Aggregator

案例是在最近项目中遇到的俩个站，挺有意思的，所以分享出来。第一个站getshell后，内网简单的看了下，发现不是目标就没深入。 第一个站 1、弱口令 弱口令：admin admin进入网站后台 2、任意文件下载 在系统配置备份模块发现http://xxx.xxx.xxx.xxx/DownloadSe

我们提“以攻促防”想表达的点也很简单：做安全的，需要懂得攻击，发现问题，还需要懂得防御，解决问题。概念就是这么简单。剩下的呢？实战出真知。

Revisiting Cookie Crimes In 2018 @mangopdf described “Cookie Crimes”, which is great research around Chrome’s remote debugging feature that allows adversaries and malware to gain access to cookies quite convienently during post-exploitation. The original research is published here, and it still works today. The new Microsoft Edge browser and Chromium Microsoft’s latest Edge browser is based on the same code, Chromium. I guess, you already know where this is going now…

低功耗蓝牙小工具

繁星之下，大多数人的生活都是朴实无华的，但总会有些点滴让人觉得世界是如此的美好。

COVID-19 has turned the tech world upside down. Read what a future IT director thought we did right—and what went terribly wrong.

Guidance for members of the public, website administrators and JavaScript developers in relation to the recently publicised cryptocurrency mining compromises of several websites

MethodVisitor ClassVisitor的visitMethod能够访问到类中某个方法的一些入口信息，那么针对具体方法中字节码的访问是由MethodVisitor来进行的 访问顺序如下，其中visitCode和visitMaxs仅调用一次，标志方法字节码访问的开始和结束 MethodVi

一些内心独白

笔者近期阅读了十几个知名公司和机构的年度报告，将一些要点总结分享给大家。

这里分享我们实践的一个新思路，能有效达到IAST/RASP快速部署的目的。

完成上一篇的设置后，我们将在本篇中分享如何着手开始对门锁固件进行分析。

“人的因素”促使我们更深刻认识到参与网络安全链条中的人员个体的差异和作用，用新技术去弥补防御方弱点、固化人员安全能力推广、并限制攻击者活动空间。

No One is Invisible to Ransomware Attacks: Cybercriminals Pinpointing Healthcare Organizations   In this challenging time, cybercriminals have their eyes on consumers and institutions...

The post Ransomware Attacks: Cybercriminals Pinpointing Healthcare Organizations appeared first on McAfee Blog.

Codeql 入门教程 首发于先知社区 codeql是一个可以对代码进行分析的引擎, 安全人员可以用它作为挖洞的辅助或者直接进行挖掘漏洞,节省进行重复操作的精

Spring Boot + H2数据库JNDI注入

Introduction In our previous post, The Building Wave of Internet Traffic, we looked at the traffic patterns across Europe and the effect the COVID-19 pandemic has had. We examined traffic in Italy, Poland, and Spain, and demonstrated how we observed...

Chrome’s remote debugging feature enables malware post-exploitation to gain access to cookies. Root privileges are not required. This is a pretty well-known and commonly used adversarial technique - at least since 2018 when Cookie Crimes was released. However, remote debugging also allows observing user activities and sensitive personal information (aka spying on users) and controlling the browser from a remote computer. Below screenshot shows a simulated attacker controlling the victim’s browser and navigating to chrome://settings to inspect information:

继续聊聊管理工作中踩过的坑。本文体验下付费阅读功能，90%可免费阅读。

1.编译后的方法区，其中存储的代码都是一些字节码指令 2.Java虚拟机执行模型： java代码是在一个线程内部执行，每个线程都有自己的执行栈，栈由帧组成，每个帧表示一个方法的调用，每调用一个方法，都将将新的帧压入执行栈，方法返回时(不管是整成return还是异常返回)，该方法对应的帧都将出栈，即按