Aggregator

A detailed look at an 840-Gbps DDoS attack on a financial services provider and a deeper dive into attacking nodes.

结合腾讯SOC在客户侧的运营实践，本文首先介绍安全运营在业界落地中普遍遇到的问题，并分享腾讯SOC在解决该问题时的思路和工作。

结合腾讯SOC在客户侧的运营实践，本文首先介绍安全运营在业界落地中普遍遇到的问题，并分享腾讯SOC在解决该问题时的思路和工作。

结合腾讯SOC在客户侧的运营实践，本文首先介绍安全运营在业界落地中普遍遇到的问题，并分享腾讯SOC在解决该问题时的思路和工作。

结合腾讯SOC在客户侧的运营实践，本文首先介绍安全运营在业界落地中普遍遇到的问题，并分享腾讯SOC在解决该问题时的思路和工作。

结合腾讯SOC在客户侧的运营实践，本文首先介绍安全运营在业界落地中普遍遇到的问题，并分享腾讯SOC在解决该问题时的思路和工作。

结合腾讯SOC在客户侧的运营实践，本文首先介绍安全运营在业界落地中普遍遇到的问题，并分享腾讯SOC在解决该问题时的思路和工作。

结合腾讯SOC在客户侧的运营实践，本文首先介绍安全运营在业界落地中普遍遇到的问题，并分享腾讯SOC在解决该问题时的思路和工作。

PHP 使用 OpenSSL 实现国密 SM4 加解密示例代码

Researching malware has many challenges. One of those challenges is obfuscated code and intentionally corrupted binaries. To address challenges like this, we've written a small tool in C that could fix intentionally corrupted binaries automatically. We also plan to open-source the project so other researchers could use it too, and perhaps improve and expand upon the tool's capabilities as needed.

前言最近痴迷于看 RFC 及各类规范文档，从中发现一些有趣的利用。

前言最近痴迷于看 RFC 及各类规范文档，从中发现一些有趣的利用。

前言最近痴迷于看 RFC 及各类规范文档，从中发现一些有趣的利用。

This is a guest post DEVCORE collaborated with Zero Day Initiative (ZDI) and published at their blog, which describes the exploit chain we demonstrated at Pwn2Own 2021! Please visit the following link to read that :)

• FROM PWN2OWN 2021: A NEW ATTACK SURFACE ON MICROSOFT EXCHANGE - PROXYSHELL!

If you are interesting in more Exchange Server attacks, you can also check our series of articles:

• A New Attack Surface on MS Exchange Part 1 - ProxyLogon!
• A New Attack Surface on MS Exchange Part 2 - ProxyOracle!
• A New Attack Surface on MS Exchange Part 3 - ProxyShell!
• A New Attack Surface on MS Exchange Part 4 - ProxyRelay!

With ProxyShell, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server through an exposed 443 port! Here is the demonstration video:

跨平台社区化Web指纹识别工具ObserverWard_0x727

跨平台社区化Web指纹识别工具ObserverWard_0x727

跨平台社区化Web指纹识别工具ObserverWard_0x727