Aggregator

CobaltStrike是一款渗透测试神器，支持http/https、tcp、smb等多种通信方式。

在hvv防守方、应急响应等场景中，都有检测CobaltStrike的需求。

Akamai mPulse is a real user monitoring solution, providing detailed information about the user experiences delivered by your web applications. mPulse can be configured within your Akamai property to automatically start collecting data from your customer visits. This initial setup will gather the data required to use advanced features in Adaptive Acceleration such as Script Manager, Automatic Server Push, and Automatic Preconnect.

本文介绍beyondProd的实现架构、关键技术。

推荐阅读这篇文章。有攻有防，砥砺前行。推荐语只能 120 字，我把其它的想法和解决方案附在文末。

JumpServer 是全球首款开源的堡垒机

渗透过程中在有数据库权限的情况下如何解密?

通过对源代码的阅读，记录如下

This post is part of a series about Offensive BPF that I’m working on to learn how BPFs use will impact offensive security, malware, and detection engineering. Click the “ebpf” tag to see all relevant posts. One of the issues I ran into when trying out sslsniff-bpfcc was that it did not work with Firefox or Chrome traffic. This post is about me learning how to hook user space APIs with bpftrace using uprobes.

要加油学习，不然太菜连挖洞的基础都没有——松鼠A

个人解读《2021年网络安全产业分析报告》

Breaking news: we just completed an 850-user pilot with Akamai MFA. In this blog, the first in a series, I?ll explain why we switched to Akamai MFA, how we ran our pilot, and employee feedback so far. Check back for my next blog, when we?re midway through our global deployment. A burglar checks for open windows. Neglecting to lock just one is like leaving the door wide open. In the same way, cyber attackers look for the easiest user accounts to take over ? whether that?s network access credentials, email, on-premise applications, or cloud/SaaS applications. If they?re lucky, they can also use the stolen credentials to breach other systems, an action known as lateral movement.

使用函数的风格调用 JS 方法。如何做到简单且无副作用。

immunityinc公司也是成立很久的老牌安全公司了,不过人家以攻促防，了解一下immunityinc公司

写下这个标题估计就已经要被骂死了，谁让自己很厚颜无耻的在前面立下了flag。读者们可能已经注意到我实际上已经

Today you are in for a special treat. Did you know that an adversary can hide a smaller image within a larger one? This video demonstrates how a small image becomes magically visible when the computer resizes the large image, and also how to mitigate the vulnerability. This is possible when vulnerable code uses insecure interpolation. If you like this one check out the overall Machine Learning Attack Series.

作为国内第一本正式出版的、普及威胁情报技术的专业书籍，由天际友盟的技术团队共同编写的《网络威胁情报技术指南》

## blockdlls Cobalt Strike 3.14版本以后添加了blockdlls功能，它将创建一个子进程并限定该子进程只能加载带有Microsoft签名的DLL。 这个功能可以阻止第三方安全软件向子进程注入DLL，也就无法对子进程进行hook，最终起到保护子进程的效果。 XPN在[博客

Tabnabbing is a web application security vulnerability that can be used to perform phishing attacks, so its important to be aware of it as a developer and penetration tester. It is easy to mitigate and in this short video we cover both attacks and mitigations. Thanks for reading and happy hacking! @wunderwuzzi23

spring bean rce payload构造之旅

目录: 一、电商类APP业务风险类型 二、设备指纹在业务中的应用 三、整体框架 四、初始化流程分析 五、反爬虫mtgsig签名 六、设备指纹分析 七、设备指纹攻击 八、黑产工具特征检测 九、总结 一、电商类APP业务风险类型 电商行业的各个业务场景面临不同的风险种类：客户端漏洞利用、协议逆向、注册小

This post is part of a series about Offensive BPF that I’m working on to learn about BPF to understand attacks and defenses. Click the “ebpf” tag to see all relevant posts. In the previous posts I spend time learning about bpftrace which is quite powerful. This post is focused on basics and using existing BPF tools, rather then building new BPF programs from scratch. Living off the land: bpfcc-tools Performance and observability teams are pushing for BPF tooling to be present in production.