MasonLiu/PyBot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
dfe30f4776
PyBot/JSON/doonsec.json

1602 lines
82 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[
{
"title": "CVE-2024-31317 复现",
"link": "https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515004&idx=1&sn=49ef9432fd64ba81064c5af61066efee",
"description": "最近做一个测试的项目刚好是安卓车机于是想起来了这篇写一半的博客,赶紧趁着还能想起一点东西赶紧记录了下来。",
"author": "白帽100安全攻防实验室",
"category": "白帽100安全攻防实验室",
"pubDate": "2024-12-05T11:30:33"
},
{
"title": "APT 组织之间的对抗:俄罗斯 APT Turla 窃取了巴基斯坦 APT 组织的数据",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492849&idx=2&sn=a268b43ec7ef3072d0da2c731b8c43a9",
"description": null,
"author": "独眼情报",
"category": "独眼情报",
"pubDate": "2024-12-05T11:11:06"
},
{
"title": "Zabbix 漏洞CVE-2024-42327 (CVSS 9.9)的 PoC 发布",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492849&idx=4&sn=a3441c1ca8c3aba877ceebd7454b594c",
"description": null,
"author": "独眼情报",
"category": "独眼情报",
"pubDate": "2024-12-05T11:11:06"
},
{
"title": "从赛门铁克管理代理(又名 Altiris中提取账户连接凭据ACCs",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485607&idx=1&sn=6686b6ca661897c4b5d84f044d0095b8",
"description": null,
"author": "securitainment",
"category": "securitainment",
"pubDate": "2024-12-05T10:24:37"
},
{
"title": "【免杀】向日葵密码、todesk密码命令行版本一键提取工具",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwOTIzODg0MA==&mid=2247491260&idx=1&sn=d2998f3b46a506b8711bf523b7733a50",
"description": "向日葵、todesk提取工具\\\\x0d\\\\x0a基于fscan二开的xlscan\\\\x0d\\\\x0a过360、火绒等杀软",
"author": "爱喝酒烫头的曹操",
"category": "爱喝酒烫头的曹操",
"pubDate": "2024-12-05T10:06:33"
},
{
"title": "版本更新 | 单文件一键击溃火绒进程 v1.1发布!",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485849&idx=1&sn=951f8f326995324daa476fe117c2b15e",
"description": "单文件一键击溃火绒进程 v1.1发布!\\\\x0d\\\\x0a使用资源文件嵌入驱动避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件旧版本驱动证书已过期",
"author": "威零安全实验室",
"category": "威零安全实验室",
"pubDate": "2024-12-05T10:04:27"
},
{
"title": "微信4.0聊天记录数据库文件解密分析",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604505&idx=4&sn=e59a2078c09bc1db7d2094cf014dfd4a",
"description": null,
"author": "黑白之道",
"category": "黑白之道",
"pubDate": "2024-12-05T10:03:19"
},
{
"title": "安卓逆向之第二代:函数抽取型壳",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484355&idx=1&sn=a0fd336b796484a0e7abf6d02f246b06",
"description": null,
"author": "Ting的安全笔记",
"category": "Ting的安全笔记",
"pubDate": "2024-12-05T10:01:18"
},
{
"title": "【翻译】CORS - 错误配置和绕过",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4NzgzMjUzOA==&mid=2247485324&idx=1&sn=edbf22ad696def57e27f4d38b81d689d",
"description": null,
"author": "安全视安",
"category": "安全视安",
"pubDate": "2024-12-05T09:56:43"
},
{
"title": "【Linux运维】宝塔环境升级HTTP/3",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxMzIwNTY1OA==&mid=2247509575&idx=1&sn=94ea87716de2777f60f8187050014cfb",
"description": "本文简单的为大家分享如何在宝塔环境中如何升级http/3协议。",
"author": "kali笔记",
"category": "kali笔记",
"pubDate": "2024-12-05T09:12:03"
},
{
"title": "资产收集常用工具以及思路总结",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzMjIxNjExNg==&mid=2247485972&idx=1&sn=bd5d2a38ea67d7ed891e03e356d17c52",
"description": "这些常用的资产收集工具和思路你都了解并经常使用么?",
"author": "沃克学安全",
"category": "沃克学安全",
"pubDate": "2024-12-05T09:03:47"
},
{
"title": "CISA 警告 Zyxel 防火墙漏洞可能被利用进行攻击",
"link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793379&idx=3&sn=62ee6dd06f47c5b1777c48cd0a47a9fa",
"description": "CISA 警告多款 Zyxel 防火墙设备中的路径遍历漏洞被积极利用。",
"author": "军哥网络安全读报",
"category": "军哥网络安全读报",
"pubDate": "2024-12-05T09:00:58"
},
{
"title": "记两次内网入侵溯源的真实案例",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxMTUyMjUxMw==&mid=2247523029&idx=1&sn=2f33efd5da4783fc615dbbb96086cd73",
"description": "记两次内网入侵溯源的真实案例",
"author": "猫蛋儿安全",
"category": "猫蛋儿安全",
"pubDate": "2024-12-05T09:00:09"
},
{
"title": "实战红蓝谈一谈NSmartProxy流量特征在实战中的表现",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247485956&idx=1&sn=3471aaf7c173b144ec8beee719616a67",
"description": null,
"author": "神农Sec",
"category": "神农Sec",
"pubDate": "2024-12-05T08:32:38"
},
{
"title": "Linux应急响应检查工具【单机终极版】",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247492906&idx=1&sn=1bac25e1425fc528f71e7ed0ab1e3485",
"description": null,
"author": "夜组安全",
"category": "夜组安全",
"pubDate": "2024-12-05T08:04:28"
},
{
"title": "漏洞预警 | GitLab权限提升漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491639&idx=1&sn=39e40ca6d804352e6d20235db2217c6f",
"description": "GitLab存在权限提升漏洞由于GitLab中对LFS令牌的权限管理不当当攻击者获取目标用户的个人访问令牌后可以进一步滥用该PAT生成的LFS令牌利用该漏洞实现权限提升从而可能导致敏感信息泄露或执行未授权操作。",
"author": "浅安安全",
"category": "浅安安全",
"pubDate": "2024-12-05T08:03:24"
},
{
"title": "漏洞预警 | 用友NC SQL注入漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491639&idx=2&sn=ef0f15d92963fe62bd06df07429f9bce",
"description": "用友NC的/portal/pt/task/process接口存在SQL注入漏洞攻击者通过利用SQL注入漏洞配合数据库xp cmdshel可以执行任意命令从而控制服务器。",
"author": "浅安安全",
"category": "浅安安全",
"pubDate": "2024-12-05T08:03:24"
},
{
"title": "移动安全框架 (MobSF) 存在存储型XSS漏洞 | CVE-2024-53999",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509613&idx=1&sn=3d46d512c0ea527fdba9869e770416e8",
"description": null,
"author": "李白你好",
"category": "李白你好",
"pubDate": "2024-12-05T08:01:27"
},
{
"title": "API安全漏洞靶场crapi漏洞复现",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486893&idx=1&sn=4910174c4a8925e18aae62644f0d7dec",
"description": "通过该靶场学习以及分析当前常用的API技术以及该技术中存在的安全问题。",
"author": "进击的HACK",
"category": "进击的HACK",
"pubDate": "2024-12-05T07:55:38"
},
{
"title": "Kubelet端口未授权深入利用",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493754&idx=2&sn=fdfca15ecb8b98bcd7d1e97201b26bdd",
"description": "漏洞描述K8s Node对外开启10250(Kubelet API)和10255端口(readonly AP",
"author": "七芒星实验室",
"category": "七芒星实验室",
"pubDate": "2024-12-05T07:02:55"
},
{
"title": "思科ASA漏洞CVE-2014-2120当前正在被利用攻击",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247492872&idx=1&sn=63eff1dd884f77fb706066595cc12e75",
"description": null,
"author": "黑猫安全",
"category": "黑猫安全",
"pubDate": "2024-12-05T07:01:27"
},
{
"title": "浅谈常见中间人攻击",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2MzkwNDU1Mw==&mid=2247485363&idx=1&sn=3724a1da9ae81f364c92137a4175198a",
"description": null,
"author": "信安路漫漫",
"category": "信安路漫漫",
"pubDate": "2024-12-05T07:00:44"
},
{
"title": "哥斯拉源码解读+如何绕过waf检测",
"link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517466&idx=1&sn=925493f67805f6648aa9d36a4185c46b",
"description": null,
"author": "船山信安",
"category": "船山信安",
"pubDate": "2024-12-05T02:00:55"
},
{
"title": "版本更新 | 单文件一键击溃火绒进程 v1.1发布!",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491559&idx=1&sn=80e7f6359e4fb08a364c31e2ccd5c59a",
"description": "单文件一键击溃火绒进程 v1.1发布!\\\\x0d\\\\x0a使用资源文件嵌入驱动避免直接依赖外部文件\\\\x0d\\\\x0a替换旧版本驱动文件旧版本驱动证书已过期",
"author": "星落安全团队",
"category": "星落安全团队",
"pubDate": "2024-12-05T00:00:59"
},
{
"title": "红蓝队病毒木马监控辅助工具12月3日更新",
"link": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247498820&idx=1&sn=2725bb5cbcb5e76e638a7e1c8836a0c7",
"description": null,
"author": "网络安全者",
"category": "网络安全者",
"pubDate": "2024-12-05T00:00:13"
