时我就惊呆了",
"pubDate": "2019-04-25 17:53:46"
},
{
"title": "银行漏洞还是储户大意?招行贵宾客户竟然这样被“套路”",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd9kzaJGpBOLfNozT_Yjhc52RMOwCbrBhiKHc4jMBquXruvzjQDAN3FMpjWuvuuModBsBi_CYzOzwp7M2eHxEPmxU2gnZrc0CV0kYdICRh1qbHZbctLjpJAvdx4uYAtYoNqvGaxpakmTXpa9NT-ThzIJZ3WlwRrbG8d5UoVRoy_uUbm0CtGSSkZQQ..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "正规渠道转出资金银行漏洞还是储户大意?为何李某等人的账户会在其不知情的情况下顺利被他人支取出资金?交易过程中的银行短信...",
"author": "新浪财经",
"pubDate": "2020-07-21 15:52:31"
},
{
"title": "六安徽商银行再爆监管漏洞!违规吸收存款,罚25万元!负责人被行政处罚!",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd9IfLzZCm-myoipfLyUs-k8zwl9k1mKdDrBpG-0b00Rx_q_61AC7wC25h0xDZ8CfE_b6weVMCx5HC4fRVBT4W7iOCwNjLL8Kz_GDa58UvNjwRm_q6sPUX7ui2fqJrMUulXU8h71jZ2KkN1eS9wN0vUgIk6k_8qTF_8oPoVKd3eACSE8RsmObDbtQ..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "yuan元:银行漏洞百出,金融部门应该管管了.阿莫:金融行业的蛀虫,破坏金融秩序的健康发展...小龙:这样的人居然在银行担担当...",
"author": "六地品安",
"pubDate": "2018-10-25 14:25:30"
},
{
"title": "华人女生发现银行漏洞刷爆2千万,挥霍后竟无罪释放",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjm_KYv-7Ob39CBXo1ZuiEXYlqXa8Fplpd9U6UeORyud9YKz3-kqYbu4JHW_11UlMDA32yqv7qqW10MJ7HHAuSOjGybb7hpE3vEMxvJQsBadNJD3wI6Z4ny2yUxRfg4td-95wvDqya_7oob3B4L8wE6r4-ZWKgGmFsAFEuXr2V6u1PZ84SdMs8vdQjJ8sx_ORqMYh0HqW3wfFYYJSSFPgfogQ..&type=2&query=%E9%93%B6%E8%A1%8C%E6%BC%8F%E6%B4%9E&token=BE5F3BBA6247205E8087D3AB23DF6F1081CF56F26A0C6525",
"description": "李佳欣租住的豪华公寓据悉,李佳欣在发现银行漏洞后疯狂消费,购买各种奢侈品,包括爱马仕、迪奥、香奈儿、卡地亚等,甚至在一...",
"author": "外交之声",
"pubDate": "2017-12-03 23:54:42"
}
],
"支付漏洞": [
{
"title": "【web安全】 逻辑漏洞之支付漏洞",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmwCqFAw6IwMeBXo1ZuiEXYlqXa8Fplpd9Q6XaCYkzCVt9xmPC5nlq6r9DjVuXcUe9fbiPA5PKiaGGL60mJi9Ll2YCFp2sdfC8pgLkepdXe8_4NYB5fnF5Vu7V6FUn9HL5QiwutVjHMiNZLR5lUoS61fYvvoE2RreIBT79U80nPTvsN3yjxXlvrNZMlotiMh_UQ9v6r0efLSh5Nu7CnoSqqg..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "支付漏洞简介支付漏洞是 高风险漏洞 也属于 逻辑漏洞,通常是通过 篡改价格、数量、状态、接口、用户名等传参,从而造成 小钱够买...",
"author": "Hacking黑白红",
"pubDate": "2022-05-15 23:51:16"
},
{
"title": "天融信:《电子支付漏洞报告》重磅发布!",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmwCqFAw6IwMeBXo1ZuiEXYlqXa8Fplpd9I_2Sc2OkHKAjgySNzTrXa0HR9El_aB8wqC1SO437PvrxHkvRgiz6zXTVI7T7XEOQmv-CXdl0cWw8ejX81V7uyDXm8pdbD9_FAwk5DPx-d38QhVJ6xx7DnmTqEeASG0un0uR8pUzXx-PQOfpmm1SEkFjR-eIPJsmVoONlqWcTTNICn9lOoZLP2Q..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "支付漏洞趋势3电子支付的安全风险3.1线下支付安全风险线下交易要求付款者必须持有有效支付工具,如银行卡和智能手机APP.银行...",
"author": "天融信",
"pubDate": "2023-07-12 18:21:06"
},
{
"title": "仙桃男子遭遇手机支付漏洞赶紧堵漏",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmwCqFAw6IwMeBXo1ZuiEXYlqXa8Fplpd9rdCTrPOyKdv0sf3ITwIiZUAp-fWgY0p9tyDEsWRfR0eZb3SEREghAdOHvaNVDUV_13elIx3OAnPZa8d765Vc1yAM_uHb1-iyO4ca7vOE_9LJggvc5RlOdHRwU_x9Lgn02uJd3p7R4gPuA_Jq2QdwgZPCFzKmqoqMdGsA38WumhY5eBgmN3LoYQ..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "7月28日,仙桃市公安局干河派出所民警向“平安仙桃”反映,在办理一起盗窃案时发现手机支付漏洞,希望提醒市民朋友做好防范,...",
"author": "平安仙桃",
"pubDate": "2018-07-29 23:11:01"
},
{
"title": "支付漏洞:你可能收到了假微信转账",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DM67_A4ZyUtWILjGUN4iMDGVgrFeYQugDonBfgmHjxCOd5XAY1uNSeSCEkLPGf4cu3kGZpLvvkSCuHaUmcDkcnrwDQLZHUliJi-KdKemZNhbMwwfs2qZ-ey2WueZfM3Q2xvQYgxQa-wMRl520NthlI2CaKKPCpDZe-eWIvRYrW2ZNcTo3KmF86iEowge5WjG0YYa5AR-5kBvM5RbPTYfwlrWjRDffRNTQE9qDyLh0c02a1zBQJqbFglj6eeueHku77_I-oC-AXqwiZqwg0yoRFw.&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "这一支付方式被别有用心的不法分子玩出了“新套路”.从事服装生意7年的晓雯,眼看“回头客”已将钱转至自己的微信上,谁知是...",
"author": "画乡之窗",
"pubDate": "2017-02-28 18:28:24"
},
{
"title": "史上最全移动支付漏洞案例 谁动了银行卡里的钱?",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6ft3wfAVofsP5Peu-UiA4DM67_A4ZyUtWILjGUN4iMDGVgrFeYQugDqr95PEUjTPeCjEDtUWlMFjnjBVP8MvhBB3rS-ONO8kWUyXnYwgoFpUbgnrKgIxixCCgP3PeeOCp-4-KGyD-MDLGBaPQAm5n4u5TKu2pEERBbVp5wVG_sJnPLaqVLQTbtqO8XPmq69L45iqF-gaWWwGT45bziwKiEvYbrg2FCKNgjuVkb7mTrKTDrKN8lQMwYlzYMpbftzhLq3mxQueoFnJBBIlgD9atxVuHk8nTJuJtiZqwg0yoRFw.&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "雷锋网硬创公开课-移动支付漏洞案例@GeekPwn随着移动支付的普及,我们的生活变得越来越便利.我们甚至已经可以不带钱包、现...",
"author": "GeekPwn",
"pubDate": "2016-04-19 09:35:10"
},
{
"title": "敏付科技存“支付漏洞”被约谈整改",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmwCqFAw6IwMeBXo1ZuiEXYlqXa8Fplpd9mh7hxQR80LWyQHgUTmcPC8p18OnvzwGhcFfV9bITJSKu6GOdP2bHKL1OrBVgFyMgv7VLsXR-Z17BAg5gc0lcuuE1DJaIEaURad0lXxpg-g9dk1n_jI6ExBfA4wIq8J2sPNzbJ6tQG2ldxcA4rBWfnhCzjIatbG9htdzv7j0QuvDwdVqCwyPdzA..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "支付之家网(ZFZJ.CN) 支付之家网获悉,持牌支付机构敏付科技有限公司(简称“敏付”)因存在“支付漏洞”被北海市公安机关约...",
"author": "支付之家网",
"pubDate": "2022-01-24 08:00:21"
},
{
"title": "从最近的微信支付看XXE漏洞",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmwCqFAw6IwMeBXo1ZuiEXYlqXa8Fplpd9KPANxTQwF2ZEHYGk90kPE4hWXe2NI2F1FbYRsAO20IE6t8d2aL5o3RdrrA_qrX3boEi66hG3TJg7p0Sfj5bqU2lr7ARDNoYeMopSC-H31h-aULwsNUyTpJqiVb-j_qUSJT2R9PacaieAS05jj0flPaEUnBgkCOVxrqE_j1YyoaKfxjh3za6jWA..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "这就很能说明问题,于是老大让我对微信支付漏洞做漏洞研究并找出产品出问题的原因.所以才有了这篇文章.由于本文的初衷是为了...",
"author": "FreeBuf",
"pubDate": "2018-07-08 18:03:00"
},
{
"title": "就一加手机支付漏洞讨论在线支付中的安全风险",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmwCqFAw6IwMeBXo1ZuiEXYlqXa8Fplpd9KPANxTQwF2ZEHYGk90kPE4hWXe2NI2F1FbYRsAO20IE6t8d2aL5o3Vl07whArgOCfPIyUxUBuUPYP6Bf3OMZiVDfgjuAppncDw09WtI-o9KDzFGiqrthXicrg6dce8JE9FvVVdgyQ625LTYSxJFyS3NtjvmByvsOnWuRJ4UF7pTuL0unUdKkuw..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "支付交易的处理是由CyberSource处理的,但是支付表单却仍然托管在OnePlus的基础设施中.如果攻击者拥有该页面的读写权限,那...",
"author": "FreeBuf",
"pubDate": "2018-02-12 19:17:27"
},
{
"title": "利用支付漏洞套现1300万被判15年",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmwCqFAw6IwMeBXo1ZuiEXYlqXa8Fplpd94YGyadjnIdqCmifmFtoVDM73Pcp4cBpKV2rDJRD8npHHdrWAvbOWlFaX3p0bINVcJwjtCXVIumZcUvdP7I5aPOs-DpdEl09I2bis-r7JYOHhcbU3UvmUxaZrQtHqZLRzOaqqj4B3aUcmrzVXLz6jsmVtUZCm2VSwDTSBw6BUK5ROJBjQH7pCxQ..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "利用支付漏洞,他在半年时间里收入1300万元,光用来打赏主播就花了400万元.撰文 | 张浩东出品 | 支付百科 今年8月份,一个17岁黑...",
"author": "支付百科",
"pubDate": "2022-01-03 13:54:08"
},
{
"title": "微信支付惊曝安全漏洞!0元就能买买买!官方称已修复",
"link": "https://weixin.sogou.com/link?url=dn9a_-gY295K0Rci_xozVXfdMkSQTLW6cwJThYulHEtVjXrGTiVgS-hu52OowZjmwCqFAw6IwMeBXo1ZuiEXYlqXa8Fplpd9WRwhjUXQPbCrlwwX5iNG5HZuy-p9GotEnRqRkhrwm5Rx11MjS9fJ2HV2wqvLc5cobFcftFZTUN_ksmxx4Zl8mF_bTak2gT_g4iUKv9_lWzpJgBPs4fTf7W80h71nN2zy123WutGXaftgdfFKUMfrCVtN-6w8RbtECuPRX6Q7YYYCYioxHkzTmA..&type=2&query=%E6%94%AF%E4%BB%98%E6%BC%8F%E6%B4%9E&token=BE5F55193F1A7D02DDDA8EF77E68220DDD18B81E6A0C652B",
"description": "陌陌的微信支付漏洞利用过程vivo的微信支付漏洞利用过程值得注意的是,目前漏洞的详细信息以及攻击方式已被公开,安全人员建议...",
"author": "中国网",
"pubDate": "2018-07-04 17:38:58"
}
]
}

