[ { "title": "Burpsuite存储桶配置不当漏洞检测插件", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486968&idx=1&sn=7ee147a6efd7c1a074d8acd00e67fe4a", "description": null, "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-10T07:55:46" }, { "title": "渗透测试 | 记一次信息泄露到学工系统", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486968&idx=2&sn=826a2c400bb764439e925e53dfb1de78", "description": null, "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-10T07:55:46" }, { "title": "敏感数据加密后如何实现模糊查询", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486968&idx=3&sn=147db9c25c1dbc344f5d45396e2f33ee", "description": "敏感数据加密后如何实现模糊查询", "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-10T07:55:46" }, { "title": "CVE-2018-15664:Dockerxa0CP任意读写主机文件", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493826&idx=2&sn=2f70d68dfd020f5c120e5f7d596b9b81", "description": "影响范围Docker 17.06.0-ce～17.12.1-ce:rc2Docker 18.01.0-ce～", "author": "七芒星实验室", "category": "七芒星实验室", "pubDate": "2024-12-10T07:01:23" }, { "title": "Mandiant开发了一种使用QR码绕过浏览器隔离的技术", "link": "https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247492912&idx=1&sn=1f965af8ed996b0c53edad9d397b7021", "description": null, "author": "黑猫安全", "category": "黑猫安全", "pubDate": "2024-12-10T07:00:58" }, { "title": "CVE-2024-48307｜JeecgBoot SQL 注入漏洞（POC）", "link": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491216&idx=1&sn=390db568593214c3e21c608f9aac4946", "description": null, "author": "实战安全研究", "category": "实战安全研究", "pubDate": "2024-12-10T00:18:25" }, { "title": "浅谈xss2rce的一些实现", "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517604&idx=1&sn=a61345317ad41dece28e93038482f6f6", "description": null, "author": "船山信安", "category": "船山信安", "pubDate": "2024-12-10T00:01:18" }, { "title": "【免杀】过360核晶、火绒运行mimikatz、上线CS的万能加载器XlAnyLoader v1.1正式发布！", "link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491680&idx=1&sn=5fac3da92a08ffecc0a205595f236328", "description": "过360核晶、火绒、微软、卡巴斯基（静态）\\\\x0d\\\\x0axlanyloader万能加载器", "author": "星落安全团队", "category": "星落安全团队", "pubDate": "2024-12-10T00:00:14" }, { "title": "如何寻找隐藏的参数", "link": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496545&idx=1&sn=f5fa3d991b8bce754f69af9bce39e422", "description": null, "author": "迪哥讲事", "category": "迪哥讲事", "pubDate": "2024-12-09T23:41:24" }, { "title": "渗透测试人员的 Burp Suite：HackBar", "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485872&idx=1&sn=2603f14c6fdd1c0d01adb361b18ffc13", "description": "每次针对特定漏洞手动插入新的有效载荷并检查其响应，这不是有点耗时且无聊的任务吗？", "author": "三沐数安", "category": "三沐数安", "pubDate": "2024-12-09T23:19:45" }, { "title": "【漏洞预警】SoftLab Integrate Google Drive身份认证绕过漏洞(CVE-2023-32117)", "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489283&idx=1&sn=29b9004e3fdc168434fc378d44504590", "description": null, "author": "飓风网络安全", "category": "飓风网络安全", "pubDate": "2024-12-09T23:16:04" }, { "title": "【漏洞情报】海信智能公交企业管理系统AdjustWorkHours.aspx SQL注入漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489283&idx=2&sn=5c93a143e811b95e8b77abdcb97f6599", "description": null, "author": "飓风网络安全", "category": "飓风网络安全", "pubDate": "2024-12-09T23:16:04" }, { "title": "Zabbix SQL 注入漏洞（CVE-2024-42327）", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NzM4NzI1MA==&mid=2247486212&idx=1&sn=a25394ea5d523773aa1771aebc8872fc", "description": null, "author": "天启实验室", "category": "天启实验室", "pubDate": "2024-12-09T20:52:21" }, { "title": "SRC挖掘-验证码攻防问题总结分享", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247518596&idx=1&sn=b8f5c4c7744bd9a24cbfd7b6dc8362d9", "description": null, "author": "亿人安全", "category": "亿人安全", "pubDate": "2024-12-09T19:31:15" }, { "title": "最强大的Android间谍软件曝光，可提取信息、密码和执行shell命令", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NzE4ODk1Mw==&mid=2652094241&idx=2&sn=ffebda2bff5fc391363ae248eb8be9d4", "description": null, "author": "网安百色", "category": "网安百色", "pubDate": "2024-12-09T19:30:23" }, { "title": "SQL注入学习记录", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NzM4OTQ5NQ==&mid=2247484954&idx=1&sn=362865deeff0f3a6b60f8406f9b71269", "description": null, "author": "小杨学安全", "category": "小杨学安全", "pubDate": "2024-12-09T19:28:19" }, { "title": "安全卫士 | 魔方安全漏洞周报", "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzA5NDc0MA==&mid=2649291910&idx=1&sn=cce3441e3c4e73b5d7381cac3619dd88", "description": "成事在微，筑防于先。魔方安全提醒您:注意企业网络空间资产安全!", "author": "魔方安全", "category": "魔方安全", "pubDate": "2024-12-09T18:31:10" }, { "title": "钓鱼网页散播银狐木马，远控后门威胁终端安全", "link": "https://mp.weixin.qq.com/s?__biz=Mzg3NzIxMDYxMw==&mid=2247504176&idx=1&sn=27f99ecb6ba3c497677bde65758089d4", "description": null, "author": "听风安全", "category": "听风安全", "pubDate": "2024-12-09T18:24:17" }, { "title": "APT-C-08（蔓灵花）组织新型攻击组件分析报告", "link": "https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505075&idx=1&sn=e77800fcd72fe1d342a5c9e4d15de2f4", "description": "360安全大脑监测到多起蔓灵花组织通过投递内部携带有chm恶意文档的压缩包附件的钓鱼邮件，诱导用户打开其中的chm文档，利用计划任务周期性回传受影响用户的机器名及用户名并同时下发后续攻击组件", "author": "360威胁情报中心", "category": "360威胁情报中心", "pubDate": "2024-12-09T17:54:21" }, { "title": "u200b潜藏在签名安装文件中的Koi Loader恶意软件", "link": "https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513306&idx=1&sn=c196ec679f20bce97cec72e3aeae12f7", "description": "近日，我们使用奇安信情报沙箱分析可疑Inno Setup安装文件，该文件带有数字签名，沙箱结果显示样本启动后运行powershell代码，从远程服务器下载JS脚本并执行，JS脚本进一步调用powershell代码从同一个服务器下载其他载荷。", "author": "奇安信威胁情报中心", "category": "奇安信威胁情报中心", "pubDate": "2024-12-09T17:43:03" }, { "title": "Windows进程", "link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247488931&idx=1&sn=b2ac667cb4bfa2ba329272b917c33369", "description": null, "author": "Relay学安全", "category": "Relay学安全", "pubDate": "2024-12-09T17:40:35" }, { "title": "\\\"多引擎\\\"的资产识别、信息收集 | 干货", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519358&idx=2&sn=053fe593848492102cf308e4ce93de7f", "description": null, "author": "渗透安全团队", "category": "渗透安全团队", "pubDate": "2024-12-09T17:08:43" }, { "title": "【 CVE-2024-38193 】Windows 0day漏洞已在野利用，PoC已发布", "link": "https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260229&idx=1&sn=f6a11bf294dc8f32a86b9a5cafa66554", "description": null, "author": "骨哥说事", "category": "骨哥说事", "pubDate": "2024-12-09T16:48:48" }, { "title": "基于安全产品DNS隧道流量分析", "link": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247487855&idx=1&sn=ab33b11b9d2ec3860605cd33256b0f4b", "description": "选择哪家的云都没问题，这里我选择的是TX云。", "author": "蚁景网安", "category": "蚁景网安", "pubDate": "2024-12-09T16:30:38" }, { "title": "哥斯拉源码解读+如何绕过waf检测", "link": "https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247493811&idx=1&sn=db12565d91e55498d134dcb943e35185", "description": null, "author": "龙哥网络安全", "category": "龙哥网络安全", "pubDate": "2024-12-09T15:51:00" }, { "title": "src|组合拳进入后台，拿下高危！", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484180&idx=1&sn=9bab0ede32aa0055770498bc9cd20a42", "description": "src高危漏洞", "author": "simple学安全", "category": "simple学安全", "pubDate": "2024-12-09T15:48:25" }, { "title": "Windows 零日漏洞 CVE-2024-38193 在野外被利用：PoC 发布", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525485&idx=1&sn=a5aeff09df0da8ba8baa5a35ae43b833", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-09T15:44:07" }, { "title": "EarlyBird 技术：一种先进的恶意软件规避策略", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525485&idx=2&sn=f773a4d627cc7872c87f1808d64a1c57", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-09T15:44:07" }, { "title": "通过 NTLM 强制进行层次结构接管并中继到远程站点数据库上的 MSSQL", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525485&idx=3&sn=57070a075945c22af097a8ce86269e93", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-09T15:44:07" }, { "title": "【web安全】云密钥泄露排查与利用思路", "link": "https://mp.weixin.qq.com/s?