[ { "title": "记一次渗透测试实战之Sea", "link": "https://xz.aliyun.com/t/16972", "published": "2024-12-31T14:47:50+08:00", "id": "https://xz.aliyun.com/t/16972", "summary": { "@type": "html", "#text": "记一次渗透测试实战之Sea" } }, { "title": "【免杀技术】致盲组件 - AMSI内存修复 (修改一个字节就能绕过AMSI?)", "link": "https://xz.aliyun.com/t/16971", "published": "2024-12-31T14:08:53+08:00", "id": "https://xz.aliyun.com/t/16971", "summary": { "@type": "html", "#text": "【免杀技术】致盲组件 - AMSI内存修复 (修改一个字节就能绕过AMSI?)" } }, { "title": "JAVA代码审计-jfinal", "link": "https://xz.aliyun.com/t/16969", "published": "2024-12-31T11:46:25+08:00", "id": "https://xz.aliyun.com/t/16969", "summary": { "@type": "html", "#text": "JAVA代码审计-jfinal" } }, { "title": "初探webshell免杀的艺术", "link": "https://xz.aliyun.com/t/16968", "published": "2024-12-31T11:13:41+08:00", "id": "https://xz.aliyun.com/t/16968", "summary": { "@type": "html", "#text": "初探webshell免杀的艺术" } }, { "title": "AWS云之EFS 挂载安全", "link": "https://xz.aliyun.com/t/16967", "published": "2024-12-31T02:20:32+08:00", "id": "https://xz.aliyun.com/t/16967", "summary": { "@type": "html", "#text": "AWS云之EFS 挂载安全" } }, { "title": "浅谈密码相关原理及代码实现", "link": "https://xz.aliyun.com/t/16966", "published": "2024-12-31T00:41:22+08:00", "id": "https://xz.aliyun.com/t/16966", "summary": { "@type": "html", "#text": "浅谈密码相关原理及代码实现" } }, { "title": "【免杀技术】WinApi规避 - 字符串HASH与动态调用 (完美的IAT隐藏技术)", "link": "https://xz.aliyun.com/t/16965", "published": "2024-12-31T00:04:33+08:00", "id": "https://xz.aliyun.com/t/16965", "summary": { "@type": "html", "#text": "【免杀技术】WinApi规避 - 字符串HASH与动态调用 (完美的IAT隐藏技术)" } }, { "title": "JAVA安全之Java Agent打内存马", "link": "https://xz.aliyun.com/t/16962", "published": "2024-12-30T16:02:07+08:00", "id": "https://xz.aliyun.com/t/16962", "summary": { "@type": "html", "#text": "JAVA安全之Java Agent打内存马" } }, { "title": "安卓逆向入门全面解析入口点定位,资源文件,四大组件,native,java层逆向(带实战例题)", "link": "https://xz.aliyun.com/t/16961", "published": "2024-12-30T15:27:00+08:00", "id": "https://xz.aliyun.com/t/16961", "summary": { "@type": "html", "#text": "安卓逆向入门全面解析入口点定位,资源文件,四大组件,native,java层逆向(带实战例题)" } }, { "title": "哥斯拉流量PHP3种加密方式讲解及PHP_XOR_BASE64爆破密钥思路", "link": "https://xz.aliyun.com/t/16960", "published": "2024-12-30T13:24:00+08:00", "id": "https://xz.aliyun.com/t/16960", "summary": { "@type": "html", "#text": "哥斯拉流量PHP3种加密方式讲解及PHP_XOR_BASE64爆破密钥思路" } }, { "title": "记一次某OA渗透测试有意思的文件上传漏洞挖掘经历以及分析", "link": "https://xz.aliyun.com/t/16959", "published": "2024-12-30T11:46:01+08:00", "id": "https://xz.aliyun.com/t/16959", "summary": { "@type": "html", "#text": "记一次某OA渗透测试有意思的文件上传漏洞挖掘经历以及分析" } }, { "title": "RASP从0到1", "link": "https://xz.aliyun.com/t/16958", "published": "2024-12-30T10:30:37+08:00", "id": "https://xz.aliyun.com/t/16958", "summary": { "@type": "html", "#text": "RASP从0到1" } }, { "title": "elephant Datart 