},
{
"title": "最新Nessus2024.12.04版本主机漏洞扫描/探测工具下载|近期漏洞合集更新",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489275&idx=1&sn=363d8f9e531b932bd18c27d845f83a21",
"description": "Nessus号称是世界上最流行的漏洞扫描程序全世界有超过75000个组织在使用它。该工具提供完整的电脑漏洞扫描服务并随时更新其漏洞数据库。Nessus不同于传统的漏洞扫描软件Nessus可同时在本机或远端上遥控进行系统的漏洞分析扫描",
"author": "渗透安全HackTwo",
"category": "渗透安全HackTwo",
"pubDate": "2024-12-05T00:00:12"
},
{
"title": "新型 Android 恶意软件 DroidBot 瞄准欧洲银行用户",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNDM4OTM3OQ==&mid=2247504934&idx=3&sn=09e44a53225b47183d331f0328fab9e4",
"description": null,
"author": "网络研究观",
"category": "网络研究观",
"pubDate": "2024-12-04T23:48:33"
},
{
"title": "Zabbix api_jsonrpc.php接口存在SQL注入漏洞CVE-2024-42327 附POC",
"link": "https://mp.weixin.qq.com/s?__biz=MzIxMjEzMDkyMA==&mid=2247487930&idx=1&sn=589b3837a2dc8ff72e861b99f6947f5d",
"description": null,
"author": "南风漏洞复现文库",
"category": "南风漏洞复现文库",
"pubDate": "2024-12-04T23:08:58"
},
{
"title": "工具集HeavenlyBypassAV免杀工具",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0MjY1ODE5Mg==&mid=2247484771&idx=1&sn=edb658df8647f36d20266189ef2f35e3",
"description": null,
"author": "风铃Sec",
"category": "风铃Sec",
"pubDate": "2024-12-04T22:15:59"
},
{
"title": "一种巧妙内核级可绕过EDR的入侵手段",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxOTUyOTc0NQ==&mid=2247492675&idx=1&sn=2976f9793011ea7dacce961cadd32530",
"description": "这种攻击方式被称为BYOVD攻击, BYOVD 攻击的核心是攻击者将一个已知存在漏洞的内核驱动程序写入磁盘并加载,然后利用该漏洞执行特权操作。这些操作可能包括终止安全产品、绕过 EDR 防篡改保护、提取特权进程信息。",
"author": "二进制空间安全",
"category": "二进制空间安全",
"pubDate": "2024-12-04T21:45:51"
},
{
"title": "钓鱼网页散播银狐木马,远控后门威胁终端安全",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247520783&idx=1&sn=e6d18857c2b21d1bc8b80636051ff403",
"description": null,
"author": "火绒安全",
"category": "火绒安全",
"pubDate": "2024-12-04T21:44:58"
},
{
"title": "微软驱动程序关键漏洞已被APT组织利用",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247632689&idx=3&sn=3c9e08e5af95f26a73913ce6e7ded2bc",
"description": null,
"author": "商密君",
"category": "商密君",
"pubDate": "2024-12-04T20:25:28"
},
{
"title": "微软驱动程序关键漏洞已被APT组织利用",
"link": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651308802&idx=1&sn=ed99bbd47f1003dc1db38fa05309efca",
"description": "漏洞允许攻击者远程接管整个系统。",
"author": "FreeBuf",
"category": "FreeBuf",
"pubDate": "2024-12-04T19:03:41"
},
{
"title": "网安瞭望台第9期0day 情报OAuth 2.0授权流程学习",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTkwODU3Ng==&mid=2247513696&idx=1&sn=7c88b6b634b4ac1e28b987f2a9615627",
"description": "网安资讯分享\\\\x0d\\\\x0aDAILY NEWS AND KNOWLEDGE",
"author": "东方隐侠安全团队",
"category": "东方隐侠安全团队",
"pubDate": "2024-12-04T19:00:32"
},
{
"title": "APT-C-53Gamaredon组织广泛攻击活动分析",
"link": "https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247505004&idx=1&sn=903d7e5ba2a23d6ecfbd81a1871a112c",
"description": "360高级威胁研究院对Gamaredon组织的几种常见攻击手段进行了深入分析发现该组织持续采用各种复杂的技术和策略包括使用恶意LNK文件、XHTML文件以及复杂的网络钓鱼活动",
"author": "360威胁情报中心",
"category": "360威胁情报中心",
"pubDate": "2024-12-04T18:30:26"
},
{
"title": "代码审计之XX系统二次注入到RCE",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODg3NzExNw==&mid=2247488383&idx=1&sn=b60391877f30cdcc8a9c845ab2954999",
"description": null,
"author": "WK安全",
"category": "WK安全",
"pubDate": "2024-12-04T18:00:52"
},
{
"title": "【Windbg】学习及在CTF中解题",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247551822&idx=1&sn=eac87a1389d7471aeaea09a7880d41b2",
"description": null,
"author": "蚁景网络安全",
"category": "蚁景网络安全",
"pubDate": "2024-12-04T17:35:34"
},
{
"title": "攻防|记一次溯源真实案例",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTIzNTgzMQ==&mid=2247518549&idx=1&sn=ff36cee17cf0dfe0f89bfe2646611f16",
"description": null,
"author": "亿人安全",
"category": "亿人安全",
"pubDate": "2024-12-04T17:30:44"
},
{
"title": "用友NC workflowService SQL注入1day代码分析",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0MTUxNzAxMg==&mid=2247484141&idx=1&sn=ab52db7afb078dc0594ae666b550a7e6",
"description": null,
"author": "深白网安",
"category": "深白网安",
"pubDate": "2024-12-04T17:17:45"
},
{
"title": "无文件攻击一览:利用 Powershell 和 Microsoft 合法应用程序进行攻击",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525324&idx=1&sn=d646d82ca9b9ae36275b2e08032383f8",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-04T17:16:13"
},
{
"title": "剖析 JA4H 以改进 Sliver C2 检测",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525324&idx=2&sn=6f8406f5c586e98597fce64b18cf8037",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-04T17:16:13"
},
{
"title": "Linux 恶意软件开发:使用 Python 构建基于 TLS/SSL 的反向 shell",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525324&idx=3&sn=c7f548eaca5b4c86c66a4551d0e0c465",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-04T17:16:13"
},
{
"title": "【漏洞预警】ProFTPD权限管理不当漏洞可导致权限提升",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489265&idx=1&sn=bfa7c936f79c9a65dfda98c9b44c5c6c",
"description": null,
"author": "飓风网络安全",
"category": "飓风网络安全",
"pubDate": "2024-12-04T16:48:38"
},
{
"title": "安卓逆向之第一代:整体型壳的工作原理",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484348&idx=1&sn=853d0b9ffba606adede67a3dceb926d6",
"description": null,
"author": "Ting的安全笔记",
"category": "Ting的安全笔记",
"pubDate": "2024-12-04T16:47:09"
},
{
"title": "Java 反序列化之 XStream 反序列化",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247487830&idx=1&sn=c73070283e1b24b768e04165b08c1289",
"description": "XStream 是一个简单的基于 Java 库Java 对象序列化到 XML反之亦然。",
"author": "蚁景网安",
"category": "蚁景网安",
"pubDate": "2024-12-04T16:30:42"
},
{
"title": "第71篇某银行外网打点到内网核心区红队评估复盘",
"link": "https://mp.weixin.qq.com/s?__biz=MzIzMjg0MjM5OQ==&mid=2247487941&idx=1&sn=9b320e074613a6b014ac1246d69e96e9",
"description": "本期复盘一次银行的红队评估项目,基本上涵盖了外网打点、内网横向、社工钓鱼、供应链攻击、物理渗透、的方方面面,未知攻、焉知防,希望对红蓝双方都有借鉴意义。",
"author": "嗨嗨安全",
"category": "嗨嗨安全",
"pubDate": "2024-12-04T15:55:10"
},
{
"title": "某企业SRC的两次WAF的对抗",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxMDY3MzQyNQ==&mid=2247484734&idx=1&sn=8078a45842d6aa07b585f6791ec565ad",
"description": null,
"author": "OneTS安全团队",
"category": "OneTS安全团队",
"pubDate": "2024-12-04T14:58:35"
},
{
"title": "【开源工具】-无害化钓鱼平台pfish",
"link": "https://mp.weixin.qq.com/s?__biz=MzA5OTI3MTE5MQ==&mid=2247485434&idx=1&sn=bf59cc92588b5bc09d84d8122325ed0c",
"description": "无害化钓鱼平台pfish",
"author": "埋藏酱油瓶",
"category": "埋藏酱油瓶",
"pubDate": "2024-12-04T14:46:08"
},
{
"title": "黑客利用 macOS 扩展文件属性隐藏恶意代码",
"link": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580067&idx=1&sn=1b4cd406b7ac4ce6e199711f557c7808",
"description": "威胁分子将恶意代码隐藏在自定义文件元数据中,并使用诱饵 PDF 文档来帮助逃避检测。",
"author": "嘶吼专业版",
"category": "嘶吼专业版",
"pubDate": "2024-12-04T14:00:36"
},
{
"title": "新型漏洞攻击利用服务器进行恶意更新",
"link": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580067&idx=2&sn=d10b2e801f0d756e658e21558ddff8d7",
"description": "AmberWolf 披露了有关这两个漏洞的更多详细信息,并发布了一个名为 NachoVPN 的开源工具,该工具模拟可以利用这些漏洞的流氓 VPN 服务器。",
"author": "嘶吼专业版",
"category": "嘶吼专业版",
"pubDate": "2024-12-04T14:00:36"
},
{
"title": "浅谈红队中那些常见的场景和问题",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzMzI3OTczNA==&mid=2247487440&idx=1&sn=0ae9cb74e601015c38b1b58c5d6498d5",