802
resources/JSON/uni_rss.json
View File

@ -1,802 +0,0 @@
[
{
"title": "美团 LongCat 开源 General 365树立推理评测新标尺",
"link": "https://tech.meituan.com/2026/05/15/longcat-general-365.html",
"author": "美团技术团队",
"description": "美团 LongCat 团队正式发布 General 365。我们发现在对 26 款主流模型的实测中,目前地表最强的 Gemini 3 Pro 准确率仅为 62.8%,而绝大多数模型甚至没能摸到 60 分的及格线。",
"published": "2026-05-15 08:00:00",
"source": "美团技术团队"
},
{
"title": "用Agent评测思路管理AI Coding —— 31万行代码AI重构的实践",
"link": "https://tech.meituan.com/2026/05/07/agent-ai-coding.html",
"author": "美团技术团队",
"description": "当 90% 以上代码由 AI 生成,决定系统走向的不是谁写得更快,而是约束 AI 的能力。没有统一规范AI 只会成倍放大混乱。本文基于 31 万行代码重构实践,分享我们如何用 Agent 评测思路管理 AI Coding——通过技术债梳理、建设Rule、重构 SOP 和 Pre-PR 机制,把重构从高成本专项变成随迭代持续推进的日常动作。",
"published": "2026-05-07 08:00:00",
"source": "美团技术团队"
},
{
"title": "LARYBench 发布:定义具身动作表征 ImageNet首次度量从人类视频学习的泛化表征",
"link": "https://tech.meituan.com/2026/04/27/longcat-larybench.html",
"author": "美团技术团队",
"description": "LARYBench Latent Action Representation Yielding Benchmark一个指引从大规模的视觉数据学习到通用的隐式动作表征的系统化评测基准。实验结果表明在动作泛化和控制精度上通用视觉模型的表现均显著优于专门为具身智能设计的动作专家模型具身动作表征可以从大规模人类视频数据中涌现。",
"published": "2026-04-27 08:00:00",
"source": "美团技术团队"
},
{
"title": "突破零样本 TTS 音色克隆上限LongCat-AudioDiT 的声音克隆艺术",
"link": "https://tech.meituan.com/2026/04/20/longcat-audiodit.html",
"author": "美团技术团队",
"description": "能不能让 AI 直接学会声音本身的规律,跳过中间环节?为破解这一技术瓶颈,美团 LongCat 团队正式发布 LongCat-AudioDiT。在该模型中彻底抛弃梅尔谱等中间表示直接在波形潜空间进行基于扩散模型的文本转语音Text-to-Speech, TTS从根源阻断数据转换的级联误差。",
"published": "2026-04-20 08:00:00",
"source": "美团技术团队"
},
{
"title": "LongCat-Flash-ProverAI 攻克数学定理证明,不仅要“算得对”,更要“证得严”",
"link": "https://tech.meituan.com/2026/04/07/longcat-flash-prover.html",
"author": "美团技术团队",
"description": "在常规的数学解题中,模型只需要“答对最终数值”即可,但数学定理证明不同,它要求极度严苛的逻辑链条,任何一句自然语言的模棱两可,都可能导致整个证明的崩塌。那么,如何让 AI 从“猜答案”走向“严谨证明”,成为复杂推理具有挑战的课题。为了解答这个问题,我们开源了专门用于数学形式化与定理证明的模型 —— LongCat-Flash-Prover。",
"published": "2026-04-07 08:00:00",
"source": "美团技术团队"
},
{
"title": "美团发布原生多模态 LongCat-Next当视觉和语音成为AI的母语",
"link": "https://tech.meituan.com/2026/04/02/longcat-next.html",
"author": "美团技术团队",
"description": "LongCat-Next 是我们在通往物理世界 AI 道路上的一次探索。今天我们把研究思路的核心——LongCat-Next 模型和它的离散分词器全部开源,希望更多开发者能基于它,构建真正能感知、理解并作用于真实世界的 AI。",
"published": "2026-04-02 08:00:00",
"source": "美团技术团队"
},
{
"title": "美团 BI 在指标平台和分析引擎上的探索和实践",
"link": "https://tech.meituan.com/2026/03/20/busniness-intelligence-practice-in-meituan.html",
"author": "美团技术团队",
"description": "美团数据平台构建了以指标平台为核心的新一代 BI 架构,通过自动语义和增强计算两种核心能力的建设,部分解决了传统 BI 平台在个性化数据集驱动下产生的数据口径混乱、查询性能差等问题。",
"published": "2026-03-20 08:00:00",
"source": "美团技术团队"
},
{
"title": "重塑站外体验:大众点评 M 站基于 Qwik.js 的重构实践",
"link": "https://tech.meituan.com/2026/03/13/qwik-practice-in-dianping.html",
"author": "美团技术团队",
"description": "为突破传统 Web 框架的性能瓶颈,大众点评增长团队引入 Qwik.js 重构 M 站核心页面架构,解决了重构前页面加载慢、维护成本高的难题。借助“可恢复性”能力,我们甩掉了传统水合的性能损耗,搭配全链路优化与工程化适配,让各个页面的性能指标都得到了明显提升。本文将拆解本次重构的技术选型、原理与落地细节,沉淀前沿框架在站外场景的落地经验。",
"published": "2026-03-13 08:00:00",
"source": "美团技术团队"
},
{
"title": "LongCat 为 OpenClaw 装上效率引擎:你的自动化任务还能再快 30%",
"link": "https://tech.meituan.com/2026/03/09/longcat-openclaw.html",
"author": "美团技术团队",
"description": "依赖第三方订阅进行非官方调用存在账号安全风险与服务不稳定性。为规避此类问题LongCat 团队提供稳定合规的官方免费 API开发者可通过官方渠道直接接入 OpenClaw在确保账号安全的前提下构建自动化工作流。",
"published": "2026-03-09 08:00:00",
"source": "美团技术团队"
},
{
"title": "美团发布基于 N-gram 全新模型:嵌入扩展新范式,实现轻量化 MoE 高效进化",
"link": "https://tech.meituan.com/2026/02/10/longcat-flash-lite.html",
"author": "美团技术团队",
"description": "LongCat-Flash-Lite是一款拥有 685 亿参数,每次推理仅激活 29 亿~ 45 亿参数的轻量化 MoE 模型。通过将超过 300 亿参数高效用于嵌入层LongCat-Flash-Lite 不仅超越了参数量等效的 MoE 基线模型,还在与同规模现有模型的对比中展现出卓越的竞争力,尤其在智能体与代码领域表现突出。",
"published": "2026-02-10 08:00:00",
"source": "美团技术团队"
},
{
"title": "僵尸网络911 S5的数字遗产",
"link": "https://blog.netlab.360.com/911s5/",
"author": "lvxing",
"description": "<h1 id=\"%E6%A6%82%E8%BF%B0\">&#x6982;&#x8ff0;</h1><p>2024&#x5e74;5&#x6708;29&#x65e5;&#xff0c;&#x7f8e;&#x56fd;&#x53f8;&#x6cd5;&#x90e8;&#x53d1;&#x5e03;&#x901a;&#x544a;&#xff0c;&#x58f0;&#x79f0;&#x5176;&#x6267;&#x6cd5;&#x6d3b;&#x52a8;&#x6467;&#x6bc1;&#x4e86;&quot;&#x53f2;&#x4e0a;&#x6700;&#x5927;&#x7684;&#x50f5;&#x5c38;&#x7f51;&#x7edc;&quot; 911 S5&#xff0c;&#x67e5;&#x5c01;&#x4e86;&#x76f8;&#x5173;&#x57df;&#x540d;</p>",
"published": "2024-06-14 17:20:11",
"source": "360 Netlab Blog"
},
{
"title": "Heads up! Xdr33, A Variant Of CIAs HIVE Attack Kit Emerges",
"link": "https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges/",
"author": "Alex.Turing",
"description": "<h1 id=\"overview\">Overview</h1>\n<p>On Oct 21, 2022, 360Netlab&apos;s honeypot system captured a suspicious ELF file <code>ee07a74d12c0bb3594965b51d0e45b6f</code>, which propagated via F5 vulnerability with zero VT detection, our system observces that it communicates with IP <code>45.9.150.144</code> using SSL with <strong>forged Kaspersky certificates</strong>, this caught our attention. After further lookup,</p>",
"published": "2023-01-10 22:00:37",
"source": "360 Netlab Blog"
},
{
"title": "警惕魔改后的CIA攻击套件Hive进入黑灰产领域",
"link": "https://blog.netlab.360.com/warning-hive-variant-xdr33-is-coming_cn/",
"author": "Alex.Turing",
"description": "<!--kg-card-begin: markdown--><h1 id=\"id\">&#x6982;&#x8ff0;</h1>\n<p>2022&#x5e74;10&#x6708;21&#x65e5;&#xff0c;360Netlab&#x7684;&#x871c;&#x7f50;&#x7cfb;&#x7edf;&#x6355;&#x83b7;&#x4e86;&#x4e00;&#x4e2a;&#x901a;&#x8fc7;F5&#x6f0f;&#x6d1e;&#x4f20;&#x64ad;&#xff0c;VT 0&#x68c0;&#x6d4b;&#x7684;&#x53ef;&#x7591;ELF&#x6587;&#x4ef6;<code>ee07a74d12c0bb3594965b51d0e45b6f</code>&#xff0c;&#x6d41;&#x91cf;&#x76d1;&#x63a7;&#x7cfb;&#x7edf;&#x63d0;&#x793a;&#x5b83;&#x548c;</p>",
"published": "2023-01-09 11:13:20",
"source": "360 Netlab Blog"
},
{
"title": "快讯使用21个漏洞传播的DDoS家族WSzero已经发展到第4个版本",
"link": "https://blog.netlab.360.com/new-ddos-botnet-wszeor/",
"author": "Hui Wang",
"description": "<!--kg-card-begin: markdown--><h2 id=\"id\">&#x6982;&#x8ff0;</h2>\n<p>&#x8fd1;&#x671f;&#xff0c;&#x6211;&#x4eec;&#x7684;BotMon&#x7cfb;&#x7edf;&#x8fde;&#x7eed;&#x6355;&#x83b7;&#x5230;&#x4e00;&#x4e2a;&#x7531;Go&#x7f16;&#x5199;&#x7684;DDoS&#x7c7b;&#x578b;&#x7684;&#x50f5;&#x5c38;&#x7f51;&#x7edc;&#x5bb6;&#x65cf;&#xff0c;&#x5b83;&#x7528;&#x4e8e;DDoS&#x653b;&#x51fb;&#xff0c;&#x4f7f;&#x7528;&#x4e86;&#x5305;&#x62ec;SSH/Telnet&#x5f31;&#x53e3;</p>",
"published": "2022-12-07 20:58:21",
"source": "360 Netlab Blog"
},
{
"title": "P2P Botnets: Review - Status - Continuous Monitoring",
"link": "https://blog.netlab.360.com/p2p-botnets-review-status-continuous-monitoring/",
"author": "360Netlab",
"description": "<h1 id=\"origins\">Origins</h1>\n<p>P2P networks are more scalable and robust than traditional C/S structures, and these advantages were recognized by the botnet authors early on and used in their botnets. In terms of time, <a href=\"https://en.wikipedia.org/wiki/Storm_botnet?ref=blog.netlab.360.com\">Storm</a>, which appeared in 2007, can be considered the progenitor of this area, when botnet threats were</p>",
"published": "2022-11-03 22:00:00",
"source": "360 Netlab Blog"
},
{
"title": "P2P 僵尸网络:回顾·现状·持续监测",
"link": "https://blog.netlab.360.com/p2p-botnet-monitor/",
"author": "360Netlab",
"description": "<h1 id=\"%E7%BC%98%E8%B5%B7\">&#x7f18;&#x8d77;</h1>\n<p>P2P&#x7ed3;&#x6784;&#x7684;&#x7f51;&#x7edc;&#x6bd4;&#x4f20;&#x7edf;&#x7684;C/S&#x7ed3;&#x6784;&#x5177;&#x6709;&#x66f4;&#x597d;&#x7684;&#x53ef;&#x6269;&#x5c55;&#x6027;&#x548c;&#x5065;&#x58ee;&#x6027;&#xff0c;&#x8fd9;&#x4e9b;&#x4f18;&#x70b9;&#x5f88;&#x65e9;&#x5c31;&#x4e3a;botnet&#x7684;&#x4f5c;&#x8005;&#x6240;&#x8ba4;&#x8bc6;&#x5230;&#x5e76;&#x88ab;&#x7528;&#x5230;</p>",
"published": "2022-11-02 11:11:33",
"source": "360 Netlab Blog"
},
{
"title": "Fodcha Is Coming Back, Raising A Wave of Ransom DDoS",
"link": "https://blog.netlab.360.com/fodcha-is-coming-back-with-rddos/",
"author": "Alex.Turing",
"description": "<h1 id=\"background\">Background</h1>\n<p>On April 13, 2022, 360Netlab first disclosed the <code>Fodcha</code> botnet. After our article was published, Fodcha suffered a crackdown from the relevant authorities, and its authors quickly responded by leaving <code>&quot;Netlab pls leave me alone I surrender&quot;</code> in an updated sample.No surprise, Fodcha&apos;s authors</p>",
"published": "2022-10-31 22:00:00",
"source": "360 Netlab Blog"
},
{
"title": "卷土重来的DDoS狂魔Fodcha僵尸网络再次露出獠牙",
"link": "https://blog.netlab.360.com/ddosmonster_the_return_of__fodcha_cn/",
"author": "Alex.Turing",