1.0.0-rc3漏洞分析(CVE-2024-12994)", "link": "https://xz.aliyun.com/t/16957", "published": "2024-12-29T23:05:00+08:00", "id": "https://xz.aliyun.com/t/16957", "summary": { "@type": "html", "#text": "elephant Datart 1.0.0-rc3漏洞分析(CVE-2024-12994)" } }, { "title": "Android Security学习之ByteCTF2021_mobile 环境搭建+前两道题Writeup", "link": "https://xz.aliyun.com/t/16956", "published": "2024-12-29T22:32:16+08:00", "id": "https://xz.aliyun.com/t/16956", "summary": { "@type": "html", "#text": "Android Security学习之ByteCTF2021_mobile 环境搭建+前两道题Writeup" } }, { "title": "从JS源码分析到任意用户登录", "link": "https://xz.aliyun.com/t/16955", "published": "2024-12-29T22:30:27+08:00", "id": "https://xz.aliyun.com/t/16955", "summary": { "@type": "html", "#text": "从JS源码分析到任意用户登录" } }, { "title": "JS中的漏洞信息", "link": "https://xz.aliyun.com/t/16954", "published": "2024-12-29T21:41:24+08:00", "id": "https://xz.aliyun.com/t/16954", "summary": { "@type": "html", "#text": "JS中的漏洞信息" } }, { "title": "渗透测试-非寻常漏洞案例", "link": "https://xz.aliyun.com/t/16952", "published": "2024-12-29T19:23:31+08:00", "id": "https://xz.aliyun.com/t/16952", "summary": { "@type": "html", "#text": "渗透测试-非寻常漏洞案例" } }, { "title": "免杀基础-常见shellcode执行方式", "link": "https://xz.aliyun.com/t/16951", "published": "2024-12-29T16:44:22+08:00", "id": "https://xz.aliyun.com/t/16951", "summary": { "@type": "html", "#text": "免杀基础-常见shellcode执行方式" } }, { "title": "从APC到APC注入", "link": "https://xz.aliyun.com/t/16950", "published": "2024-12-29T16:43:39+08:00", "id": "https://xz.aliyun.com/t/16950", "summary": { "@type": "html", "#text": "从APC到APC注入" } }, { "title": "基于大模型LLM的黑白盒RCE漏洞自动化挖掘", "link": "https://xz.aliyun.com/t/16948", "published": "2024-12-29T13:27:39+08:00", "id": "https://xz.aliyun.com/t/16948", "summary": { "@type": "html", "#text": "基于大模型LLM的黑白盒RCE漏洞自动化挖掘" } }, { "title": "PHPGurukul Small CRM 1.0 sql注入漏洞分析(CVE-2024-12999)", "link": "https://xz.aliyun.com/t/16947", "published": "2024-12-29T11:41:00+08:00", "id": "https://xz.aliyun.com/t/16947", "summary": { "@type": "html", "#text": "PHPGurukul Small CRM 1.0 sql注入漏洞分析(CVE-2024-12999)" } }, { "title": "HTML Application利用", "link": "https://xz.aliyun.com/t/16946", "published": "2024-12-29T00:10:14+08:00", "id": "https://xz.aliyun.com/t/16946", "summary": { "@type": "html", "#text": "HTML Application利用" } }, { "title": "WBCE CMS v1.5.2代码审计以及cve分析扩展", "link": "https://xz.aliyun.com/t/16945", "published": "2024-12-28T23:51:27+08:00", "id": "https://xz.aliyun.com/t/16945", "summary": { "@type": "html", "#text": "WBCE CMS v1.5.2代码审计以及cve分析扩展" } }, { "title": "2024第一届Solar杯应急响应挑战赛 内存取证", "link": "https://xz.aliyun.com/t/16940", "published": "2024-12-28T18:33:23+08:00", "id": "https://xz.aliyun.com/t/16940", "summary": { "@type": "html", "#text": "2024第一届Solar杯应急响应挑战赛 