"description": "浅谈红队中那些常见的场景和问题。",
"author": "千寻安服",
"category": "千寻安服",
"pubDate": "2024-12-04T14:00:28"
},
{
"title": "支持自定义密码 | 哥斯拉免杀 过360、火绒、D盾 XlByPassGodzilla v1.3已更新!",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485847&idx=1&sn=74982dff5ea606b9f1082ede4deb0f6c",
"description": "哥斯拉免杀XlByPassGodzilla v1.3已更新\\\\x0d\\\\x0a过360、火绒、D盾(部分过)",
"author": "威零安全实验室",
"category": "威零安全实验室",
"pubDate": "2024-12-04T13:48:46"
},
{
"title": "【免杀思路】某60 SHELLCODE注入探测",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0OTY3OTc5Mw==&mid=2247484856&idx=1&sn=c30863a5525a3ed62f00fc83647e9d90",
"description": null,
"author": "网安鲲为帝",
"category": "网安鲲为帝",
"pubDate": "2024-12-04T13:46:16"
},
{
"title": "Zabbix SQL 注入 CVE-2024-42327 POC已公开",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyOTQzNjIwNw==&mid=2247490461&idx=2&sn=08cc776019baf385a479ee02ed9635ae",
"description": "CVE-2024-42327 的 PoC 发布",
"author": "棉花糖fans",
"category": "棉花糖fans",
"pubDate": "2024-12-04T13:30:05"
},
{
"title": "Web狗的近源渗透记录",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDA5NzUzNA==&mid=2247488520&idx=1&sn=0cb39ed4c4a6827600805a5c1b3683b9",
"description": null,
"author": "藏剑安全",
"category": "藏剑安全",
"pubDate": "2024-12-04T12:41:09"
},
{
"title": "linux系统中常见的几种文件传输方式",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NjA4MjMyMw==&mid=2647789820&idx=1&sn=3fc71504ae514f9af5355d447cfdc75f",
"description": "本文的几种传输方法针对的是在渗透中常遇到的情况。",
"author": "乌鸦安全",
"category": "乌鸦安全",
"pubDate": "2024-12-04T12:17:48"
},
{
"title": "Mitre Att&ck框架T1059.008技术Network Device CLI的简单实现",
"link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484883&idx=1&sn=ce52009dc757f7c57bb6bccd059a69b8",
"description": "Mitre Att\\\\x26amp;ck框架T1059.008技术Network Device CLI的简单实现",
"author": "新蜂网络安全实验室",
"category": "新蜂网络安全实验室",
"pubDate": "2024-12-04T12:10:26"
},
{
"title": "一次ASP.NET站点文件上传bypass",
"link": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247614522&idx=1&sn=a80a20b412ee8bd03f82dc6277244e99",
"description": null,
"author": "白帽子左一",
"category": "白帽子左一",
"pubDate": "2024-12-04T12:02:44"
},
{
"title": "干货|一文搞懂加密流量检测的解决方法和技术细节",
"link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247107&idx=2&sn=14422cc225f026b33245b6fe143ea536",
"description": null,
"author": "e安在线",
"category": "e安在线",
"pubDate": "2024-12-04T11:32:47"
},
{
"title": "系统文件管理行为漏洞导致本地提权",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0OTU2ODQ4Mw==&mid=2247486517&idx=1&sn=388de17165c44f34a9aa9f95be1ac96f",
"description": "文章从两个C语言底层函数出发分析在处理文件时缺少对符号链接的严格检测导致macOS的隐私绕过与本地提权及缓解方案。",
"author": "奇安信天工实验室",
"category": "奇安信天工实验室",
"pubDate": "2024-12-04T11:30:51"
},
{
"title": "一文学会fastjson漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0NTY5Nzc1OA==&mid=2247484160&idx=1&sn=768fc0310477001e491b83ee2ccdbd59",
"description": "fastjson漏洞",
"author": "simple学安全",
"category": "simple学安全",
"pubDate": "2024-12-04T10:55:30"
},
{
"title": "【重新架构】基于frp 过卡巴斯基、360核晶、defender、火绒的xlfrc v1.2发布!",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNjM5NDU0OA==&mid=2247486211&idx=3&sn=563d506f54cfa08428c80bc707e9bbdb",
"description": "分离客户端与服务器端源码,减少程序静态特征\\\\x0d\\\\x0a过卡巴斯基、360、defender、火绒\\\\x0d\\\\x0a支持linux、windows平台",
"author": "钟毓安全",
"category": "钟毓安全",
"pubDate": "2024-12-04T10:43:53"
},
{
"title": "EDR Silencers 与阻止 EDR 通信方法探索u200a-u200a第 2 部分",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485566&idx=1&sn=da384849804c481aefcad9f835e65683",
"description": null,
"author": "securitainment",
"category": "securitainment",
"pubDate": "2024-12-04T10:30:23"
},
{
"title": "【全国职业技能大赛“信息安全与评估”赛项】Linux系统入侵排查与应急响应技术",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247485913&idx=1&sn=d11bcfbb72d32f8f9a4808c0b6ba001f",
"description": null,
"author": "神农Sec",
"category": "神农Sec",
"pubDate": "2024-12-04T10:11:41"
},
{
"title": "CVE-2017-7504 JBOSS反序列化漏洞复现",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2Mzg1MTA5MQ==&mid=2247484544&idx=1&sn=edccc83fdc6c490a2e6fea3dca97653f",
"description": "JBoss AS 4.x JbossMQ实现过程的JMS over HTTP Invocation Layer的HTTPServerILServlet.java文件存在反序列化漏洞远程攻击者可借助特制的序列化数据利用该漏洞执行任意代码。",
"author": "网安知识库",
"category": "网安知识库",
"pubDate": "2024-12-04T10:00:45"
},
{
"title": "Venom Spider 为 MaaS 平台制造新型恶意软件",
"link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793364&idx=3&sn=da0de415c1527aad4f9a58dd47947c23",
"description": "“Venom Spider”威胁组织升级攻击工具。",
"author": "军哥网络安全读报",
"category": "军哥网络安全读报",
"pubDate": "2024-12-04T09:00:54"
},
{
"title": "【实战小技巧系列】前端 JS 解密:一次简单高危漏洞案例",
"link": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491124&idx=1&sn=a0b37e5980727d2306c23e85b77a4db1",
"description": "前端 JS 解密:一次简单高危漏洞案例",
"author": "实战安全研究",
"category": "实战安全研究",
"pubDate": "2024-12-04T09:00:23"
},
{
"title": "从JS到内网横向",
"link": "https://mp.weixin.qq.com/s?__biz=MzUyNjk0Njg5Nw==&mid=2247484185&idx=1&sn=a9f95d93cc287d18e2541bb17a5e4c1e",
"description": "前段时间参加了一场攻防演练使用常规漏洞尝试未果后想到不少师傅分享过从JS中寻找突破的文章于是硬着头皮刚起了JS最终打开了内网入口获取了靶标权限和个人信息。在此分享一下过程。",
"author": "左逆安全攻防",
"category": "左逆安全攻防",
"pubDate": "2024-12-04T08:41:16"
},
{
"title": "银狐黑产最新加载器利用破解版VPN为诱饵进行传播",
"link": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489624&idx=1&sn=d79b623b062721f4270af7e991894bf1",
"description": "银狐黑产最新加载器利用破解版VPN为诱饵进行传播",
"author": "安全分析与研究",
"category": "安全分析与研究",
"pubDate": "2024-12-04T08:41:01"
},
{
"title": "Windows漏洞MS08-067远程代码执行漏洞复现及深度防御",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247485627&idx=1&sn=22b7126319128dc90cd1fb3659a2c5c8",
"description": null,
"author": "安全君呀",
"category": "安全君呀",
"pubDate": "2024-12-04T08:10:39"
},
{
"title": "漏洞预警 | 致翔OA SQL注入漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491636&idx=2&sn=2d7f1f2bbdc233543e7c316a9a7d4297",
"description": "致翔OA的/OpenWindows/open_juese.aspx接口存在SQL注入漏洞未经身份验证的攻击者可以通过该漏洞获取数据库敏感信息。",
"author": "浅安安全",
"category": "浅安安全",
"pubDate": "2024-12-04T08:00:41"
},
{
"title": "漏洞预警 | Eking管理易任意文件上传漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491636&idx=3&sn=b01fdd9d4755ed5068d97d6a493c81fb",
"description": "EKing管理易的/Base64Upload.ihtm接口处存在任意文件上传漏洞未经身份验证的远程攻击者可利用此漏洞上传任意文件在服务器端任意执行代码获取服务器权限进而控制整个web服务器。",
"author": "浅安安全",
"category": "浅安安全",
"pubDate": "2024-12-04T08:00:41"
},
{
"title": "记一次回显利用接管学校财务系统",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486891&idx=2&sn=7a470fde8eb7457c56e395fbdeea2652",
"description": null,
"author": "进击的HACK",
"category": "进击的HACK",
"pubDate": "2024-12-04T07:50:56"
},
{
"title": "OsCommerce v4 RCE揭开文件上传绕过威胁",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503761&idx=1&sn=6967ccadb1a4a56080ed1cdec5bd6cfd",
"description": "在我最近的渗透测试中,我在 osCommerce v4 中发现了一个关键漏洞,特别",
"author": "安全狗的自我修养",
"category": "安全狗的自我修养",
"pubDate": "2024-12-04T07:42:26"
},
{
"title": "Docker Privileged特权逃逸",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493740&idx=2&sn=ee345278088902534badddef929a7a62",
"description": "文章前言在Docker中Privileged是一种特殊的权限模式它允许Docker容器在启动时获取到与宿主",
"author": "七芒星实验室",
"category": "七芒星实验室",
