端内钓鱼,反制蚁剑
推荐阅读这篇文章。有攻有防,砥砺前行。推荐语只能 120 字,我把其它的想法和解决方案附在文末。
Aggregator
端内钓鱼,反制蚁剑
4 years 4 months ago
推荐阅读这篇文章。有攻有防,砥砺前行。推荐语只能 120 字,我把其它的想法和解决方案附在文末。
jumpserver中资产的ssh私钥和密码的解密
4 years 4 months ago
半块西瓜皮
Offensive BPF: Sniffing Firefox traffic with bpftrace
4 years 4 months ago
This post is part of a series about Offensive BPF that I’m working on to learn how BPFs use will impact offensive security, malware, and detection engineering.
Click the “ebpf” tag to see all relevant posts.
One of the issues I ran into when trying out sslsniff-bpfcc was that it did not work with Firefox or Chrome traffic.
This post is about me learning how to hook user space APIs with bpftrace using uprobes.
php变量数组传参的一些利用
4 years 4 months ago
darkless
2021中国网络安全产业分析报告解读
4 years 4 months ago
个人解读《2021年网络安全产业分析报告》
2021中国网络安全产业分析报告解读
4 years 4 months ago
个人解读《2021年网络安全产业分析报告》
端内钓鱼,反制蚁剑
4 years 4 months ago
要加油学习,不然太菜连挖洞的基础都没有——松鼠A
2021中国网络安全产业分析报告解读
4 years 4 months ago
个人解读《2021年网络安全产业分析报告》
Akamai MFA in Action: Single Sign-On is Phish-Proof and Simple to Use
4 years 4 months ago
Breaking news: we just completed an 850-user pilot with Akamai MFA. In this blog, the first in a series, I’ll explain why we switched to Akamai MFA, how we ran our pilot, and employee feedback so far. Check back for my next blog, when we’re midway through our global deployment.
A burglar checks for open windows. Neglecting to lock just one is like leaving the door wide open. In the same way, cyber attackers look for the easiest user accounts to take over — whether that’s network access credentials, email, on-premise applications, or cloud/SaaS applications. If they’re lucky, they can also use the stolen credentials to breach other systems, an action known as lateral movement.
Keith Tomlinson
函数式编程 —— 将 JS 方法函数化 - EtherDream
4 years 4 months ago
使用函数的风格调用 JS 方法。如何做到简单且无副作用。
EtherDream
进攻性网络安全公司immunityinc
4 years 4 months ago
immunityinc公司也是成立很久的老牌安全公司了,不过人家以攻促防,了解一下immunityinc公司
October 12th 2021 Security Releases
4 years 4 months ago
准备断更些时日
4 years 4 months ago
写下这个标题估计就已经要被骂死了,谁让自己很厚颜无耻的在前面立下了flag。读者们可能已经注意到我实际上已经
准备断更些时日
4 years 4 months ago
写下这个标题估计就已经要被骂死了,谁让自己很厚颜无耻的在前面立下了flag。读者们可能已经注意到我实际上已经
准备断更些时日
4 years 4 months ago
写下这个标题估计就已经要被骂死了,谁让自己很厚颜无耻的在前面立下了flag。读者们可能已经注意到我实际上已经
Video: Understanding Image Scaling Attacks
4 years 4 months ago
Today you are in for a special treat. Did you know that an adversary can hide a smaller image within a larger one?
This video demonstrates how a small image becomes magically visible when the computer resizes the large image, and also how to mitigate the vulnerability.
This is possible when vulnerable code uses insecure interpolation.
If you like this one check out the overall Machine Learning Attack Series.
赠书 | 《网络威胁情报技术指南》
4 years 4 months ago
作为国内第一本正式出版的、普及威胁情报技术的专业书籍,由天际友盟的技术团队共同编写的《网络威胁情报技术指南》
赠书 | 《网络威胁情报技术指南》
4 years 4 months ago
作为国内第一本正式出版的、普及威胁情报技术的专业书籍,由天际友盟的技术团队共同编写的《网络威胁情报技术指南》
赠书 | 《网络威胁情报技术指南》
4 years 4 months ago
作为国内第一本正式出版的、普及威胁情报技术的专业书籍,由天际友盟的技术团队共同编写的《网络威胁情报技术指南》