内存取证" } }, { "title": "2024第一届Solar杯应急响应挑战赛WP", "link": "https://xz.aliyun.com/t/16938", "published": "2024-12-28T15:56:58+08:00", "id": "https://xz.aliyun.com/t/16938", "summary": { "@type": "html", "#text": "2024第一届Solar杯应急响应挑战赛WP" } }, { "title": "2024睿抗决赛pwn题解", "link": "https://xz.aliyun.com/t/16934", "published": "2024-12-28T12:26:54+08:00", "id": "https://xz.aliyun.com/t/16934", "summary": { "@type": "html", "#text": "2024睿抗决赛pwn题解" } }, { "title": "云安全之IAM权限提升场景和利用", "link": "https://xz.aliyun.com/t/16930", "published": "2024-12-27T19:09:32+08:00", "id": "https://xz.aliyun.com/t/16930", "summary": { "@type": "html", "#text": "云安全之IAM权限提升场景和利用" } }, { "title": "cjson&json 二进制漏洞利用总结", "link": "https://xz.aliyun.com/t/16928", "published": "2024-12-26T22:55:12+08:00", "id": "https://xz.aliyun.com/t/16928", "summary": { "@type": "html", "#text": "cjson&json 二进制漏洞利用总结" } }, { "title": "CVE-2024-9047 (WordPress File Upload 插件漏洞分析)", "link": "https://xz.aliyun.com/t/16927", "published": "2024-12-26T20:23:12+08:00", "id": "https://xz.aliyun.com/t/16927", "summary": { "@type": "html", "#text": "CVE-2024-9047 (WordPress File Upload 插件漏洞分析)" } }, { "title": "Windows应急响应之USBDevices日志", "link": "https://xz.aliyun.com/t/16926", "published": "2024-12-26T17:39:57+08:00", "id": "https://xz.aliyun.com/t/16926", "summary": { "@type": "html", "#text": "Windows应急响应之USBDevices日志" } }, { "title": "0CTF 2024 部分WP", "link": "https://xz.aliyun.com/t/16925", "published": "2024-12-26T17:39:49+08:00", "id": "https://xz.aliyun.com/t/16925", "summary": { "@type": "html", "#text": "0CTF 2024 部分WP" } }, { "title": "通过漏洞靶场学习Android应用安全", "link": "https://xz.aliyun.com/t/16924", "published": "2024-12-26T17:38:34+08:00", "id": "https://xz.aliyun.com/t/16924", "summary": { "@type": "html", "#text": "通过漏洞靶场学习Android应用安全" } }, { "title": "Apache mina CVE-2024-52046漏洞分析复现", "link": "https://xz.aliyun.com/t/16923", "published": "2024-12-26T17:30:45+08:00", "id": "https://xz.aliyun.com/t/16923", "summary": { "@type": "html", "#text": "Apache mina CVE-2024-52046漏洞分析复现" } }, { "title": "ciscn2024 androidso_re分析", "link": "https://xz.aliyun.com/t/16920", "published": "2024-12-26T10:37:32+08:00", "id": "https://xz.aliyun.com/t/16920", "summary": { "@type": "html", "#text": "ciscn2024 androidso_re分析" } }, { "title": "前端加解密对抗encrypt-labs", "link": "https://xz.aliyun.com/t/16919", "published": "2024-12-26T10:29:25+08:00", "id": "https://xz.aliyun.com/t/16919", "summary": { "@type": "html", "#text": "前端加解密对抗encrypt-labs" } }, { "title": "AFL工具使用实践:以libtiff为例的使用指南", "link": "https://xz.aliyun.com/t/16916", "published": "2024-12-26T04:16:13+08:00", "id": "https://xz.aliyun.com/t/16916", "summary": { "@type": "html", "#text": "AFL工具使用实践:以libtiff为例的使用指南" } }, { "title": "应急响应系列靶场解析", "link": "https://xz.aliyun.com/t/16914", "published": "2024-12-25T23:48:42+08:00", "id": "https://xz.aliyun.com/t/16914", "summary": { "@type": "html", "#text": "应急响应系列靶场解析" } }, { "title": "记一次某红蓝演练经历", "link": "https://xz.aliyun.com/t/16913", "published": "2024-12-25T22:35:21+08:00", "id": "https://xz.aliyun.com/t/16913", "summary": { "@type": "html", "#text": "记一次某红蓝演练经历" } }, { "title": "Java安全-WebShell免杀的多种方式", "link": "https://xz.aliyun.com/t/16912", "published": "2024-12-25T21:33:55+08:00", "id": "https://xz.aliyun.com/t/16912", "summary": { "@type": "html", "#text": "Java安全-WebShell免杀的多种方式" } }, { "title": "Linux渗透实战之Nullbyte靶场提权", "link": "https://xz.aliyun.com/t/16911", "published": "2024-12-25T20:46:30+08:00", "id": "https://xz.aliyun.com/t/16911", "summary": { "@type": "html", "#text": "Linux渗透实战之Nullbyte靶场提权" } }, { "title": "六安市第二届网络安全大赛WP", "link": "https://xz.aliyun.com/t/16909", "published": "2024-12-25T18:21:31+08:00", "id": "https://xz.aliyun.com/t/16909", "summary": { "@type": "html", "#text": "六安市第二届网络安全大赛WP" } }, { "title": "PyYAML反序列化学习", "link": "https://xz.aliyun.com/t/16908", "published": "2024-12-25T18:12:03+08:00", "id": "https://xz.aliyun.com/t/16908", "summary": { "@type": "html", "#text": "PyYAML反序列化学习" } }, { "title": "JAVA安全之SpEL表达式执行", "link": "https://xz.aliyun.com/t/16905", "published": "2024-12-25T14:36:47+08:00", "id": "https://xz.aliyun.com/t/16905", "summary": { "@type": "html", "#text": "JAVA安全之SpEL表达式执行" } }, { "title": "从源码角度分析hessian特别的原因", "link": "https://xz.aliyun.com/t/16904", "published": "2024-12-25T13:46:49+08:00", "id": "https://xz.aliyun.com/t/16904", "summary": { "@type": "html", "#text": "从源码角度分析hessian特别的原因" } }, { "title": "fastapi 框架中的无回显利用", "link": "https://xz.aliyun.com/t/16903", "published": "2024-12-25T13:27:28+08:00", "id": "https://xz.aliyun.com/t/16903", "summary": { "@type": "html", "#text": "fastapi 框架中的无回显利用" } }, { "title": "Linux渗透实战之Trickster", "link": "https://xz.aliyun.com/t/16902", "published": "2024-12-25T11:49:15+08:00", "id": "https://xz.aliyun.com/t/16902", "summary": { "@type": "html", "#text": "Linux渗透实战之Trickster" } }, { "title": "HELLOCTF反序列化靶场全解", "link": "https://xz.aliyun.com/t/16901", "published": "2024-12-25T10:21:49+08:00", "id": "https://xz.aliyun.com/t/16901", "summary": { "@type": "html", "#text": "HELLOCTF反序列化靶场全解" } }, { "title": "Tomcat CVE-2024-50379 / CVE-2024-56337 条件竞争漏洞分析", "link": "https://xz.aliyun.com/t/16900", "published": "2024-12-25T09:41:05+08:00", "id": "https://xz.aliyun.com/t/16900", "summary": { "@type": "html", "#text": "Tomcat CVE-2024-50379 / CVE-2024-56337 条件竞争漏洞分析" } }, { "title": "AFL源码学习(一)", "link": "https://xz.aliyun.com/t/16896", "published": "2024-12-24T21:58:11+08:00", "id": "https://xz.aliyun.com/t/16896", "summary": { "@type": "html", "#text": "AFL源码学习(一)" } }, { "title": "基于科来的哥斯拉流量分析", "link": "https://xz.aliyun.com/t/16895", "published": "2024-12-24T17:04:59+08:00", "id": "https://xz.aliyun.com/t/16895", "summary": { "@type": "html", "#text": "基于科来的哥斯拉流量分析" } }, { "title": "Java安全之加载shellcode_bypass杀软", "link": "https://xz.aliyun.com/t/16894", "published": "2024-12-24T16:57:00+08:00", "id": "https://xz.aliyun.com/t/16894", "summary": { "@type": "html", "#text": "Java安全之加载shellcode_bypass杀软" } }, { "title": "pwn的堆中如何使用off