[ { "title": "Windows 7 至 Windows 11 中存在新的 0 Day NTLM 哈希泄露漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247504999&idx=3&sn=860de968b5da5269ea0ec755cd3e8392", "description": null, "author": "网络研究观", "category": "网络研究观", "pubDate": "2024-12-07T18:02:01" }, { "title": "WEB前端逆向拦截页面跳转", "link": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487787&idx=1&sn=c9f78157d67619339c84a9681a33dbba", "description": "从网上求助学来的知识,都会写清楚原作者", "author": "青衣十三楼飞花堂", "category": "青衣十三楼飞花堂", "pubDate": "2024-12-07T17:24:27" }, { "title": "攻防|记一次溯源真实案例", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568203&idx=1&sn=2fdb04a880e088fc0b8f232f5adfd9f4", "description": null, "author": "马哥网络安全", "category": "马哥网络安全", "pubDate": "2024-12-07T17:00:24" }, { "title": "TCP连接,是否是新开端口号和客户端进行交互?", "link": "https://mp.weixin.qq.com/s?__biz=MzIxNTM3NDE2Nw==&mid=2247490258&idx=1&sn=db89cb9898e851c734a0830cf1f677fd", "description": null, "author": "车小胖谈网络", "category": "车小胖谈网络", "pubDate": "2024-12-07T16:51:29" }, { "title": "Spring Properties 远程代码执行", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485622&idx=1&sn=c6b1a76d598054eb86efa917775f6188", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-07T15:54:26" }, { "title": "Windows 中存在严重0day,可导致用户凭据泄露", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492906&idx=1&sn=bcccbff213bc1e74461cb25625f86307", "description": null, "author": "独眼情报", "category": "独眼情报", "pubDate": "2024-12-07T14:15:15" }, { "title": "制作一个可以绕过 Defender 的 Powershell Shellcode 下载器(无需绕过 Amsi)", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525456&idx=1&sn=1ff51ea83820483d2912dc91da0c103e", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-07T13:09:10" }, { "title": "新的 Windows 零日漏洞暴露 NTLM 凭据,已获得非官方补丁", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525456&idx=2&sn=36ccd1ade2da7b7093c538a25b09dc4a", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-07T13:09:10" }, { "title": "记一次简单的代码审计项目案例", "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247485642&idx=1&sn=afcc7c4a8330cefeed2195326b87685f", "description": null, "author": "安全君呀", "category": "安全君呀", "pubDate": "2024-12-07T12:07:52" }, { "title": "记一次JAVA代码审计过程", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485194&idx=1&sn=47071e2c86a784f6eeca99def55e03ef", "description": null, "author": "Jie安全", "category": "Jie安全", "pubDate": "2024-12-07T11:15:35" }, { "title": "移动安全框架 (MobSF) 存在存储型XSS漏洞 | CVE-2024-53999", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604682&idx=3&sn=66e331213aaa69ebd6e06ba539c6cbae", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-07T10:24:59" }, { "title": "sqlmap被动代理小工具", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604682&idx=4&sn=b00a4b26e07c7fbcb487eb3616ea6456", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-07T10:24:59" }, { "title": "记一次JAVA代码审计过程", "link": "https://mp.weixin.qq.com/s?__biz=MzkyMjM5NDM3NQ==&mid=2247486169&idx=1&sn=06e49fd2f6cf2dbdca4eb3c550ed86cf", "description": null, "author": "进击安全", "category": "进击安全", "pubDate": "2024-12-07T10:20:28" }, { "title": "无补丁,I-O Data路由器0Day漏洞被利用", "link": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651309095&idx=1&sn=c6dd464702642072510bbb85c37cb402", "description": "补丁预计将在12月18日发布,因此在此之前用户将面临比较严重的风险。", "author": "FreeBuf", "category": "FreeBuf", "pubDate": "2024-12-07T10:04:20" }, { "title": "深度解析GoldenEyeDog APT组织最新攻击技术动向", "link": "https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655261379&idx=1&sn=ee9f64fe9cbad33d1a141c69151701d7", "description": null, "author": "计算机与网络安全", "category": "计算机与网络安全", "pubDate": "2024-12-07T09:57:20" }, { "title": "Mitre Att&ck框架T1036.006(文件名后面的空格)技术的简单实现", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484920&idx=1&sn=2bada6774d9702240e6f8d840640f4dc", "description": "Mitre Att\\\\x26amp;ck框架T1036.006(文件名后面的空格)技术的简单实现", "author": "新蜂网络安全实验室", "category": "新蜂网络安全实验室", "pubDate": "2024-12-07T09:04:06" }, { "title": "俄黑客利用Cloudflare Tunnels和 DNS Fast-Flux 隐藏恶意软件针对乌克兰", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793408&idx=2&sn=62e5b7cce0750160459330d1cb527daf", "description": "研究人员发现俄罗斯黑客组织利用Cloudflare Tunnels和 DNS Fast-Flux隐藏恶意软件的托管设施。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-07T09:01:41" }, { "title": "新的Windows 0day漏洞:攻击者几乎无需用户交互即可窃取 NTLM 凭据", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793408&idx=3&sn=07c14519c7e26f4483bd662559941c89", "description": "从win7到最新的win11 24h2均存在的新0day漏洞,打开文件夹就能触发。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-07T09:01:41" }, { "title": "漏洞预警 | Zabbix SQL注入漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491663&idx=1&sn=13f8337d2c5b035b77d6655b19c9fc53", "description": "Zabbix前端的CUser类中的addRelatedObjects函数未对输入数据进行充分验证和转义,导致具有API访问权限的恶意用户可以通过user.get API传递特制输入触发SQL注入攻击。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-07T08:30:49" }, { "title": "【PWN】堆溢出2.23 Off-By-One", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NDYwOTcxNg==&mid=2247485038&idx=1&sn=2d307c01f15498c12c5bcad97233f8ab", "description": "2.23堆溢出Off-By-One,unsortedbin泄露libc配置fastbin attack + realloc_hook调栈。", "author": "智佳网络安全", "category": "智佳网络安全", "pubDate": "2024-12-07T08:30:49" }, { "title": "浅谈利用PDF钓鱼攻击", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247509598&idx=1&sn=be74c502c8b0cd301e12048e894f9257", "description": "利用PDF文件,诱导用户点击文件,即可获取系统权限。", "author": "kali笔记", "category": "kali笔记", "pubDate": "2024-12-07T08:00:57" }, { "title": "云安全学习-密钥泄露与CF利用框架", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486945&idx=2&sn=beee676ac80e94387272c03affb7e5cb", "description": "u200b首先认识下阿里云官方解释的什么是AccessKey:在调用阿里云API时您需要使用AccessKey完成身份验证。AccessKey包括AccessKey ID和AccessKey Secret,需要一起使用。", "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-07T07:56:26" }, { "title": "【SDL实践指南】Foritify结构化规则定义", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493770&idx=2&sn=d76331319fa028f0f4379b0f87c23020", "description": "基本介绍结构分析器匹配源代码中的任意程序结构,它的设计目的不是为了发现由执行流或数据流引起的问题,相反它通过", "author": "七芒星实验室", "category": "七芒星实验室", "pubDate": "2024-12-07T07:00:42" }, { "title": "实战红蓝:谈一谈NSmartProxy流量特征在实战中的表现", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247486222&idx=1&sn=f1b43263c2fab0c92dd05ae1bcc4c16d", "description": null, "author": "TtTeam", "category": "TtTeam", "pubDate": "2024-12-07T00:01:07" }, { "title": "PC逆向 -- 用户APC执行", "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037147&idx=2&sn=2980166e539b9fecaf3f664831f7a1ae", "description": null, "author": "逆向有你", "category": "逆向有你", "pubDate": "2024-12-07T00:00:15" }, { "title": "【免杀干货】杀毒软件检测详解", "link": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247537058&idx=1&sn=e1aa16a7450e6eb919e87021ac20192a", "description": "收藏学习", "author": "教父爱分享", "category": "教父爱分享", "pubDate": "2024-12-06T23:59:45" }, { "title": "【漏洞预警】SonicWall