"description": "<h1 id=\"%E8%83%8C%E6%99%AF\">&#x80cc;&#x666f;</h1>\n<p>2022&#x5e74;4&#x6708;13&#x65e5;&#xff0c;360Netlab&#x9996;&#x6b21;&#x5411;&#x793e;&#x533a;&#x62ab;&#x9732;&#x4e86;Fodcha&#x50f5;&#x5c38;&#x7f51;&#x7edc;&#xff0c;&#x5728;&#x6211;&#x4eec;&#x7684;&#x6587;&#x7ae0;&#x53d1;&#x8868;&#x4e4b;&#x540e;&#xff0c;Fodcha&#x906d;&#x53d7;&#x5230;&#x76f8;&#x5173;&#x90e8;&#x95e8;&#x7684;&#x6253;&#x51fb;&#xff0c;&#x5176;&#x4f5c;&#x8005;</p>",
"published": "2022-10-27 10:49:26",
"source": "360 Netlab Blog"
},
{
"title": "PureCrypter is busy pumping out various malicious malware families",
"link": "https://blog.netlab.360.com/purecrypter-is-busy-pumping-out-various-malicious-malware-families/",
"author": "wanghao",
"description": "<p>In our daily botnet analysis work, it is common to encounter various loaders.Compared to other types of malware, loaders are unique in that they are mainly used to &quot;promote&quot;, i.e., download and run other malware on the infected machine. According to our observations, most loaders are</p>",
"published": "2022-08-29 21:00:00",
"source": "360 Netlab Blog"
},
{
"title": "PureCrypter Loader持续活跃已经传播了10多个其它家族",
"link": "https://blog.netlab.360.com/purecrypter/",
"author": "wanghao",
"description": "<!--kg-card-begin: markdown--><p>&#x5728;&#x6211;&#x4eec;&#x7684;&#x65e5;&#x5e38;botnet&#x5206;&#x6790;&#x5de5;&#x4f5c;&#x4e2d;&#xff0c;&#x78b0;&#x5230;&#x5404;&#x79cd;loader&#x662f;&#x5e38;&#x4e8b;&#x3002;&#x8ddf;&#x5176;&#x5b83;&#x79cd;&#x7c7b;&#x7684;malware&#x76f8;&#x6bd4;&#xff0c;loader&#x7684;&#x7279;&#x6b8a;&#x4e4b;&#x5904;&#x5728;&#x4e8e;&#x5b83;&#x4e3b;&#x8981;&#x7528;&#x6765;&#x201c;&#x63a8;&#x5e7f;&#x201d;&#xff0c;</p>",
"published": "2022-08-29 09:20:17",
"source": "360 Netlab Blog"
},
{
"title": "A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information",
"link": "https://blog.netlab.360.com/a-new-botnet-orchard-generates-dga-domains-with-bitcoin-transaction-information/",
"author": "daji",
"description": "<p>DGA is one of the classic techniques for botnets to hide their C2s, attacker only needs to selectively register a very small number of C2 domains, while for the defenders, it is difficult to determine in advance which domain names will be generated and registered.</p><p>360 netlab has long focused</p>",
"published": "2022-08-05 22:00:00",
"source": "360 Netlab Blog"
},
{
"title": "DGA家族Orchard持续变化新版本用比特币交易信息生成DGA域名",
"link": "https://blog.netlab.360.com/orchard-dga/",
"author": "daji",
"description": "<!--kg-card-begin: markdown--><p>DGA&#x662f;&#x4e00;&#x79cd;&#x7ecf;&#x5178;&#x7684;botnet&#x5bf9;&#x6297;&#x68c0;&#x6d4b;&#x7684;&#x6280;&#x672f;&#xff0c;&#x5176;&#x539f;&#x7406;&#x662f;&#x4f7f;&#x7528;&#x67d0;&#x79cd;DGA&#x7b97;&#x6cd5;&#xff0c;&#x7ed3;&#x5408;&#x7279;&#x5b9a;&#x7684;&#x79cd;&#x5b50;&#x548c;&#x5f53;&#x524d;&#x65e5;&#x671f;&#xff0c;&#x5b9a;&#x671f;&#x751f;&#x6210;&#x5927;&#x91cf;&#x7684;&#x57df;&#x540d;</p>",
"published": "2022-08-05 11:31:07",
"source": "360 Netlab Blog"
},
{
"title": "公有云网络安全威胁情报202204",
"link": "https://blog.netlab.360.com/public-cloud-threat-intelligence-202204/",
"author": "360Netlab",
"description": "<!--kg-card-begin: markdown--><h2 id=\"id\">&#x6982;&#x8ff0;</h2>\n<!--kg-card-end: markdown--><blockquote>&#x672c;&#x6587;&#x805a;&#x7126;&#x4e8e;&#x4e91;&#x4e0a;&#x91cd;&#x70b9;&#x8d44;&#x4ea7;&#x7684;&#x626b;&#x63cf;&#x653b;&#x51fb;&#x3001;&#x4e91;&#x670d;&#x52a1;&#x5668;&#x603b;&#x4f53;&#x653b;&#x51fb;&#x60c5;&#x51b5;&#x5206;&#x6790;&#x3001;&#x70ed;&#x95e8;&#x6f0f;&#x6d1e;&#x53ca;&#x6076;&#x610f;&#x7a0b;&#x5e8f;&#x7684;&#x653b;&#x51fb;&#x5a01;&#x80c1;&#x3002;</blockquote><!--kg-card-begin: markdown--><ul>\n<li><a href=\"https://netlab.360.com/zh/honeypot?ref=blog.netlab.360.com\">360&#x9ad8;&#x7ea7;</a></li></ul>",
"published": "2022-05-11 10:53:55",
"source": "360 Netlab Blog"
},
{
"title": "公有云网络安全威胁情报202203",
"link": "https://blog.netlab.360.com/public-cloud-threat-intelligence-202203/",
"author": "360Netlab",
"description": "<h3 id=\"-\">&#x6982;&#x8ff0;</h3><blockquote>&#x672c;&#x6587;&#x805a;&#x7126;&#x4e8e;&#x4e91;&#x4e0a;&#x91cd;&#x70b9;&#x8d44;&#x4ea7;&#x7684;&#x626b;&#x63cf;&#x653b;&#x51fb;&#x3001;&#x4e91;&#x670d;&#x52a1;&#x5668;&#x603b;&#x4f53;&#x653b;&#x51fb;&#x60c5;&#x51b5;&#x5206;&#x6790;&#x3001;&#x70ed;&#x95e8;&#x6f0f;&#x6d1e;&#x53ca;&#x6076;&#x610f;&#x7a0b;&#x5e8f;&#x7684;&#x653b;&#x51fb;&#x5a01;&#x80c1;&#x3002;</blockquote><ul><li><a href=\"https://netlab.360.com/zh/honeypot?ref=blog.netlab.360.com\">360&#x9ad8;&#x7ea7;</a></li></ul>",
"published": "2022-04-19 10:24:17",
"source": "360 Netlab Blog"
},
{
"title": "Fodcha, a new DDos botnet",
"link": "https://blog.netlab.360.com/fodcha-a-new-ddos-botnet/",
"author": "Hui Wang",
"description": "<h2 id=\"overview\">Overview</h2><p>Recently, CNCERT and 360netlab worked together and discovered a rapidly spreading DDoS botnet on the Internet. The global infection looks fairly big as just in China there are more than 10,000 daily active bots (IPs) and alsomore than 100 DDoS victims beingtargeted on a daily basis. We named</p>",
"published": "2022-04-13 22:01:14",
"source": "360 Netlab Blog"
},
{
"title": "GLiGuard面向大语言模型安全防护的模式条件分类方法",
"link": "https://paper.seebug.org/3485",
"author": "",
"description": "作者Urchade Zaratiana, Mary Newhauser, George Hurn-Maloney, Ash Lewis 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2605.07982v1 摘要 保障大语言模型LLM输出安全合规、符合政策要求需要能跨多安全维度实时扩展的内容审核机制。然而当前最优的安全护栏模型均基于70亿27...",
"published": "2026-05-11 16:40:13",
"source": "知道创宇404实验室"
},
{
"title": "基于大语言模型的 AI 智能体安全威胁与防御系统性综述——分层攻击面框架",
"link": "https://paper.seebug.org/3484",
"author": "",
"description": "作者Kexin Chu 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/pdf/2604.23338v2 摘要 智能体AI系统可跨多会话规划、保留记忆、调用外部工具并与对等智能体协同无状态大语言模型则不具备这些能力。现有安全分类体系按攻击类型如提示注入、越狱划分威胁却未说明脆弱的架构组件或威胁显现的时间尺度。本文直接解决这些结构性问题提出分层攻击面模型...",
"published": "2026-05-09 16:53:56",
"source": "知道创宇404实验室"
},
{
"title": "ReTokSync面向生成式语言隐写的自同步分词消歧方法",
"link": "https://paper.seebug.org/3481",
"author": "",
"description": "作者Yaofei Wang, Rui Wang, Weilong Pang等 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2604.25486v1 摘要 生成式语言隐写GLS通过将秘密信息嵌入自然语言生成过程实现隐蔽通信。然而在实际部署中GLS易受分词歧义影响相同的表层文本在接收端可能被重新分词为不同的token序列破坏通信双方共享的解码状...",
"published": "2026-05-08 16:42:48",
"source": "知道创宇404实验室"
},
{
"title": "素域 PINI后量子 NTT 掩码的机器验证合成定理",
"link": "https://paper.seebug.org/3480",
"author": "",
"description": "作者Ray IskanderKhaled Kirah 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/abs/2604.25878v1 摘要 本文是后量子密码掩码数论变换NTT硬件形式化验证分析系列论文的第六篇。第一篇论文[1]建立了 QANARY 平台的结构依赖分析,第二篇论文[2]量化了部分 NTT 掩码下的安全裕度。布尔掩码的合成理论通过无干扰NI...",
"published": "2026-05-06 16:44:36",
"source": "知道创宇404实验室"
},
{
"title": "Google DeepMindAI 智能体陷阱",
"link": "https://paper.seebug.org/3479",
"author": "",
"description": "作者Matija Franklin, Nenad Tomašev等 译者知道创宇404实验室翻译组 原文链接https://blog.qiaomu.ai/api/images/document/2026/04/603f0cae8cd8ab94-ai-agent-trap.pdf 摘要 自主AI智能体日益在网络中自主行动它们面临一种全新挑战信息环境本身。由此产生了一个关键安全漏洞我们称之...",
"published": "2026-04-24 16:54:27",
"source": "知道创宇404实验室"
},
{
"title": "合法终端管理软件遭滥用:疑似银狐攻击事件分析与溯源",
"link": "https://paper.seebug.org/3478",
"author": "",
"description": "作者:知道创宇高级威胁情报团队 一、事件概述 近期,我们在客户现场应急响应中排查到一起新型攻击事件。攻击者伪造常用工具安装包诱导执行,随即部署一款带有合法数字签名的终端管理软件。经技术溯源确认,该程序具备主机信息收集、远程控制等完整恶意能力,其 C2 基础设施与 “银狐” 高度关联。由于合法数字签名的天然 “免杀” 特性,该恶意程序可轻易绕过主流杀毒软件检测,实现隐蔽入侵与长期控制。 银狐简介 银...",
"published": "2026-04-15 03:31:00",
"source": "知道创宇404实验室"
},
{
"title": "SkillTrojan针对基于技能的智能体系统的后门攻击",
"link": "https://paper.seebug.org/3477",
"author": "",
"description": "作者Yunhao Feng, Yifan Ding, Yingshui Tan等 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2604.06811v1/https://arxiv.org/html/2604.06811v1 摘要 基于技能的智能体系统通过组合可复用技能完成复杂任务,在提升模块化与可扩展性的同时,引入了尚未被充分研究的安全攻击面。本文提...",
"published": "2026-04-09 08:26:00",
"source": "知道创宇404实验室"
},
{
"title": "GUARDSLM面向小语言模型、基于令牌激活的越狱攻击防御方法",
"link": "https://paper.seebug.org/3476",
"author": "",
"description": "作者Md. Jueal Mia1, Joaquin Molto1, Yanzhao Wu1, M. Hadi Amini 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2603.28817v1/https://arxiv.org/html/2603.28817v1 摘要 小语言模型SLM正成为大语言模型LLM高效且经济可行的替代方案在计算成本...",
"published": "2026-04-03 02:48:00",
"source": "知道创宇404实验室"
},
{
"title": "静默颠覆:通过卫星系统供应链植入物实施的传感器欺骗攻击",
"link": "https://paper.seebug.org/3475",
"author": "",
"description": "作者Jack Vanlyssel, Gruia-Catalin Roman, Afsah Anwar 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2603.10388v1/https://arxiv.org/html/2603.10388v1 摘要 欺骗攻击是地面系统最具破坏性的网络威胁之一,而在太空中这类威胁愈发危险——卫星难以在轨维修,且运营方依...",
"published": "2026-03-24 09:47:00",
"source": "知道创宇404实验室"
},
{
"title": "增强网络入侵检测系统:一种抵御对抗攻击的多层集成方法",
"link": "https://paper.seebug.org/3474",
"author": "",