"pubDate": "2024-12-04T07:05:51"
},
{
"title": "基于动态Agent挖掘更多的反序列化入口",
"link": "https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247517445&idx=1&sn=d6495be48e8a001ccb846c382c5a2336",
"description": null,
"author": "船山信安",
"category": "船山信安",
"pubDate": "2024-12-04T02:02:46"
},
{
"title": "文末获取 | 一款替代SNETCracker支持多协议弱口令爆破工具",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491543&idx=1&sn=91387096fc0e7cc0f34c0e842513435f",
"description": null,
"author": "星落安全团队",
"category": "星落安全团队",
"pubDate": "2024-12-04T00:03:46"
},
{
"title": "CVE-2024-42327 Zabbix 严重漏洞POC已公开",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwODI1ODgzOA==&mid=2247506250&idx=1&sn=65c3600e701ae88d87981315807f4d12",
"description": "CVE-2024-42327 Zabbix 严重漏洞POC已公开请及时修复",
"author": "一个不正经的黑客",
"category": "一个不正经的黑客",
"pubDate": "2024-12-04T00:01:00"
},
{
"title": "一款能快速探测可能存在SQL注入的Burpsuite插件 提高 SQL 注入测试效率|渗透测试",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg3ODE2MjkxMQ==&mid=2247489248&idx=1&sn=28b8aa1e0b877a8d712468bd82d26459",
"description": "DetSql是基于 BurpSuite Java 插件 API 开发的 SQL 注入探测插件,主要作用为快速从 http 流量中筛选出可能存在 SQL 注入的请求,在尽可能减少拦截的情况下提高 SQL 注入测试效率。",
"author": "渗透安全HackTwo",
"category": "渗透安全HackTwo",
"pubDate": "2024-12-04T00:00:53"
},
{
"title": "【揭秘】打印机痕迹取证",
"link": "https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048065&idx=2&sn=c2b79081f1e540ebe55d37898c8f3900",
"description": null,
"author": "电子物证",
"category": "电子物证",
"pubDate": "2024-12-04T00:00:53"
},
{
"title": "sign加密小程序漏洞挖掘",
"link": "https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247498804&idx=1&sn=7b4841d81ea301d1b204b069ffc9250b",
"description": null,
"author": "网络安全者",
"category": "网络安全者",
"pubDate": "2024-12-04T00:00:14"
},
{
"title": "【漏洞预警】Dell NetWorker权限提升漏洞(CVE-2024-42422)",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489258&idx=1&sn=37b588ec3a46cd041f49cdc24390fdd6",
"description": null,
"author": "飓风网络安全",
"category": "飓风网络安全",
"pubDate": "2024-12-03T23:20:53"
},
{
"title": "searchsploit漏洞辅助利用工具",
"link": "https://mp.weixin.qq.com/s?__biz=MzA3NTc0MTA1Mg==&mid=2664712099&idx=1&sn=61a72f188755066a11d2bbfb63a06708",
"description": null,
"author": "小兵搞安全",
"category": "小兵搞安全",
"pubDate": "2024-12-03T23:04:58"
},
{
"title": "GitLab漏洞汇总",
"link": "https://mp.weixin.qq.com/s?__biz=MzU0MTc2NTExNg==&mid=2247491122&idx=1&sn=bb9371663020caf90ea8432d73756f63",
"description": "本文汇总了gitlab从2016到2023年的一些常见漏洞。",
"author": "实战安全研究",
"category": "实战安全研究",
"pubDate": "2024-12-03T22:37:34"
},
{
"title": "剖析JA4H指纹提升Sliver C2检测能力",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyMjM0ODAwNg==&mid=2247488274&idx=1&sn=d31b4691a249e96a6e60836c9b2d3317",
"description": "happy hunting",
"author": "TIPFactory情报工厂",
"category": "TIPFactory情报工厂",
"pubDate": "2024-12-03T20:30:33"
},
{
"title": "动态逃逸杀软",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNTYwMTk4Mw==&mid=2247488075&idx=1&sn=30866fcd85c0b1a1f1d5fef6f8f2cde1",
"description": null,
"author": "网安探索员",
"category": "网安探索员",
"pubDate": "2024-12-03T20:03:50"
},
{
"title": "应急响应 - Windows基础篇",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247489400&idx=1&sn=1b9208a83d4719f03c7e5582703f8236",
"description": null,
"author": "网络安全与取证研究",
"category": "网络安全与取证研究",
"pubDate": "2024-12-03T20:00:20"
},
{
"title": "两个影响WPS Office的任意代码执行漏洞分析",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg5OTQzNTI4Nw==&mid=2247488921&idx=1&sn=796d00590260af7c745e20f4cb082c0b",
"description": null,
"author": "黑客街安全团队",
"category": "黑客街安全团队",
"pubDate": "2024-12-03T19:17:41"
},
{
"title": "新型恶意软件能利用LogoFAIL漏洞感染Linux系统",
"link": "https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651308739&idx=2&sn=9f511acdd37389f627c4dd8e2667b338",
"description": "许多厂商产品会受到 LogoFAIL 漏洞的一种或多种变体的影响。",
"author": "FreeBuf",
"category": "FreeBuf",
"pubDate": "2024-12-03T19:02:32"
},
{
"title": "分析运行APP内存中的敏感信息",
"link": "https://mp.weixin.qq.com/s?__biz=MzAwOTQzMjMwOQ==&mid=2247483897&idx=1&sn=9b153c1f54e112bd43648e47809200ea",
"description": "众所不知在OSS中使用HTTP请求的Authorization Header来携带签名信息是进行身份验证的最常见方法。除了使用POST签名和URL签名之外所有的OSS操作都需要通过Authorization Header来进行身份验证。",
"author": "思极安全实验室",
"category": "思极安全实验室",
"pubDate": "2024-12-03T19:01:07"
},
{
"title": "【安全圈】新型恶意软件能利用LogoFAIL漏洞感染Linux系统",
"link": "https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652066393&idx=4&sn=b1e7b15689fa221569f9a1cad7eff071",
"description": null,
"author": "安全圈",
"category": "安全圈",
"pubDate": "2024-12-03T19:00:52"
},
{
"title": "安卓逆向之Android-Intent介绍",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyODY3NjkyNQ==&mid=2247484333&idx=1&sn=d634f8d7c16848236b8763cb07390347",
"description": "安卓逆向之Android-Intent介绍",
"author": "Ting的安全笔记",
"category": "Ting的安全笔记",
"pubDate": "2024-12-03T18:59:24"
},
{
"title": "11月漏洞快报 | Apache OFBiz 表达式注入漏洞、Oracle 文件泄露漏洞...",
"link": "https://mp.weixin.qq.com/s?__biz=MjM5NzE0NTIxMg==&mid=2651134656&idx=2&sn=64e0a5818023dfe7a4f9a1c5e1101a01",
"description": null,
"author": "梆梆安全",
"category": "梆梆安全",
"pubDate": "2024-12-03T17:54:30"
},
{
"title": "无文件攻击的恶意软件加载器PSLoramyra技术分析",
"link": "https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492450&idx=1&sn=e25fe33cdbf7b2905dddbe3f503934ad",
"description": "近日一起大规模的数据泄露事件震动了网络安全界。名为“HikkI-Chan”的黑客在臭名昭著的Breach Forums上泄露了超过3.9亿VK用户的个人信息。",
"author": "白泽安全实验室",
"category": "白泽安全实验室",
"pubDate": "2024-12-03T17:47:30"
},
{
"title": "利用断开的域管理员rdp会话提权",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247551774&idx=1&sn=27b225e1a3c8cb15734b6e39c2e3ba68",
"description": null,
"author": "蚁景网络安全",
"category": "蚁景网络安全",
"pubDate": "2024-12-03T17:30:35"
},
{
"title": "Windows 工具被武器化Wevtutil.exe 在新型攻击中被利用",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525251&idx=1&sn=8cf9d612a0fa98c133236ace9572e8f5",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-03T17:30:13"
},
{
"title": "从 Base64 到反向 Shell从 Word 文档中解压恶意软件",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525251&idx=2&sn=70d91929eb7adde3106da6b8a73946dd",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-03T17:30:13"
},
{
"title": "【技术分享】从网站搭建到木马免杀捆绑与拿shell全过程",
"link": "https://mp.weixin.qq.com/s?__biz=MzIyNTIxNDA1Ng==&mid=2659211256&idx=1&sn=7be75392df645155a215faa354d98e14",
"description": null,
"author": "暗影网安实验室",
"category": "暗影网安实验室",
"pubDate": "2024-12-03T17:20:54"
},
{
"title": "【免杀+钓鱼】钓鱼页面搭建+免杀捆绑拿shell",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxMDc0MTc5Mw==&mid=2247483778&idx=1&sn=617673eea861e0f39c1b0c1f5e976558",
"description": null,
"author": "红岸基地网络安全",
"category": "红岸基地网络安全",
"pubDate": "2024-12-03T17:20:24"
},
{
"title": "Nmap 结果也能可视化?效果还真不错!",
"link": "https://mp.weixin.qq.com/s?__biz=MzU0MDUxMDEzNQ==&mid=2247489676&idx=1&sn=a76a9b21c54c717195a7cb1ef7c87630",
"description": null,
"author": "黑客仓库",
"category": "黑客仓库",
"pubDate": "2024-12-03T16:30:24"
},
{
"title": "免杀对抗从0开始",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0MzU5NTg1Ng==&mid=2247484842&idx=1&sn=e686677da6362fd1f51d39052c58adae",
"description": null,