SMA100 SSL-VPN缓冲区溢出漏洞CVE-2024-45318", "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489275&idx=1&sn=31722ca4a5e3edc74c5e218e4bfedbdf", "description": null, "author": "飓风网络安全", "category": "飓风网络安全", "pubDate": "2024-12-06T23:49:32" }, { "title": "HTB-Vintage笔记", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTQxOTA3Ng==&mid=2247489250&idx=1&sn=e244c73804185afe5f0cf4752865bdbc", "description": null, "author": "Jiyou too beautiful", "category": "Jiyou too beautiful", "pubDate": "2024-12-06T23:17:24" }, { "title": "网安瞭望台第9期:0day 情报,OAuth 2.0授权流程学习", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTkwODU3Ng==&mid=2247514008&idx=1&sn=5c670c62b4c5fa4a355f424e56645be1", "description": "网安资讯分享\\\\x0d\\\\x0aDAILY NEWS AND KNOWLEDGE", "author": "东方隐侠安全团队", "category": "东方隐侠安全团队", "pubDate": "2024-12-06T21:54:51" }, { "title": "从JS代码审计到GraphQL利用的管理账户接管", "link": "https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496534&idx=1&sn=493cff035c6dde66c5b31d96de6f3834", "description": null, "author": "迪哥讲事", "category": "迪哥讲事", "pubDate": "2024-12-06T21:38:57" }, { "title": "CVE-2024-42327 Zabbix SQL注入 POC", "link": "https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247495970&idx=1&sn=ff9a5f04745abfade7cb4ca85fc55840", "description": null, "author": "Khan安全攻防实验室", "category": "Khan安全攻防实验室", "pubDate": "2024-12-06T19:50:37" }, { "title": "【安全圈】I-O Data路由器0Day漏洞被利用,无修复补丁", "link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066435&idx=3&sn=bbca90f744a9f08fd2d2e9d95bb190e2", "description": null, "author": "安全圈", "category": "安全圈", "pubDate": "2024-12-06T19:00:27" }, { "title": "混淆 Office 宏以逃避 Defender", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525341&idx=3&sn=197b8217ce933acb3c06e016737a1e79", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-06T18:09:22" }, { "title": "实战!一次超简单的网站后门利用体验", "link": "https://mp.weixin.qq.com/s?__biz=MzIwMzc3NTkxMA==&mid=2247491233&idx=3&sn=cb494f72f9e49b7d0b8bc8158dbd176c", "description": null, "author": "电信云堤", "category": "电信云堤", "pubDate": "2024-12-06T18:01:43" }, { "title": "未然威胁追踪 | 深度解析GoldenEyeDog APT组织最新攻击技术动向", "link": "https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247505657&idx=1&sn=22625bef15dad3040d367c97fb602c7e", "description": "GoldenEyeDogAPT组织伪装常用软件诱导安装恶意程序,实现远程控制。", "author": "华为安全", "category": "华为安全", "pubDate": "2024-12-06T17:30:32" }, { "title": "CNNVD 关于SonicWall SMA100 安全漏洞的通报", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651461968&idx=1&sn=0a6663b04895b46371bd12da4468b547", "description": "近日,国家信息安全漏洞库(CNNVD)收到关于SonicWall SMA100 安全漏洞(CNNVD-202412-487、CVE-2024-45318)情况的报送。", "author": "CNNVD安全动态", "category": "CNNVD安全动态", "pubDate": "2024-12-06T17:10:06" }, { "title": "恶意软件分析-代码注入", "link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247488896&idx=1&sn=68a8307a5264347a644d93378ae6d367", "description": null, "author": "Relay学安全", "category": "Relay学安全", "pubDate": "2024-12-06T17:09:18" }, { "title": "新一代Webshell管理器", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568143&idx=2&sn=d5a6df73e38793ccfdecd67ecae32403", "description": null, "author": "马哥网络安全", "category": "马哥网络安全", "pubDate": "2024-12-06T17:00:34" }, { "title": "SonicWall SMA100 SSLVPN 多个高危漏洞安全风险通告", "link": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502571&idx=1&sn=c30e1d47ae1059542d59b52c7c4ddfd5", "description": "致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。", "author": "奇安信 CERT", "category": "奇安信 CERT", "pubDate": "2024-12-06T15:55:21" }, { "title": "一文学会shiro反序列化", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484171&idx=1&sn=1a340e6c0983e249883ffa49c67206d3", "description": "shiro反序列化漏洞", "author": "simple学安全", "category": "simple学安全", "pubDate": "2024-12-06T15:43:51" }, { "title": "金眼狗APT后门处置", "link": "https://mp.weixin.qq.com/s?__biz=MjM5ODkxMTEzOA==&mid=2247484375&idx=1&sn=1f76fc8d445edfc4387c1d3e501f79dd", "description": "金眼狗APT后门处置,作者:雁过留痕@深信服MSS专家部。", "author": "安服仔的救赎", "category": "安服仔的救赎", "pubDate": "2024-12-06T15:09:14" }, { "title": "组策略安全噩梦 第二部分", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485618&idx=2&sn=f01a6dd1559a75dd2631663c6b18d3e5", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-06T14:56:20" }, { "title": "Apache-HertzBeat开源实时监控系统存在默认口令漏洞【漏洞复现|附nuclei-POC】", "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTcwOTMwMQ==&mid=2247484585&idx=1&sn=5454bc75cdf44fafbb3e5e8027140664", "description": null, "author": "脚本小子", "category": "脚本小子", "pubDate": "2024-12-06T14:40:57" }, { "title": "【免杀】单文件一键击溃windows defender进程 v1.1发布!", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485851&idx=1&sn=a1db0833cfab8195b3301d922d7b0538", "description": "单文件一键击溃windows defender\\\\x0d\\\\x0a使用资源文件嵌入驱动,避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件,旧版本驱动证书已过期", "author": "威零安全实验室", "category": "威零安全实验室", "pubDate": "2024-12-06T13:30:33" }, { "title": "接口测试二三事", "link": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247545690&idx=1&sn=3d45ecc2dd5998e9a91906e5ceaa5e69", "description": null, "author": "掌控安全EDU", "category": "掌控安全EDU", "pubDate": "2024-12-06T12:00:16" }, { "title": "干货|一文搞懂加密流量检测的解决方法和技术细节", "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247124&idx=2&sn=8e23579cb82d06948bf7f91642d24e49", "description": null, "author": "e安在线", "category": "e安在线", "pubDate": "2024-12-06T11:26:50" }, { "title": "中国科学院信工所 | Snowflake代理请求的隐蔽性分析", "link": "https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247491417&idx=1&sn=948790356cdbfb890e36824bd672ac2d", "description": "采用机器学习模型对Snowflake代理请求进行精准检测。", "author": "安全学术圈", "category": "安全学术圈", "pubDate": "2024-12-06T10:26:45" }, { "title": "攻防|记一次溯源真实案例", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604658&idx=3&sn=d0065fbf3c181a1e7c9cdac026f2895a", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-06T10:03:46" }, { "title": "一个绕过 EDR 的dumplsass免杀工具", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604658&idx=4&sn=01d4146012efc924fe7b8f0d366f971a", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-06T10:03:46" }, { "title": "工具集:BurpSuite-collections【burp插件合集】", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247484779&idx=1&sn=7b4c268d7c7db35eaad297a0fb50dcb9", "description": null, "author": "风铃Sec", "category": "风铃Sec", "pubDate": "2024-12-06T09:08:46" }, { "title": "黑客利用 MOONSHINE 漏洞和 DarkNimbus 后门攻击", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793394&idx=2&sn=06277be44ef38c9683d24a9ef2472d1c", "description": "趋势科技发的新报告。