How Big is Your Digital Footprint Anyway?
F5 Labs' Preston Hogue writes for SecurityWeek, tracing the full extent of your digital footprint in the era of big data breaches.
Aggregator
Stepping up to multi-factor authentication
6 years ago
New guidance on implementing MFA to better secure online services
ActiveMQ反序列化(CVE-2015-5254) && ActiveMQ任意文件写入 (CVE-2016-3088) - 淚笑
6 years ago
ActiveMQ 反序列化漏洞(CVE 2015 5254) 漏洞详情 ActiveMQ启动后,将监听61616和8161两个端口,其中消息在61616这个端口进行传递,使用ActiveMQ这个中间件的程序也通过这个端口工作,8161是Web服务的端口,通过Web页面可管理ActiveMQ Acti
淚笑
高级持续渗透-第八季demo便是远控
6 years ago
Micropoor
从传统安全转行风控领域的心路历程,兼谈黑产和风控行业趋势
6 years ago
看着曾经的战友女神、灰王都开了公众号写的不亦乐乎,我也产生了写一点文字的念想。公众号倒是悄悄开了,但是囿于自己水平有限,一直没有发内容。元旦假期自己一个人听着《平凡之路》飙在高速公路的时候,突然觉得有些经历和感受,可以在写一写。
Life at Akamai: Making Connections
6 years ago
By the numbers, Akamai's scale, reach and ability to help brands connect users to immersive and immediate online experiences while protecting their businesses from threats, is quite impressive. While I'm proud that Akamai connects with billions of devices daily and...
Julie Carey
Low, Medium and High Interaction Honeypot Security
6 years ago
Honeypots are a popular way to protect data centers and learn about attackers. Learn the difference between high and low interaction honeypot security.
Igor Livshitz
Phishing, spear phishing and whaling; does it change the price of phish?
6 years ago
Regardless of the type of phish, you'll still need multiple layers of defence to protect your organisation.
linux下形如{command,parameter,parameter}执行命令 / bash花括号扩展 - 淚笑
6 years ago
背景 在复现vulhub上的漏洞ActiveMQ Deserialization Vulnerability (CVE 2015 5254)时,发现官方文档给出反弹shell的payload 其他部分倒是没什么说的,只是对其中的形如{command,parameter}的方式执行命令不是很理解,遂查
淚笑
关于Burpsuite Intruder的四种爆破方式
6 years ago
(0) 前言Burpsuite的Intruder功能可以对目标进行多线程爆破,比如账号密码爆破,验证码爆破等
Strategies for Improving the Benefits of Certificate Revocation
6 years ago
F5 Labs' David Warburton writes for Venafi, explaining one of the key strategies for improving the use of OCSP for certificate revocation.
PHP安全新闻早八点-高级持续渗透-第七季demo的成长
6 years ago
Micropoor
PHP安全新闻早八点-高级持续渗透-第六季关于后门
6 years ago
Micropoor
C语言单链表实现约瑟夫环
6 years ago
前言 前两天朋友给我发来一个题目,问我能不能用C语言链表实现。 13个人围成一圈,从第1个人开始顺序报号1,2,3。凡报到“3”者退出圈子,找出最后留在圈
CSP攻略 - 羊小弟
6 years ago
看完三篇文章应该就懂了csp是干嘛的。 https://www.cnblogs.com/Wayou/p/intro_to_content_security_policy.html https://www.w3.org/TR/CSP3/ http://drops.xmd5.com/static/dro
羊小弟
Governing Security at Large Enterprises
6 years ago
We surveyed infosec professionals from organizations with at least 5,000 employees to investigate the qualitative differences in running a security program at scale. We also distill 5 principles you can use to have a better chance at success.
让你看得懂的十大科技趋势
6 years ago
笔者就今年的十大科技趋势做一次通俗易懂的解读方便大家理解。每个部分都包含具体的落地案例,会让你觉得这些科技就在身边。
How to Check for Revoked Certificates
6 years ago
F5 Labs' David Warburton writes for Venafi, discussing the different methods for checking a certificate's status, and their relative benefits.
「日记」迅雷界面库一览
6 years ago
看bolt,破thunder
「日记」一次产品代码审计
6 years ago
有针对性的熟悉东西审计就是快