__biz=MzkzMzYzNzIzNQ==&mid=2247485459&idx=1&sn=fab08a0a3edea2775ca41953da798df6", "description": "随着云技术逐步发展，云资源被运用在各个领域，aksk泄露的风险也逐渐得到越来越多的关注。本文提供对本地文件、日常浏览器访问js文件、安全测试期间抓包数据进行aksk泄露排查的简要方案，以及对aksk泄露文件、权限的排查思路。", "author": "安全驾驶舱", "category": "安全驾驶舱", "pubDate": "2024-12-09T15:24:15" }, { "title": "太棒辣 | 感谢大哥带我学习关于验证码逻辑漏洞这些事", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247487368&idx=1&sn=e37ec534c44ac5981864d0853b870a29", "description": "犀利猪安全，带你上高速~", "author": "犀利猪安全", "category": "犀利猪安全", "pubDate": "2024-12-09T15:14:22" }, { "title": "Mitre_Att&ck框架T1518(软件发现）的简单实现", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484947&idx=1&sn=4c4d13bc392c72bb9d35a2e8103d4a31", "description": null, "author": "新蜂网络安全实验室", "category": "新蜂网络安全实验室", "pubDate": "2024-12-09T14:50:31" }, { "title": "使用云访问凭证蜜标及时发现入侵行为", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTM5MDUxMA==&mid=2247501033&idx=1&sn=225f59063df401594c298e53353c8ab6", "description": "云厂商自身具备一定的入侵行为检测能力，但依然存在检测规则被绕过、低危操作不触发告警的可能。那么作为云的使用者，在面对攻击者的入侵行为时，我们能做点什么呢？", "author": "国际云安全联盟CSA", "category": "国际云安全联盟CSA", "pubDate": "2024-12-09T14:47:53" }, { "title": "有PoC，Windows 0day漏洞CVE-2024-38193在野外被利用", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492986&idx=1&sn=09e54f7bf277f6cbca0f1c957c7e12cd", "description": null, "author": "独眼情报", "category": "独眼情报", "pubDate": "2024-12-09T14:02:03" }, { "title": "【新手法】QR 码绕过浏览器隔离，实现恶意 C2 通信", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492986&idx=2&sn=2f68e8cdfddb9cf61b36ab3bb32c62e7", "description": null, "author": "独眼情报", "category": "独眼情报", "pubDate": "2024-12-09T14:02:03" }, { "title": "【值得一看】财富 100 强公司中 40% 的 waf存在错误配置，导致易被绕过", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492986&idx=4&sn=6e677b7538a25ed316c371425b33a43f", "description": null, "author": "独眼情报", "category": "独眼情报", "pubDate": "2024-12-09T14:02:03" }, { "title": "黑客利用 ProjectSend 漏洞对暴露的服务器进行后门处理", "link": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580114&idx=1&sn=fa181017da36db2d6d5598cb97f6ec10", "description": "尽管该漏洞已于 2023 年 5 月 16 日得到修复，但直到近期才为其分配了 CVE，导致用户没有意识到其严重性以及应用安全更新的紧迫性。", "author": "嘶吼专业版", "category": "嘶吼专业版", "pubDate": "2024-12-09T14:00:32" }, { "title": "[含POC]CyberPanel upgrademysqlstatus 远程命令执行漏洞(CVE-2024-51567)", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MDY2NTY5Mw==&mid=2247485555&idx=1&sn=ce73bb7765466995a3745ab23db7e56f", "description": null, "author": "安全光圈", "category": "安全光圈", "pubDate": "2024-12-09T13:44:15" }, { "title": "Cobalt Strike Postex Kit 套件", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485646&idx=1&sn=1090b5ba2f204ef433973a730c3ae7b1", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-09T13:37:14" }, { "title": "干货｜一文搞懂加密流量检测的解决方法和技术细节", "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247132&idx=2&sn=db993f8d0a0734eefc16f2dd7aaa2ba9", "description": null, "author": "e安在线", "category": "e安在线", "pubDate": "2024-12-09T13:13:54" }, { "title": "【免杀】冰蝎免杀 XlByPassBehinder 过360、火绒、微软 v1.2已更新！", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485853&idx=1&sn=d820e9417910db7fd86eaaf2d6aa0631", "description": "XlByPassBehinder v1.2更新！\\\\x0d\\\\x0a经测试过过360、火绒、微软 \\\\x0d\\\\x0a支持自定义webshell连接密码", "author": "威零安全实验室", "category": "威零安全实验室", "pubDate": "2024-12-09T10:35:13" }, { "title": "vulnhub之Matrix-3的实践", "link": "https://mp.weixin.qq.com/s?__biz=MzA3MjM5MDc2Nw==&mid=2650748856&idx=1&sn=669a6d84045d7efd002d8c6f6382d49b", "description": null, "author": "云计算和网络安全技术实践", "category": "云计算和网络安全技术实践", "pubDate": "2024-12-09T10:11:24" }, { "title": "web应急之各中间件日志保存位置", "link": "https://mp.weixin.qq.com/s?__biz=MjM5ODkxMTEzOA==&mid=2247484416&idx=1&sn=434f9fb6580367d1a6a13705e3b7f526", "description": "web应急之各中间件日志保存位置，作者：雁过留痕@深信服MSS专家部", "author": "安服仔的救赎", "category": "安服仔的救赎", "pubDate": "2024-12-09T10:10:28" }, { "title": "某订货系统文件上传漏洞分析", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604707&idx=3&sn=c9de054d4fda0db26998079e2dad84c4", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-09T09:58:21" }, { "title": "接口测试二三事", "link": "https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486308&idx=1&sn=3a7a66d35bf0ebaf1c3e608311c1c41e", "description": null, "author": "扫地僧的茶饭日常", "category": "扫地僧的茶饭日常", "pubDate": "2024-12-09T09:52:52" }, { "title": "动态逃逸杀软的艺术", "link": "https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247489197&idx=1&sn=6e201677c58d82a5f5f4fabf579346bf", "description": "主要聚焦在流量、内存、行为上进行规避，并且组合了间接系统调用、反调试、反沙箱等技术进一步对抗杀软，也为后续综合逃逸EDR/XDR打下良好的基础", "author": "安全洞察知识图谱", "category": "安全洞察知识图谱", "pubDate": "2024-12-09T09:43:42" }, { "title": "【漏洞复现】Palo Alto PAN-OS身份认证绕过CVE-2024-0012及命令执行漏洞CVE-2024-9474", "link": "https://mp.weixin.qq.com/s?__biz=MzkyMjcxNzE2MQ==&mid=2247484485&idx=1&sn=0f5b3d6588ad00afd34fe51811a012a4", "description": "【漏洞复现】Palo Alto Networks PAN-OS身份认证绕过CVE-2024-0012及命令执行漏洞CVE-2024-9474", "author": "白帽攻防", "category": "白帽攻防", "pubDate": "2024-12-09T09:34:02" }, { "title": "CVE-2023-6553 WordPress存在的远程命令执行漏洞", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486227&idx=1&sn=a70bbbb6e66a54b7a6765ab23f927f9f", "description": null, "author": "TtTeam", "category": "TtTeam", "pubDate": "2024-12-09T09:33:26" }, { "title": "RedLine信息窃取木马活动通过盗版企业软件瞄准俄罗斯企业", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793421&idx=3&sn=7d7ec00dc894ec04618b450e170fa2de", "description": "信息窃取木马通过盗版软件激活工具威胁俄罗斯企业。