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-06T09:00:59" }, { "title": "Mitre_Att&ck框架T1574.001技术(劫持Dll搜索顺序)的简单实现", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484913&idx=1&sn=38c952a43bd8d00d7d0251d15f3463c1", "description": "Mitre_Att\\\\x26amp;ck框架T1574.001技术(劫持Dll搜索顺序)的简单实现", "author": "新蜂网络安全实验室", "category": "新蜂网络安全实验室", "pubDate": "2024-12-06T09:00:25" }, { "title": "渗透测试人员的 Nmap:漏洞扫描", "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485821&idx=1&sn=b98633172a515bdd2cbbfed5efdc3e30", "description": "Nmap 脚本引擎 (NSE) 是 Nmap 最有效的功能之一,它允许用户准备和共享脚本,以自动执行涉及网络的众多任务。", "author": "三沐数安", "category": "三沐数安", "pubDate": "2024-12-06T09:00:25" }, { "title": "利用伪装$Version Cookie绕过WAF防火墙", "link": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492726&idx=1&sn=9e6c4dc27f3599ad2ca6487f320cf05c", "description": "通过使用伪装的 $Version 属性,可以有效地绕过许多 Web 应用防火墙 (WAF)。此技术利用了许多 WAF 对 Cookie 标头解析的不一致性。", "author": "二进制空间安全", "category": "二进制空间安全", "pubDate": "2024-12-06T08:55:58" }, { "title": "Jolokia logback JNDI RCE漏洞复现", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY3MTM4Nw==&mid=2247484054&idx=1&sn=8a23efc97b5ae0c014ad74d391dd5717", "description": "JNDI是 Java 命名与目录接口(Java Naming and Directory Interface),在J2EE规范中是重要的规范之一", "author": "浩凯信安", "category": "浩凯信安", "pubDate": "2024-12-06T08:31:47" }, { "title": "实战|记一次溯源真实案例", "link": "https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247517178&idx=1&sn=0970bac0e2ec58b8d9669c8556dd6001", "description": null, "author": "HACK之道", "category": "HACK之道", "pubDate": "2024-12-06T08:04:41" }, { "title": "POC集合,框架nday漏洞利用", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492910&idx=1&sn=09a010c00e7b570a4044e87718fd1ea4", "description": null, "author": "夜组安全", "category": "夜组安全", "pubDate": "2024-12-06T08:02:20" }, { "title": "某订货系统文件上传漏洞分析", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509663&idx=1&sn=36790b3290209381053ccbb1036f3b23", "description": null, "author": "李白你好", "category": "李白你好", "pubDate": "2024-12-06T08:01:05" }, { "title": "漏洞预警 | WordPress Elementor PDF生成器任意文件下载漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491646&idx=1&sn=e2735658a6d4f6f895d5a79139c28b03", "description": "WordPress Elementor页面生成器插件PDF生成器的/elementor-84接口存在任意文件下载漏洞,未经身份验证的攻击者可以通过该漏洞下载服务器任意文件,从而获取大量敏感信息。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-06T08:00:57" }, { "title": "漏洞预警 | 用友U8CRM SQL注入漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491646&idx=2&sn=146ed161d1ca3fb154097be23b43a507", "description": "用友U8CRM客户关系管理系统存在SQL注入漏洞,未经身份验证的攻击者通过漏洞执行任意SQL语句,调用xp_cmdshell写入后门文件,执行任意代码,从而获取到服务器权限。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-06T08:00:57" }, { "title": "新型网络钓鱼服务“Rockstar 2FA”来袭,微软 365 用户面临攻击威胁", "link": "https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447899703&idx=1&sn=f8913402ae49952d0b206b8e65d7434a", "description": "网络安全研究人员警告称,一种名为“Rockstar 2FA”的网络钓鱼即服务(PhaaS)工具包正被用于恶意邮件活动,旨在窃取微软 365 帐户凭据。", "author": "技术修道场", "category": "技术修道场", "pubDate": "2024-12-06T08:00:48" }, { "title": "[04]恶意文档分析-工具篇-OleTools(一)", "link": "https://mp.weixin.qq.com/s?__biz=MzI4MDcxODc4MQ==&mid=2247485099&idx=1&sn=82a1499793e45c47eac7f2cb8af73806", "description": "恶意文档分析,一学就会!", "author": "Y1X1n安全", "category": "Y1X1n安全", "pubDate": "2024-12-06T08:00:44" }, { "title": "浅谈红队中那些常见的场景和问题", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486926&idx=2&sn=ea58246c8cfed147506b4764e57aaaa2", "description": "浅谈红队中那些常见的场景和问题。", "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-06T07:57:01" }, { "title": "Villain C2", "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503763&idx=1&sn=1b457900f24b3fe2e8c7f054f7f9a200", "description": "乘坐 C2 快速前往 Revershell Lane 最近,除了 Cobalt Strike 之外,我一直在摆弄其他 C2,因为", "author": "安全狗的自我修养", "category": "安全狗的自我修养", "pubDate": "2024-12-06T07:11:46" }, { "title": "CVE-2024-22399 - SwingLazyValue利用链构造分析", "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517492&idx=1&sn=f586d9016d9592f6f6dffa36d64a2eda", "description": null, "author": "船山信安", "category": "船山信安", "pubDate": "2024-12-06T02:00:41" }, { "title": "ATT&CK红队评估实战靶场二", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzY5NDUyMQ==&mid=2247484853&idx=1&sn=9b889d07c5e333da0d5f5657dbb81ec6", "description": null, "author": "flowers-boy", "category": "flowers-boy", "pubDate": "2024-12-06T00:29:49" }, { "title": "WAF自动化绕过工具 -- x-waf", "link": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515071&idx=1&sn=214be935ebb249a12f64fd88a876dc30", "description": null, "author": "Web安全工具库", "category": "Web安全工具库", "pubDate": "2024-12-06T00:01:13" }, { "title": "安卓逆向 -- 某定位软件分析", "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037129&idx=1&sn=9f23954b167130ade615e71c326c9f4a", "description": null, "author": "逆向有你", "category": "逆向有你", "pubDate": "2024-12-06T00:00:49" }, { "title": "PC逆向 -- 内核APC执行", "link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037129&idx=2&sn=48a950a51b0bb5f95804cd7fea6d5a97", "description": null, "author": "逆向有你", "category": "逆向有你", "pubDate": "2024-12-06T00:00:49" }, { "title": "端口存活扫描工具 -- x-pscan(12月4日更新)", "link": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247498834&idx=1&sn=de1e00a45bbc8c8e115645394496821f", "description": null, "author": "网络安全者", "category": "网络安全者", "pubDate": "2024-12-06T00:00:48" }, { "title": "【免杀】单文件一键击溃windows defender进程 v1.1发布!", "link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491607&idx=1&sn=803fe3abf2c407e54b3d4ec1545abeb0", "description": "单文件一键击溃windows defender\\\\x0d\\\\x0a使用资源文件嵌入驱动,避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件,旧版本驱动证书已过期", "author": "星落安全团队", "category": "星落安全团队", "pubDate": "2024-12-06T00:00:16" }, { "title": "立即修复,微软驱动程序关键漏洞已被APT组织利用", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247490066&idx=1&sn=19f10acfb4432ac39d26b9c846eece40", "description": null, "author": "信息安全大事件", "category": "信息安全大事件", "pubDate": "2024-12-05T20:24:32" }, { "title": "SMB 中继:攻击、缓解、策略和有效的解决方案", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247504962&idx=1&sn=dae7a03ab07cc04acc999dbe7a920e9a", "description": null, "author": "网络研究观", "category": "网络研究观", "pubDate": "2024-12-05T19:17:18" }, { "title": "【安全圈】立即修复,微软驱动程序关键漏洞已被APT组织利用", "link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066421&idx=2&sn=c856137ec845bc74a8a86abc23c1eb69", "description": null, "author": "安全圈", "category": "安全圈", "pubDate": "2024-12-05T19:01:01" }, { "title": "大模型的反序列化导致的RCE漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzU0MzkzOTYzOQ==&mid=2247489539&idx=1&sn=69e2563458072584247038ace3c47897", "description": "大模型RCE漏洞!!", "author": "黑伞安全", "category": "黑伞安全", "pubDate": "2024-12-05T18:04:31" }, { "title": "新型网络钓鱼活动利用损坏的 Word 文档来逃避安全保护", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525328&idx=1&sn=aa4690f683a66fd805db9c7b4ebb5d2f", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-05T17:53:47" }, { "title": "CVE-2024-42448 (CVSS 9.9):Veeam VSPC 中的严重 RCE 漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525328&idx=2&sn=9359464472ac9ce0e09e7e04e80d874f", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-05T17:53:47" }, { "title": "一种可绕过MFA认证的邻近入侵技术", "link": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492683&idx=1&sn=9a95dbd2eb123c7bf3d9634288a7de32", "description": "“邻近攻击”本质上是一种近距离访问操作,但避免了攻击者被物理识别或拘留的风险。