"description": "作者Nasim Soltani, Shayan Nejadshamsi等 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2603.10413v1/https://arxiv.org/html/2603.10413v1 摘要 对抗样本会对机器学习ML算法构成严重威胁。若被用于操控基于机器学习的网络入侵检测系统NIDS行为将危及网络安全。本研究旨...",
"published": "2026-03-23 08:31:00",
"source": "知道创宇404实验室"
},
{
"title": "CUDA Agent面向高性能 CUDA 内核生成的大规模智能体强化学习",
"link": "https://paper.seebug.org/3473",
"author": "",
"description": "作者Weinan Dai, Hanlin Wu, Qiying Yu等 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2602.24286v1/https://arxiv.org/html/2602.24286v1 摘要 GPU内核优化是现代深度学习的基础但仍是一项高度专业化的任务需要深厚的硬件专业知识。尽管大语言模型LLM在通用编程任务中表现...",
"published": "2026-03-17 09:50:00",
"source": "知道创宇404实验室"
},
{
"title": "Unmasking SilverFoxs New Trends: Decoding Evasion Tactics, Domain Impersonation, and Mass-Generated Fake Software",
"link": "https://paper.seebug.org/3472",
"author": "",
"description": "Author: Knownsec 404 Advanced Threat Intelligence Team I. Introduction SilverFox has become one of the most active cyber threats in recent years, targeting managerial and finance staff in organization...",
"published": "2026-03-13 08:30:00",
"source": "知道创宇404实验室"
},
{
"title": "基于图像的提示注入:通过视觉嵌入的对抗性指令劫持多模态大语言模型",
"link": "https://paper.seebug.org/3471",
"author": "",
"description": "作者Neha Nagaraja, Lan Zhang, Zhilong Wang 译者知道创宇404实验室翻译组 原文链接https://arxiv.org/html/2603.03637v1/https://arxiv.org/html/2603.03637v1 摘要多模态大语言模型MLLMs融合视觉与文本能力赋能各类应用但这种融合也引入了新的安全漏洞。本文研究基于图像的提示注入...",
"published": "2026-03-11 01:29:00",
"source": "知道创宇404实验室"
},
{
"title": "虚假 OpenClaw 安装程序如何传播 GhostSocks 恶意软件",
"link": "https://paper.seebug.org/3470",
"author": "",
"description": "作者Jai Minton, Ryan Dowd 原文链接https://www.huntress.com/blog/openclaw-github-ghostsocks-infostealer/https://www.huntress.com/blog/openclaw-github-ghostsocks-infostealer 摘要 信息窃取型恶意软件是针对面向公众系统发起严重攻击的初始访问...",
"published": "2026-03-10 01:45:00",
"source": "知道创宇404实验室"
},
{
"title": "当 AI Agent 拥有系统权限OpenClaw 安全风险全景分析",
"link": "https://paper.seebug.org/3469",
"author": "",
"description": "作者:知道创宇积极防御实验室 完整的 OpenClaw 安全实践 Skill、自动化审计工具已在 GitHub 开源。项目地址https://github.com/knownsec/openclaw-security/https://github.com/knownsec/openclaw-security 一、背景说明 随着 AI Agent 技术的快速演进,具备自动化决策与自主执行能力的开源...",
"published": "2026-03-06 07:34:00",
"source": "知道创宇404实验室"
},
{
"title": "我们扫描了五万个 Skill发现危险仍然存在 朱雀实验室",
"link": "https://security.tencent.com/index.php/blog/msg/224",
"author": "",
"description": "真正的问题不是扫出了什么,是:这个生态还有没有,有效的免疫系统? 腾讯安全平台部负责人 Coolc腾讯安全平台部负责人 Coolc",
"published": "2026-04-26 15:51:04",
"source": "腾讯安全响应中心"
},
{
"title": "从发现 33 个 0day 漏洞,看安全攻防的下半场 朱雀实验室",
"link": "https://security.tencent.com/index.php/blog/msg/222",
"author": "",
"description": "2026 年 4 月 7 日Anthropic 联合 Apple、Google、Microsoft 等 45 家机构发布 Project Glasswing 计划,并宣布其尚未公开发行的前沿模型 Claude Mythos Preview 在所有主要操作系统和浏览器中发现了数千个&#8230;",
"published": "2026-04-10 17:45:09",
"source": "腾讯安全响应中心"
},
{
"title": "从4.8亿下载量的 LiteLLM投毒事件看 AI 基础设施安全攻与防 | 朱雀实验室",
"link": "https://security.tencent.com/index.php/blog/msg/214",
"author": "",
"description": "近日,知名大模型网关工具 LiteLLM 遭遇供应链投毒,其 1.82.7和1.82.8 版本被植入恶意代码。由于该项目月下载量极高(近1亿月下载量),且被 DSPy 等众多主流&#8230;",
"published": "2026-03-31 17:03:16",
"source": "腾讯安全响应中心"
},
{
"title": "当AI学会背刺深度剖析Agent Skills的安全陷阱 朱雀实验室",
"link": "https://security.tencent.com/index.php/blog/msg/215",
"author": "",
"description": "你是否想过,当你让 AI 帮你写代码时,它可能正在你背后悄悄地干着其它事——比如,加密你的所有文件,然后弹出一个勒索提示?这不是吓唬你,而是我们研究后发现在各种&#8230;",
"published": "2026-01-23 17:18:24",
"source": "腾讯安全响应中心"
},
{
"title": "当 AI 成为代码贡献者,软件安全正在发生怎样的变化?",
"link": "https://security.tencent.com/index.php/blog/msg/216",
"author": "",
"description": "随着 AI 技术加速融入软件研发流程AI 已经成为新时代的“代码贡献者”。在显著提升研发效率的同时AI 生成代码也对软件安全、漏洞治理和工程责任边界提出了新的挑战。",
"published": "2026-01-05 17:37:14",
"source": "腾讯安全响应中心"
},
{
"title": "A.S.E 2.0 正式发布 | 开放生态 · 动静协同 · 让 AI 编程安全可量化",
"link": "https://security.tencent.com/index.php/blog/msg/217",
"author": "",
"description": "A.S.E (AI Code Generation Security Evaluation) - 你的 AI 鉴赏官,为你提供大模型安全实践工具,让你一眼就能选出最靠谱的 AI 队友。",
"published": "2025-11-07 11:05:37",
"source": "腾讯安全响应中心"
},
{
"title": "00后黑客落网曾运营大型僵尸网络频繁攻击腾讯游戏、DeepSeek、X平台",
"link": "https://security.tencent.com/index.php/blog/msg/218",
"author": "",
"description": "据美国司法部通报活跃多年的高危DDoS僵尸网络“RapperBot”历史频繁攻击腾讯游戏、DeepSeek、X平台的幕后黑手现已被成功取缔。该僵尸网络主谋、22岁的美国俄勒冈州男子Ethan&#8230;",
"published": "2025-09-26 17:32:19",
"source": "腾讯安全响应中心"
},
{
"title": "DeepSeek本地化部署有风险快来看看你中招了吗 朱雀实验室",
"link": "https://security.tencent.com/index.php/blog/msg/219",
"author": "",
"description": "2025年伊始AI领域迎来一个重要变革 - DeepSeek R1开源发布凭借着低成本、性能出众的优势这个模型在短短几周内就获得空前关注。由于官网服务经常繁忙大家开始选择使用Ollama+OpenWebUI、LM&#8230;",
"published": "2025-02-18 16:04:12",
"source": "腾讯安全响应中心"
},
{
"title": "AI 帮你高效构建代码安全策略【大模型应用实践系列四】",
"link": "https://security.tencent.com/index.php/blog/msg/213",
"author": "",
"description": "腾讯啄木鸟代码安全团队依托混元大模型的超强代码理解和安全分析能力在SQL注入威胁检测场景验证中新增识别上百个漏洞检测策略相比传统方法人效比提升3.8倍在Github高star项目上斩获10+0day漏洞。",
"published": "2025-01-08 10:26:57",
"source": "腾讯安全响应中心"
},
{
"title": "AI猎手我们用大模型挖到了0day漏洞【大模型应用实践系列三】",
"link": "https://security.tencent.com/index.php/blog/msg/212",
"author": "",
"description": "AI版“赏金猎人”登场基于混元大模型能力打造的自动漏洞挖掘工具7*24小时自动感知、追踪、挖橱0day。 AI猎人VS黑客的角逐战正式开始。",
"published": "2025-01-03 10:23:17",
"source": "腾讯安全响应中心"
},
{
"title": "AI助力明文密码泄漏无处遁形【大模型应用实践系列二】",
"link": "https://security.tencent.com/index.php/blog/msg/211",
"author": "",
"description": "本文聚焦于密钥硬编码的问题,分析了传统检测策略的缺陷,并详细介绍了大模型在该场景下的优势、检测实施方案和效果。我们将继续推出更多关于大模型在研发安全、网络安全、威胁情报等领域的应用探索与总结",
"published": "2024-12-05 17:14:13",
"source": "腾讯安全响应中心"
},
{
"title": "大模型应用实践AI助力Code Review安全漏洞发现",
"link": "https://security.tencent.com/index.php/blog/msg/210",
"author": "",
"description": "借助混元大模型腾讯啄木鸟代码安全团队在代码评审Code Review下文简称CR场景下的安全漏洞检出能力取得显著提升日均发现和阻断300+个代码安全风险,极大提升了公司核心数据资产安全性。",
"published": "2024-11-27 10:39:46",
"source": "腾讯安全响应中心"
},
{
"title": "红蓝对抗之隐蔽通信应用及防御",
"link": "https://security.tencent.com/index.php/blog/msg/202",
"author": "",
"description": "腾讯蓝军和红军十多年案例经验、总结沉淀",
"published": "2021-09-27 16:40:43",
"source": "腾讯安全响应中心"
},
{
"title": "攻防启示Chromium组件风险剖析与收敛",
"link": "https://security.tencent.com/index.php/blog/msg/197",
"author": "",
"description": "Chromium内核的安全问题早已悄无声息地牵动着互联网生活方方面面。基于对实战经历的复盘本文将从Chromium架构及安全机制概况入手剖析Chromium组件在多场景下给企业带来的安全风险并一探收敛方案。",
"published": "2021-07-15 10:30:58",
"source": "腾讯安全响应中心"
},
{
"title": "红蓝对抗中的云原生漏洞挖掘及利用实录",
"link": "https://security.tencent.com/index.php/blog/msg/183",
"author": "",
"description": "分享攻防场景中的云原生相关漏洞挖掘及漏洞利用实例。",
"published": "2021-03-02 09:00:26",
"source": "腾讯安全响应中心"
},
{
"title": "腾讯蓝军安全通告WebLogic远程代码执行漏洞(CVE-2020-14645)",
"link": "https://security.tencent.com/index.php/blog/msg/157",
"author": "",
"description": "Oracle官方发布WebLogic安全更新修复严重漏洞。",
"published": "2020-07-15 16:16:05",
"source": "腾讯安全响应中心"
},
{
"title": "红蓝对抗之Windows内网渗透",
"link": "https://security.tencent.com/index.php/blog/msg/154",
"author": "",
"description": "无论是渗透测试还是红蓝对抗目的都是暴露风险促进提升安全水平。企业往往在外网布置重兵把守而内网防护相对来说千疮百孔所以渗透高手往往通过攻击员工电脑、外网服务、职场WiFi等方式进入内网然后发起内网渗透。而国内外红蓝对抗服务和开源攻击工具大多数以攻击Windows域为主主要原因是域控拥有上帝能力可以控制域内所有员工电脑进而利用员工的合法权限获取目标权限和数据达成渗透目的。",
"published": "2020-06-30 19:02:37",
"source": "腾讯安全响应中心"
},
{
"title": "现网发现新型DVR UDP反射攻击手法记实",
"link": "https://security.tencent.com/index.php/blog/msg/146",
"author": "",
"description": "近日游戏行业某云客户遭受到大流量DDoS攻击宙斯盾团队跟进溯源。在对抓取的攻击样本进行深入分析之后我们发现这是一种新的UDP反射放大攻击手法相关情况也分享同步与业界同行。",
"published": "2020-03-31 21:28:26",
"source": "腾讯安全响应中心"
},
{
"title": "WAF建设运营及AI应用实践",
"link": "https://security.tencent.com/index.php/blog/msg/145",
"author": "",
"description": "对于大型互联网公司而言业务众多网络流量巨大涉及的域名、服务器资源均属海量在这个规模下的WAF的设计、研发、运营将会有比较多的现实挑战。",
"published": "2020-03-24 15:29:51",
"source": "腾讯安全响应中心"
},
{
"title": "浅谈DDoS攻防对抗中的AI实践",
"link": "https://security.tencent.com/index.php/blog/msg/144",
"author": "",
"description": "DDoS对抗不仅需要“降本”还需要“增效”宙斯盾DDoS防护系统通过AI算法学习经验数据形成具备自学习、自进化、自适应特性的流量模型被动应对发展成为主动进化增强DDoS攻防能力。",
"published": "2020-03-18 16:55:51",
"source": "腾讯安全响应中心"
},
{
"title": "Nobel laureate Olga Tokarczuk apparently used AI to write her latest novel",
"link": "https://lithub.com/nobel-laureate-olga-tokarczuk-apparently-used-ai-to-write-her-latest-novel/",
"author": "bookofjoe",
"description": "<p>Article URL: <a href=\"https://lithub.com/nobel-laureate-olga-tokarczuk-apparently-used-ai-to-write-her-latest-novel/\">https://lithub.com/nobel-laureate-olga-tokarczuk-apparently-used-ai-to-write-her-latest-novel/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48209112\">https://news.ycombinator.com/item?id=48209112</a></p>\n<p>Points: 33</p>\n<p># Comments: 41</p>",
"published": "2026-05-20 23:10:43",
