Aggregator

环境配置

本篇主要是环境配置、调试、流程梳理

关于Weggli

AST Pattern Search

核心是使用和 tree-sitter 库，然后搞了 query-tree 来在 AST上进行搜索，这只能说是匹配特定的代码片段，还达不到程序分析的那个级别，所以理论上只能过程内分析，而且没有上下文啥的 :D 直白点说的话，像是AST的正则表达式，不过某种意义上来说对于使用白盒方案快速召回一些漏洞也是一种借鉴吧。

背景&&需求

迫于要分析一些SDK里的协议，需要抓到所有的流量来分析交互过程，所以有了这篇记录，主要是基于实时监控Android设备网络封包做的尝试，然后使用相同的思路扩展到了iOS上。

正则

前言之前简单的来学了一下RMI的使用，但是对于它的反序列化，我们还是需要通过底层代码逻辑来实现的所以现在再来学一下RMI前情回顾RMI的基本结构就是这样的我们现了解一下Registry：http...

近日，国家卫生健康委及下属国家中医药局、国家疾控局联合制定了《医疗卫生机构网络安全管理办法》（以下简称《管理办法》）。

Akamai security research has observed a new malware: a cryptominer with dreams of DDoS functionality. Read about kmdsbot in this blog.

The modern application has evolved and shifted to the edge. This inevitable adoption is improving the digital experience for end users.

CVE-2022-28219 Zoho ManageEngine ADAudit Plus XXE到RCE漏

Summary GTSC and other reputable sources have published blogs and analysis on a threat actor campaign exploiting Microsoft Exchange vulnerabilities. Patches are now available for these vulnerabilities. Threat Type Vulnerability Overview -Update 11/09/2022 - Microsoft has released their monthly update and included in this release are patches for the vulnerabilities covered in this collection. We recommend testing and applying these updates as soon as possible. Microsoft also recommends that you apply th

Though cloud-based secure web gateways (SWGs) eliminate many problems, it?s important to select the right approach to on-ramping traffic based on use case and protection level.

Learn about MITRE's latest evaluation and how MDRs can help organizations to better understand and combat adversary behavior.

The post MITRE マネージドサービス評価｜MDRとDRIRを検討中のお客様が知っておくべきの4つのポイント appeared first on SentinelOne JP.

Summary VMWare has released Workspace ONE Assist 22.10 in order to patch three critical vulnerabilities in their remote access tool. Threat Type Vulnerability Overview Three critical authentication bypass bugs have been disclosed in VMWare’s remote access tool, Workspace ONE Assist. All three of these vulnerabilities have been rated at a 9.8 out of 10 on CVSSv3. According to the VMWare advisory, "A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access with

The web needs a CDN; the cloud needs a GDN. What does that mean and why is it important for developers?

我想写一篇文章，关于burpsuite插件开发入门。去年我写了一些burp插件，用于辅助渗透和漏洞挖掘，这给我带来了很多方便，可以捡到一些安全漏洞。 本人以第一视角说下本人是如何学习burpsuite插件开发的。本文只是入门，如果想要深入学习插件开发，还需要更多的学习和参考。 1.环境配置和搭建 i

fastjson 1.2.68 反序列化写文件RCE探索

高级威胁治理战略5.0 - NG-XDR，针对关键信息基础设施（CII）在面对国家级APT攻击时，在事前、事中和事后三个阶段需要采取和着重考量哪些针对性的技术和能力，作为XDR体系在高级威胁治理领域中最重要场景的落地。

2022补天参会流水账

漏洞概述该漏洞为2021年天府杯中使用的Adobe Reader越界写漏洞