这种攻击方式既具备近距离接触的所有好处,又允许幕后操作者远在千里之外。", "author": "二进制空间安全", "category": "二进制空间安全", "pubDate": "2024-12-05T17:52:16" }, { "title": "日本CERT提醒:IO-Data 路由器中的多个0day已遭利用", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247521692&idx=2&sn=adb3ff5ba3ff65807012edd28d90be20", "description": "其它两个0day的补丁将于12月18日推出", "author": "代码卫士", "category": "代码卫士", "pubDate": "2024-12-05T17:46:29" }, { "title": "Nessus扫描报告自动化生成工具", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247568045&idx=1&sn=733899809ca7843908e3295aae3111f4", "description": null, "author": "马哥网络安全", "category": "马哥网络安全", "pubDate": "2024-12-05T17:01:04" }, { "title": "某OA 11.10 未授权任意文件上传", "link": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247487839&idx=1&sn=c7739038fa14d38c3ffb3e3fd0f46786", "description": "前几天看到通达 OA 11.10 存在未授权任意文件上传漏洞,于是也打算对此进行复现和分析。", "author": "蚁景网安", "category": "蚁景网安", "pubDate": "2024-12-05T16:30:26" }, { "title": "Yakit针对流量加密APP的Frida rpc解决方案", "link": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491126&idx=1&sn=8a07cf454033234da27ea3525f5cd616", "description": "本文只要讲述针对复杂流量加密的APP,如何在Yakit工具下采用Frida rpc的方式进行流量解密测试。", "author": "实战安全研究", "category": "实战安全研究", "pubDate": "2024-12-05T15:29:44" }, { "title": "攻防的较量,杀毒软件的致命缺陷", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODE5OTM5Nw==&mid=2247486613&idx=1&sn=ff6a075a665310c9459d711c4e78ce18", "description": "根据云查杀引擎设计原理,我们发现基于黑白名单的检测机制存在时间绕过的缺陷,这意味着在下一次同步(一般是2-4小时)云规则前,文件仍处于灰名单期间它将绕过。", "author": "白帽子安全笔记", "category": "白帽子安全笔记", "pubDate": "2024-12-05T14:22:48" }, { "title": "干货|一文搞懂加密流量检测的解决方法和技术细节", "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247117&idx=2&sn=4cfb96c5877794de29c638e7e3154263", "description": null, "author": "e安在线", "category": "e安在线", "pubDate": "2024-12-05T13:52:08" }, { "title": "Mitre Att&ck框架T1205.001(端口敲击)和T1205.002(套接字过滤)技术的简单实现", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484898&idx=1&sn=0b8fe71a5d54db4c3434020ad198578e", "description": "Mitre Att\\\\x26amp;ck框架T1205.001(端口敲击)和T1205.002(套接字过滤)技术的简单实现", "author": "新蜂网络安全实验室", "category": "新蜂网络安全实验室", "pubDate": "2024-12-05T13:05:08" }, { "title": "js逆向案例-cookie反爬之akamai_2.0-上", "link": "https://mp.weixin.qq.com/s?__biz=MzU5NTcyMDc1Ng==&mid=2247493337&idx=1&sn=b903406edf42dde48c2b0ad2721eafef", "description": "js逆向案例-cookie反爬之akamai_2.0-上", "author": "逆向OneByOne", "category": "逆向OneByOne", "pubDate": "2024-12-05T12:55:42" }, { "title": "9个超级实用BurpSuite插件,SRC漏洞挖掘利器打包推荐", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247487695&idx=1&sn=65d7e7419f8d11a5cd05a191525939d6", "description": "前段时间自己在做项目的时候,需要用到一些漏洞扫描工具,以及一些被动扫描的工具,其中BurpSuite中的几个插件起到了关键性的作用,其实在实际攻防演练,或者渗透中一些漏洞出现的概率还是挺高的。", "author": "星悦安全", "category": "星悦安全", "pubDate": "2024-12-05T12:52:14" }, { "title": "从JS代码审计到GraphQL利用的管理账户接管", "link": "https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650260223&idx=1&sn=31a7ee28fac382ef469e173b0bcfa32e", "description": null, "author": "骨哥说事", "category": "骨哥说事", "pubDate": "2024-12-05T12:20:18" }, { "title": "CVE-2024-31317 复现", "link": "https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515004&idx=1&sn=49ef9432fd64ba81064c5af61066efee", "description": "最近做一个测试的项目刚好是安卓车机于是想起来了这篇写一半的博客,赶紧趁着还能想起一点东西赶紧记录了下来。", "author": "白帽100安全攻防实验室", "category": "白帽100安全攻防实验室", "pubDate": "2024-12-05T11:30:33" }, { "title": "APT 组织之间的对抗:俄罗斯 APT Turla 窃取了巴基斯坦 APT 组织的数据", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492849&idx=2&sn=a268b43ec7ef3072d0da2c731b8c43a9", "description": null, "author": "独眼情报", "category": "独眼情报", "pubDate": "2024-12-05T11:11:06" }, { "title": "Zabbix 漏洞CVE-2024-42327 (CVSS 9.9)的 PoC 发布", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492849&idx=4&sn=a3441c1ca8c3aba877ceebd7454b594c", "description": null, "author": "独眼情报", "category": "独眼情报", "pubDate": "2024-12-05T11:11:06" }, { "title": "从赛门铁克管理代理(又名 Altiris)中提取账户连接凭据(ACCs)", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485607&idx=1&sn=6686b6ca661897c4b5d84f044d0095b8", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-05T10:24:37" }, { "title": "【免杀】向日葵密码、todesk密码命令行版本一键提取工具", "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTIzODg0MA==&mid=2247491260&idx=1&sn=d2998f3b46a506b8711bf523b7733a50", "description": "向日葵、todesk提取工具\\\\x0d\\\\x0a基于fscan二开的xlscan\\\\x0d\\\\x0a过360、火绒等杀软", "author": "爱喝酒烫头的曹操", "category": "爱喝酒烫头的曹操", "pubDate": "2024-12-05T10:06:33" }, { "title": "版本更新 | 单文件一键击溃火绒进程 v1.1发布!", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485849&idx=1&sn=951f8f326995324daa476fe117c2b15e", "description": "单文件一键击溃火绒进程 v1.1发布!\\\\x0d\\\\x0a使用资源文件嵌入驱动,避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件,旧版本驱动证书已过期", "author": "威零安全实验室", "category": "威零安全实验室", "pubDate": "2024-12-05T10:04:27" }, { "title": "微信4.0聊天记录数据库文件解密分析", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604505&idx=4&sn=e59a2078c09bc1db7d2094cf014dfd4a", "description": null, "author": "黑白之道", "category": "黑白之道", "pubDate": "2024-12-05T10:03:19" }, { "title": "安卓逆向之第二代:函数抽取型壳", "link": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484355&idx=1&sn=a0fd336b796484a0e7abf6d02f246b06", "description": null, "author": "Ting的安全笔记", "category": "Ting的安全笔记", "pubDate": "2024-12-05T10:01:18" }, { "title": "【翻译】CORS - 错误配置和绕过", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485324&idx=1&sn=edbf22ad696def57e27f4d38b81d689d", "description": null, "author": "安全视安", "category": "安全视安", "pubDate": "2024-12-05T09:56:43" }, { "title": "【Linux运维】宝塔环境升级HTTP/3", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247509575&idx=1&sn=94ea87716de2777f60f8187050014cfb", "description": "本文简单的为大家分享,如何在宝塔环境中如何升级http/3协议。", "author": "kali笔记", "category": "kali笔记", "pubDate": "2024-12-05T09:12:03" }, { "title": "资产收集常用工具以及思路总结", "link": "https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247485972&idx=1&sn=bd5d2a38ea67d7ed891e03e356d17c52", "description": "这些常用的资产收集工具和思路你都了解并经常使用么?", "author": "沃克学安全", "category": "沃克学安全", "pubDate": "2024-12-05T09:03:47" }, { "title": "CISA 警告 Zyxel 防火墙漏洞可能被利用进行攻击", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793379&idx=3&sn=62ee6dd06f47c5b1777c48cd0a47a9fa", "description": "CISA 警告多款 Zyxel 防火墙设备中的路径遍历漏洞被积极利用。