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-09T09:00:17" }, { "title": "\\\"多引擎\\\"的资产识别、信息收集", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMDY5OTA3OA==&mid=2247483730&idx=1&sn=1e6684394884bcfdf2a1fee28dc25c19", "description": null, "author": "SecSentry", "category": "SecSentry", "pubDate": "2024-12-09T08:51:52" }, { "title": "Wireshark & Packetdrill | TCP RST 之应用主动 RST 连接", "link": "https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493057&idx=1&sn=136e392cdb02bb2bd94be1b73810f718", "description": null, "author": "Echo Reply", "category": "Echo Reply", "pubDate": "2024-12-09T08:08:11" }, { "title": "安卓APP抓包大全", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509812&idx=1&sn=424628999b821b12940f0fbab27483ee", "description": null, "author": "李白你好", "category": "李白你好", "pubDate": "2024-12-09T08:03:07" }, { "title": "HTTPS也能明文抓包", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247509640&idx=1&sn=f34051af5a0f4bb89e3eb6a6b98d2b05", "description": null, "author": "kali笔记", "category": "kali笔记", "pubDate": "2024-12-09T08:01:28" }, { "title": "超级详细 - PHP webshell 免杀步骤、姿势总结", "link": "https://mp.weixin.qq.com/s?__biz=MzkzMDQ5MDM3NA==&mid=2247487271&idx=1&sn=74bff3a1cd79d6676389f202dc5ad838", "description": null, "author": "SecretTeam安全团队", "category": "SecretTeam安全团队", "pubDate": "2024-12-09T08:00:53" }, { "title": "漏洞预警 | Apache Arrow R package反序列化漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491681&idx=2&sn=6e023ccd4d0d3fa65654c5c2d88ff938", "description": "Apache Arrow R包存在反序列化漏洞，攻击者可通过构造恶意的Arrow IPC、Feather或Parquet文件，在元数据中嵌入恶意对象，当应用程序加载这些文件时，可能触发反序列化漏洞，从而导致任意代码执行。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-09T08:00:27" }, { "title": "坑人的恶意域名解析", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486959&idx=1&sn=6d26ed5344fe905df5145d3826bd73d8", "description": null, "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-09T07:55:30" }, { "title": "等保命令||人大金仓数据库等保测评相关命令收藏这篇你就够用了", "link": "https://mp.weixin.qq.com/s?__biz=MzIwNDYzNTYxNQ==&mid=2247502367&idx=1&sn=b042fcf974dff8819fba4cf0b509daa0", "description": null, "author": "网络安全与等保测评", "category": "网络安全与等保测评", "pubDate": "2024-12-09T07:47:04" }, { "title": "【OSCP】 Kioptrix 提权靶机（1-5）全系列教程，Try Harder！绝对干货！", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2Nzk0NjA4Mg==&mid=2247496963&idx=1&sn=646e34d7b03cef9741616ea8d7e20968", "description": null, "author": "泷羽Sec", "category": "泷羽Sec", "pubDate": "2024-12-09T07:44:19" }, { "title": "JAVA安全之Groovy命令注入刨析", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493820&idx=2&sn=9ec5b54dd922368d1f30e2a9d62eaaaa", "description": null, "author": "七芒星实验室", "category": "七芒星实验室", "pubDate": "2024-12-09T07:01:05" }, { "title": "关于内网代理、vm、frp、proxifier全局流量转发等问题", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzY5NDUyMQ==&mid=2247484915&idx=1&sn=0da135b7e90aa90e6681a61c423ec648", "description": null, "author": "flowers-boy", "category": "flowers-boy", "pubDate": "2024-12-09T01:27:03" }, { "title": "关于内网代理、横向移动技巧", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzY5NDUyMQ==&mid=2247484890&idx=1&sn=9ca4a681145e7f8abcbdc2345c342eb8", "description": null, "author": "flowers-boy", "category": "flowers-boy", "pubDate": "2024-12-09T01:17:44" }, { "title": "关于内网代理、横向移动技巧", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzY5NDUyMQ==&mid=2247484871&idx=1&sn=089ce3d21145f24a457defdeb38ba1c2", "description": null, "author": "flowers-boy", "category": "flowers-boy", "pubDate": "2024-12-09T00:39:17" }, { "title": "高版本Fastjson反序列化Xtring新链和EventListenerList绕过", "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517584&idx=1&sn=26963081ad3fb9b4c7daaf1a6ebb1da3", "description": null, "author": "船山信安", "category": "船山信安", "pubDate": "2024-12-09T00:00:37" }, { "title": "免杀|先锋马免杀分享", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247517520&idx=1&sn=b2ba85beb3cd31cad51d5e6ac33969ba", "description": null, "author": "Z2O安全攻防", "category": "Z2O安全攻防", "pubDate": "2024-12-08T22:35:57" }, { "title": "网络工程师必知：5种常见的防火墙类型", "link": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649463458&idx=1&sn=03f5dc1be57f136c227974046cc727e1", "description": "学网络，尽在网络技术联盟站！", "author": "网络技术联盟站", "category": "网络技术联盟站", "pubDate": "2024-12-08T20:01:42" }, { "title": "HTB_Vintage（思路）", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMjYyMjA3Mg==&mid=2247485349&idx=1&sn=a329b52351dc5b9a272eb4450c1df369", "description": "HTB_Vintage（思路）+ windows(hard)+pre2k+krb5票据(getTGT)+bloodyAD+asreproast+dpapi", "author": "羽泪云小栈", "category": "羽泪云小栈", "pubDate": "2024-12-08T20:00:10" }, { "title": "无文件攻击概览：武器化 PowerShell 和 Microsoft 合法应用程序", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485637&idx=1&sn=e3658e19648848f897893d47b9925dde", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-08T18:49:48" }, { "title": "EDR 规避：利用硬件断点的新技术 – Blindside", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525470&idx=2&sn=8137725aa1e79d840d5907dab8750104", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-08T18:18:17" }, { "title": "PE文件结构：NT头部", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247484858&idx=1&sn=8564c27477338a8d3157b18e82a374a0", "description": null, "author": "风铃Sec", "category": "风铃Sec", "pubDate": "2024-12-08T15:48:48" }, { "title": "RDP连接多开方法与利用思路", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493781&idx=2&sn=91e0f133a4824dcbbc882d716787520a", "description": "文章前言本篇文章我们主要介绍在拿下目标域内主机的情况下，如何多开RDP链接且使得正常登录目标主机的用户不会被", "author": "七芒星实验室", "category": "七芒星实验室", "pubDate": "2024-12-08T15:04:48" }, { "title": "MalleableC2配置详解", "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE3MzAxOA==&mid=2247484871&idx=1&sn=85dc63ec970621ccc35863a08e4aaade", "description": "MalleableC2配置详解，解释了CS profile的配置项，为免杀和隐藏提供思路", "author": "魔影安全实验室", "category": "魔影安全实验室", "pubDate": "2024-12-08T14:26:49" }, { "title": "渗透测试 | 记一次信息泄露到学工系统", "link": "https://mp.weixin.qq.com/s?__biz=Mzg5NTUyNTI5OA==&mid=2247486301&idx=1&sn=2dda1feb65b7d107523e4ea4e929921a", "description": null, "author": "扫地僧的茶饭日常", "category": "扫地僧的茶饭日常", "pubDate": "2024-12-08T14:08:26" }, { "title": "一文看懂安卓JSB风险漏洞挖掘", "link": "https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486237&idx=1&sn=61373f8016157b66e2c28307cdd3de53", "description": null, "author": "暴暴的皮卡丘", "category": "暴暴的皮卡丘", "pubDate": "2024-12-08T13:16:14" }, { "title": "Mitre_Att&ck框架T1056.002(图形界面输入捕获）的简单实现", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484926&idx=1&sn=d38335e66a441a8cd2de7efe528ab730", "description": "Mitre_Att\\\\x26amp;ck框架T1056.002(图形界面输入捕获）的简单实现", "author": "新蜂网络安全实验室", "category": "新蜂网络安全实验室", "pubDate": "2024-12-08T13:00:48" }, { "title": "Go ：恶意软件开发（第二部分）", "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503766&idx=1&sn=99017e10b273bcc56d5e09aa8c760946", "description": "欢迎回来！！