Aggregator

我的可信纵深防御建设实践总结

7 months 3 weeks ago

好久不见！

我们在 22 年 11 月向行业公开发布了《数字银行可信纵深防御白皮书》，其实本文早在那个时候就想写了，但是我总觉得酝酿得不够充分，加上 23 年一开始工作强度就比较大，直到最近才有一点时间可以好好总结下（好久没写文章了嗷）；并且最近我们网商安全的新书即将发布，我想在新书发布之前，来打一个头阵，做点力所能及的宣传。

Tr0y

ChatGPT 指导下的 TOA 伪造之旅

7 months 3 weeks ago

在真正落笔写一篇文章之前，很久没有这么兴奋的感觉了。这篇文章是在多个机缘巧合的促使下的，细细评味还真是妙不可言

Tr0y

诸位看官请留步，一本好书已经登场

7 months 3 weeks ago

诸位看官里面请，一则故事即将开场

Tr0y

2023 强网杯三道 pyjail 的题解

7 months 3 weeks ago

上周的强网杯 2023 没准备参加，一个是去年帮忙打 ctf 打得实在是有点累了；第二个是上周末有其他比赛冲突了，所以也没时间看题。偶然在公众号推送上看到了强网杯的 wp 提到了有几道 python 题，还是忍不住来玩一玩。

Tr0y

腾讯云加密 HLS

7 months 3 weeks ago

本文为私人文章，暂不公开

Tr0y

xxx 滥用 —— 用爱发电的下场

7 months 3 weeks ago

本文为私人文章，暂不公开

Tr0y

parselmouth 介绍

7 months 3 weeks ago

parselmouth —— 自动化的 Python 沙箱逃逸 payload bypass 框架

Tr0y

2023 年度总结

7 months 3 weeks ago

年度总结，虽迟但到。

Tr0y

关于安全架构体系化的思考

7 months 3 weeks ago

公众号发送 2024_安全架构思考来获取密码

Tr0y

2024 云南之旅

7 months 3 weeks ago

自从我跳出技术 == 计算机技术的牢笼之后，就一直想在博客里加入一些别的“技术活”，从今天起，博客会新增一个标签：生活黑客用于单独存放这类文章。

Tr0y

腾讯元宝专项众测启动，多重奖励等你来拿！

腾讯安全应急响应中心

7 months 3 weeks ago

[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)

7 months 3 weeks ago

Sitefinity 15.0 - Cross-Site Scripting (XSS)

[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)

7 months 3 weeks ago

Serendipity 2.5.0 - Remote Code Execution (RCE)

[webapps] Dotclear 2.29 - Remote Code Execution (RCE)

7 months 3 weeks ago

Dotclear 2.29 - Remote Code Execution (RCE)

[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)

7 months 3 weeks ago

Monstra CMS 3.0.4 - Remote Code Execution (RCE)

[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)

7 months 3 weeks ago

WBCE CMS v1.6.2 - Remote Code Execution (RCE)

[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

7 months 3 weeks ago

CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)

[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

7 months 3 weeks ago

appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)

Guide to Better Extended Threat Detection and Response (XDR)

Trend Micro Research, News and Perspectives

7 months 3 weeks ago

Discover how XDR can enhance threat detection and response to improve a SecOps team’s efficiency and outcomes.

It's Time to Up-Level Your EDR Solution

Trend Micro Research, News and Perspectives

7 months 3 weeks ago

You may have EDR, but did you know you can add threat detection and response to improve a SecOps team’s efficiency and outcomes - read more.