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-05T09:00:58" }, { "title": "记两次内网入侵溯源的真实案例", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMTUyMjUxMw==&mid=2247523029&idx=1&sn=2f33efd5da4783fc615dbbb96086cd73", "description": "记两次内网入侵溯源的真实案例", "author": "猫蛋儿安全", "category": "猫蛋儿安全", "pubDate": "2024-12-05T09:00:09" }, { "title": "实战红蓝:谈一谈NSmartProxy流量特征在实战中的表现", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247485956&idx=1&sn=3471aaf7c173b144ec8beee719616a67", "description": null, "author": "神农Sec", "category": "神农Sec", "pubDate": "2024-12-05T08:32:38" }, { "title": "Linux应急响应检查工具【单机终极版】", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492906&idx=1&sn=1bac25e1425fc528f71e7ed0ab1e3485", "description": null, "author": "夜组安全", "category": "夜组安全", "pubDate": "2024-12-05T08:04:28" }, { "title": "漏洞预警 | GitLab权限提升漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491639&idx=1&sn=39e40ca6d804352e6d20235db2217c6f", "description": "GitLab存在权限提升漏洞,由于GitLab中对LFS令牌的权限管理不当,当攻击者获取目标用户的个人访问令牌后,可以进一步滥用该PAT生成的LFS令牌,利用该漏洞实现权限提升,从而可能导致敏感信息泄露或执行未授权操作。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-05T08:03:24" }, { "title": "漏洞预警 | 用友NC SQL注入漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491639&idx=2&sn=ef0f15d92963fe62bd06df07429f9bce", "description": "用友NC的/portal/pt/task/process接口存在SQL注入漏洞,攻击者通过利用SQL注入漏洞配合数据库xp cmdshel可以执行任意命令,从而控制服务器。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-05T08:03:24" }, { "title": "移动安全框架 (MobSF) 存在存储型XSS漏洞 | CVE-2024-53999", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509613&idx=1&sn=3d46d512c0ea527fdba9869e770416e8", "description": null, "author": "李白你好", "category": "李白你好", "pubDate": "2024-12-05T08:01:27" }, { "title": "API安全漏洞靶场crapi漏洞复现", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486893&idx=1&sn=4910174c4a8925e18aae62644f0d7dec", "description": "通过该靶场学习以及分析当前常用的API技术以及该技术中存在的安全问题。", "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-05T07:55:38" }, { "title": "Kubelet端口未授权深入利用", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493754&idx=2&sn=fdfca15ecb8b98bcd7d1e97201b26bdd", "description": "漏洞描述K8s Node对外开启10250(Kubelet API)和10255端口(readonly AP", "author": "七芒星实验室", "category": "七芒星实验室", "pubDate": "2024-12-05T07:02:55" }, { "title": "思科ASA漏洞CVE-2014-2120当前正在被利用攻击", "link": "https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247492872&idx=1&sn=63eff1dd884f77fb706066595cc12e75", "description": null, "author": "黑猫安全", "category": "黑猫安全", "pubDate": "2024-12-05T07:01:27" }, { "title": "浅谈常见中间人攻击", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485363&idx=1&sn=3724a1da9ae81f364c92137a4175198a", "description": null, "author": "信安路漫漫", "category": "信安路漫漫", "pubDate": "2024-12-05T07:00:44" }, { "title": "哥斯拉源码解读+如何绕过waf检测", "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517466&idx=1&sn=925493f67805f6648aa9d36a4185c46b", "description": null, "author": "船山信安", "category": "船山信安", "pubDate": "2024-12-05T02:00:55" }, { "title": "版本更新 | 单文件一键击溃火绒进程 v1.1发布!", "link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491559&idx=1&sn=80e7f6359e4fb08a364c31e2ccd5c59a", "description": "单文件一键击溃火绒进程 v1.1发布!\\\\x0d\\\\x0a使用资源文件嵌入驱动,避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件,旧版本驱动证书已过期", "author": "星落安全团队", "category": "星落安全团队", "pubDate": "2024-12-05T00:00:59" }, { "title": "红蓝队病毒木马监控辅助工具(12月3日更新)", "link": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247498820&idx=1&sn=2725bb5cbcb5e76e638a7e1c8836a0c7", "description": null, "author": "网络安全者", "category": "网络安全者", "pubDate": "2024-12-05T00:00:13" }, { "title": "最新Nessus2024.12.04版本主机漏洞扫描/探测工具下载|近期漏洞合集更新", "link": "https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489275&idx=1&sn=363d8f9e531b932bd18c27d845f83a21", "description": "Nessus号称是世界上最流行的漏洞扫描程序,全世界有超过75000个组织在使用它。该工具提供完整的电脑漏洞扫描服务,并随时更新其漏洞数据库。Nessus不同于传统的漏洞扫描软件,Nessus可同时在本机或远端上遥控,进行系统的漏洞分析扫描", "author": "渗透安全HackTwo", "category": "渗透安全HackTwo", "pubDate": "2024-12-05T00:00:12" }, { "title": "新型 Android 恶意软件 DroidBot 瞄准欧洲银行用户", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247504934&idx=3&sn=09e44a53225b47183d331f0328fab9e4", "description": null, "author": "网络研究观", "category": "网络研究观", "pubDate": "2024-12-04T23:48:33" }, { "title": "Zabbix api_jsonrpc.php接口存在SQL注入漏洞CVE-2024-42327 附POC", "link": "https://mp.weixin.qq.com/s?__biz=MzIxMjEzMDkyMA==&mid=2247487930&idx=1&sn=589b3837a2dc8ff72e861b99f6947f5d", "description": null, "author": "南风漏洞复现文库", "category": "南风漏洞复现文库", "pubDate": "2024-12-04T23:08:58" }, { "title": "工具集:HeavenlyBypassAV(免杀工具)", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247484771&idx=1&sn=edb658df8647f36d20266189ef2f35e3", "description": null, "author": "风铃Sec", "category": "风铃Sec", "pubDate": "2024-12-04T22:15:59" }, { "title": "一种巧妙内核级可绕过EDR的入侵手段", "link": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492675&idx=1&sn=2976f9793011ea7dacce961cadd32530", "description": "这种攻击方式被称为BYOVD攻击, BYOVD 攻击的核心是攻击者将一个已知存在漏洞的内核驱动程序写入磁盘并加载,然后利用该漏洞执行特权操作。这些操作可能包括终止安全产品、绕过 EDR 防篡改保护、提取特权进程信息。", "author": "二进制空间安全", "category": "二进制空间安全", "pubDate": "2024-12-04T21:45:51" }, { "title": "钓鱼网页散播银狐木马,远控后门威胁终端安全", "link": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247520783&idx=1&sn=e6d18857c2b21d1bc8b80636051ff403", "description": null, "author": "火绒安全", "category": "火绒安全", "pubDate": "2024-12-04T21:44:58" }, { "title": "微软驱动程序关键漏洞已被APT组织利用", "link": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247632689&idx=3&sn=3c9e08e5af95f26a73913ce6e7ded2bc", "description": null, "author": "商密君", "category": "商密君", "pubDate": "2024-12-04T20:25:28" }, { "title": "微软驱动程序关键漏洞已被APT组织利用", "link": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651308802&idx=1&sn=ed99bbd47f1003dc1db38fa05309efca", "description": "漏洞允许攻击者远程接管整个系统。", "author": "FreeBuf", "category": "FreeBuf", "pubDate": "2024-12-04T19:03:41" }, { "title": "网安瞭望台第9期:0day 情报,OAuth 2.0授权流程学习", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTkwODU3Ng==&mid=2247513696&idx=1&sn=7c88b6b634b4ac1e28b987f2a9615627", "description": "网安资讯分享\\\\x0d\\\\x0aDAILY NEWS AND KNOWLEDGE", "author": "东方隐侠安全团队", "category": "东方隐侠安全团队", "pubDate": "2024-12-04T19:00:32" }, { "title": "APT-C-53(Gamaredon)组织广泛攻击活动分析", "link": "https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505004&idx=1&sn=903d7e5ba2a23d6ecfbd81a1871a112c", "description": "360高级威胁研究院对Gamaredon组织的几种常见攻击手段进行了深入分析,发现该组织持续采用各种复杂的技术和策略,包括使用恶意LNK文件、XHTML文件以及复杂的网络钓鱼活动", "author": "360威胁情报中心", "category": "360威胁情报中心", "pubDate": "2024-12-04T18:30:26" }, { "title": "代码审计之XX系统二次注入到RCE", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODg3NzExNw==&mid=2247488383&idx=1&sn=b60391877f30cdcc8a9c845ab2954999", "description": null, "author": "WK安全", "category": "WK安全", "pubDate": "2024-12-04T18:00:52" }, { "title": "【Windbg】学习及在CTF中解题", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247551822&idx=1&sn=eac87a1389d7471aeaea09a7880d41b2", "description": null, "author": "蚁景网络安全", "category": "蚁景网络安全", "pubDate": "2024-12-04T17:35:34" }, { "title": "攻防|记一次溯源真实案例", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247518549&idx=1&sn=ff36cee17cf0dfe0f89bfe2646611f16", "description": null, "author": "亿人安全", "category": "亿人安全", "pubDate": "2024-12-04T17:30:44" }, { "title": "用友NC