现在我们已经启动并运行了 TCP 服务器和客户端，", "author": "安全狗的自我修养", "category": "安全狗的自我修养", "pubDate": "2024-12-08T12:40:41" }, { "title": "【MalDev-08】反虚拟机", "link": "https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247484339&idx=1&sn=3f7607badf404e2423c94c3f7f866e6e", "description": "本章主要通过文件系统检测、硬件检测、基于时间的沙箱逃逸检测、注册表检测等方式进行反虚拟机。", "author": "高级红队专家", "category": "高级红队专家", "pubDate": "2024-12-08T12:06:18" }, { "title": "使用Azure CDN进行子域名接管", "link": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247614596&idx=1&sn=651eb8cf208c293adf46552a30899075", "description": null, "author": "白帽子左一", "category": "白帽子左一", "pubDate": "2024-12-08T12:03:04" }, { "title": "哥斯拉webshell管理工具二次开发规避流量检测设备", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492924&idx=1&sn=6480fbcef03f510d24353a08df6010ef", "description": null, "author": "夜组安全", "category": "夜组安全", "pubDate": "2024-12-08T12:02:41" }, { "title": "渗透测试 | 记一次信息泄露到学工系统", "link": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247545734&idx=1&sn=14b57260a20b172b8f5240f5b120005b", "description": null, "author": "掌控安全EDU", "category": "掌控安全EDU", "pubDate": "2024-12-08T12:02:22" }, { "title": "基于包长语义的隧道内部攻击流量识别", "link": "https://mp.weixin.qq.com/s?__biz=MzA3MTAwODc0NQ==&mid=2649891287&idx=1&sn=59212e83e259d2665f07853fa80de907", "description": "ACM CCS 2024 论文抢先看！本文中，我们考量当攻击者启用隧道传输其攻击流量时，如何对攻击流量进行准确检测。", "author": "赛博新经济", "category": "赛博新经济", "pubDate": "2024-12-08T11:35:58" }, { "title": "burpsuite SQL注入插件", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486953&idx=1&sn=ab10862e21c3541f3bf996f5396697ec", "description": null, "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-08T07:55:40" }, { "title": "渗透测试实战—利用防火墙突破网络隔离", "link": "https://mp.weixin.qq.com/s?__biz=MzkyNjczNzgzMA==&mid=2247484338&idx=1&sn=1d4e3af01af9eb42ccc7d8c19de30992", "description": "渗透测试实战—利用防火墙突破网络隔离", "author": "网安日记本", "category": "网安日记本", "pubDate": "2024-12-08T07:00:47" }, { "title": "新型 C2 技术利用二维码绕过浏览器隔离", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247505049&idx=2&sn=af32da1272fdc565fad633f0937681e3", "description": null, "author": "网络研究观", "category": "网络研究观", "pubDate": "2024-12-08T00:00:35" }, { "title": "Windows 7 至 Windows 11 中存在新的 0 Day NTLM 哈希泄露漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247504999&idx=3&sn=860de968b5da5269ea0ec755cd3e8392", "description": null, "author": "网络研究观", "category": "网络研究观", "pubDate": "2024-12-07T18:02:01" }, { "title": "WEB前端逆向拦截页面跳转", "link": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487787&idx=1&sn=c9f78157d67619339c84a9681a33dbba", "description": "从网上求助学来的知识，都会写清楚原作者", "author": "青衣十三楼飞花堂", "category": "青衣十三楼飞花堂", "pubDate": "2024-12-07T17:24:27" }, { "title": "攻防|记一次溯源真实案例", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568203&idx=1&sn=2fdb04a880e088fc0b8f232f5adfd9f4", "description": null, "author": "马哥网络安全", "category": "马哥网络安全", "pubDate": "2024-12-07T17:00:24" }, { "title": "TCP连接，是否是新开端口号和客户端进行交互？", "link": "https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490258&idx=1&sn=db89cb9898e851c734a0830cf1f677fd", "description": null, "author": "车小胖谈网络", "category": "车小胖谈网络", "pubDate": "2024-12-07T16:51:29" }, { "title": "Spring Properties 远程代码执行", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485622&idx=1&sn=c6b1a76d598054eb86efa917775f6188", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-07T15:54:26" }, { "title": "Windows 中存在严重0day，可导致用户凭据泄露", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492906&idx=1&sn=bcccbff213bc1e74461cb25625f86307", "description": null, "author": "独眼情报", "category": "独眼情报", "pubDate": "2024-12-07T14:15:15" }, { "title": "制作一个可以绕过 Defender 的 Powershell Shellcode 下载器（无需绕过 Amsi）", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525456&idx=1&sn=1ff51ea83820483d2912dc91da0c103e", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-07T13:09:10" }, { "title": "新的 Windows 零日漏洞暴露 NTLM 凭据，已获得非官方补丁", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525456&idx=2&sn=36ccd1ade2da7b7093c538a25b09dc4a", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-07T13:09:10" }, { "title": "记一次简单的代码审计项目案例", "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247485642&idx=1&sn=afcc7c4a8330cefeed2195326b87685f", "description": null, "author": "安全君呀", "category": "安全君呀", "pubDate": "2024-12-07T12:07:52" }, { "title": "记一次JAVA代码审计过程", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485194&idx=1&sn=47071e2c86a784f6eeca99def55e03ef", "description": null, "author": "Jie安全", "category": "Jie安全", "pubDate": "2024-12-07T11:15:35" }, { "title": "移动安全框架 (MobSF) 存在存储型XSS漏洞 | CVE-2024-53999", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604682&idx=3&sn=66e331213aaa69ebd6e06ba539c6cbae", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-07T10:24:59" }, { "title": "sqlmap被动代理小工具", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604682&idx=4&sn=b00a4b26e07c7fbcb487eb3616ea6456", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-07T10:24:59" }, { "title": "记一次JAVA代码审计过程", "link": "https://mp.weixin.qq.com/s?__biz=MzkyMjM5NDM3NQ==&mid=2247486169&idx=1&sn=06e49fd2f6cf2dbdca4eb3c550ed86cf", "description": null, "author": "进击安全", "category": "进击安全", "pubDate": "2024-12-07T10:20:28" }, { "title": "无补丁，I-O Data路由器0Day漏洞被利用", "link": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651309095&idx=1&sn=c6dd464702642072510bbb85c37cb402", "description": "补丁预计将在12月18日发布，因此在此之前用户将面临比较严重的风险。", "author": "FreeBuf", "category": "FreeBuf", "pubDate": "2024-12-07T10:04:20" }, { "title": "深度解析GoldenEyeDog APT组织最新攻击技术动向", "link": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655261379&idx=1&sn=ee9f64fe9cbad33d1a141c69151701d7", "description": null, "author": "计算机与网络安全", "category": "计算机与网络安全", "pubDate": "2024-12-07T09:57:20" }, { "title": "Mitre Att&ck框架T1036.006(文件名后面的空格）技术的简单实现", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484920&idx=1&sn=2bada6774d9702240e6f8d840640f4dc", "description": "Mitre Att\\\\x26amp;ck框架T1036.006(文件名后面的空格）技术的简单实现", "author": "新蜂网络安全实验室", "category": "新蜂网络安全实验室", "pubDate": "2024-12-07T09:04:06" }, { "title": "俄黑客利用Cloudflare Tunnels和 DNS Fast-Flux 隐藏恶意软件针对乌克兰", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793408&idx=2&sn=62e5b7cce0750160459330d1cb527daf", "description": "研究人员发现俄罗斯黑客组织利用Cloudflare Tunnels和 DNS Fast-Flux隐藏恶意软件的托管设施。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-07T09:01:41" }, { "title": "新的Windows 0day漏洞：攻击者几乎无需用户交互即可窃取 NTLM 凭据", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793408&idx=3&sn=07c14519c7e26f4483bd662559941c89", "description": "从win7到最新的win11 24h2均存在的新0day漏洞，打开文件夹就能触发。