"source": "Hacker News"
},
{
"title": "Testing distributed systems with AI agents",
"link": "https://github.com/shenli/distributed-system-testing",
"author": "shenli3514",
"description": "<p>Article URL: <a href=\"https://github.com/shenli/distributed-system-testing\">https://github.com/shenli/distributed-system-testing</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48208685\">https://news.ycombinator.com/item?id=48208685</a></p>\n<p>Points: 19</p>\n<p># Comments: 1</p>",
"published": "2026-05-20 22:40:42",
"source": "Hacker News"
},
{
"title": "Victory: Tennessee man jailed 37 days for Trump meme wins $835,000 settlement",
"link": "https://www.fire.org/news/victory-tennessee-man-jailed-37-days-trump-meme-wins-835000-settlement-after-first-amendment",
"author": "ceejayoz",
"description": "<p>Article URL: <a href=\"https://www.fire.org/news/victory-tennessee-man-jailed-37-days-trump-meme-wins-835000-settlement-after-first-amendment\">https://www.fire.org/news/victory-tennessee-man-jailed-37-days-trump-meme-wins-835000-settlement-after-first-amendment</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48208502\">https://news.ycombinator.com/item?id=48208502</a></p>\n<p>Points: 178</p>\n<p># Comments: 74</p>",
"published": "2026-05-20 22:30:47",
"source": "Hacker News"
},
{
"title": "America's Greatest Strategic Blunder: The Imprisonment of Qian Xuesen",
"link": "https://danieltan.weblog.lol/2026/05/americas-greatest-strategic-blunder-the-imprisonment-of-qian-xuesen",
"author": "danieltanfh95",
"description": "<p>Article URL: <a href=\"https://danieltan.weblog.lol/2026/05/americas-greatest-strategic-blunder-the-imprisonment-of-qian-xuesen\">https://danieltan.weblog.lol/2026/05/americas-greatest-strategic-blunder-the-imprisonment-of-qian-xuesen</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48207251\">https://news.ycombinator.com/item?id=48207251</a></p>\n<p>Points: 66</p>\n<p># Comments: 30</p>",
"published": "2026-05-20 21:19:36",
"source": "Hacker News"
},
{
"title": "Goodbye Visa and Mastercard: 130M Europeans switching to sovereign payment",
"link": "https://www.lesnumeriques.com/banque-en-ligne/adieu-visa-et-mastercard-130-millions-d-europeens-basculent-vers-un-paiement-100-souverain-des-2026-n250918.html",
"author": "healsdata",
"description": "<p>Article URL: <a href=\"https://www.lesnumeriques.com/banque-en-ligne/adieu-visa-et-mastercard-130-millions-d-europeens-basculent-vers-un-paiement-100-souverain-des-2026-n250918.html\">https://www.lesnumeriques.com/banque-en-ligne/adieu-visa-et-mastercard-130-millions-d-europeens-basculent-vers-un-paiement-100-souverain-des-2026-n250918.html</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48207004\">https://news.ycombinator.com/item?id=48207004</a></p>\n<p>Points: 499</p>\n<p># Comments: 414</p>",
"published": "2026-05-20 21:02:30",
"source": "Hacker News"
},
{
"title": "Meta blocks human rights accounts from reaching audiences in Arabia and the UAE",
"link": "https://www.alqst.org/ar/posts/1190",
"author": "giuliomagnifico",
"description": "<p>Article URL: <a href=\"https://www.alqst.org/ar/posts/1190\">https://www.alqst.org/ar/posts/1190</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48206768\">https://news.ycombinator.com/item?id=48206768</a></p>\n<p>Points: 519</p>\n<p># Comments: 202</p>",
"published": "2026-05-20 20:43:41",
"source": "Hacker News"
},
{
"title": "Anna's Archive Hit with $19.5M Default Judgment and Global Domain Takedown Order",
"link": "https://torrentfreak.com/annas-archive-hit-with-19-5m-default-judgment-and-global-domain-takedown-order/",
"author": "iamnothere",
"description": "<p>Article URL: <a href=\"https://torrentfreak.com/annas-archive-hit-with-19-5m-default-judgment-and-global-domain-takedown-order/\">https://torrentfreak.com/annas-archive-hit-with-19-5m-default-judgment-and-global-domain-takedown-order/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48206640\">https://news.ycombinator.com/item?id=48206640</a></p>\n<p>Points: 168</p>\n<p># Comments: 126</p>",
"published": "2026-05-20 20:30:58",
"source": "Hacker News"
},
{
"title": "Saying Goodbye to Asm.js",
"link": "https://spidermonkey.dev/blog/2026/05/20/saying-goodbye-to-asmjs.html",
"author": "eqrion",
"description": "<p>Article URL: <a href=\"https://spidermonkey.dev/blog/2026/05/20/saying-goodbye-to-asmjs.html\">https://spidermonkey.dev/blog/2026/05/20/saying-goodbye-to-asmjs.html</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48206340\">https://news.ycombinator.com/item?id=48206340</a></p>\n<p>Points: 138</p>\n<p># Comments: 65</p>",
"published": "2026-05-20 20:01:56",
"source": "Hacker News"
},
{
"title": "College students drown out AI-praising commencement speeches with boos",
"link": "https://www.tomshardware.com/tech-industry/artificial-intelligence/college-students-drown-out-ai-praising-commencement-speeches-with-boos-deal-with-it-one-speaker-fires-back-as-students-heckle-positive-pitches-for-ais-role",
"author": "iancmceachern",
"description": "<p>Article URL: <a href=\"https://www.tomshardware.com/tech-industry/artificial-intelligence/college-students-drown-out-ai-praising-commencement-speeches-with-boos-deal-with-it-one-speaker-fires-back-as-students-heckle-positive-pitches-for-ais-role\">https://www.tomshardware.com/tech-industry/artificial-intelligence/college-students-drown-out-ai-praising-commencement-speeches-with-boos-deal-with-it-one-speaker-fires-back-as-students-heckle-positive-pitches-for-ais-role</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48206241\">https://news.ycombinator.com/item?id=48206241</a></p>\n<p>Points: 266</p>\n<p># Comments: 244</p>",
"published": "2026-05-20 19:51:32",
"source": "Hacker News"
},
{
"title": "Google's AI is being manipulated. The search giant is quietly fighting back",
"link": "https://www.bbc.com/future/article/20260519-google-tackles-attempts-to-hack-its-ai-results",
"author": "tigerlily",
"description": "<p>Article URL: <a href=\"https://www.bbc.com/future/article/20260519-google-tackles-attempts-to-hack-its-ai-results\">https://www.bbc.com/future/article/20260519-google-tackles-attempts-to-hack-its-ai-results</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48205782\">https://news.ycombinator.com/item?id=48205782</a></p>\n<p>Points: 97</p>\n<p># Comments: 58</p>",
"published": "2026-05-20 18:57:09",
"source": "Hacker News"
},
{
"title": "Map of Metal",
"link": "https://mapofmetal.com/",
"author": "robin_reala",
"description": "<p>Article URL: <a href=\"https://mapofmetal.com/\">https://mapofmetal.com/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48205699\">https://news.ycombinator.com/item?id=48205699</a></p>\n<p>Points: 234</p>\n<p># Comments: 76</p>",
"published": "2026-05-20 18:47:20",
"source": "Hacker News"
},
{
"title": "Qwen3.7-Max: The Agent Frontier",
"link": "https://qwen.ai/blog?id=qwen3.7",
"author": "kevinsimper",
"description": "<p>Article URL: <a href=\"https://qwen.ai/blog?id=qwen3.7\">https://qwen.ai/blog?id=qwen3.7</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48205626\">https://news.ycombinator.com/item?id=48205626</a></p>\n<p>Points: 313</p>\n<p># Comments: 115</p>",
"published": "2026-05-20 18:35:02",
"source": "Hacker News"
},
{
"title": "Learnings from 100K lines of Rust with AI (2025)",
"link": "https://zfhuang99.github.io/rust/claude%20code/codex/contracts/spec-driven%20development/2025/12/01/rust-with-ai.html",
"author": "pramodbiligiri",
"description": "<p>Article URL: <a href=\"https://zfhuang99.github.io/rust/claude%20code/codex/contracts/spec-driven%20development/2025/12/01/rust-with-ai.html\">https://zfhuang99.github.io/rust/claude%20code/codex/contracts/spec-driven%20development/2025/12/01/rust-with-ai.html</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48205415\">https://news.ycombinator.com/item?id=48205415</a></p>\n<p>Points: 106</p>\n<p># Comments: 104</p>",
"published": "2026-05-20 18:04:28",
"source": "Hacker News"
},
{
"title": "Everything in C is undefined behavior",
"link": "https://blog.habets.se/2026/05/Everything-in-C-is-undefined-behavior.html",
"author": "lycopodiopsida",
"description": "<p>Article URL: <a href=\"https://blog.habets.se/2026/05/Everything-in-C-is-undefined-behavior.html\">https://blog.habets.se/2026/05/Everything-in-C-is-undefined-behavior.html</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48203698\">https://news.ycombinator.com/item?id=48203698</a></p>\n<p>Points: 374</p>\n<p># Comments: 524</p>",
"published": "2026-05-20 14:07:22",
"source": "Hacker News"
},
{