workflowService SQL注入1day代码分析", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTUxNzAxMg==&mid=2247484141&idx=1&sn=ab52db7afb078dc0594ae666b550a7e6", "description": null, "author": "深白网安", "category": "深白网安", "pubDate": "2024-12-04T17:17:45" }, { "title": "无文件攻击一览:利用 Powershell 和 Microsoft 合法应用程序进行攻击", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525324&idx=1&sn=d646d82ca9b9ae36275b2e08032383f8", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-04T17:16:13" }, { "title": "剖析 JA4H 以改进 Sliver C2 检测", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525324&idx=2&sn=6f8406f5c586e98597fce64b18cf8037", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-04T17:16:13" }, { "title": "Linux 恶意软件开发:使用 Python 构建基于 TLS/SSL 的反向 shell", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525324&idx=3&sn=c7f548eaca5b4c86c66a4551d0e0c465", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-04T17:16:13" }, { "title": "【漏洞预警】ProFTPD权限管理不当漏洞可导致权限提升", "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489265&idx=1&sn=bfa7c936f79c9a65dfda98c9b44c5c6c", "description": null, "author": "飓风网络安全", "category": "飓风网络安全", "pubDate": "2024-12-04T16:48:38" }, { "title": "安卓逆向之第一代:整体型壳的工作原理", "link": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484348&idx=1&sn=853d0b9ffba606adede67a3dceb926d6", "description": null, "author": "Ting丶的安全笔记", "category": "Ting丶的安全笔记", "pubDate": "2024-12-04T16:47:09" }, { "title": "Java 反序列化之 XStream 反序列化", "link": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247487830&idx=1&sn=c73070283e1b24b768e04165b08c1289", "description": "XStream 是一个简单的基于 Java 库,Java 对象序列化到 XML,反之亦然。", "author": "蚁景网安", "category": "蚁景网安", "pubDate": "2024-12-04T16:30:42" }, { "title": "第71篇:某银行外网打点到内网核心区红队评估复盘", "link": "https://mp.weixin.qq.com/s?__biz=MzIzMjg0MjM5OQ==&mid=2247487941&idx=1&sn=9b320e074613a6b014ac1246d69e96e9", "description": "本期复盘一次银行的红队评估项目,基本上涵盖了外网打点、内网横向、社工钓鱼、供应链攻击、物理渗透、的方方面面,未知攻、焉知防,希望对红蓝双方都有借鉴意义。", "author": "嗨嗨安全", "category": "嗨嗨安全", "pubDate": "2024-12-04T15:55:10" }, { "title": "某企业SRC的两次WAF的对抗", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMDY3MzQyNQ==&mid=2247484734&idx=1&sn=8078a45842d6aa07b585f6791ec565ad", "description": null, "author": "OneTS安全团队", "category": "OneTS安全团队", "pubDate": "2024-12-04T14:58:35" }, { "title": "【开源工具】-无害化钓鱼平台pfish", "link": "https://mp.weixin.qq.com/s?__biz=MzA5OTI3MTE5MQ==&mid=2247485434&idx=1&sn=bf59cc92588b5bc09d84d8122325ed0c", "description": "无害化钓鱼平台pfish", "author": "埋藏酱油瓶", "category": "埋藏酱油瓶", "pubDate": "2024-12-04T14:46:08" }, { "title": "黑客利用 macOS 扩展文件属性隐藏恶意代码", "link": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580067&idx=1&sn=1b4cd406b7ac4ce6e199711f557c7808", "description": "威胁分子将恶意代码隐藏在自定义文件元数据中,并使用诱饵 PDF 文档来帮助逃避检测。", "author": "嘶吼专业版", "category": "嘶吼专业版", "pubDate": "2024-12-04T14:00:36" }, { "title": "新型漏洞攻击利用服务器进行恶意更新", "link": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580067&idx=2&sn=d10b2e801f0d756e658e21558ddff8d7", "description": "AmberWolf 披露了有关这两个漏洞的更多详细信息,并发布了一个名为 NachoVPN 的开源工具,该工具模拟可以利用这些漏洞的流氓 VPN 服务器。", "author": "嘶吼专业版", "category": "嘶吼专业版", "pubDate": "2024-12-04T14:00:36" }, { "title": "浅谈红队中那些常见的场景和问题", "link": "https://mp.weixin.qq.com/s?__biz=MzkzMzI3OTczNA==&mid=2247487440&idx=1&sn=0ae9cb74e601015c38b1b58c5d6498d5", "description": "浅谈红队中那些常见的场景和问题。", "author": "千寻安服", "category": "千寻安服", "pubDate": "2024-12-04T14:00:28" }, { "title": "支持自定义密码 | 哥斯拉免杀 过360、火绒、D盾 XlByPassGodzilla v1.3已更新!", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485847&idx=1&sn=74982dff5ea606b9f1082ede4deb0f6c", "description": "哥斯拉免杀XlByPassGodzilla v1.3已更新\\\\x0d\\\\x0a过360、火绒、D盾(部分过)", "author": "威零安全实验室", "category": "威零安全实验室", "pubDate": "2024-12-04T13:48:46" }, { "title": "【免杀思路】某60 SHELLCODE注入探测", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0OTY3OTc5Mw==&mid=2247484856&idx=1&sn=c30863a5525a3ed62f00fc83647e9d90", "description": null, "author": "网安鲲为帝", "category": "网安鲲为帝", "pubDate": "2024-12-04T13:46:16" }, { "title": "Zabbix SQL 注入 CVE-2024-42327 POC已公开", "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247490461&idx=2&sn=08cc776019baf385a479ee02ed9635ae", "description": "CVE-2024-42327 的 PoC 发布", "author": "棉花糖fans", "category": "棉花糖fans", "pubDate": "2024-12-04T13:30:05" }, { "title": "Web狗的近源渗透记录", "link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDA5NzUzNA==&mid=2247488520&idx=1&sn=0cb39ed4c4a6827600805a5c1b3683b9", "description": null, "author": "藏剑安全", "category": "藏剑安全", "pubDate": "2024-12-04T12:41:09" }, { "title": "linux系统中常见的几种文件传输方式", "link": "https://mp.weixin.qq.com/s?__biz=MzI3NjA4MjMyMw==&mid=2647789820&idx=1&sn=3fc71504ae514f9af5355d447cfdc75f", "description": "本文的几种传输方法针对的是在渗透中常遇到的情况。", "author": "乌鸦安全", "category": "乌鸦安全", "pubDate": "2024-12-04T12:17:48" }, { "title": "Mitre Att&ck框架T1059.008技术(Network Device CLI)的简单实现", "link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484883&idx=1&sn=ce52009dc757f7c57bb6bccd059a69b8", "description": "Mitre Att\\\\x26amp;ck框架T1059.008技术(Network Device CLI)的简单实现", "author": "新蜂网络安全实验室", "category": "新蜂网络安全实验室", "pubDate": "2024-12-04T12:10:26" }, { "title": "一次ASP.NET站点文件上传bypass", "link": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247614522&idx=1&sn=a80a20b412ee8bd03f82dc6277244e99", "description": null, "author": "白帽子左一", "category": "白帽子左一", "pubDate": "2024-12-04T12:02:44" }, { "title": "干货|一文搞懂加密流量检测的解决方法和技术细节", "link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247107&idx=2&sn=14422cc225f026b33245b6fe143ea536", "description": null, "author": "e安在线", "category": "e安在线", "pubDate": "2024-12-04T11:32:47" }, { "title": "系统文件管理行为漏洞导致本地提权", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0OTU2ODQ4Mw==&mid=2247486517&idx=1&sn=388de17165c44f34a9aa9f95be1ac96f", "description": "文章从两个C语言底层函数出发,分析在处理文件时,缺少对符号链接的严格检测,导致macOS的隐私绕过与本地提权及缓解方案。", "author": "奇安信天工实验室", "category": "奇安信天工实验室", "pubDate": "2024-12-04T11:30:51" }, { "title": "一文学会fastjson漏洞", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484160&idx=1&sn=768fc0310477001e491b83ee2ccdbd59", "description": "fastjson漏洞", "author": "simple学安全", "category": "simple学安全", "pubDate": "2024-12-04T10:55:30" }, { "title": "【重新架构】基于frp 过卡巴斯基、360核晶、defender、火绒的xlfrc v1.2发布!", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNjM5NDU0OA==&mid=2247486211&idx=3&sn=563d506f54cfa08428c80bc707e9bbdb", "description": "分离客户端与服务器端源码,减少程序静态特征\\\\x0d\\\\x0a过卡巴斯基、360、defender、火绒\\\\x0d\\\\x0a支持linux、windows平台", "author": "钟毓安全", "category": "钟毓安全", "pubDate": "2024-12-04T10:43:53" }, { "title": "EDR Silencers 与阻止 EDR 通信方法探索u200a-u200a第 2 