[
    {
        "guid": "https://forum.butian.net/share/4089",
        "title": "【2024补天白帽黑客年度盛典】Windows服务进程漏洞挖掘",
        "description": "演讲议题：Windows服务进程漏洞挖掘",
        "source": "subject",
        "pubDate": "2024-12-25 17:39:57"
    },
    {
        "guid": "https://forum.butian.net/share/4088",
        "title": "【2024补天白帽黑客年度盛典】大模型越狱攻击与评测",
        "description": "演讲议题：大模型越狱攻击与评测",
        "source": "subject",
        "pubDate": "2024-12-25 17:33:43"
    },
    {
        "guid": "https://forum.butian.net/share/4087",
        "title": "【2024补天白帽黑客年度盛典】当今勒索病毒的攻与防",
        "description": "演讲议题：当今勒索病毒的攻与防",
        "source": "subject",
        "pubDate": "2024-12-25 17:26:49"
    },
    {
        "guid": "https://forum.butian.net/share/4000",
        "title": ".Net Remoting 系列三：Veeam Backup RCE (CVE-2024-40711)",
        "description": "本次带来一个相对完整的分析案例",
        "source": "subject",
        "pubDate": "2024-12-25 10:42:01"
    },
    {
        "guid": "https://forum.butian.net/share/3942",
        "title": "AsyncRAT基于RAM运行的轻量级远程访问木马分析",
        "description": "样本\n这是一个轻量且隐蔽性高的远程访问木马，从github上开源下载的。经过编译后得到，所以没有加载程序。它可以完全运行在RAM中，避免被检测。\n内存转储\n该项目是用VB .NET开发的，占用44 KB的...",
        "source": "subject",
        "pubDate": "2024-12-25 10:00:03"
    },
    {
        "guid": "https://forum.butian.net/share/3998",
        "title": ".Net Remoting 系列二：Solarwinds ARM 漏洞分析",
        "description": "本篇主要是以Solarwinds Arm产品介绍自定义ServerChanel的场景，漏洞分析利用是其次，事实上是去年挖的没有详细记录，后续写的，勿怪哈哈哈",
        "source": "subject",
        "pubDate": "2024-12-24 10:11:30"
    },
    {
        "guid": "https://forum.butian.net/share/3989",
        "title": ".Net Remoting 系列一",
        "description": "前言：笔者在代码审计时碰到许多以.Net Remoting技术开发的应用如SolarWinds、VeeamBackup、Ivanti等产品，尽管随着 WCF 和 gRPC 等更现代化技术的兴起，.NET Remoting 已逐渐淡出主流，但是依然有其研究的价值，本次主要以TcpChannel为主分析其工作原理、应用场景，后续会通过两个漏洞介绍.Net Remoting在不同场景下的利用姿势和挖掘思路",
        "source": "subject",
        "pubDate": "2024-12-24 10:11:20"
    },
    {
        "guid": "https://forum.butian.net/share/3940",
        "title": "样本分析：CyberVolk勒索软件浅析",
        "description": "样本\n该样本是CyberVolk黑客组织使用的，该组织是一个印度网络犯罪组织，成立于2024 年 3 月 28 日，最初名为 GLORIAMIST India，后来更名为 Cybervolk。\n该勒索样本原本同大多数勒索软件一样，...",
        "source": "subject",
        "pubDate": "2024-12-23 10:00:02"
    },
    {
        "guid": "https://forum.butian.net/share/3949",
        "title": "关于加强防范钓鱼邮件的通知",
        "description": "一封以“关于加强防范钓鱼邮件的通知”为主题的邮件引起的故事",
        "source": "subject",
        "pubDate": "2024-12-23 09:39:07"
    },
    {
        "guid": "https://forum.butian.net/share/3922",
        "title": "go-pwn中的protobuf",
        "description": "本文总结了go pwn中有关protobuf的相关内容，一种要手动分析，另一种可以通过pbtk工具提取，并分析了两个经典题目",
        "source": "subject",
        "pubDate": "2024-12-20 10:06:26"
    }
]