"author": "泾弦安全",
"category": "泾弦安全",
"pubDate": "2024-12-03T15:29:09"
},
{
"title": "EDR Silencers 与阻止 EDR 通信的方法探索 - 第一部分",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485552&idx=1&sn=8b6b477f2189c031b7faab345ea9f6a2",
"description": null,
"author": "securitainment",
"category": "securitainment",
"pubDate": "2024-12-03T13:37:36"
},
{
"title": "未探索的 LOLBAS 技术 Wevtutil",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485552&idx=2&sn=f82bc68e8d2c879cb6e4744b550ede6a",
"description": null,
"author": "securitainment",
"category": "securitainment",
"pubDate": "2024-12-03T13:37:36"
},
{
"title": "损坏的 Word 文件助长复杂的网络钓鱼活动",
"link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485795&idx=1&sn=ad88754e71bbff268358d0567838de6c",
"description": null,
"author": "三沐数安",
"category": "三沐数安",
"pubDate": "2024-12-03T12:31:38"
},
{
"title": "云安全红队渗透测试详解【案例实操】",
"link": "https://mp.weixin.qq.com/s?__biz=MzI1Mjc3NTUwMQ==&mid=2247536949&idx=1&sn=ae9c6716667e57e6f8d66a034befdaac",
"description": "内容较多,可收藏观看",
"author": "教父爱分享",
"category": "教父爱分享",
"pubDate": "2024-12-03T12:03:06"
},
{
"title": "如何使用 Shodan狩猎C2",
"link": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247614505&idx=1&sn=2fe91456fc059ab8a4c0588c08160f9a",
"description": null,
"author": "白帽子左一",
"category": "白帽子左一",
"pubDate": "2024-12-03T12:01:26"
},
{
"title": "记一次回显利用接管学校财务系统",
"link": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247545624&idx=1&sn=88f0278c64118fc4e169de395776a9c5",
"description": null,
"author": "掌控安全EDU",
"category": "掌控安全EDU",
"pubDate": "2024-12-03T12:01:18"
},
{
"title": "【护网蓝队应急系列1】Windows入侵排查",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyOTUxMzk2NQ==&mid=2247485605&idx=1&sn=8d6e9cc10aee02d296cc2d99807c4889",
"description": null,
"author": "安全君呀",
"category": "安全君呀",
"pubDate": "2024-12-03T11:54:01"
},
{
"title": "Nighthawk 正在推翻 Cobalt Strike",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4MzA4NTM0OA==&mid=2247492953&idx=1&sn=d9a55365e49765779b01df8d48c5f943",
"description": "MDSec 团队通过此新版本加强了内存规避技术。借助新的 Python API 和注册自定义命令的能力Nighthawk 正成为推翻 Cobalt Strike 的有力竞争者。",
"author": "OSINT研习社",
"category": "OSINT研习社",
"pubDate": "2024-12-03T11:45:06"
},
{
"title": "Burpsuite存储桶配置不当漏洞检测插件",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2MTg2NzI5OA==&mid=2247484752&idx=1&sn=11f717a42e8b1e332a6e68aa76a479fd",
"description": "自动化检测存储桶漏洞工具",
"author": "黑熊安全",
"category": "黑熊安全",
"pubDate": "2024-12-03T11:30:03"
},
{
"title": "【重新架构】基于frp 过卡巴斯基、360核晶、defender、火绒的xlfrc v1.2发布!",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwOTIzODg0MA==&mid=2247491258&idx=1&sn=20bfef1278649f270b44f8e6fbd998c1",
"description": "分离客户端与服务器端源码,减少程序静态特征\\\\x0d\\\\x0a过卡巴斯基、360、defender、火绒\\\\x0d\\\\x0a支持linux、windows平台",
"author": "爱喝酒烫头的曹操",
"category": "爱喝酒烫头的曹操",
"pubDate": "2024-12-03T11:10:03"
},
{
"title": "【重新架构】基于frp 过卡巴斯基、360核晶、defender、火绒的xlfrc v1.2发布!",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485845&idx=1&sn=078a3949ee339e02b6d90fe40a5829a0",
"description": "分离客户端与服务器端源码,减少程序静态特征\\\\x0d\\\\x0a过卡巴斯基、360、defender、火绒\\\\x0d\\\\x0a支持linux、windows平台",
"author": "威零安全实验室",
"category": "威零安全实验室",
"pubDate": "2024-12-03T11:09:41"
},
{
"title": "Windows 任务计划程序漏洞 (CVE-2024-49039) 零日漏洞利用代码发布",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492812&idx=1&sn=9735ed97824b65fb886b0a07fe30720f",
"description": null,
"author": "独眼情报",
"category": "独眼情报",
"pubDate": "2024-12-03T10:56:54"
},
{
"title": "环境利用技术LOLBAS Wevtutil.exe",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247492812&idx=3&sn=503595d28393816ee1ac73f83325f378",
"description": null,
"author": "独眼情报",
"category": "独眼情报",
"pubDate": "2024-12-03T10:56:54"
},
{
"title": "干货|一文搞懂加密流量检测的解决方法和技术细节",
"link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247095&idx=2&sn=30cf5f1c62ec1628508a4c5befee3711",
"description": null,
"author": "e安在线",
"category": "e安在线",
"pubDate": "2024-12-03T10:03:11"
},
{
"title": "Mitre Att&ck框架T1659技术内容注入的简单实现",
"link": "https://mp.weixin.qq.com/s?__biz=MzI0NTI4NjEwOQ==&mid=2247484856&idx=1&sn=50889b2328e4bc809b7309d7d377ac41",
"description": "分别使用fakedns和ettercap说明T1659技术的实现原理。",
"author": "新蜂网络安全实验室",
"category": "新蜂网络安全实验室",
"pubDate": "2024-12-03T10:00:27"
},
{
"title": "应急响应之linux 排查",
"link": "https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247504792&idx=2&sn=df4c87001f3075c83ee292b89f3e9179",
"description": "帮会兼职项目,参与即刻回本",
"author": "网络安全实验室",
"category": "网络安全实验室",
"pubDate": "2024-12-03T09:55:15"
},
{
"title": "【漏洞复现】Bazaar 任意文件读取漏洞(CVE-2024-40348)",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyMjcxNzE2MQ==&mid=2247484450&idx=1&sn=18f5fca3583408b95ab16f7b37e5ebba",
"description": "【漏洞复现】Bazaar 任意文件读取漏洞(CVE-2024-40348)",
"author": "白帽攻防",
"category": "白帽攻防",
"pubDate": "2024-12-03T09:04:59"
},
{
"title": "APP常用抓包技巧Android部分",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyNzM2MjM0OQ==&mid=2247495100&idx=1&sn=3475a4c104ee9a91ab871970f4c0ba31",
"description": "一文学会app抓包",
"author": "隐雾安全",
"category": "隐雾安全",
"pubDate": "2024-12-03T09:00:38"
},
{
"title": "【解析】通过USB设备感染传播的恶意软件Raspberry Robin深度分析",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247535616&idx=3&sn=7f9e04f3d93817c00106c351bdd55285",
"description": null,
"author": "安小圈",
"category": "安小圈",
"pubDate": "2024-12-03T08:45:43"
},
{
"title": "微信4.0聊天记录数据库文件解密分析",
"link": "https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247525087&idx=1&sn=1f41edd92aa8c6737f6386e32b5463f1",
"description": null,
"author": "乌雲安全",
"category": "乌雲安全",
"pubDate": "2024-12-03T08:42:47"
},
{
"title": "出口FireWall助力突破靶标",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNzQyMDkxMQ==&mid=2247487834&idx=1&sn=4bf47d2dc73f0cb7660813c1d27748f2",
"description": null,
"author": "赤弋安全团队",
"category": "赤弋安全团队",
"pubDate": "2024-12-03T08:39:08"
},
{
"title": "开源的Webshell管理器--游魂",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247488920&idx=1&sn=007e0d36ce7bc49088c602c74273dfc0",
"description": "游魂是一个开源的Webshell管理器提供更为方便的界面和更为简单易用的功能可配合或代替其他webshell管理器帮助用户在各类渗透场景中控制目标机器",
"author": "安全洞察知识图谱",
"category": "安全洞察知识图谱",
"pubDate": "2024-12-03T08:30:28"
},
{
"title": "漏洞预警 | 紫光档案管理系统SQL注入漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491621&idx=2&sn=a67718759a9d841d63ae09745728dcbf",
"description": "紫光电子档案管理系统的/Archive/ErecordManage/mergeFile接口存在SQL注入漏洞未经身份验证的攻击者可以通过该漏洞获取数据库敏感信息。",
"author": "浅安安全",
"category": "浅安安全",
"pubDate": "2024-12-03T08:03:26"
},
{
"title": "漏洞预警 | 百易云资产管理运营系统任意文件上传漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491621&idx=3&sn=eab772ce86acfdc34824c18d8d6a382e",
"description": "百易云资产管理运营系统的/mobilefront/c/2.php接口存在任意文件上传漏洞未经身份验证的攻击者可以通过该漏洞上传恶意脚本文件到服务器从而控制目标服务器。",
"author": "浅安安全",
"category": "浅安安全",
"pubDate": "2024-12-03T08:03:26"
},
{
"title": "记一次HVV中对某登录框的优雅测试",
"link": "https://mp.weixin.qq.com/s?__biz=MjM5Mzk0MDE2Ng==&mid=2649608499&idx=1&sn=b37385f175143fc91a15d6faf6ea4999",
"description": "某地市2024HVV活动中在对某国企系统打点过程时遇见一个登录框页面摒弃常规账号密码暴破的思路转而对其他页",
"author": "天地和兴",
