红日攻防实验室

红日攻防实验室



专注Web及移动安全[红日安全66期]

20181011202924.jpg

渗透测试,web安全动态


-安全文章

-安全漏洞

-Web安全

-代码审计


标签:安全动态 Web安全 渗透测试 安全工具 代码审计 视频分享

安全动态

[Security_week] ThinkPHP 5.0 & 5.1远程命令执行漏洞利用分析

https://mp.weixin.qq.com/s/sKQP1fVRm7kOOkyk5JOOpA

[Security_week] 木马攻防

https://mp.weixin.qq.com/s/Ag6gB9lN9QjmCINesMWi_g

[Security_week] 黑客攻防基础知识

https://mp.weixin.qq.com/s/Tphkma7m5mxjtDQgMCMUkg

[Security_week] 2018年度弱密码出炉,看你用了哪个

https://mp.weixin.qq.com/s/Sob2jtdpoQKFKB6cnx6i0A

[Security_week] 信息安全漏洞周报(2018年第48期)

https://mp.weixin.qq.com/s/1Hacy9PqP6TDzwYCPpncGQ

[Security_week] 漏洞威胁周报(2018/12/10-2018/12/16)

https://mp.weixin.qq.com/s/qbgyl_bW-H0NoKoN7GnyQw



Web安全

[Web_Security] upload-labs靶场第三关

https://mp.weixin.qq.com/s/gcJUiBqRhsJAjoXK7vZqVA

[Web_Security] thinkphp代码执行getshell

https://mp.weixin.qq.com/s/NQAZPz8uT8eNFyeMT4l8Ig

[Web_Security] upload-labs靶场第四关

https://mp.weixin.qq.com/s/KFcPfwkEXHHHxKIt8QbLxA

[Web_Security] upload-labs靶场第五关

https://mp.weixin.qq.com/s/1hxKHaZNnLEBWjbsf4_tQA

[Web_Security] 会话固定漏洞的一点学习、分析与思考

https://mp.weixin.qq.com/s/TiBed71KxKcIHOyG02AdQQ

[Web_Security] Upload-labs&Upload Bypass Summarize

https://mp.weixin.qq.com/s/MHH1QsYuWV8qxzYiq7ME6A

[Web_Security] phar反序列化rce

https://mp.weixin.qq.com/s/v_p6Vz_zrlmX9V9C65iMjQ

[Web_Security] 过气的00截断

https://mp.weixin.qq.com/s/wAa9DrTmi3ooVzRx5wWiOw

[Web_Security] upload-labs靶场第六关

https://mp.weixin.qq.com/s/TXlBBy1BVeqSTUwQlOeNNg

[Web_Security] XSS有长度限制?试试这几招

https://mp.weixin.qq.com/s/Hn9H1Ls1EqNBo7FDi9nHbw

[Web_Security] Web漏洞扫描器的设计与实现(一)

https://mp.weixin.qq.com/s/h8ApDH1lG7Jsb1bqwE588Q

[Web_Security] IIS写权限漏洞-菜刀工具

https://mp.weixin.qq.com/s/tWQcr3WuRVqWS0RJaSiXXg



渗透测试

[Penetration_test] LinEnum - 本地Linux枚举和提权脚本

https://mp.weixin.qq.com/s/lSvkK79YNEDPvfrrb4vUyg

[Penetration_test] 局域网内mysql互连

https://mp.weixin.qq.com/s/8Mb1b8J-oE1tixyH3TZdnw

[Penetration_test] Web渗透入侵思路

https://mp.weixin.qq.com/s/TqsX7OUbdEK2l_3z9fWOvw

[Penetration_test] 绕过CDN找到源站的思路

https://mp.weixin.qq.com/s/8NUvPqEzVjO3XbmCBukUvQ

[Penetration_test] CVE-2018-1111复现环境搭建与dhcp命令注入

https://mp.weixin.qq.com/s/LGOPnlHtxVidnO1e_TDMOA

[Penetration_test] API 接口渗透测试

https://mp.weixin.qq.com/s/kpJxO14LpwFN-PjV2XNPkA



安全工具

[Security_tools] 20个堪称神器的Linux命令行软件

https://mp.weixin.qq.com/s/Vg3fnRXDvemaaPHejwVbog

[Security_tools] ZMap - 互联网扫描仪

https://mp.weixin.qq.com/s/SFDPXJHjOOH3ZffkeUj42w

[Security_tools] 通过Burp Macros自动化平台对Web应用的模糊输入进行处理

https://mp.weixin.qq.com/s/xqYukfWiZ1UXTvFcRXl4Pg

[Security_tools] 适用于渗透测试不同阶段的工具收集整理

https://mp.weixin.qq.com/s/uClheUFDvToiUG78oOOr6w



代码审计

[Code_audit] PHP 代码审计之死磕 SQL 注入

https://mp.weixin.qq.com/s/a5nb1wEDIr0x_rD8QeLk1Q

[Code_audit] 一个审计的小trick

https://mp.weixin.qq.com/s/E8K8tO1oX95TDhN8IiUtAQ

[Code_audit] 代码审计Day15 - $_SERVER[PHP_SELF]导致的防御失效问题

https://mp.weixin.qq.com/s/MZcL_G3ouGFasdNKvZLZeQ

[Code_audit] PHP-Audit-Labs题解之Day1-4

https://mp.weixin.qq.com/s/BRcugHD8dOjvuxvQoHP9bw



视频分享

[Video_share] Windows取证艺术赏析

https://www.bugbank.cn/live/view.html?id=111836

 标签: none

作者  :  ba91ing



关于我

about me

ba91ing

联系我