by one 和off by null的详细解析以及每一步的调试过程", "link": "https://xz.aliyun.com/t/16893", "published": "2024-12-24T15:41:09+08:00", "id": "https://xz.aliyun.com/t/16893", "summary": { "@type": "html", "#text": "pwn的堆中如何使用off by one 和off by null的详细解析以及每一步的调试过程" } }, { "title": "Linux渗透实战之Instant", "link": "https://xz.aliyun.com/t/16889", "published": "2024-12-23T20:01:20+08:00", "id": "https://xz.aliyun.com/t/16889", "summary": { "@type": "html", "#text": "Linux渗透实战之Instant" } }, { "title": "vulnhub靶机billu_b0x精讲", "link": "https://xz.aliyun.com/t/16888", "published": "2024-12-23T18:33:18+08:00", "id": "https://xz.aliyun.com/t/16888", "summary": { "@type": "html", "#text": "vulnhub靶机billu_b0x精讲" } }, { "title": "企业上云的新攻击面分析", "link": "https://xz.aliyun.com/t/16887", "published": "2024-12-23T17:43:33+08:00", "id": "https://xz.aliyun.com/t/16887", "summary": { "@type": "html", "#text": "企业上云的新攻击面分析" } }, { "title": "分享Fastjson反序列化漏洞原理+漏洞复现+实战案例+POC收集", "link": "https://xz.aliyun.com/t/16886", "published": "2024-12-23T17:29:43+08:00", "id": "https://xz.aliyun.com/t/16886", "summary": { "@type": "html", "#text": "分享Fastjson反序列化漏洞原理+漏洞复现+实战案例+POC收集" } }, { "title": "ECH,新时代的域前置", "link": "https://xz.aliyun.com/t/16884", "published": "2024-12-23T16:17:20+08:00", "id": "https://xz.aliyun.com/t/16884", "summary": { "@type": "html", "#text": "ECH,新时代的域前置" } }, { "title": "CSS Injection 从入门到精通", "link": "https://xz.aliyun.com/t/16879", "published": "2024-12-22T22:06:24+08:00", "id": "https://xz.aliyun.com/t/16879", "summary": { "@type": "html", "#text": "CSS Injection 从入门到精通" } }, { "title": "2024 CISCN & 第二届长城杯铁人三项赛 0解Web BookManager 题解", "link": "https://xz.aliyun.com/t/16878", "published": "2024-12-22T20:46:30+08:00", "id": "https://xz.aliyun.com/t/16878", "summary": { "@type": "html", "#text": "2024 CISCN & 第二届长城杯铁人三项赛 0解Web BookManager 题解" } }, { "title": "LitCTF2024--Crypto-wp", "link": "https://xz.aliyun.com/t/16875", "published": "2024-12-22T16:19:45+08:00", "id": "https://xz.aliyun.com/t/16875", "summary": { "@type": "html", "#text": "LitCTF2024--Crypto-wp" } }, { "title": "kioptix level 3靶机getshell及提权(按oscp考证要求使用)", "link": "https://xz.aliyun.com/t/16874", "published": "2024-12-22T16:15:09+08:00", "id": "https://xz.aliyun.com/t/16874", "summary": { "@type": "html", "#text": "kioptix level 