"category": "天地和兴",
"pubDate": "2024-12-03T07:59:44"
},
{
"title": "记一次认证绕过接管平台",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247486889&idx=2&sn=893da33939e5257df0e8783446f7ae8e",
"description": null,
"author": "进击的HACK",
"category": "进击的HACK",
"pubDate": "2024-12-03T07:56:08"
},
{
"title": "使用PHP实现GitHub API搜索与数据库同步",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484021&idx=1&sn=de70e635426988a9dc96bac72edc58cd",
"description": null,
"author": "HackTips",
"category": "HackTips",
"pubDate": "2024-12-03T07:32:26"
},
{
"title": "云存储攻防之Bucket配置可写",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493730&idx=2&sn=cf365012f325768ff21ac4d308e8e539",
"description": "基本介绍OBS ACL是基于帐号级别的读写权限控制权限控制细粒度不如桶策略和IAM权限OBS支持的被授权",
"author": "七芒星实验室",
"category": "七芒星实验室",
"pubDate": "2024-12-03T07:00:25"
},
{
"title": "第107篇国*攻防比赛中一个多层嵌套的java内存马的反混淆解密分析过程",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNjM5NDU0OA==&mid=2247486205&idx=1&sn=aa6e6d0fbb48dcd821d505129cf47def",
"description": null,
"author": "钟毓安全",
"category": "钟毓安全",
"pubDate": "2024-12-03T06:52:40"
},
{
"title": "第71篇某银行外网打点到内网核心区红队评估复盘",
"link": "https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247488717&idx=1&sn=d9c8b0ddd2d317d2c88cf7bc621c09a2",
"description": "本期复盘一次银行的红队评估项目,基本上涵盖了外网打点、内网横向、社工钓鱼、供应链攻击、物理渗透、的方方面面,未知攻、焉知防,希望对红蓝双方都有借鉴意义。",
"author": "银遁安全团队",
"category": "银遁安全团队",
"pubDate": "2024-12-03T06:01:17"
},
{
"title": "啊,这,不是那个隧道啊!!!",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0NDQwMDY1Nw==&mid=2247484784&idx=1&sn=c66ddca4dd3de1ac999ae36ef0978a4a",
"description": "如何使用 NPS 内网穿透工具实现远程访问和管理内网服务器的详细教程。步骤清晰,操作简单,让您轻松实现内网穿透功能。",
"author": "人遁安全",
"category": "人遁安全",
"pubDate": "2024-12-03T06:00:28"
},
{
"title": "【重新架构】基于frp 过卡巴斯基、360核晶、defender、火绒的xlfrc v1.2发布!",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491519&idx=1&sn=addf9eb9b4c1065b7777d6a9d62998b1",
"description": "分离客户端与服务器端源码,减少程序静态特征\\\\x0d\\\\x0a过卡巴斯基、360、defender、火绒\\\\x0d\\\\x0a支持linux、windows平台",
"author": "星落安全团队",
"category": "星落安全团队",
"pubDate": "2024-12-03T00:00:20"
},
{
"title": "【漏洞情报】任我行管家婆订货易在线商城 UploadImgNoCheck未授权文件上传限制不当漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247489253&idx=1&sn=94cbfc91e7da2499acfad5272df15561",
"description": null,
"author": "飓风网络安全",
"category": "飓风网络安全",
"pubDate": "2024-12-02T22:37:00"
},
{
"title": "CouchDB 渗透",
"link": "https://mp.weixin.qq.com/s?__biz=MzA3NTc0MTA1Mg==&mid=2664712081&idx=1&sn=e770b59428ab348451dd921e192bd91c",
"description": null,
"author": "小兵搞安全",
"category": "小兵搞安全",
"pubDate": "2024-12-02T22:22:18"
},
{
"title": "0day 挖到手软403 到 getshell",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247517473&idx=1&sn=1b1243aeb8410ce2b661e1d2b892abbe",
"description": null,
"author": "Z2O安全攻防",
"category": "Z2O安全攻防",
"pubDate": "2024-12-02T21:26:00"
},
{
"title": "【漏洞复现】CVE-2024-11680",
"link": "https://mp.weixin.qq.com/s?__biz=MzUxMTk4OTA1NQ==&mid=2247484742&idx=1&sn=95c54287f548e5f8ec29e9252cf822b4",
"description": "PCVE-2024-11680rојесtSеnd版本在r1720之前受到不当认证漏洞",
"author": "混子Hacker",
"category": "混子Hacker",
"pubDate": "2024-12-02T20:36:16"
},
{
"title": "从零构建一个基于PHP和MySQL的文件管理系统",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg3MTE0NTg4OQ==&mid=2247484016&idx=1&sn=ecebb926f07ebb7f9f16ba3b3cf59c25",
"description": null,
"author": "HackTips",
"category": "HackTips",
"pubDate": "2024-12-02T20:01:08"
},
{
"title": "【DVWA】验证码攻防对抗实战",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247494440&idx=1&sn=61b7fba88306364ba294fa96651b8b39",
"description": "此心光明,亦复何言",
"author": "儒道易行",
"category": "儒道易行",
"pubDate": "2024-12-02T20:00:58"
},
{
"title": "安全卫士 | 魔方安全漏洞周报",
"link": "https://mp.weixin.qq.com/s?__biz=MzI3NzA5NDc0MA==&mid=2649291900&idx=1&sn=52fb27c14d392ae7db10750c2810342f",
"description": "成事在微,筑防于先。魔方安全提醒您:注意企业网络空间资产安全!",
"author": "魔方安全",
"category": "魔方安全",
"pubDate": "2024-12-02T18:30:51"
},
{
"title": "API测试思路及crAPI漏洞靶场复现",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2NDY2MTQ1OQ==&mid=2247523491&idx=1&sn=4ea12a053dc17deb84ecceedaa7abd91",
"description": null,
"author": "红队蓝军",
"category": "红队蓝军",
"pubDate": "2024-12-02T18:03:53"
},
{
"title": "【已复现】Zabbix SQL注入漏洞(CVE-2024-42327) 安全风险通告",
"link": "https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247502546&idx=1&sn=e301f3d4f389baa4e9e448b7cdefb1e8",
"description": "致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。",
"author": "奇安信 CERT",
"category": "奇安信 CERT",
"pubDate": "2024-12-02T17:48:25"
},
{
"title": "Patchwork(白象)APT组织Protego远控木马攻击场景复现",
"link": "https://mp.weixin.qq.com/s?__biz=MzAwNDUzNDExMQ==&mid=2247485166&idx=1&sn=fc6827c1156d35634432440dd02e68b9",
"description": null,
"author": "T0daySeeker",
"category": "T0daySeeker",
"pubDate": "2024-12-02T17:40:07"
},
{
"title": "本文总结了如何将 Cobalt Strike 的 UDRL、SleepMask 和 BeaconGate 结合满足调用堆栈欺骗",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525250&idx=1&sn=8d751f8f0a34a52f06a024a0cad2ad98",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-02T17:39:19"
},
{
"title": "Godot 引擎遭到入侵:通过 GodLoader 分发的恶意软件",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247525250&idx=3&sn=fb9258e972a652186cea177957f2ff72",
"description": null,
"author": "Ots安全",
"category": "Ots安全",
"pubDate": "2024-12-02T17:39:19"
},
{
"title": "非管理员就可访问Zabbix SQL注入漏洞安全风险通告",
"link": "https://mp.weixin.qq.com/s?__biz=MjM5NjY2MTIzMw==&mid=2650620029&idx=2&sn=9fcc1074fb8178d2f8ac88ecafa3ad0e",
"description": "亚信安全建议受影响用户尽快采取相关安全措施。",
"author": "亚信安全",
"category": "亚信安全",
"pubDate": "2024-12-02T17:34:56"
},
{
"title": "恶意软件分析-汇编基础",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg5MDg3OTc0OA==&mid=2247488866&idx=1&sn=f8813c6be34c92301c0c6e3df7538660",
"description": null,
"author": "Relay学安全",
"category": "Relay学安全",
"pubDate": "2024-12-02T17:26:04"
},
{
"title": "【工具分享】I-Wanna-Get-All 主流OA漏洞利用工具",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTkwMTI5Mw==&mid=2247486533&idx=1&sn=8d46b544b1fdddb5cbc38b18ab0f13b7",
"description": "根据提示输入内容执行集成调用sqlmap\\\\x0d\\\\x0a泛微CheckServer-Sql注入检测漏洞存在后将payload字段下内容保存为req文件使用sqlmap模块构造参数",
"author": "星悦安全",
"category": "星悦安全",
"pubDate": "2024-12-02T16:58:07"
},
{
"title": "Linux通用应急响应脚本",
"link": "https://mp.weixin.qq.com/s?__biz=MzA4NzU1Mjk4Mw==&mid=2247492111&idx=1&sn=b69e0ad026a6f08f52e4d82c34fbb45e",
"description": "Linux通用应急响应脚本适用大多数情况目前在ubuntu、centos7、kali上均可以正常运行。",
"author": "Hack分享吧",
"category": "Hack分享吧",
"pubDate": "2024-12-02T16:56:30"
},
{
"title": "JAVA安全-反序列化系列-CC6(无依赖链)分析",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4MzkwNzI1OQ==&mid=2247485493&idx=1&sn=eae25b060fd652369f42497240baa34d",
"description": "CC6这条链是基于CC1的基础上由于在CC1中使用到的AnnotationInvocationHandler类也就是入口点它的readObject()在java8u71版本后就进行了修改导致在jdk8u71后的版本cc1使用不了",
"author": "菜狗安全",
"category": "菜狗安全",
"pubDate": "2024-12-02T16:30:14"
},
{
"title": "Palo Alto Networks PAN-OS身份认证绕过导致RCE漏洞(CVE-2024-0012)",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247489476&idx=1&sn=fe81181a05d394083a3fca2f8405d4ca",