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-07T09:01:41" }, { "title": "【PWN】堆溢出2.23 Off-By-One", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485038&idx=1&sn=2d307c01f15498c12c5bcad97233f8ab", "description": "2.23堆溢出Off-By-One，unsortedbin泄露libc配置fastbin attack + realloc_hook调栈。", "author": "智佳网络安全", "category": "智佳网络安全", "pubDate": "2024-12-07T08:30:49" }, { "title": "漏洞预警 | Zabbix SQL注入漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491663&idx=1&sn=13f8337d2c5b035b77d6655b19c9fc53", "description": "Zabbix前端的CUser类中的addRelatedObjects函数未对输入数据进行充分验证和转义，导致具有API访问权限的恶意用户可以通过user.get API传递特制输入触发SQL注入攻击。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-07T08:30:49" }, { "title": "浅谈利用PDF钓鱼攻击", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247509598&idx=1&sn=be74c502c8b0cd301e12048e894f9257", "description": "利用PDF文件，诱导用户点击文件，即可获取系统权限。", "author": "kali笔记", "category": "kali笔记", "pubDate": "2024-12-07T08:00:57" }, { "title": "云安全学习-密钥泄露与CF利用框架", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486945&idx=2&sn=beee676ac80e94387272c03affb7e5cb", "description": "u200b首先认识下阿里云官方解释的什么是AccessKey：在调用阿里云API时您需要使用AccessKey完成身份验证。AccessKey包括AccessKey ID和AccessKey Secret，需要一起使用。", "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-07T07:56:26" }, { "title": "【SDL实践指南】Foritify结构化规则定义", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493770&idx=2&sn=d76331319fa028f0f4379b0f87c23020", "description": "基本介绍结构分析器匹配源代码中的任意程序结构，它的设计目的不是为了发现由执行流或数据流引起的问题，相反它通过", "author": "七芒星实验室", "category": "七芒星实验室", "pubDate": "2024-12-07T07:00:42" }, { "title": "实战红蓝：谈一谈NSmartProxy流量特征在实战中的表现", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486222&idx=1&sn=f1b43263c2fab0c92dd05ae1bcc4c16d", "description": null, "author": "TtTeam", "category": "TtTeam", "pubDate": "2024-12-07T00:01:07" }, { "title": "PC逆向 -- 用户APC执行", "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037147&idx=2&sn=2980166e539b9fecaf3f664831f7a1ae", "description": null, "author": "逆向有你", "category": "逆向有你", "pubDate": "2024-12-07T00:00:15" }, { "title": "【免杀干货】杀毒软件检测详解", "link": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247537058&idx=1&sn=e1aa16a7450e6eb919e87021ac20192a", "description": "收藏学习", "author": "教父爱分享", "category": "教父爱分享", "pubDate": "2024-12-06T23:59:45" }, { "title": "【漏洞预警】SonicWall SMA100 SSL-VPN缓冲区溢出漏洞CVE-2024-45318", "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489275&idx=1&sn=31722ca4a5e3edc74c5e218e4bfedbdf", "description": null, "author": "飓风网络安全", "category": "飓风网络安全", "pubDate": "2024-12-06T23:49:32" }, { "title": "HTB-Vintage笔记", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTQxOTA3Ng==&mid=2247489250&idx=1&sn=e244c73804185afe5f0cf4752865bdbc", "description": null, "author": "Jiyou too beautiful", "category": "Jiyou too beautiful", "pubDate": "2024-12-06T23:17:24" }, { "title": "网安瞭望台第9期：0day 情报，OAuth 2.0授权流程学习", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTkwODU3Ng==&mid=2247514008&idx=1&sn=5c670c62b4c5fa4a355f424e56645be1", "description": "网安资讯分享\\\\x0d\\\\x0aDAILY NEWS AND KNOWLEDGE", "author": "东方隐侠安全团队", "category": "东方隐侠安全团队", "pubDate": "2024-12-06T21:54:51" }, { "title": "从JS代码审计到GraphQL利用的管理账户接管", "link": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496534&idx=1&sn=493cff035c6dde66c5b31d96de6f3834", "description": null, "author": "迪哥讲事", "category": "迪哥讲事", "pubDate": "2024-12-06T21:38:57" }, { "title": "CVE-2024-42327 Zabbix SQL注入 POC", "link": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247495970&idx=1&sn=ff9a5f04745abfade7cb4ca85fc55840", "description": null, "author": "Khan安全攻防实验室", "category": "Khan安全攻防实验室", "pubDate": "2024-12-06T19:50:37" }, { "title": "【安全圈】I-O Data路由器0Day漏洞被利用，无修复补丁", "link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066435&idx=3&sn=bbca90f744a9f08fd2d2e9d95bb190e2", "description": null, "author": "安全圈", "category": "安全圈", "pubDate": "2024-12-06T19:00:27" }, { "title": "混淆 Office 宏以逃避 Defender", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525341&idx=3&sn=197b8217ce933acb3c06e016737a1e79", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-06T18:09:22" }, { "title": "实战！一次超简单的网站后门利用体验", "link": "https://mp.weixin.qq.com/s?__biz=MzIwMzc3NTkxMA==&mid=2247491233&idx=3&sn=cb494f72f9e49b7d0b8bc8158dbd176c", "description": null, "author": "电信云堤", "category": "电信云堤", "pubDate": "2024-12-06T18:01:43" }, { "title": "未然威胁追踪 | 深度解析GoldenEyeDog APT组织最新攻击技术动向", "link": "https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505657&idx=1&sn=22625bef15dad3040d367c97fb602c7e", "description": "GoldenEyeDogAPT组织伪装常用软件诱导安装恶意程序，实现远程控制。", "author": "华为安全", "category": "华为安全", "pubDate": "2024-12-06T17:30:32" }, { "title": "CNNVD 关于SonicWall SMA100 安全漏洞的通报", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651461968&idx=1&sn=0a6663b04895b46371bd12da4468b547", "description": "近日，国家信息安全漏洞库（CNNVD）收到关于SonicWall SMA100 安全漏洞（CNNVD-202412-487、CVE-2024-45318）情况的报送。", "author": "CNNVD安全动态", "category": "CNNVD安全动态", "pubDate": "2024-12-06T17:10:06" }, { "title": "恶意软件分析-代码注入", "link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247488896&idx=1&sn=68a8307a5264347a644d93378ae6d367", "description": null, "author": "Relay学安全", "category": "Relay学安全", "pubDate": "2024-12-06T17:09:18" }, { "title": "新一代Webshell管理器", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568143&idx=2&sn=d5a6df73e38793ccfdecd67ecae32403", "description": null, "author": "马哥网络安全", "category": "马哥网络安全", "pubDate": "2024-12-06T17:00:34" }, { "title": "SonicWall SMA100 SSLVPN 多个高危漏洞安全风险通告", "link": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502571&idx=1&sn=c30e1d47ae1059542d59b52c7c4ddfd5", "description": "致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。", "author": "奇安信 CERT", "category": "奇安信 CERT", "pubDate": "2024-12-06T15:55:21" }, { "title": "一文学会shiro反序列化", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484171&idx=1&sn=1a340e6c0983e249883ffa49c67206d3", "description": "shiro反序列化漏洞", "author": "simple学安全", "category": "simple学安全", "pubDate": "2024-12-06T15:43:51" }, { "title": "金眼狗APT后门处置", "link": "https://mp.weixin.qq.com/s?