3靶机getshell及提权(按oscp考证要求使用)" } }, { "title": "Linux渗透实战之HTB-Heal", "link": "https://xz.aliyun.com/t/16873", "published": "2024-12-22T15:13:56+08:00", "id": "https://xz.aliyun.com/t/16873", "summary": { "@type": "html", "#text": "Linux渗透实战之HTB-Heal" } }, { "title": "春秋云境-多维挑战-CloudNet-WP", "link": "https://xz.aliyun.com/t/16872", "published": "2024-12-22T03:40:12+08:00", "id": "https://xz.aliyun.com/t/16872", "summary": { "@type": "html", "#text": "春秋云境-多维挑战-CloudNet-WP" } }, { "title": "另辟蹊径的bypass方式", "link": "https://xz.aliyun.com/t/16871", "published": "2024-12-22T00:16:30+08:00", "id": "https://xz.aliyun.com/t/16871", "summary": { "@type": "html", "#text": "另辟蹊径的bypass方式" } }, { "title": "国城杯线下web出题思路分享", "link": "https://xz.aliyun.com/t/16870", "published": "2024-12-21T23:05:12+08:00", "id": "https://xz.aliyun.com/t/16870", "summary": { "@type": "html", "#text": "国城杯线下web出题思路分享" } }, { "title": "国城杯线下决赛master_ast题解", "link": "https://xz.aliyun.com/t/16869", "published": "2024-12-21T21:44:07+08:00", "id": "https://xz.aliyun.com/t/16869", "summary": { "@type": "html", "#text": "国城杯线下决赛master_ast题解" } }, { "title": "暴力通关,PyAutoGUI解re游戏题——DASCTF2024最后一战RE部分题解", "link": "https://xz.aliyun.com/t/16867", "published": "2024-12-21T20:50:08+08:00", "id": "https://xz.aliyun.com/t/16867", "summary": { "@type": "html", "#text": "暴力通关,PyAutoGUI解re游戏题——DASCTF2024最后一战RE部分题解" } }, { "title": "DASCTF 2024最后一战|寒夜破晓,冬至终章(部分wp)", "link": "https://xz.aliyun.com/t/16866", "published": "2024-12-21T20:16:12+08:00", "id": "https://xz.aliyun.com/t/16866", "summary": { "@type": "html", "#text": "DASCTF 2024最后一战|寒夜破晓,冬至终章(部分wp)" } }, { "title": "2024 DASCTF const_python详解", "link": "https://xz.aliyun.com/t/16864", "published": "2024-12-21T19:51:16+08:00", "id": "https://xz.aliyun.com/t/16864", "summary": { "@type": "html", "#text": "2024 DASCTF const_python详解" } }, { "title": "Zeropz-楚慧杯L组WP", "link": "https://xz.aliyun.com/t/16863", "published": "2024-12-21T19:44:53+08:00", "id": "https://xz.aliyun.com/t/16863", "summary": { "@type": "html", "#text": "Zeropz-楚慧杯L组WP" } }, { "title": "Dirty Pagetable 学习 & 例题", "link": "https://xz.aliyun.com/t/16862", "published": "2024-12-21T19:23:38+08:00", "id": "https://xz.aliyun.com/t/16862", "summary": { "@type": "html", "#text": "Dirty Pagetable 学习 & 例题" } }, { "title": "针对单一系统渗透测试", "link": "https://xz.aliyun.com/t/16861", "published": "2024-12-21T19:21:15+08:00", "id": "https://xz.aliyun.com/t/16861", "summary": { "@type": "html", "#text": "针对单一系统渗透测试" } }, { "title": "Cross cache Attack技术细节分析", "link": "https://xz.aliyun.com/t/16860", "published": "2024-12-21T19:19:11+08:00", "id": "https://xz.aliyun.com/t/16860", "summary": { "@type": "html", "#text": "Cross cache