部分", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485566&idx=1&sn=da384849804c481aefcad9f835e65683", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-04T10:30:23" }, { "title": "【全国职业技能大赛“信息安全与评估”赛项】Linux系统入侵排查与应急响应技术", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247485913&idx=1&sn=d11bcfbb72d32f8f9a4808c0b6ba001f", "description": null, "author": "神农Sec", "category": "神农Sec", "pubDate": "2024-12-04T10:11:41" }, { "title": "CVE-2017-7504 JBOSS反序列化漏洞复现", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2Mzg1MTA5MQ==&mid=2247484544&idx=1&sn=edccc83fdc6c490a2e6fea3dca97653f", "description": "JBoss AS 4.x JbossMQ实现过程的JMS over HTTP Invocation Layer的HTTPServerILServlet.java文件存在反序列化漏洞,远程攻击者可借助特制的序列化数据利用该漏洞执行任意代码。", "author": "网安知识库", "category": "网安知识库", "pubDate": "2024-12-04T10:00:45" }, { "title": "Venom Spider 为 MaaS 平台制造新型恶意软件", "link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793364&idx=3&sn=da0de415c1527aad4f9a58dd47947c23", "description": "“Venom Spider”威胁组织升级攻击工具。", "author": "军哥网络安全读报", "category": "军哥网络安全读报", "pubDate": "2024-12-04T09:00:54" }, { "title": "【实战小技巧系列】前端 JS 解密:一次简单高危漏洞案例", "link": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491124&idx=1&sn=a0b37e5980727d2306c23e85b77a4db1", "description": "前端 JS 解密:一次简单高危漏洞案例", "author": "实战安全研究", "category": "实战安全研究", "pubDate": "2024-12-04T09:00:23" }, { "title": "从JS到内网横向", "link": "https://mp.weixin.qq.com/s?__biz=MzUyNjk0Njg5Nw==&mid=2247484185&idx=1&sn=a9f95d93cc287d18e2541bb17a5e4c1e", "description": "前段时间参加了一场攻防演练,使用常规漏洞尝试未果后,想到不少师傅分享过从JS中寻找突破的文章,于是硬着头皮刚起了JS,最终打开了内网入口获取了靶标权限和个人信息。在此分享一下过程。", "author": "左逆安全攻防", "category": "左逆安全攻防", "pubDate": "2024-12-04T08:41:16" }, { "title": "银狐黑产最新加载器利用破解版VPN为诱饵进行传播", "link": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489624&idx=1&sn=d79b623b062721f4270af7e991894bf1", "description": "银狐黑产最新加载器利用破解版VPN为诱饵进行传播", "author": "安全分析与研究", "category": "安全分析与研究", "pubDate": "2024-12-04T08:41:01" }, { "title": "Windows漏洞:MS08-067远程代码执行漏洞复现及深度防御", "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247485627&idx=1&sn=22b7126319128dc90cd1fb3659a2c5c8", "description": null, "author": "安全君呀", "category": "安全君呀", "pubDate": "2024-12-04T08:10:39" }, { "title": "漏洞预警 | 致翔OA SQL注入漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491636&idx=2&sn=2d7f1f2bbdc233543e7c316a9a7d4297", "description": "致翔OA的/OpenWindows/open_juese.aspx接口存在SQL注入漏洞,未经身份验证的攻击者可以通过该漏洞获取数据库敏感信息。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-04T08:00:41" }, { "title": "漏洞预警 | Eking管理易任意文件上传漏洞", "link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491636&idx=3&sn=b01fdd9d4755ed5068d97d6a493c81fb", "description": "EKing管理易的/Base64Upload.ihtm接口处存在任意文件上传漏洞,未经身份验证的远程攻击者可利用此漏洞上传任意文件,在服务器端任意执行代码获取服务器权限,进而控制整个web服务器。", "author": "浅安安全", "category": "浅安安全", "pubDate": "2024-12-04T08:00:41" }, { "title": "记一次回显利用接管学校财务系统", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486891&idx=2&sn=7a470fde8eb7457c56e395fbdeea2652", "description": null, "author": "进击的HACK", "category": "进击的HACK", "pubDate": "2024-12-04T07:50:56" }, { "title": "OsCommerce v4 RCE:揭开文件上传绕过威胁", "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503761&idx=1&sn=6967ccadb1a4a56080ed1cdec5bd6cfd", "description": "在我最近的渗透测试中,我在 osCommerce v4 中发现了一个关键漏洞,特别", "author": "安全狗的自我修养", "category": "安全狗的自我修养", "pubDate": "2024-12-04T07:42:26" }, { "title": "Docker Privileged特权逃逸", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493740&idx=2&sn=ee345278088902534badddef929a7a62", "description": "文章前言在Docker中Privileged是一种特殊的权限模式,它允许Docker容器在启动时获取到与宿主", "author": "七芒星实验室", "category": "七芒星实验室", "pubDate": "2024-12-04T07:05:51" }, { "title": "基于动态Agent挖掘更多的反序列化入口", "link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517445&idx=1&sn=d6495be48e8a001ccb846c382c5a2336", "description": null, "author": "船山信安", "category": "船山信安", "pubDate": "2024-12-04T02:02:46" }, { "title": "文末获取 | 一款替代SNETCracker支持多协议弱口令爆破工具", "link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491543&idx=1&sn=91387096fc0e7cc0f34c0e842513435f", "description": null, "author": "星落安全团队", "category": "星落安全团队", "pubDate": "2024-12-04T00:03:46" }, { "title": "CVE-2024-42327 Zabbix 严重漏洞POC已公开!", "link": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506250&idx=1&sn=65c3600e701ae88d87981315807f4d12", "description": "CVE-2024-42327 Zabbix 严重漏洞POC已公开!请及时修复", "author": "一个不正经的黑客", "category": "一个不正经的黑客", "pubDate": "2024-12-04T00:01:00" }, { "title": "一款能快速探测可能存在SQL注入的Burpsuite插件 提高 SQL 注入测试效率|渗透测试", "link": "https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489248&idx=1&sn=28b8aa1e0b877a8d712468bd82d26459", "description": "DetSql是基于 BurpSuite Java 插件 API 开发的 SQL 注入探测插件,主要作用为快速从 http 流量中筛选出可能存在 SQL 注入的请求,在尽可能减少拦截的情况下提高 SQL 注入测试效率。", "author": "渗透安全HackTwo", "category": "渗透安全HackTwo", "pubDate": "2024-12-04T00:00:53" }, { "title": "【揭秘】打印机痕迹取证", "link": "https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048065&idx=2&sn=c2b79081f1e540ebe55d37898c8f3900", "description": null, "author": "电子物证", "category": "电子物证", "pubDate": "2024-12-04T00:00:53" }, { "title": "sign加密小程序漏洞挖掘", "link": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247498804&idx=1&sn=7b4841d81ea301d1b204b069ffc9250b", "description": null, "author": "网络安全者", "category": "网络安全者", "pubDate": "2024-12-04T00:00:14" }, { "title": "【漏洞预警】Dell NetWorker权限提升漏洞(CVE-2024-42422)", "link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489258&idx=1&sn=37b588ec3a46cd041f49cdc24390fdd6", "description": null, "author": "飓风网络安全", "category": "飓风网络安全", "pubDate": "2024-12-03T23:20:53" }, { "title": "searchsploit漏洞辅助利用工具", "link": "https://mp.weixin.qq.com/s?__biz=MzA3NTc0MTA1Mg==&mid=2664712099&idx=1&sn=61a72f188755066a11d2bbfb63a06708", "description": null, "author": "小兵搞安全", "category": "小兵搞安全", "pubDate": "2024-12-03T23:04:58" }, { "title": "GitLab漏洞汇总", "link": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491122&idx=1&sn=bb9371663020caf90ea8432d73756f63", "description": "本文汇总了gitlab从2016到2023年的一些常见漏洞。", "author": "实战安全研究", "category": "实战安全研究", "pubDate": "2024-12-03T22:37:34" }, { "title": "剖析JA4H指纹:提升Sliver C2检测能力", "link": "https://mp.weixin.qq.com/s?__biz=MzkyMjM0ODAwNg==&mid=2247488274&idx=1&sn=d31b4691a249e96a6e60836c9b2d3317", "description": "happy hunting", "author": "TIPFactory情报工厂", "category": "TIPFactory情报工厂", "pubDate": "2024-12-03T20:30:33" }, { "title": "动态逃逸杀软", "link": "https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488075&idx=1&sn=30866fcd85c0b1a1f1d5fef6f8f2cde1", "description": null, "author": "网安探索员", "category": "网安探索员", "pubDate": "2024-12-03T20:03:50" }, { "title": "应急响应 - Windows基础篇", "link": "https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489400&idx=1&sn=1b9208a83d4719f03c7e5582703f8236", "description": null, "author": "网络安全与取证研究", "category": "网络安全与取证研究", "pubDate": "2024-12-03T20:00:20" }, { "title": "两个影响WPS Office的任意代码执行漏洞分析", "link": "https://mp.weixin.qq.com/s?