__biz=MjM5ODkxMTEzOA==&mid=2247484375&idx=1&sn=1f76fc8d445edfc4387c1d3e501f79dd", "description": "金眼狗APT后门处置，作者：雁过留痕@深信服MSS专家部。", "author": "安服仔的救赎", "category": "安服仔的救赎", "pubDate": "2024-12-06T15:09:14" }, { "title": "组策略安全噩梦第二部分", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485618&idx=2&sn=f01a6dd1559a75dd2631663c6b18d3e5", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-06T14:56:20" }, { "title": "Apache-HertzBeat开源实时监控系统存在默认口令漏洞【漏洞复现|附nuclei-POC】", "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTcwOTMwMQ==&mid=2247484585&idx=1&sn=5454bc75cdf44fafbb3e5e8027140664", "description": null, "author": "脚本小子", "category": "脚本小子", "pubDate": "2024-12-06T14:40:57" }, { "title": "【免杀】单文件一键击溃windows defender进程 v1.1发布!", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485851&idx=1&sn=a1db0833cfab8195b3301d922d7b0538", "description": "单文件一键击溃windows defender\\\\x0d\\\\x0a使用资源文件嵌入驱动，避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件，旧版本驱动证书已过期", "author": "威零安全实验室", "category": "威零安全实验室", "pubDate": "2024-12-06T13:30:33" }, { "title": "接口测试二三事", "link": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247545690&idx=1&sn=3d45ecc2dd5998e9a91906e5ceaa5e69", "description": null, "author": "掌控安全EDU", "category": "掌控安全EDU", "pubDate": "2024-12-06T12:00:16" }, { "title": "干货｜一文搞懂加密流量检测的解决方法和技术细节", "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247124&idx=2&sn=8e23579cb82d06948bf7f91642d24e49", "description": null, "author": "e安在线", "category": "e安在线", "pubDate": "2024-12-06T11:26:50" }, { "title": "中国科学院信工所 | Snowflake代理请求的隐蔽性分析", "link": "https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491417&idx=1&sn=948790356cdbfb890e36824bd672ac2d", "description": "采用机器学习模型对Snowflake代理请求进行精准检测。", "author": "安全学术圈", "category": "安全学术圈", "pubDate": "2024-12-06T10:26:45" }, { "title": "攻防|记一次溯源真实案例", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604658&idx=3&sn=d0065fbf3c181a1e7c9cdac026f2895a", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-06T10:03:46" }, { "title": "一个绕过 EDR 的dumplsass免杀工具", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604658&idx=4&sn=01d4146012efc924fe7b8f0d366f971a", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-06T10:03:46" }, { "title": "工具集：BurpSuite-collections【burp插件合集】", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247484779&idx=1&sn=7b4c268d7c7db35eaad297a0fb50dcb9", "description": null, "author": "风铃Sec", "category": "风铃Sec", "pubDate": "2024-12-06T09:08:46" }, { "title": "黑客利用 MOONSHINE 漏洞和 DarkNimbus 后门攻击", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793394&idx=2&sn=06277be44ef38c9683d24a9ef2472d1c", "description": "趋势科技发的新报告。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-06T09:00:59" }, { "title": "渗透测试人员的 Nmap：漏洞扫描", "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485821&idx=1&sn=b98633172a515bdd2cbbfed5efdc3e30", "description": "Nmap 脚本引擎 (NSE) 是 Nmap 最有效的功能之一，它允许用户准备和共享脚本，以自动执行涉及网络的众多任务。", "author": "三沐数安", "category": "三沐数安", "pubDate": "2024-12-06T09:00:25" }, { "title": "Mitre_Att&ck框架T1574.001技术(劫持Dll搜索顺序）的简单实现", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484913&idx=1&sn=38c952a43bd8d00d7d0251d15f3463c1", "description": "Mitre_Att\\\\x26amp;ck框架T1574.001技术(劫持Dll搜索顺序）的简单实现", "author": "新蜂网络安全实验室", "category": "新蜂网络安全实验室", "pubDate": "2024-12-06T09:00:25" }, { "title": "利用伪装$Version Cookie绕过WAF防火墙", "link": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492726&idx=1&sn=9e6c4dc27f3599ad2ca6487f320cf05c", "description": "通过使用伪装的 $Version 属性，可以有效地绕过许多 Web 应用防火墙 (WAF)。此技术利用了许多 WAF 对 Cookie 标头解析的不一致性。", "author": "二进制空间安全", "category": "二进制空间安全", "pubDate": "2024-12-06T08:55:58" }, { "title": "Jolokia logback JNDI RCE漏洞复现", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY3MTM4Nw==&mid=2247484054&idx=1&sn=8a23efc97b5ae0c014ad74d391dd5717", "description": "JNDI是 Java 命名与目录接口（Java Naming and Directory Interface），在J2EE规范中是重要的规范之一", "author": "浩凯信安", "category": "浩凯信安", "pubDate": "2024-12-06T08:31:47" }, { "title": "实战|记一次溯源真实案例", "link": "https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517178&idx=1&sn=0970bac0e2ec58b8d9669c8556dd6001", "description": null, "author": "HACK之道", "category": "HACK之道", "pubDate": "2024-12-06T08:04:41" }, { "title": "POC集合，框架nday漏洞利用", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492910&idx=1&sn=09a010c00e7b570a4044e87718fd1ea4", "description": null, "author": "夜组安全", "category": "夜组安全", "pubDate": "2024-12-06T08:02:20" }, { "title": "某订货系统文件上传漏洞分析", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509663&idx=1&sn=36790b3290209381053ccbb1036f3b23", "description": null, "author": "李白你好", "category": "李白你好", "pubDate": "2024-12-06T08:01:05" }, { "title": "漏洞预警 | WordPress Elementor PDF生成器任意文件下载漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491646&idx=1&sn=e2735658a6d4f6f895d5a79139c28b03", "description": "WordPress Elementor页面生成器插件PDF生成器的/elementor-84接口存在任意文件下载漏洞，未经身份验证的攻击者可以通过该漏洞下载服务器任意文件，从而获取大量敏感信息。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-06T08:00:57" }, { "title": "漏洞预警 | 用友U8CRM SQL注入漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491646&idx=2&sn=146ed161d1ca3fb154097be23b43a507", "description": "用友U8CRM客户关系管理系统存在SQL注入漏洞，未经身份验证的攻击者通过漏洞执行任意SQL语句，调用xp_cmdshell写入后门文件，执行任意代码，从而获取到服务器权限。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-06T08:00:57" }, { "title": "新型网络钓鱼服务“Rockstar 2FA”来袭，微软 365 用户面临攻击威胁", "link": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447899703&idx=1&sn=f8913402ae49952d0b206b8e65d7434a", "description": "网络安全研究人员警告称，一种名为“Rockstar 2FA”的网络钓鱼即服务（PhaaS）工具包正被用于恶意邮件活动，旨在窃取微软 365 帐户凭据。", "author": "技术修道场", "category": "技术修道场", "pubDate": "2024-12-06T08:00:48" }, { "title": "[04]恶意文档分析-工具篇-OleTools（一）", "link": "https://mp.weixin.qq.com/s?__biz=MzI4MDcxODc4MQ==&mid=2247485099&idx=1&sn=82a1499793e45c47eac7f2cb8af73806", "description": "恶意文档分析，一学就会!", "author": "Y1X1n安全", "category": "Y1X1n安全", "pubDate": "2024-12-06T08:00:44" }, { "title": "浅谈红队中那些常见的场景和问题", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486926&idx=2&sn=ea58246c8cfed147506b4764e57aaaa2", "description": "浅谈红队中那些常见的场景和问题。", "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-06T07:57:01" }, { "title": "Villain C2", "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503763&idx=1&sn=1b457900f24b3fe2e8c7f054f7f9a200", "description": "乘坐 C2 快速前往 Revershell Lane 最近，除了 Cobalt Strike 之外，我一直在摆弄其他 C2，因为", "author": "安全狗的自我修养", "category": "安全狗的自我修养", "pubDate": "2024-12-06T07:11:46" }, { "title": "CVE-2024-22399 - SwingLazyValue利用链构造分析", "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517492&idx=1&sn=f586d9016d9592f6f6dffa36d64a2eda", "description": null, "author": "船山信安", "category": "船山信安", "pubDate": "2024-12-06T02:00:41" }, { "title": "ATT&CK红队评估实战靶场二", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzY5NDUyMQ==&mid=2247484853&idx=1&sn=9b889d07c5e333da0d5f5657dbb81ec6", "description": null, "author": "flowers-boy", "category": "flowers-boy", "pubDate": "2024-12-06T00:29:49" }, { "title": "WAF自动化绕过工具 -- x-waf", "link": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515071&idx=1&sn=214be935ebb249a12f64fd88a876dc30", "description": null, "author": "Web安全工具库", "category": "Web安全工具库", "pubDate": "2024-12-06T00:01:13" }, { "title": "安卓逆向 -- 某定位软件分析", "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037129&idx=1&sn=9f23954b167130ade615e71c326c9f4a", "description": null, "author": "逆向有你", "category": "逆向有你", "pubDate": "2024-12-06T00:00:49" }, { "title": "PC逆向 -- 