Attack技术细节分析" } }, { "title": "某某语音auth值生成分析", "link": "https://xz.aliyun.com/t/16859", "published": "2024-12-21T17:59:50+08:00", "id": "https://xz.aliyun.com/t/16859", "summary": { "@type": "html", "#text": "某某语音auth值生成分析" } }, { "title": "蓝队—反钓鱼的策略提供", "link": "https://xz.aliyun.com/t/16858", "published": "2024-12-21T17:12:06+08:00", "id": "https://xz.aliyun.com/t/16858", "summary": { "@type": "html", "#text": "蓝队—反钓鱼的策略提供" } }, { "title": "windows内核进程遍历常见方式", "link": "https://xz.aliyun.com/t/16857", "published": "2024-12-21T16:38:04+08:00", "id": "https://xz.aliyun.com/t/16857", "summary": { "@type": "html", "#text": "windows内核进程遍历常见方式" } }, { "title": "ez_zhuawa出题记录", "link": "https://xz.aliyun.com/t/16856", "published": "2024-12-21T15:44:09+08:00", "id": "https://xz.aliyun.com/t/16856", "summary": { "@type": "html", "#text": "ez_zhuawa出题记录" } }, { "title": "Windows内核回调", "link": "https://xz.aliyun.com/t/16855", "published": "2024-12-21T15:17:48+08:00", "id": "https://xz.aliyun.com/t/16855", "summary": { "@type": "html", "#text": "Windows内核回调" } }, { "title": "Linux渗透实战之不一样的XSS", "link": "https://xz.aliyun.com/t/16853", "published": "2024-12-21T10:53:08+08:00", "id": "https://xz.aliyun.com/t/16853", "summary": { "@type": "html", "#text": "Linux渗透实战之不一样的XSS" } }, { "title": "基于优化的大模型越狱技术分析与实战", "link": "https://xz.aliyun.com/t/16852", "published": "2024-12-20T21:17:55+08:00", "id": "https://xz.aliyun.com/t/16852", "summary": { "@type": "html", "#text": "基于优化的大模型越狱技术分析与实战" } }, { "title": "2024年第九届“楚慧杯”湖北省网络与数据安全实践能力竞赛-RE", "link": "https://xz.aliyun.com/t/16850", "published": "2024-12-20T18:55:42+08:00", "id": "https://xz.aliyun.com/t/16850", "summary": { "@type": "html", "#text": "2024年第九届“楚慧杯”湖北省网络与数据安全实践能力竞赛-RE" } }, { "title": "2024年第九届“楚慧杯”湖北省网络与数据安全实践能力竞赛 pwn全解", "link": "https://xz.aliyun.com/t/16849", "published": "2024-12-20T17:24:00+08:00", "id": "https://xz.aliyun.com/t/16849", "summary": { "@type": "html", "#text": "2024年第九届“楚慧杯”湖北省网络与数据安全实践能力竞赛 pwn全解" } }, { "title": "代码审计-某物联网系统RCE", "link": "https://xz.aliyun.com/t/16848", "published": "2024-12-20T17:19:40+08:00", "id": "https://xz.aliyun.com/t/16848", "summary": { "@type": "html", "#text": "代码审计-某物联网系统RCE" } }, { "title": "2024年第九届“楚慧杯”湖北省网络与数据安全实践能力竞赛 WP", "link": "https://xz.aliyun.com/t/16847", "published": "2024-12-20T17:10:07+08:00", "id": "https://xz.aliyun.com/t/16847", "summary": { "@type": "html", "#text": "2024年第九届“楚慧杯”湖北省网络与数据安全实践能力竞赛 WP" } }, { "title": "某系统审计权限绕过-CVE-2024-9554", "link": "https://xz.aliyun.com/t/16845", "published": "2024-12-20T16:53:05+08:00", "id": "https://xz.aliyun.com/t/16845", "summary": { "@type": "html", "#text": "某系统审计权限绕过-CVE-2024-9554" } }, { "title": "某系统代码审计到getshell", "link": "https://xz.aliyun.com/t/16841", "published": "2024-12-20T16:08:09+08:00", "id": "https://xz.aliyun.com/t/16841", "summary": { "@type": "html", "#text": "某系统代码审计到getshell" } }, { "title": "2024年第九届“楚慧杯”湖北省网络与数据安全实践能力竞赛 web&pwn&Crypto", "link": "https://xz.aliyun.com/t/16846", "published": "2024-12-20T14:30:16+08:00", "id": "https://xz.aliyun.com/t/16846", "summary": { "@type": "html", "#text": "2024年第九届“楚慧杯”湖北省网络与数据安全实践能力竞赛 