"description": "Palo Alto Networks PAN-OS身份认证绕过导致RCE漏洞(CVE-2024-0012)",
"author": "nday POC",
"category": "nday POC",
"pubDate": "2024-12-02T15:43:29"
},
{
"title": "一款快速等保核查、资产扫描工具",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNjQwOTc4MQ==&mid=2247489901&idx=1&sn=e2ffcf91b6bc07bd5261d8d8d59ca3e2",
"description": "主要功能主机存活探测、漏洞扫描、子域名扫描、端口扫描、各类服务数据库爆破等~~",
"author": "安全帮",
"category": "安全帮",
"pubDate": "2024-12-02T15:13:26"
},
{
"title": "Windows日志分析工具GUI版",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0NjQ5MTM1MA==&mid=2247492674&idx=1&sn=bed925b80d6823ea8191ede3e6ab18a2",
"description": null,
"author": "信安404",
"category": "信安404",
"pubDate": "2024-12-02T14:50:25"
},
{
"title": "Windows日志分析工具GUI版",
"link": "https://mp.weixin.qq.com/s?__biz=MjM5ODkxMTEzOA==&mid=2247484360&idx=1&sn=26ad13ef39232b62cd89217fd3506f35",
"description": "骁佬终于把日志查询、内存检索、md5检索整合在一起了还开发了GUI有了自己公众号给榜一大佬点点关注。",
"author": "安服仔的救赎",
"category": "安服仔的救赎",
"pubDate": "2024-12-02T14:46:21"
},
{
"title": "安卓逆向 -- 某app破解下载和高清功能",
"link": "https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652037081&idx=1&sn=53186ffd1f157ab954530c149627c68c",
"description": null,
"author": "逆向有你",
"category": "逆向有你",
"pubDate": "2024-12-02T14:08:29"
},
{
"title": "Windows 在新的网络钓鱼攻击中感染了后门 Linux 虚拟机",
"link": "https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247579944&idx=1&sn=937ff8a0f0fd609a57acccbdd578fda7",
"description": "Securonix 研究人员发现的一项新活动是使用网络钓鱼电子邮件执行无人值守的 Linux 虚拟机安装,以破坏企业网络并获得持久性。",
"author": "嘶吼专业版",
"category": "嘶吼专业版",
"pubDate": "2024-12-02T14:00:24"
},
{
"title": "最近邻居攻击X 罗斯 APT 如何利用附近的 Wi-Fi 网络进行隐秘访问",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485529&idx=1&sn=7f9ed4a43afb4ae162c3165663a3c1bf",
"description": null,
"author": "securitainment",
"category": "securitainment",
"pubDate": "2024-12-02T13:38:02"
},
{
"title": "一次0Day漏洞Rce审计流程",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNjM5NDU0OA==&mid=2247486203&idx=1&sn=195421b509dcbf7ba6eca59d16085fab",
"description": null,
"author": "钟毓安全",
"category": "钟毓安全",
"pubDate": "2024-12-02T13:28:36"
},
{
"title": "关于缓存欺骗的小总结",
"link": "https://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247614389&idx=1&sn=5a4421e74a24a2fd584ca8795acc6f5d",
"description": null,
"author": "白帽子左一",
"category": "白帽子左一",
"pubDate": "2024-12-02T12:01:48"
},
{
"title": "记一次网上阅卷系统漏洞挖掘",
"link": "https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247545580&idx=1&sn=b177bb6f876e6363c7633e53a8157dc2",
"description": null,
"author": "掌控安全EDU",
"category": "掌控安全EDU",
"pubDate": "2024-12-02T12:00:13"
},
{
"title": "干货|一文搞懂加密流量检测的解决方法和技术细节",
"link": "https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651247084&idx=2&sn=e08fcb88bf26bb7b749512659c069797",
"description": null,
"author": "e安在线",
"category": "e安在线",
"pubDate": "2024-12-02T10:34:52"
},
{
"title": "混淆 API 补丁以绕过新的 Windows Defender 行为签名",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxODM5ODQzNQ==&mid=2247485528&idx=1&sn=a662c6388db6cfcf0e8355194f1937af",
"description": null,
"author": "securitainment",
"category": "securitainment",
"pubDate": "2024-12-02T10:24:00"
},
{
"title": "二开哥斯拉-绕过cloudflare流量检测",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMzcwMDU5OA==&mid=2247484084&idx=1&sn=ed81804fec0bcd62e7666c0d53b63fcd",
"description": "WebShell\\\\x0d\\\\x0a\\\\x0d\\\\x0a上传了 但是遇到防火墙拦截了,哎,苦恼连接不上\\\\x0d\\\\x0a\\\\x0d\\\\x0a没办法经过测试发现是因为流量中的字段有敏感字段被拦截了找了好几个人要了二开过的哥斯拉发现都不行还是被检测被拦截无奈只能自己手搓一个二开了",
"author": "RongRui安全团队",
"category": "RongRui安全团队",
"pubDate": "2024-12-02T10:23:40"
},
{
"title": "任子行网络安全审计系统 log_fw_ips_scan_jsondata SQL注入漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247489464&idx=1&sn=5e9d75fc459499bee5931b854a9e6b22",
"description": "任子行网络安全审计系统 log_fw_ips_scan_jsondata 接口存在SQL注入漏洞未经身份验证的远程攻击者除了可以利用xa0SQLxa0注入获取数据库中的信息之外甚至在高权限的情况可向服务器中写入木马进一步获取服务器系统权限。",
"author": "nday POC",
"category": "nday POC",
"pubDate": "2024-12-02T10:13:51"
},
{
"title": "绕过CDN查找真实IP方法",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604369&idx=3&sn=d57274a3d983b3f0784be283e00d4013",
"description": null,
"author": "黑白之道",
"category": "黑白之道",
"pubDate": "2024-12-02T10:08:31"
},
{
"title": "一款内存马检测工具",
"link": "https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650604369&idx=4&sn=7f784b5acc1a96bd2e06bb3fc4a4709d",
"description": null,
"author": "黑白之道",
"category": "黑白之道",
"pubDate": "2024-12-02T10:08:31"
},
{
"title": "Windows 自动登录配置指南",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzMDQ0NzQwNA==&mid=2247485686&idx=1&sn=ee5f98f830a7ef9a532493c93f427459",
"description": null,
"author": "网络个人修炼",
"category": "网络个人修炼",
"pubDate": "2024-12-02T10:01:50"
},
{
"title": "一次0Day漏洞Rce审计流程",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2NDg2MDIxNQ==&mid=2247485181&idx=1&sn=19d894e589badfb040423b5f9dc66b0b",
"description": null,
"author": "Jie安全",
"category": "Jie安全",
"pubDate": "2024-12-02T10:00:35"
},
{
"title": "二开哥斯拉-绕过cloudflare流量检测",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMzcwMDU5OA==&mid=2247484055&idx=1&sn=d9bf533093a85156acc9d52b79183c55",
"description": null,
"author": "RongRui安全团队",
"category": "RongRui安全团队",
"pubDate": "2024-12-02T09:57:03"
},
{
"title": "应用内存中的后渗透利用-远程工具密码读取",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyMDM4NDM5Ng==&mid=2247488877&idx=1&sn=c590c282cca8fea893d27dfce01c8d29",
"description": "新版本的todesk和向日葵已经无法从配置文件获取密码而且常规的替换手法也已经失效",
"author": "安全洞察知识图谱",
"category": "安全洞察知识图谱",
"pubDate": "2024-12-02T09:54:28"
},
{
"title": "Windows常规应急",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNzI2Mzc0Ng==&mid=2247486342&idx=1&sn=7f19ac711aa23420e8154fb8f9d92c1d",
"description": "“A9 Team 甲方攻防团队,成员来自某证券、微步、青藤、长亭、安全狗等公司。",
"author": "A9 Team",
"category": "A9 Team",
"pubDate": "2024-12-02T09:44:45"
},
{
"title": "蓝队应急响应-Linux日志分析及常用命令总结",
"link": "https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247504775&idx=2&sn=75c3de7e0ad99bfbbb818769f81c2e17",
"description": "蓝队应急响应-Linux日志分析及常用命令总结",
"author": "网络安全实验室",
"category": "网络安全实验室",
"pubDate": "2024-12-02T09:37:05"
},
{
"title": "实战!一次超简单的网站后门利用体验",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNDY0MjMxNQ==&mid=2247531560&idx=1&sn=d7955cec0a3eaf10a1c57b32b669e6d7",
"description": null,
"author": "中国电信安全",
"category": "中国电信安全",
"pubDate": "2024-12-02T09:26:04"
},
{
"title": "【新增PHP类型】蚁剑 | 哥斯拉免杀 过雷池、D盾、安全狗的 XlByPassWAF v1.1已更新!",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4Mzg4OTIyMA==&mid=2247485843&idx=1&sn=379dca0b0551c3a8260b7d113607b925",
"description": "新增PHP免杀Webshell\\\\x0d\\\\x0a过雷池、D盾、安全狗等WAF \\\\x0d\\\\x0a蚁剑 | 哥斯拉免杀",
"author": "威零安全实验室",
"category": "威零安全实验室",
"pubDate": "2024-12-02T09:15:21"
},
{
"title": "【新增PHP类型】蚁剑 | 哥斯拉免杀 过雷池、D盾、安全狗的 XlByPassWAF v1.1已更新!",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwOTIzODg0MA==&mid=2247491256&idx=1&sn=b367b232fb68d53f849330476cf3bef4",
"description": "新增PHP免杀Webshell\\\\x0d\\\\x0a过雷池、D盾、安全狗等WAF \\\\x0d\\\\x0a蚁剑 | 哥斯拉免杀",
"author": "爱喝酒烫头的曹操",
"category": "爱喝酒烫头的曹操",