内核APC执行", "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037129&idx=2&sn=48a950a51b0bb5f95804cd7fea6d5a97", "description": null, "author": "逆向有你", "category": "逆向有你", "pubDate": "2024-12-06T00:00:49" }, { "title": "端口存活扫描工具 -- x-pscan（12月4日更新）", "link": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247498834&idx=1&sn=de1e00a45bbc8c8e115645394496821f", "description": null, "author": "网络安全者", "category": "网络安全者", "pubDate": "2024-12-06T00:00:48" }, { "title": "【免杀】单文件一键击溃windows defender进程 v1.1发布!", "link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491607&idx=1&sn=803fe3abf2c407e54b3d4ec1545abeb0", "description": "单文件一键击溃windows defender\\\\x0d\\\\x0a使用资源文件嵌入驱动，避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件，旧版本驱动证书已过期", "author": "星落安全团队", "category": "星落安全团队", "pubDate": "2024-12-06T00:00:16" }, { "title": "立即修复，微软驱动程序关键漏洞已被APT组织利用", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490066&idx=1&sn=19f10acfb4432ac39d26b9c846eece40", "description": null, "author": "信息安全大事件", "category": "信息安全大事件", "pubDate": "2024-12-05T20:24:32" }, { "title": "SMB 中继：攻击、缓解、策略和有效的解决方案", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247504962&idx=1&sn=dae7a03ab07cc04acc999dbe7a920e9a", "description": null, "author": "网络研究观", "category": "网络研究观", "pubDate": "2024-12-05T19:17:18" }, { "title": "【安全圈】立即修复，微软驱动程序关键漏洞已被APT组织利用", "link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066421&idx=2&sn=c856137ec845bc74a8a86abc23c1eb69", "description": null, "author": "安全圈", "category": "安全圈", "pubDate": "2024-12-05T19:01:01" }, { "title": "大模型的反序列化导致的RCE漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzU0MzkzOTYzOQ==&mid=2247489539&idx=1&sn=69e2563458072584247038ace3c47897", "description": "大模型RCE漏洞！！", "author": "黑伞安全", "category": "黑伞安全", "pubDate": "2024-12-05T18:04:31" }, { "title": "新型网络钓鱼活动利用损坏的 Word 文档来逃避安全保护", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525328&idx=1&sn=aa4690f683a66fd805db9c7b4ebb5d2f", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-05T17:53:47" }, { "title": "CVE-2024-42448 (CVSS 9.9)：Veeam VSPC 中的严重 RCE 漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525328&idx=2&sn=9359464472ac9ce0e09e7e04e80d874f", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-05T17:53:47" }, { "title": "一种可绕过MFA认证的邻近入侵技术", "link": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492683&idx=1&sn=9a95dbd2eb123c7bf3d9634288a7de32", "description": "“邻近攻击”本质上是一种近距离访问操作，但避免了攻击者被物理识别或拘留的风险。这种攻击方式既具备近距离接触的所有好处，又允许幕后操作者远在千里之外。", "author": "二进制空间安全", "category": "二进制空间安全", "pubDate": "2024-12-05T17:52:16" }, { "title": "日本CERT提醒：IO-Data 路由器中的多个0day已遭利用", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247521692&idx=2&sn=adb3ff5ba3ff65807012edd28d90be20", "description": "其它两个0day的补丁将于12月18日推出", "author": "代码卫士", "category": "代码卫士", "pubDate": "2024-12-05T17:46:29" }, { "title": "Nessus扫描报告自动化生成工具", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568045&idx=1&sn=733899809ca7843908e3295aae3111f4", "description": null, "author": "马哥网络安全", "category": "马哥网络安全", "pubDate": "2024-12-05T17:01:04" }, { "title": "某OA 11.10 未授权任意文件上传", "link": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247487839&idx=1&sn=c7739038fa14d38c3ffb3e3fd0f46786", "description": "前几天看到通达 OA 11.10 存在未授权任意文件上传漏洞，于是也打算对此进行复现和分析。", "author": "蚁景网安", "category": "蚁景网安", "pubDate": "2024-12-05T16:30:26" }, { "title": "Yakit针对流量加密APP的Frida rpc解决方案", "link": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491126&idx=1&sn=8a07cf454033234da27ea3525f5cd616", "description": "本文只要讲述针对复杂流量加密的APP，如何在Yakit工具下采用Frida rpc的方式进行流量解密测试。", "author": "实战安全研究", "category": "实战安全研究", "pubDate": "2024-12-05T15:29:44" }, { "title": "攻防的较量，杀毒软件的致命缺陷", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODE5OTM5Nw==&mid=2247486613&idx=1&sn=ff6a075a665310c9459d711c4e78ce18", "description": "根据云查杀引擎设计原理，我们发现基于黑白名单的检测机制存在时间绕过的缺陷，这意味着在下一次同步（一般是2-4小时）云规则前，文件仍处于灰名单期间它将绕过。", "author": "白帽子安全笔记", "category": "白帽子安全笔记", "pubDate": "2024-12-05T14:22:48" }, { "title": "干货｜一文搞懂加密流量检测的解决方法和技术细节", "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247117&idx=2&sn=4cfb96c5877794de29c638e7e3154263", "description": null, "author": "e安在线", "category": "e安在线", "pubDate": "2024-12-05T13:52:08" }, { "title": "Mitre Att&ck框架T1205.001(端口敲击)和T1205.002(套接字过滤)技术的简单实现", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484898&idx=1&sn=0b8fe71a5d54db4c3434020ad198578e", "description": "Mitre Att\\\\x26amp;ck框架T1205.001(端口敲击)和T1205.002(套接字过滤)技术的简单实现", "author": "新蜂网络安全实验室", "category": "新蜂网络安全实验室", "pubDate": "2024-12-05T13:05:08" }, { "title": "js逆向案例-cookie反爬之akamai_2.0-上", "link": "https://mp.weixin.qq.com/s?__biz=MzU5NTcyMDc1Ng==&mid=2247493337&idx=1&sn=b903406edf42dde48c2b0ad2721eafef", "description": "js逆向案例-cookie反爬之akamai_2.0-上", "author": "逆向OneByOne", "category": "逆向OneByOne", "pubDate": "2024-12-05T12:55:42" }, { "title": "9个超级实用BurpSuite插件，SRC漏洞挖掘利器打包推荐", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247487695&idx=1&sn=65d7e7419f8d11a5cd05a191525939d6", "description": "前段时间自己在做项目的时候，需要用到一些漏洞扫描工具，以及一些被动扫描的工具，其中BurpSuite中的几个插件起到了关键性的作用，其实在实际攻防演练，或者渗透中一些漏洞出现的概率还是挺高的。", "author": "星悦安全", "category": "星悦安全", "pubDate": "2024-12-05T12:52:14" }, { "title": "从JS代码审计到GraphQL利用的管理账户接管", "link": "https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260223&idx=1&sn=31a7ee28fac382ef469e173b0bcfa32e", "description": null, "author": "骨哥说事", "category": "骨哥说事", "pubDate": "2024-12-05T12:20:18" }, { "title": "CVE-2024-31317 复现", "link": "https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515004&idx=1&sn=49ef9432fd64ba81064c5af61066efee", "description": "最近做一个测试的项目刚好是安卓车机于是想起来了这篇写一半的博客，赶紧趁着还能想起一点东西赶紧记录了下来。", "author": "白帽100安全攻防实验室", "category": "白帽100安全攻防实验室", "pubDate": "2024-12-05T11:30:33" }, { "title": "APT 组织之间的对抗：俄罗斯 APT Turla 窃取了巴基斯坦 APT 组织的数据", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492849&idx=2&sn=a268b43ec7ef3072d0da2c731b8c43a9", "description": null, "author": "独眼情报", "category": "独眼情报", "pubDate": "2024-12-05T11:11:06" }, { "title": "Zabbix 漏洞CVE-2024-42327 (CVSS 9.9)的 PoC 发布", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492849&idx=4&sn=a3441c1ca8c3aba877ceebd7454b594c", "description": null, "author": "独眼情报", "category": "独眼情报", "pubDate": "2024-12-05T11:11:06" }, { "title": "从赛门铁克管理代理（又名 Altiris）中提取账户连接凭据（ACCs）", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485607&idx=1&sn=6686b6ca661897c4b5d84f044d0095b8", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-05T10:24:37" }, { "title": "【免杀】向日葵密码、todesk密码命令行版本一键提取工具", "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTIzODg0MA==&mid=2247491260&idx=1&sn=d2998f3b46a506b8711bf523b7733a50", "description": "向日葵、todesk提取工具\\\\x0d\\\\x0a基于fscan二开的xlscan\\\\x0d\\\\x0a过360、火绒等杀软", "author": "爱喝酒烫头的曹操", "category": "爱喝酒烫头的曹操", "pubDate": "2024-12-05T10:06:33" }, { "title": "版本更新 | 单文件一键击溃火绒进程 v1.1发布!", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485849&idx=1&sn=951f8f326995324daa476fe117c2b15e", "description": "单文件一键击溃火绒进程 v1.1发布！