"title": "Infomaniak transitions to a foundation model to protect user data privacy",
"link": "https://news.infomaniak.com/en/infomaniak-foundation-sovereign-cloud/",
"author": "darktoto",
"description": "<p>Article URL: <a href=\"https://news.infomaniak.com/en/infomaniak-foundation-sovereign-cloud/\">https://news.infomaniak.com/en/infomaniak-foundation-sovereign-cloud/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48203536\">https://news.ycombinator.com/item?id=48203536</a></p>\n<p>Points: 133</p>\n<p># Comments: 35</p>",
"published": "2026-05-20 13:43:51",
"source": "Hacker News"
},
{
"title": "Japan is gripped by mass allergies. A 1950s project is to blame",
"link": "https://www.bbc.com/future/article/20260515-the-1950s-blunder-which-causes-mass-hay-fever-in-japan",
"author": "ranit",
"description": "<p>Article URL: <a href=\"https://www.bbc.com/future/article/20260515-the-1950s-blunder-which-causes-mass-hay-fever-in-japan\">https://www.bbc.com/future/article/20260515-the-1950s-blunder-which-causes-mass-hay-fever-in-japan</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48202047\">https://news.ycombinator.com/item?id=48202047</a></p>\n<p>Points: 255</p>\n<p># Comments: 121</p>",
"published": "2026-05-20 09:43:06",
"source": "Hacker News"
},
{
"title": "FiveThirtyEight articles on the Internet Archive",
"link": "https://fivethirtyeightindex.com/",
"author": "ChocMontePy",
"description": "<p>Article URL: <a href=\"https://fivethirtyeightindex.com/\">https://fivethirtyeightindex.com/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48201973\">https://news.ycombinator.com/item?id=48201973</a></p>\n<p>Points: 312</p>\n<p># Comments: 73</p>",
"published": "2026-05-20 09:34:19",
"source": "Hacker News"
},
{
"title": "Remove-AI-Watermarks CLI and library for removing AI watermarks from images",
"link": "https://github.com/wiltodelta/remove-ai-watermarks",
"author": "janalsncm",
"description": "<p>Article URL: <a href=\"https://github.com/wiltodelta/remove-ai-watermarks\">https://github.com/wiltodelta/remove-ai-watermarks</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48200569\">https://news.ycombinator.com/item?id=48200569</a></p>\n<p>Points: 350</p>\n<p># Comments: 217</p>",
"published": "2026-05-20 06:30:31",
"source": "Hacker News"
},
{
"title": "OpenAI Adopts Google's SynthID Watermark for AI Images with Verification Tool",
"link": "https://openai.com/index/advancing-content-provenance/",
"author": "smooke",
"description": "<p>Article URL: <a href=\"https://openai.com/index/advancing-content-provenance/\">https://openai.com/index/advancing-content-provenance/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48198291\">https://news.ycombinator.com/item?id=48198291</a></p>\n<p>Points: 317</p>\n<p># Comments: 171</p>",
"published": "2026-05-20 03:34:30",
"source": "Hacker News"
},
{
"title": "Mistral AI acquires Emmi AI",
"link": "https://www.emmi.ai/news/mistral-ai-acquires-emmi-ai",
"author": "doener",
"description": "<p>Article URL: <a href=\"https://www.emmi.ai/news/mistral-ai-acquires-emmi-ai\">https://www.emmi.ai/news/mistral-ai-acquires-emmi-ai</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48197995\">https://news.ycombinator.com/item?id=48197995</a></p>\n<p>Points: 310</p>\n<p># Comments: 91</p>",
"published": "2026-05-20 03:14:12",
"source": "Hacker News"
},
{
"title": "美团SRC助力 | 你敢信他们都来了HPW白帽世界大会2026全议程发布",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494896&idx=1&sn=5b3d4f7d62a8e7212d9dff1cc4910a45",
"author": "美团技术团队",
"description": "顶尖AI安全红队亲自传授秘籍HPW2026所有议题一次解锁!",
"published": "2026-05-06 17:00:00",
"source": "微信公众号"
},
{
"title": "江湖征召令美团SRC专测活动进行中",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494896&idx=2&sn=62b64d34eb01c165640ce5b18fc56cf3",
"author": "美团技术团队",
"description": "活动时间2026年4月27日 - 5月20日",
"published": "2026-05-06 17:00:00",
"source": "微信公众号"
},
{
"title": "江湖征召令美团SRC专测活动正式开启",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494891&idx=1&sn=15e081c3c53f5ab38a5dd3380e470121",
"author": "美团技术团队",
"description": "活动时间2026年4月27日 - 5月20日",
"published": "2026-04-27 10:08:00",
"source": "微信公众号"
},
{
"title": "美团SRC发布AI生成漏洞报告提交规范公告",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494883&idx=1&sn=f6eba6477129792a9c38896caff14be0",
"author": "美团技术团队",
"description": "请白帽师傅们在提交报告时恪守本文规范",
"published": "2026-04-24 14:23:00",
"source": "微信公众号"
},
{
"title": "致敬代码背后的守护者美团SRC 2025年度荣誉答谢",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494861&idx=1&sn=d50a94a54627f3de0db0ce8a06ff598e",
"author": "美团技术团队",
"description": "一份关于技术与荣誉的年度总结",
"published": "2026-01-22 19:21:00",
"source": "微信公众号"
},
{
"title": "热招|美团安全邀你共赴新征途!",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494835&idx=1&sn=c20429c5049a31399fed6b33469f0f4d",
"author": "美团技术团队",
"description": "欢迎你的加入,让我们奔赴热爱,无畏山海,共筑安全长城。",
"published": "2025-12-11 12:18:00",
"source": "微信公众号"
},
{
"title": "活动|秋日“挖洞”季,邀您来测!",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493937&idx=1&sn=4a134bd3c3e16a0177d3b7ccc56aee2f",
"author": "美团技术团队",
"description": "内含中秋礼品福利!请及时更新平台默认收货地址哦!",
"published": "2025-09-24 18:37:00",
"source": "微信公众号"
},
{
"title": "活动Keeta安全专测英雄帖邀您洞见非凡守护新域",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493924&idx=1&sn=0e8ab3b3a2af4d1b20e62b31fb82ccc2",
"author": "美团技术团队",
"description": "活动时间2025年8月22日-9月5日",
"published": "2025-08-21 18:30:00",
"source": "微信公众号"
},
{
"title": "美团安全应急响应中心漏洞测试高压线V2.0",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493924&idx=2&sn=af01328cacbe1fb5c29a08e52a26457a",
"author": "美团技术团队",
"description": "为帮助所有白帽子在美团SRC测试过程中规避违规风险保护平台和白帽子的安全和利益确保平台漏洞奖励机制得以良性运作美团安全应急响应中心发布《漏洞测试高压线V2.0》。",
"published": "2025-08-21 18:30:00",
"source": "微信公众号"
},
{
"title": "筑牢AI防线大模型安全专测活动已开启",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493903&idx=1&sn=1c69a453dfe76bcd593df539dda3c6a6",
"author": "美团技术团队",
"description": "活动时间6月9日-6月22日",
"published": "2025-06-09 10:01:00",
"source": "微信公众号"
},
{
"title": "报名 | 美团技术沙龙【AI+安全:智能技术在安全领域的应用探索】",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493889&idx=1&sn=4701431171173014d00aef3e7050372d",
"author": "美团技术团队",
"description": "6月19日周四 14:00 - 17:30线上直播快来报名吧",
"published": "2025-05-29 12:03:00",
"source": "微信公众号"
},
{
"title": "活动 |「春风送暖,安全同行」美团直播专测召集令",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493762&idx=1&sn=5599435d2eeb9cce063cb57ec68f6acb",
"author": "美团技术团队",
"description": "活动时间2025.03.24-04.03",
"published": "2025-03-24 10:00:00",
"source": "微信公众号"
},
{
"title": "荣誉 | 美团SRC2024年终奖励荣耀揭晓",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493717&idx=1&sn=fe94bf647a29fff908cc7ed29b70554c",
"author": "美团技术团队",
"description": "向每一位守护者致敬!",
"published": "2025-01-17 18:01:00",
"source": "微信公众号"
},
{
"title": "美团SRC邀您领取新年礼盒啦",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493717&idx=2&sn=f317d3190e4e199c933d1b29fa2f2d94",
"author": "美团技术团队",
"description": "获取方式见文中。",
"published": "2025-01-17 18:01:00",
"source": "微信公众号"
},
{
"title": "鸿蒙应用签名实操及机制探究",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493695&idx=1&sn=89a37bdee61841877d1acf28b8a68cbf",
"author": "美团技术团队",
"description": "本文对鸿蒙公开资料进行了深入分析和解读,梳理了鸿蒙单框架应用的签名机制,拆解每一步的实操过程和背后的实现原理,并对源码分析整理签名的校验机制。",
"published": "2024-12-31 10:01:00",
"source": "微信公众号"
},
{
"title": "白帽世界大会 | 美团SRC期待与您在澳门相见",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493590&idx=1&sn=0281d8d3faa07d26a91b338102cb7c61",
"author": "美团技术团队",
"description": "HackProve World 2025用真正的技术验证数字世界的安全。",
"published": "2024-12-19 17:31:00",
"source": "微信公众号"
},
{
"title": "年末冲刺2024漏洞马拉松『美团站』正式启动",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493372&idx=1&sn=f8ed6cc9dc514805d164f9d47277e8f5",
"author": "美团技术团队",
"description": "活动时间即日起至2024年12月15日。",
"published": "2024-12-03 18:30:00",
"source": "微信公众号"
},
{
"title": "活动|短视频激励系统专测开启!",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493353&idx=1&sn=60d8aea7934fa17d1e2077e2b879d3ae",
"author": "美团技术团队",
"description": "活动时间11月25日-11月28日",
"published": "2024-11-25 10:00:00",
"source": "微信公众号"
},
{
"title": "活动美团SRC七周年多重惊喜派送中",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493342&idx=1&sn=5aadfd7e004ccab04ad3286741aeca6f",
"author": "美团技术团队",
"description": "活动时间11月11日10: 00-11月18日0: 00",
"published": "2024-11-11 10:08:00",
"source": "微信公众号"
},
{
"title": "活动正式开启美团SRC邀您加入双11安全保卫战",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493302&idx=1&sn=38e8eb7b46ba68d83932055efcf06386",
"author": "美团技术团队",
"description": "美团SRC活动时间2024.09.19-09.30",
"published": "2024-09-19 10:01:00",
"source": "微信公众号"
}
]