__biz=Mzg5OTQzNTI4Nw==&mid=2247488921&idx=1&sn=796d00590260af7c745e20f4cb082c0b", "description": null, "author": "黑客街安全团队", "category": "黑客街安全团队", "pubDate": "2024-12-03T19:17:41" }, { "title": "新型恶意软件能利用LogoFAIL漏洞感染Linux系统", "link": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651308739&idx=2&sn=9f511acdd37389f627c4dd8e2667b338", "description": "许多厂商产品会受到 LogoFAIL 漏洞的一种或多种变体的影响。", "author": "FreeBuf", "category": "FreeBuf", "pubDate": "2024-12-03T19:02:32" }, { "title": "分析运行APP内存中的敏感信息", "link": "https://mp.weixin.qq.com/s?__biz=MzAwOTQzMjMwOQ==&mid=2247483897&idx=1&sn=9b153c1f54e112bd43648e47809200ea", "description": "众所不知在OSS中,使用HTTP请求的Authorization Header来携带签名信息是进行身份验证的最常见方法。除了使用POST签名和URL签名之外,所有的OSS操作都需要通过Authorization Header来进行身份验证。", "author": "思极安全实验室", "category": "思极安全实验室", "pubDate": "2024-12-03T19:01:07" }, { "title": "【安全圈】新型恶意软件能利用LogoFAIL漏洞感染Linux系统", "link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066393&idx=4&sn=b1e7b15689fa221569f9a1cad7eff071", "description": null, "author": "安全圈", "category": "安全圈", "pubDate": "2024-12-03T19:00:52" }, { "title": "安卓逆向之Android-Intent介绍", "link": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484333&idx=1&sn=d634f8d7c16848236b8763cb07390347", "description": "安卓逆向之Android-Intent介绍", "author": "Ting丶的安全笔记", "category": "Ting丶的安全笔记", "pubDate": "2024-12-03T18:59:24" }, { "title": "11月漏洞快报 | Apache OFBiz 表达式注入漏洞、Oracle 文件泄露漏洞...", "link": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651134656&idx=2&sn=64e0a5818023dfe7a4f9a1c5e1101a01", "description": null, "author": "梆梆安全", "category": "梆梆安全", "pubDate": "2024-12-03T17:54:30" }, { "title": "无文件攻击的恶意软件加载器:PSLoramyra技术分析", "link": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492450&idx=1&sn=e25fe33cdbf7b2905dddbe3f503934ad", "description": "近日,一起大规模的数据泄露事件震动了网络安全界。名为“HikkI-Chan”的黑客在臭名昭著的Breach Forums上泄露了超过3.9亿VK用户的个人信息。", "author": "白泽安全实验室", "category": "白泽安全实验室", "pubDate": "2024-12-03T17:47:30" }, { "title": "利用断开的域管理员rdp会话提权", "link": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247551774&idx=1&sn=27b225e1a3c8cb15734b6e39c2e3ba68", "description": null, "author": "蚁景网络安全", "category": "蚁景网络安全", "pubDate": "2024-12-03T17:30:35" }, { "title": "Windows 工具被武器化:Wevtutil.exe 在新型攻击中被利用", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525251&idx=1&sn=8cf9d612a0fa98c133236ace9572e8f5", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-03T17:30:13" }, { "title": "从 Base64 到反向 Shell:从 Word 文档中解压恶意软件", "link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525251&idx=2&sn=70d91929eb7adde3106da6b8a73946dd", "description": null, "author": "Ots安全", "category": "Ots安全", "pubDate": "2024-12-03T17:30:13" }, { "title": "【技术分享】从网站搭建到木马免杀捆绑与拿shell全过程", "link": "https://mp.weixin.qq.com/s?__biz=MzIyNTIxNDA1Ng==&mid=2659211256&idx=1&sn=7be75392df645155a215faa354d98e14", "description": null, "author": "暗影网安实验室", "category": "暗影网安实验室", "pubDate": "2024-12-03T17:20:54" }, { "title": "【免杀+钓鱼】钓鱼页面搭建+免杀捆绑拿shell", "link": "https://mp.weixin.qq.com/s?__biz=MzkxMDc0MTc5Mw==&mid=2247483778&idx=1&sn=617673eea861e0f39c1b0c1f5e976558", "description": null, "author": "红岸基地网络安全", "category": "红岸基地网络安全", "pubDate": "2024-12-03T17:20:24" }, { "title": "Nmap 结果也能可视化?效果还真不错!", "link": "https://mp.weixin.qq.com/s?__biz=MzU0MDUxMDEzNQ==&mid=2247489676&idx=1&sn=a76a9b21c54c717195a7cb1ef7c87630", "description": null, "author": "黑客仓库", "category": "黑客仓库", "pubDate": "2024-12-03T16:30:24" }, { "title": "免杀对抗从0开始(六)", "link": "https://mp.weixin.qq.com/s?__biz=Mzk0MzU5NTg1Ng==&mid=2247484842&idx=1&sn=e686677da6362fd1f51d39052c58adae", "description": null, "author": "泾弦安全", "category": "泾弦安全", "pubDate": "2024-12-03T15:29:09" }, { "title": "EDR Silencers 与阻止 EDR 通信的方法探索 - 第一部分", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485552&idx=1&sn=8b6b477f2189c031b7faab345ea9f6a2", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-03T13:37:36" }, { "title": "未探索的 LOLBAS 技术 Wevtutil", "link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485552&idx=2&sn=f82bc68e8d2c879cb6e4744b550ede6a", "description": null, "author": "securitainment", "category": "securitainment", "pubDate": "2024-12-03T13:37:36" }, { "title": "损坏的 Word 文件助长复杂的网络钓鱼活动", "link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485795&idx=1&sn=ad88754e71bbff268358d0567838de6c", "description": null, "author": "三沐数安", "category": "三沐数安", "pubDate": "2024-12-03T12:31:38" }, { "title": "云安全红队渗透测试详解【案例实操】", "link": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247536949&idx=1&sn=ae9c6716667e57e6f8d66a034befdaac", "description": "内容较多,可收藏观看", "author": "教父爱分享", "category": "教父爱分享", "pubDate": "2024-12-03T12:03:06" }, { "title": "如何使用 Shodan狩猎C2", "link": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247614505&idx=1&sn=2fe91456fc059ab8a4c0588c08160f9a", "description": null, "author": "白帽子左一", "category": "白帽子左一", "pubDate": "2024-12-03T12:01:26" }, { "title": "记一次回显利用接管学校财务系统", "link": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247545624&idx=1&sn=88f0278c64118fc4e169de395776a9c5", "description": null, "author": "掌控安全EDU", "category": "掌控安全EDU", "pubDate": "2024-12-03T12:01:18" }, { "title": "【护网蓝队应急系列1】Windows入侵排查", "link": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247485605&idx=1&sn=8d6e9cc10aee02d296cc2d99807c4889", "description": null, "author": "安全君呀", "category": "安全君呀", "pubDate": "2024-12-03T11:54:01" }, { "title": "第101篇:一个绕过5层权限校验的0day漏洞的代码审计分析", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485183&idx=1&sn=10c23306ea0a57295373eb38828c61cf", "description": null, "author": "Jie安全", "category": "Jie安全", "pubDate": "2024-12-03T11:49:23" }, { "title": "Nighthawk 正在推翻 Cobalt Strike", "link": "https://mp.weixin.qq.com/s?__biz=Mzg4MzA4NTM0OA==&mid=2247492953&idx=1&sn=d9a55365e49765779b01df8d48c5f943", "description": "MDSec 团队通过此新版本加强了内存规避技术。借助新的 Python API 和注册自定义命令的能力,Nighthawk 正成为推翻 Cobalt Strike 的有力竞争者。", "author": "OSINT研习社", "category": "OSINT研习社", "pubDate": "2024-12-03T11:45:06" }, { "title": "Burpsuite存储桶配置不当漏洞检测插件", "link": "https://mp.weixin.qq.com/s?__biz=Mzg2MTg2NzI5OA==&mid=2247484752&idx=1&sn=11f717a42e8b1e332a6e68aa76a479fd", "description": "自动化检测存储桶漏洞工具", "author": "黑熊安全", "category": "黑熊安全", "pubDate": "2024-12-03T11:30:03" }, { "title": "【重新架构】基于frp 过卡巴斯基、360核晶、defender、火绒的xlfrc v1.2发布!", "link": "https://mp.weixin.qq.com/s?__biz=MzkwOTIzODg0MA==&mid=2247491258&idx=1&sn=20bfef1278649f270b44f8e6fbd998c1", "description": "分离客户端与服务器端源码,减少程序静态特征\\\\x0d\\\\x0a过卡巴斯基、360、defender、火绒\\\\x0d\\\\x0a支持linux、windows平台", "author": "爱喝酒烫头的曹操", "category": "爱喝酒烫头的曹操", "pubDate": "2024-12-03T11:10:03" } ]