\\\\x0d\\\\x0a使用资源文件嵌入驱动，避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件，旧版本驱动证书已过期", "author": "威零安全实验室", "category": "威零安全实验室", "pubDate": "2024-12-05T10:04:27" }, { "title": "微信4.0聊天记录数据库文件解密分析", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604505&idx=4&sn=e59a2078c09bc1db7d2094cf014dfd4a", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-05T10:03:19" }, { "title": "安卓逆向之第二代：函数抽取型壳", "link": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484355&idx=1&sn=a0fd336b796484a0e7abf6d02f246b06", "description": null, "author": "Ting的安全笔记", "category": "Ting的安全笔记", "pubDate": "2024-12-05T10:01:18" }, { "title": "【翻译】CORS - 错误配置和绕过", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485324&idx=1&sn=edbf22ad696def57e27f4d38b81d689d", "description": null, "author": "安全视安", "category": "安全视安", "pubDate": "2024-12-05T09:56:43" }, { "title": "【Linux运维】宝塔环境升级HTTP/3", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247509575&idx=1&sn=94ea87716de2777f60f8187050014cfb", "description": "本文简单的为大家分享，如何在宝塔环境中如何升级http/3协议。", "author": "kali笔记", "category": "kali笔记", "pubDate": "2024-12-05T09:12:03" }, { "title": "资产收集常用工具以及思路总结", "link": "https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247485972&idx=1&sn=bd5d2a38ea67d7ed891e03e356d17c52", "description": "这些常用的资产收集工具和思路你都了解并经常使用么？", "author": "沃克学安全", "category": "沃克学安全", "pubDate": "2024-12-05T09:03:47" }, { "title": "CISA 警告 Zyxel 防火墙漏洞可能被利用进行攻击", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793379&idx=3&sn=62ee6dd06f47c5b1777c48cd0a47a9fa", "description": "CISA 警告多款 Zyxel 防火墙设备中的路径遍历漏洞被积极利用。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-05T09:00:58" }, { "title": "记两次内网入侵溯源的真实案例", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMTUyMjUxMw==&mid=2247523029&idx=1&sn=2f33efd5da4783fc615dbbb96086cd73", "description": "记两次内网入侵溯源的真实案例", "author": "猫蛋儿安全", "category": "猫蛋儿安全", "pubDate": "2024-12-05T09:00:09" }, { "title": "实战红蓝：谈一谈NSmartProxy流量特征在实战中的表现", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247485956&idx=1&sn=3471aaf7c173b144ec8beee719616a67", "description": null, "author": "神农Sec", "category": "神农Sec", "pubDate": "2024-12-05T08:32:38" }, { "title": "Linux应急响应检查工具【单机终极版】", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492906&idx=1&sn=1bac25e1425fc528f71e7ed0ab1e3485", "description": null, "author": "夜组安全", "category": "夜组安全", "pubDate": "2024-12-05T08:04:28" }, { "title": "漏洞预警 | GitLab权限提升漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491639&idx=1&sn=39e40ca6d804352e6d20235db2217c6f", "description": "GitLab存在权限提升漏洞，由于GitLab中对LFS令牌的权限管理不当，当攻击者获取目标用户的个人访问令牌后，可以进一步滥用该PAT生成的LFS令牌，利用该漏洞实现权限提升，从而可能导致敏感信息泄露或执行未授权操作。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-05T08:03:24" }, { "title": "漏洞预警 | 用友NC SQL注入漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491639&idx=2&sn=ef0f15d92963fe62bd06df07429f9bce", "description": "用友NC的/portal/pt/task/process接口存在SQL注入漏洞，攻击者通过利用SQL注入漏洞配合数据库xp cmdshel可以执行任意命令，从而控制服务器。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-05T08:03:24" }, { "title": "移动安全框架 (MobSF) 存在存储型XSS漏洞 | CVE-2024-53999", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509613&idx=1&sn=3d46d512c0ea527fdba9869e770416e8", "description": null, "author": "李白你好", "category": "李白你好", "pubDate": "2024-12-05T08:01:27" }, { "title": "API安全漏洞靶场crapi漏洞复现", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486893&idx=1&sn=4910174c4a8925e18aae62644f0d7dec", "description": "通过该靶场学习以及分析当前常用的API技术以及该技术中存在的安全问题。", "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-05T07:55:38" }, { "title": "Kubelet端口未授权深入利用", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493754&idx=2&sn=fdfca15ecb8b98bcd7d1e97201b26bdd", "description": "漏洞描述K8s Node对外开启10250(Kubelet API)和10255端口(readonly AP", "author": "七芒星实验室", "category": "七芒星实验室", "pubDate": "2024-12-05T07:02:55" }, { "title": "思科ASA漏洞CVE-2014-2120当前正在被利用攻击", "link": "https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247492872&idx=1&sn=63eff1dd884f77fb706066595cc12e75", "description": null, "author": "黑猫安全", "category": "黑猫安全", "pubDate": "2024-12-05T07:01:27" }, { "title": "浅谈常见中间人攻击", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485363&idx=1&sn=3724a1da9ae81f364c92137a4175198a", "description": null, "author": "信安路漫漫", "category": "信安路漫漫", "pubDate": "2024-12-05T07:00:44" }, { "title": "哥斯拉源码解读+如何绕过waf检测", "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517466&idx=1&sn=925493f67805f6648aa9d36a4185c46b", "description": null, "author": "船山信安", "category": "船山信安", "pubDate": "2024-12-05T02:00:55" }, { "title": "版本更新 | 单文件一键击溃火绒进程 v1.1发布!", "link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491559&idx=1&sn=80e7f6359e4fb08a364c31e2ccd5c59a", "description": "单文件一键击溃火绒进程 v1.1发布！\\\\x0d\\\\x0a使用资源文件嵌入驱动，避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件，旧版本驱动证书已过期", "author": "星落安全团队", "category": "星落安全团队", "pubDate": "2024-12-05T00:00:59" }, { "title": "红蓝队病毒木马监控辅助工具（12月3日更新）", "link": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247498820&idx=1&sn=2725bb5cbcb5e76e638a7e1c8836a0c7", "description": null, "author": "网络安全者", "category": "网络安全者", "pubDate": "2024-12-05T00:00:13" }, { "title": "最新Nessus2024.12.04版本主机漏洞扫描/探测工具下载|近期漏洞合集更新", "link": "https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489275&idx=1&sn=363d8f9e531b932bd18c27d845f83a21", "description": "Nessus号称是世界上最流行的漏洞扫描程序，全世界有超过75000个组织在使用它。该工具提供完整的电脑漏洞扫描服务，并随时更新其漏洞数据库。Nessus不同于传统的漏洞扫描软件，Nessus可同时在本机或远端上遥控，进行系统的漏洞分析扫描", "author": "渗透安全HackTwo", "category": "渗透安全HackTwo", "pubDate": "2024-12-05T00:00:12" }, { "title": "新型 Android 恶意软件 DroidBot 瞄准欧洲银行用户", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247504934&idx=3&sn=09e44a53225b47183d331f0328fab9e4", "description": null, "author": "网络研究观", "category": "网络研究观", "pubDate": "2024-12-04T23:48:33" }, { "title": "Zabbix api_jsonrpc.php接口存在SQL注入漏洞CVE-2024-42327 附POC", "link": "https://mp.weixin.qq.com/s?__biz=MzIxMjEzMDkyMA==&mid=2247487930&idx=1&sn=589b3837a2dc8ff72e861b99f6947f5d", "description": null, "author": "南风漏洞复现文库", "category": "南风漏洞复现文库", "pubDate": "2024-12-04T23:08:58" }, { "title": "工具集：HeavenlyBypassAV（免杀工具）", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247484771&idx=1&sn=edb658df8647f36d20266189ef2f35e3", "description": null, "author": "风铃Sec", "category": "风铃Sec", "pubDate": "2024-12-04T22:15:59" } ]