1002
resources/JSON/xianzhi.json
View File

File diff suppressed because it is too large Load Diff

BIN
resources/db/4hou.db
View File

Binary file not shown.

BIN
resources/db/anquanke.db
View File

Binary file not shown.

BIN
resources/db/baidu.db
View File

Binary file not shown.

BIN
resources/db/doonsec.db
View File

Binary file not shown.

BIN
resources/db/freebuf.db
View File

Binary file not shown.

BIN
resources/db/github.db
View File

Binary file not shown.

BIN
resources/db/qianxin.db
View File

Binary file not shown.

BIN
resources/db/seebug.db
View File

Binary file not shown.

BIN
resources/db/sougou-wx.db
View File

Binary file not shown.

BIN
resources/db/uni_rss.db
View File

Binary file not shown.

BIN
resources/db/web.db
View File

Binary file not shown.

BIN
resources/db/xianzhi.db
View File

Binary file not shown.

BIN
resources/imgs/github-token.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 211 KiB

BIN
resources/imgs/result_mobile.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.7 MiB

BIN
spider/__pycache__/baidu.cpython-312.pyc
View File

Binary file not shown.

BIN
spider/__pycache__/common.cpython-312.pyc
View File

Binary file not shown.

BIN
spider/__pycache__/freebuf.cpython-312.pyc
View File

Binary file not shown.

BIN
spider/__pycache__/github.cpython-312.pyc
View File

Binary file not shown.

BIN
spider/__pycache__/sougou_wx.cpython-312.pyc
View File

Binary file not shown.

BIN
spider/__pycache__/uni.cpython-312.pyc
View File

Binary file not shown.

BIN
spider/__pycache__/xianzhi.cpython-312.pyc
View File

Binary file not shown.

150
spider/baidu.py
View File

@ -1,150 +0,0 @@
# -*- coding: utf-8 -*-
import requests
from bs4 import BeautifulSoup
import json
import time
import os
import re
from datetime import datetime, timedelta
from requests.exceptions import RequestException
from loguru import logger
headers = {
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3",
"Accept-Language": "en-US,en;q=0.9",
"Cache-Control": "no-cache",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Sec-Fetch-Dest": "document",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-Site": "same-origin",
"Sec-Fetch-User": "?1",
"Upgrade-Insecure-Requests": "1",
"sec-ch-ua": '"Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"',
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": '"Windows"'
}
def fetch_html(url, timeout=10):
try:
response = requests.get(url, headers=headers, timeout=timeout)
response.raise_for_status()
return response.text
except requests.Timeout:
logger.warning(f"请求 {url} 超时,跳过保存操作。")
except requests.exceptions.RequestException as e:
logger.warning(f"请求 {url} 时发生错误: {e}")
def normalize_pub_date(pub_date):
# 检查是否为日期格式 2024-12-06
if re.match(r'\d{4}-\d{2}-\d{2}', pub_date):
return pub_date
# 检查是否为 '8天前' 格式
days_ago_match = re.match(r'(\d+)天前', pub_date)
if days_ago_match:
days_ago = int(days_ago_match.group(1))
return (datetime.now() - timedelta(days=days_ago)).strftime('%Y-%m-%d')
# 检查是否为 '小时前' 格式
hours_ago_match = re.match(r'(\d+)小时前', pub_date)
if hours_ago_match:
return datetime.now().strftime('%Y-%m-%d')
# 如果都不匹配,返回原始值
return pub_date
def parse_html(html_content):
soup = BeautifulSoup(html_content, 'html.parser')
# 提取所有符合条件的<table>标签
tables = soup.find_all('table', class_='result')
results = []
for table in tables:
# 提取标题和链接
h3_tag = table.find('h3', class_='t')
if h3_tag:
a_tag = h3_tag.find('a')
title = a_tag.get_text(strip=True) if a_tag else "No title found"
link = a_tag['href'] if a_tag else "No link found"
else:
title = "No title found"
link = "No link found"
# 提取摘要
td_element = table.find('td', class_='f')
# 从td中进一步查找div.realtime之后的所有文本
realtime_div = td_element.find('div', class_='realtime')
if realtime_div:
text_parts = []
for sibling in realtime_div.next_siblings:
if sibling.name == 'font':
break
if isinstance(sibling, str) and sibling.strip():
text_parts.append(sibling.strip())
elif sibling.name and sibling.get_text(strip=True):
text_parts.append(sibling.get_text(strip=True))
# 将所有文本片段合并成一个字符串,并整理格式
cleaned_text = ' '.join(text_parts)
# 提取发布者
publisher_tag = table.find('a', class_='m')
publisher = publisher_tag.get_text(strip=True) if publisher_tag else "百度快照"
# 提取时间戳
time_tag = table.find('div', class_='realtime')
pub_date = time_tag.get_text(strip=True) if time_tag else "No timestamp found"
pub_date = normalize_pub_date(pub_date)
results.append({
"title": title,
"link": link,
"description": cleaned_text,
"author": publisher,
"pubDate": pub_date
})
return results
def baidu_main(keywords):
all_results = {} # 用于存储所有关键词的结果
for keyword in keywords:
url = f"https://www.baidu.com/s?tn=baidurt&cl=3&rn=20&ie=utf-8&rsv_bp=1&wd={keyword}"
# print(url)
html_content = fetch_html(url)
# 将解析后的数据保存到 JSON 文件
with open('./test.html', 'w', encoding='utf-8') as f:
f.write(html_content)
# print(html_content)
if html_content is None:
logger.warning(f"无法获取百度搜索内容,跳过保存操作。关键词: {keyword}")
continue
results = parse_html(html_content)
# 移除非法代理对
logger.info(f"关键词【{keyword}】的百度搜索内容保存成功。")
all_results[keyword] = results # 将结果存储在字典中,以关键词为键
time.sleep(5)
# 将所有结果转换为JSON格式
json_results = json.dumps(all_results, ensure_ascii=False, indent=4)
# print(json_results)
# 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/baidu.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件
with open('./resources/JSON/baidu.json', 'w', encoding='utf-8') as f:
f.write(json_results)
if __name__ == "__main__":
keywords = ["齐鲁银行"]
baidu_main(keywords)

197
spider/freebuf.py
View File

@ -1,197 +0,0 @@
# # -*- coding: utf-8 -*-
# import os
# import requests
# import xml.etree.ElementTree as ET
# import json
# from requests.exceptions import RequestException
# from loguru import logger
# # 测试用爬虫请求头
# headers = {
# "Content-Type": "application/json",
# "Cache-Control": "no-cache",
# "Upgrade-Insecure-Requests": "1",
# "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36",
# "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
# "Sec-Fetch-Site": "same-origin",
# "Sec-Fetch-Mode": "navigate",
# "Sec-Fetch-User": "?1",
# "Sec-Fetch-Dest": "document",
# "Accept-Language": "zh-CN,zh;q=0.9"
# }
# def fetch_rss(url, headers, timeout=20):
# try:
# response = requests.get(url, headers=headers, timeout=timeout)
# response.raise_for_status() # 检查请求是否成功
# return response.content
# except requests.Timeout:
# logger.warning(f"请求 {url} 超时,跳过保存操作。")
# return None
# except RequestException as e:
# logger.warning(f"请求 {url} 时发生错误: {e}")
# return None # 返回None表示请求失败
# def parse_rss(rss_content):
# items = []
# root = ET.fromstring(rss_content)
# for item in root.findall('.//item'):
# item_dict = {}
# for child in item:
# tag = child.tag
# # 将一标签替换名称方便处理
# if tag.startswith('{http://purl.org/rss/1.0/modules/content/}'):
# tag = 'body'
# item_dict[tag] = child.text
# items.append(item_dict)
# return items
# def save_to_json(data, filename):
# with open(filename, 'w', encoding='utf-8') as f:
# json.dump(data, f, ensure_ascii=False, indent=4)
# def freebuf_main():
# url = "https://www.freebuf.com/feed"
# rss_content = fetch_rss(url, headers)
# if rss_content is None:
# logger.warning("无法获取Freebuf RSS内容跳过保存操作。")
# return
# try:
# items = parse_rss(rss_content)
# # 确保目录存在
# os.makedirs(os.path.dirname('./resources/JSON/freebuf.json'), exist_ok=True)
# # 将解析后的数据保存到 JSON 文件
# save_to_json(items, './resources/JSON/freebuf.json')
# logger.info("数据已保存到 ./resources/JSON/freebuf.json")
# except Exception as e:
# logger.warning(f"解析或保存Freebuf RSS内容时发生错误: {e}")
# if __name__ == '__main__':
# freebuf_main()
# -*- coding: utf-8 -*-
import os
import subprocess
import xml.etree.ElementTree as ET
import json
from loguru import logger
def fetch_rss_curl(url, timeout=30):
"""使用 curl 直接 GET 请求获取 RSS 内容"""
try:
# 最简单的 curl GET 请求
cmd = [
'curl',
'-s', # 静默模式
'-L', # 跟随重定向
'--max-time', str(timeout),
url
]
# 执行 curl 命令
result = subprocess.run(
cmd,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
timeout=timeout + 10
)
if result.returncode != 0:
logger.warning(f"curl 命令执行失败: {result.stderr.decode('utf-8', errors='ignore')}")
return None
content = result.stdout
# 检查是否为空
if not content or len(content) < 100:
logger.warning(f"curl 返回的内容过短或为空,长度: {len(content)}")
return None
logger.info(f"成功通过 curl 获取 Freebuf RSS内容长度: {len(content)}")
return content
except FileNotFoundError:
logger.error("系统中未找到 curl 命令,请确保已安装 curl")
return None
except subprocess.TimeoutExpired:
logger.warning(f"curl 命令执行超时({timeout}秒)")
return None
except Exception as e:
logger.warning(f"使用 curl 获取 RSS 时发生错误: {e}")
return None
def parse_rss(rss_content):
"""解析 RSS 内容"""
items = []
if rss_content is None:
return items
try:
# 清理可能的 BOM
if isinstance(rss_content, bytes):
if rss_content.startswith(b'\xef\xbb\xbf'):
rss_content = rss_content[3:]
rss_text = rss_content.decode('utf-8', errors='ignore')
else:
rss_text = rss_content
# 查找第一个 < 字符
first_lt = rss_text.find('<')
if first_lt != -1:
rss_text = rss_text[first_lt:]
root = ET.fromstring(rss_text)
for item in root.findall('.//item'):
item_dict = {}
for child in item:
tag = child.tag
if tag.startswith('{http://purl.org/rss/1.0/modules/content/}'):
tag = 'body'
item_dict[tag] = child.text
items.append(item_dict)
except ET.ParseError as e:
logger.warning(f"XML 解析错误: {e}")
except Exception as e:
logger.warning(f"解析 RSS 时发生错误: {e}")
return items
def save_to_json(data, filename):
with open(filename, 'w', encoding='utf-8') as f:
json.dump(data, f, ensure_ascii=False, indent=4)
def freebuf_main():
url = "https://www.freebuf.com/feed"
logger.info("开始获取 Freebuf RSS 内容...")
rss_content = fetch_rss_curl(url)
if rss_content is None:
logger.warning("无法获取Freebuf RSS内容跳过保存操作。")
return
try:
items = parse_rss(rss_content)
if not items:
logger.warning("解析后的 Freebuf RSS 数据为空。")
return
os.makedirs(os.path.dirname('./resources/JSON/freebuf.json'), exist_ok=True)
save_to_json(items, './resources/JSON/freebuf.json')
logger.info(f"数据已保存到 ./resources/JSON/freebuf.json{len(items)} 条记录。")
except Exception as e:
logger.warning(f"解析或保存Freebuf RSS内容时发生错误: {e}")
if __name__ == '__main__':
freebuf_main()