"pubDate": "2024-12-02T09:14:56"
},
{
"title": "【漏洞复现】OfficeWeb365 SaveDraw 任意文件上传getshell漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyMjcxNzE2MQ==&mid=2247484430&idx=1&sn=ce83f5232dd760583f858e6ddccf7aa7",
"description": "【漏洞复现】OfficeWeb365 SaveDraw 任意文件上传getshell漏洞",
"author": "白帽攻防",
"category": "白帽攻防",
"pubDate": "2024-12-02T09:10:26"
},
{
"title": "新型网络钓鱼活动利用损坏的 Word 文档来逃避安全保护",
"link": "https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649793334&idx=3&sn=41a092c18e1be58c7fc8ce61cf44a3ba",
"description": "攻击者利用损坏的Word文档钓鱼",
"author": "军哥网络安全读报",
"category": "军哥网络安全读报",
"pubDate": "2024-12-02T09:01:01"
},
{
"title": "一次0Day漏洞Rce审计流程",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyMjM5NDM3NQ==&mid=2247486155&idx=1&sn=853814e2de56863228049b5207d23e70",
"description": null,
"author": "进击安全",
"category": "进击安全",
"pubDate": "2024-12-02T09:00:59"
},
{
"title": "JS逆向系列12-深入Js Hook",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzNTcwOTgxMQ==&mid=2247484921&idx=1&sn=9eb69d9b85fe59f787b406015424bed2",
"description": null,
"author": "Spade sec",
"category": "Spade sec",
"pubDate": "2024-12-02T09:00:48"
},
{
"title": "vulnhub之Matrix-2的实践",
"link": "https://mp.weixin.qq.com/s?__biz=MzA3MjM5MDc2Nw==&mid=2650748838&idx=1&sn=00aa5d5e8d6bb1cfb0c3d8cbad275ab3",
"description": null,
"author": "云计算和网络安全技术实践",
"category": "云计算和网络安全技术实践",
"pubDate": "2024-12-02T08:57:56"
},
{
"title": "针对【中文】和越南语【用户】的新型【恶意软件】“CleverSoar”",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247535293&idx=3&sn=fcf8a07fcf513c0faac8cd883ee392a1",
"description": null,
"author": "安小圈",
"category": "安小圈",
"pubDate": "2024-12-02T08:45:48"
},
{
"title": "【漏洞复现】Apache OFBiz远程代码执行漏洞(CVE-2024-45195)",
"link": "https://mp.weixin.qq.com/s?__biz=Mzk0OTY2ODE1NA==&mid=2247484884&idx=1&sn=c3d38f9f57d4e2b96d95aea5b15ddaa6",
"description": "星标公众号,及时接收推文消息",
"author": "Z0安全",
"category": "Z0安全",
"pubDate": "2024-12-02T08:42:15"
},
{
"title": "针对银狐一些最新攻击样本加载过程的调试分析",
"link": "https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489593&idx=1&sn=4791b9831434d21de5e329c04ffde76c",
"description": "针对银狐一些最新攻击样本加载过程的调试分析",
"author": "安全分析与研究",
"category": "安全分析与研究",
"pubDate": "2024-12-02T08:40:42"
},
{
"title": "开源的Webshell管理器--游魂",
"link": "https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247504061&idx=1&sn=92014a616ed3945fbbb3b9541ddfac92",
"description": null,
"author": "菜鸟学信安",
"category": "菜鸟学信安",
"pubDate": "2024-12-02T08:30:43"
},
{
"title": "某通用系统0day审计过程",
"link": "https://mp.weixin.qq.com/s?__biz=MzU5OTMxNjkxMA==&mid=2247488022&idx=1&sn=67aaed483092d9231c0a1c1744d53f6e",
"description": null,
"author": "道一安全",
"category": "道一安全",
"pubDate": "2024-12-02T08:12:18"
},
{
"title": "内存马检测工具",
"link": "https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247488428&idx=1&sn=5188e911d690494368fdc456924397d6",
"description": null,
"author": "白帽学子",
"category": "白帽学子",
"pubDate": "2024-12-02T08:11:23"
},
{
"title": "Wireshark & Packetdrill | TCP RST 之连接不存在的服务端口",
"link": "https://mp.weixin.qq.com/s?__biz=MzA5NTUxODA0OA==&mid=2247493054&idx=1&sn=9aa118b745b703068af6a2c40e6a5f5d",
"description": null,
"author": "Echo Reply",
"category": "Echo Reply",
"pubDate": "2024-12-02T08:08:50"
},
{
"title": "Windows权限控制相关的防御与攻击技术",
"link": "https://mp.weixin.qq.com/s?__biz=MzkzMDQ5MDM3NA==&mid=2247487114&idx=1&sn=69890ae99784ecfdc8e9a4a7cf1225ad",
"description": null,
"author": "SecretTeam安全团队",
"category": "SecretTeam安全团队",
"pubDate": "2024-12-02T08:02:54"
},
{
"title": "利用js挖掘漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247509558&idx=1&sn=4ed77b8fbe43290b3fb889465673e9a3",
"description": "在漏洞挖掘中通过对js的挖掘可发现诸多安全问题此文章主要记录学习如何利用JS测试以及加密参数逆向相关的漏洞挖掘。",
"author": "李白你好",
"category": "李白你好",
"pubDate": "2024-12-02T08:02:42"
},
{
"title": "LLVM Pass转储类或结构的内存布局",
"link": "https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487768&idx=1&sn=89d39255b09284433239ad822791febc",
"description": "面向LLVM Pass小白提供完整可操作示例",
"author": "青衣十三楼飞花堂",
"category": "青衣十三楼飞花堂",
"pubDate": "2024-12-02T08:00:35"
},
{
"title": "漏洞预警 | PAN-OS Web管理界面身份认证绕过漏洞",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247491620&idx=1&sn=bc353ebff4eec5172710bb052bc2c31b",
"description": "PAN-OS设备管理Web界面中存在身份认证绕过漏洞未经身份验证的远程攻击者可以通过网络访问管理Web界面从而进行后续活动包括修改设备配置、访问其他管理功能。",
"author": "浅安安全",
"category": "浅安安全",
"pubDate": "2024-12-02T08:00:13"
},
{
"title": "AUTOSAR OS模块详解(二) Counter",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg2NTYxOTcxMw==&mid=2247492882&idx=1&sn=6c2df5be54cd336d31d3cb16e4924166",
"description": "本文主要介绍AUTOSAR OS的Counter并对基于英飞凌Aurix TC3XX系列芯片的Vector Microsar代码和配置进行部分讲解。",
"author": "汽车电子嵌入式",
"category": "汽车电子嵌入式",
"pubDate": "2024-12-02T07:40:28"
},
{
"title": "DedeCMS v5.7 SP2后台SSTI到RCE再到GetShell",
"link": "https://mp.weixin.qq.com/s?__biz=Mzg4MTU4NTc2Nw==&mid=2247493715&idx=1&sn=f7679c045644db006bb0c43afc218b0a",
"description": "影响范围DedeCMS v5.7 SP2利用条件登陆后台(有点鸡肋但是可以结合DedeCMS的其他漏洞进行",
"author": "七芒星实验室",
"category": "七芒星实验室",
"pubDate": "2024-12-02T07:01:03"
},
{
"title": "Windows钓鱼演练工具 -- xiao_fishing",
"link": "https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247515009&idx=1&sn=097c6fa033a767c9238b4b7b4a3d4891",
"description": null,
"author": "Web安全工具库",
"category": "Web安全工具库",
"pubDate": "2024-12-02T06:44:33"
},
{
"title": "文末获取 | 基于卡巴斯基虚拟化技术实现内核Hook",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwNjczOTQwOA==&mid=2247491255&idx=1&sn=557595ed39256247197085690907cda6",
"description": null,
"author": "星落安全团队",
"category": "星落安全团队",
"pubDate": "2024-12-02T00:00:48"
},
{
"title": "什么CNVD证书批量化挖掘 ",
"link": "https://mp.weixin.qq.com/s?__biz=MzAwOTQzMjMwOQ==&mid=2247483890&idx=1&sn=a691603b482681117b33c8e20dcc55db",
"description": "借助fofa搜索引擎达到批量化收集通用网址的目的。",
"author": "思极安全实验室",
"category": "思极安全实验室",
"pubDate": "2024-12-01T22:20:43"
},
{
"title": "横向移动:远程服务",
"link": "https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247485789&idx=1&sn=c6a19e4fa62e866815845b4169e95770",
"description": "在红队评估期间,在入侵完成后,攻击者倾向于在网络中横向移动,以获取有关其他系统的更多相关信息。这种横向移动可以通过使用许多二进制文件/服务/进程来实现。",
"author": "三沐数安",
"category": "三沐数安",
"pubDate": "2024-12-01T21:15:18"
},
{
"title": "由于缓存配置错误而绕过授权",
"link": "https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247503485&idx=1&sn=a4ed2402d78a8171463eb0e567952c15",
"description": "这篇文章是关于我最喜欢的发现之一,因为这是一个非常出乎意料的问题。",
"author": "安全狗的自我修养",
"category": "安全狗的自我修养",
"pubDate": "2024-12-01T21:14:16"
},
{
"title": "网工最容易搞混的三个概念:防火墙、网闸、堡垒机,一文让你轻松搞明白!",
"link": "https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649463267&idx=1&sn=f42714daafd3449fe284e3bc39c7b4aa",
"description": "学网络,尽在网络技术联盟站!",
"author": "网络技术联盟站",
"category": "网络技术联盟站",
"pubDate": "2024-12-01T21:08:04"
},
{
"title": "经验贴收稿分享3 | 一次XSS漏洞挖掘",
"link": "https://mp.weixin.qq.com/s?__biz=MzkxNTY4NTQwMg==&mid=2247484100&idx=1&sn=bd1389cc16246729ae15e078bee53d54",
"description": null,
"author": "励行安全",
"category": "励行安全",
"pubDate": "2024-12-01T19:22:27"
}
]
Reference in New Issue View Git Blame Copy Permalink