web&pwn&Crypto" } }, { "title": "银狐黑产组织最新免杀样本详细分析", "link": "https://xz.aliyun.com/t/16837", "published": "2024-12-20T08:17:20+08:00", "id": "https://xz.aliyun.com/t/16837", "summary": { "@type": "html", "#text": "银狐黑产组织最新免杀样本详细分析" } }, { "title": "初识AFL:工具安装与基本用法", "link": "https://xz.aliyun.com/t/16836", "published": "2024-12-20T03:07:30+08:00", "id": "https://xz.aliyun.com/t/16836", "summary": { "@type": "html", "#text": "初识AFL:工具安装与基本用法" } }, { "title": "某渗透中代码审计到内网遨游", "link": "https://xz.aliyun.com/t/16835", "published": "2024-12-19T21:53:53+08:00", "id": "https://xz.aliyun.com/t/16835", "summary": { "@type": "html", "#text": "某渗透中代码审计到内网遨游" } }, { "title": "Pointer Overflow CTF - 2024 Web全write up", "link": "https://xz.aliyun.com/t/16834", "published": "2024-12-19T20:58:58+08:00", "id": "https://xz.aliyun.com/t/16834", "summary": { "@type": "html", "#text": "Pointer Overflow CTF - 2024 Web全write up" } }, { "title": "浅析实战攻防中的信息收集", "link": "https://xz.aliyun.com/t/16832", "published": "2024-12-19T16:32:00+08:00", "id": "https://xz.aliyun.com/t/16832", "summary": { "@type": "html", "#text": "浅析实战攻防中的信息收集" } }, { "title": "Spring FatJar写文件到RCE分析", "link": "https://xz.aliyun.com/t/16831", "published": "2024-12-19T16:04:00+08:00", "id": "https://xz.aliyun.com/t/16831", "summary": { "@type": "html", "#text": "Spring FatJar写文件到RCE分析" } }, { "title": "应急响应记录之水坑挂马事件分析与恢复", "link": "https://xz.aliyun.com/t/16829", "published": "2024-12-19T14:27:41+08:00", "id": "https://xz.aliyun.com/t/16829", "summary": { "@type": "html", "#text": "应急响应记录之水坑挂马事件分析与恢复" } }, { "title": "万字长文窥探信息收集真正的艺术", "link": "https://xz.aliyun.com/t/16828", "published": "2024-12-19T13:57:53+08:00", "id": "https://xz.aliyun.com/t/16828", "summary": { "@type": "html", "#text": "万字长文窥探信息收集真正的艺术" } }, { "title": "记一次5000万资产的渗透测试", "link": "https://xz.aliyun.com/t/16827", "published": "2024-12-19T12:34:52+08:00", "id": "https://xz.aliyun.com/t/16827", "summary": { "@type": "html", "#text": "记一次5000万资产的渗透测试" } }, { "title": "一次 house of force 练习:HTB pwn - Fancy names", "link": "https://xz.aliyun.com/t/16825", "published": "2024-12-19T11:41:53+08:00", "id": "https://xz.aliyun.com/t/16825", "summary": { "@type": "html", "#text": "一次 house of force 练习:HTB pwn - Fancy names" } }, { "title": "【CVE-2025-50379】利用cursor解读tomcat 条件竞争导致RCE漏洞", "link": "https://xz.aliyun.com/t/16824", "published": "2024-12-19T11:13:41+08:00", "id": "https://xz.aliyun.com/t/16824", "summary": { "@type": "html", "#text": "【CVE-2025-50379】利用cursor解读tomcat 条件竞争导致RCE漏洞" } }, { "title": "面向GPTs的提示词注入攻击分析", "link": "https://xz.aliyun.com/t/16816", "published": "2024-12-18T23:23:30+08:00", "id": "https://xz.aliyun.com/t/16816", "summary": { "@type": "html", "#text": "面向GPTs的提示词注入攻击分析" } }, { "title": "PE文件代码注入", "link": "https://xz.aliyun.com/t/16815", "published": "2024-12-18T23:11:47+08:00", "id": "https://xz.aliyun.com/t/16815", "summary": { "@type": "html", "#text": "PE文件代码注入" } } ]