246
spider/github.py
View File

@ -1,246 +0,0 @@
# -*- coding: utf-8 -*-
import time
import yaml
import requests
import json
import datetime
from requests.exceptions import RequestException
import xml.etree.ElementTree as ET
from loguru import logger
MAX_DESCRIPTION_LENGTH = 300
with open('./config/github_config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file)
token = config['github_token']
def load_github_config():
with open('./config/github_config.yaml', 'r', encoding="utf-8") as file:
config = yaml.safe_load(file)
tool_list = config['tool_list']
keyword_list = config['keyword_list']
user_list = config['user_list']
black_words = config['black_words']
return keyword_list, tool_list, user_list, black_words
def fetch_rss(url, timeout=10):
if token is None:
headers = {
"Content-Type": "application/json"
}
else:
headers = {
'Authorization': f"token {token}",
"Content-Type": "application/json"
}
try:
response = requests.get(url, headers=headers, timeout=timeout)
response.raise_for_status()
return response.json()
except requests.Timeout:
logger.warning(f"请求 {url} 超时,跳过保存操作。")
return None
except requests.exceptions.RequestException as e:
logger.warning(f"请求 {url} 时发生错误: {e}")
return None
def save_to_json(data, filename):
with open(filename, 'w', encoding='utf-8') as f:
json.dump(data, f, ensure_ascii=False, indent=4)
def github_main_keyword(key, black_words):
all_results = [] # 用于存储所有结果
for keyword in key:
logger.info(f"github_keyword:关键词【{keyword}】获取开始。")
api_node = "https://api.github.com/search/repositories?q={}&sort=updated&per_page=20".format(keyword)
result = fetch_rss(api_node)
if result == None:
time.sleep(3)
continue
n = len(result['items'])
for i in range(0, n):
description = result['items'][i]['description']
if description is None:
pass
# 检查描述中是否包含黑名单词汇
elif any(word in description for word in black_words):
continue # 跳过本次执行
# 截断描述并在300字节处添加...
elif len(description.encode('utf-8')) > MAX_DESCRIPTION_LENGTH:
# 找到300字节处的索引
byte_index = 0
char_index = 0
while byte_index < MAX_DESCRIPTION_LENGTH and char_index < len(description):
byte_index += len(description[char_index].encode('utf-8'))
char_index += 1
description = description[:char_index - 1] + '...'
link = result['items'][i]['html_url']
name = result['items'][i]['name']
created_at = result['items'][i]['created_at']
author = result['items'][i]['owner']['login']
language = result['items'][i]['language']
# 将每个项目的详细信息存储在一个字典中
project_info = {
'link': link,
'name': name,
'created_at': created_at,
'description': description,
'author': author,
'language': language,
'keyword': keyword
}
# print(project_info)
all_results.append(project_info)
time.sleep(3)
# 将所有结果写入JSON文件
save_to_json(all_results, './resources/JSON/github_keyword.json')
def github_main_repo(key):
all_results = [] # 用于存储所有结果
for keyword in key:
logger.info(f"github_repo:项目【{keyword}】更新情况获取开始。")
api_node = "https://api.github.com/repos/{}/commits?per_page=1".format(keyword)
result = fetch_rss(api_node)
if result == None:
time.sleep(3)
continue
commit = result[0] # 获取最新的提交记录
description = commit['commit']['message']
if description is None:
pass
# 截断描述并在300字节处添加...
elif len(description.encode('utf-8')) > MAX_DESCRIPTION_LENGTH:
byte_index = 0
char_index = 0
while byte_index < MAX_DESCRIPTION_LENGTH and char_index < len(description):
byte_index += len(description[char_index].encode('utf-8'))
char_index += 1
description = description[:char_index - 1] + '...'
author = commit['commit']['author']['name']
updated_at = commit['commit']['author']['date']
link_2 = commit['html_url']
# 将每个项目的详细信息存储在一个字典中
project_info = {
'link': f"https://api.github.com/{keyword}",
'name': keyword,
'updated_at': updated_at,
'description': description,
'author': author,
'link_2': link_2,
'keyword': keyword
}
# print(project_info)
all_results.append(project_info)
time.sleep(3)
# 将所有结果写入JSON文件
save_to_json(all_results, './resources/JSON/github_repo.json')
def github_main_release(key):
all_results = [] # 用于存储所有结果
for keyword in key:
logger.info(f"github_repo:项目【{keyword}】发版情况获取开始。")
api_node = "https://api.github.com/repos/{}/releases?per_page=1".format(keyword)
result = fetch_rss(api_node)
if result == None:
time.sleep(3)
continue
if not result:
logger.warning(f"github_repo:项目【{keyword}】不存在版本发布情况。")
time.sleep(3)
continue
# print(result)
# print(keyword)
commit = result[0] # 获取最新的提交记录
author = commit['author']['login']
published_at = commit['published_at']
link = commit['html_url']
# 将每个项目的详细信息存储在一个字典中
project_info = {
'link': link,
'published_at': published_at,
'author': author,
'keyword': keyword
}
# print(project_info)
all_results.append(project_info)
time.sleep(3)
# 将所有结果写入JSON文件
save_to_json(all_results, './resources/JSON/github_release.json')
def github_main_user(key, black_words):
all_results = [] # 用于存储所有结果
for keyword in key:
logger.info(f"github_user:作者【{keyword}】更新情况获取开始。")
api_node = "https://api.github.com/users/{}/repos?sort=created&per_page=10".format(keyword)
result = fetch_rss(api_node)
if result == None:
time.sleep(3)
continue
for i in range(0, len(result)):
description = result[i]['description']
if description is None:
pass
# 检查描述中是否包含黑名单词汇
elif any(word in description for word in black_words):
continue # 跳过本次执行
# 截断描述并在300字节处添加...
elif len(description.encode('utf-8')) > MAX_DESCRIPTION_LENGTH:
# 找到300字节处的索引
byte_index = 0
char_index = 0
while byte_index < MAX_DESCRIPTION_LENGTH and char_index < len(description):
byte_index += len(description[char_index].encode('utf-8'))
char_index += 1
description = description[:char_index - 1] + '...'
link = result[i]['html_url']
name = result[i]['name']
created_at = result[i]['created_at']
author = result[i]['owner']['login']
language = result[i]['language']
# 将每个项目的详细信息存储在一个字典中
project_info = {
'link': link,
'name': name,
'created_at': created_at,
'description': description,
'author': author,
'language': language,
'keyword': keyword
}
# print(project_info)
all_results.append(project_info)
time.sleep(3)
# 将所有结果写入JSON文件
save_to_json(all_results, './resources/JSON/github_user.json')
def github_main(keyword_list, tool_list, user_list, black_words):
if keyword_list:
github_main_keyword(keyword_list, black_words)
if tool_list:
github_main_repo(tool_list)
github_main_release(tool_list)
if user_list:
github_main_user(user_list, black_words)
if __name__ == "__main__":
keyword_list, tool_list, user_list, black_words = load_github_config()
github_main(keyword_list, tool_list, user_list, black_words)

113
spider/sougou_wx.py
View File

@ -1,113 +0,0 @@
import requests
from bs4 import BeautifulSoup
import json
import time
import os
import datetime
from requests.exceptions import RequestException
from loguru import logger
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language": "zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2",
"Accept-Encoding": "gzip, deflate, br",
"Te": "trailers",
"Connection": "keep-alive"
}
def fetch_html(url, headers=headers, timeout=10):
try:
response = requests.get(url, headers=headers, timeout=timeout)
response.raise_for_status()
return response.text
except requests.Timeout:
logger.warning(f"请求 {url} 超时,跳过保存操作。")
except requests.exceptions.RequestException as e:
logger.warning(f"请求 {url} 时发生错误: {e}")
def parse_html(html_content):
soup = BeautifulSoup(html_content, 'html.parser')
# 提取所有符合条件的<li>标签
items = soup.find_all('li', id=lambda x: x and x.startswith('sogou_vr_11002601_box_'))
results = []
for item in items:
# 提取标题和链接
title_tag = item.find('h3')
if title_tag:
a_tag = title_tag.find('a')
title = title_tag.get_text(strip=True) if title_tag else "No title found"
link = a_tag['href'] if a_tag else "No link found"
if link and not link.startswith('http'):
link = "https://weixin.sogou.com" + link
else:
title = "No title found"
link = "No link found"
# 提取摘要
summary_tag = item.find('p', class_='txt-info')
summary = summary_tag.get_text(strip=True) if summary_tag else "No summary found"
# 提取发布者
publisher_tag = item.find('span', class_='all-time-y2')
publisher = publisher_tag.get_text(strip=True) if publisher_tag else "No publisher found"
# 提取时间戳并转换为标准时间格式
timestamp_script = item.find('script', string=lambda text: 'document.write(timeConvert' in text)
if timestamp_script:
timestamp_str = timestamp_script.string.split("'")[1]
timestamp = int(timestamp_str)
standard_time = datetime.datetime.fromtimestamp(timestamp).strftime('%Y-%m-%d %H:%M:%S')
else:
standard_time = "No timestamp found"
results.append({
"title": title,
"link": link,
"description": summary,
"author": publisher,
"pubDate": standard_time
})
return results
def remove_surrogates(text):
"""移除非法代理对"""
return text.encode('utf-8', 'ignore').decode('utf-8')
def sougou_wx_main(keywords):
all_results = {} # 用于存储所有关键词的结果
for keyword in keywords:
url = f"https://weixin.sogou.com/weixin?type=2&s_from=input&ie=utf8&query={keyword}"
html_content = fetch_html(url)
# print(html_content)
if html_content is None:
logger.warning(f"无法获取微信公众号-Sogou搜索内容跳过保存操作。关键词: {keyword}")
continue
results = parse_html(html_content)
# 移除非法代理对
cleaned_results = [{k: remove_surrogates(v) for k, v in item.items()} for item in results]
logger.info(f"关键词【{keyword}】的微信公众号-Sogou搜索内容保存成功。")
all_results[keyword] = cleaned_results # 将结果存储在字典中,以关键词为键
time.sleep(5)
# 将所有结果转换为JSON格式
json_results = json.dumps(all_results, ensure_ascii=False, indent=4)
# print(json_results)
# 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/sougou-wx.json'), exist_ok=True)
# 将解析后的数据保存到 JSON 文件
with open('./resources/JSON/sougou-wx.json', 'w', encoding='utf-8') as f:
f.write(json_results)
if __name__ == "__main__":
keywords = ["齐鲁银行", "APP逆向", "渗透测试"]
sougou_wx_main(keywords)

Some files were not shown because too many files have changed in this diff Show More