红日攻防实验室

红日攻防实验室



专注Web及移动安全[红日安全28期]

渗透测试,web安全动态

home-bg1_meitu_6.jpg


-安全文章

-安全漏洞

-移动安全

-代码审计


标签:安全动态 安全技能 资源与工具分享

安全动态

[Security_week]

[Security_week] WordPress CMS平台存在严重的DoS 漏洞 几乎影响所有版本

https://mp.weixin.qq.com/s/I9dnrnnUUcygFV21mNA4Rw

[Security_week] 流密码与RC4密码初认识

http://www.freebuf.com/articles/rookie/160891.html

[Security_week] Google Project Zero 成员教你如何入门搞安全

https://zhuanlan.zhihu.com/p/33678187

[Security_week] ZZCMS v8.2 最新版SQL注入漏洞

https://mp.weixin.qq.com/s/Vc8wlt4rj42vYo9NB9KFxQ

[Security_week] DTD 实体 XXE 浅析

https://mp.weixin.qq.com/s/vkCdz6YCoiiJPI30KePD6g

[Security_week] CNNVD最新漏洞(2018-02-08)

https://mp.weixin.qq.com/s/MbQe67gAJh_4YatldVB8jg



安全技能

Security_technologyPHPMailer任意文件读取

https://mp.weixin.qq.com/s/q6t-zdbOue6aQ8yURRFIzQ

[Security_technology] FreeFloat FTP1.0 溢出漏洞分析

https://mp.weixin.qq.com/s/MSaEbeNN0zbrNY50_30FRQ

[Security_technology] 渗透测试 -- VulnHub –CTF FristiLeaks v1.3

https://mp.weixin.qq.com/s/vroN1CKPjf2x033E0e43vg

[Security_technology] 利用macOS时间戳溯源攻击行为

https://mp.weixin.qq.com/s/TW56QKPCCZIJFhIEt0f0xg

[Security_technology] Apache ActiveMQ Artemis 反序列化—【CVE-2016-4978】

https://xianzhi.aliyun.com/forum/topic/2015

[Security_technology] 加固 C/C++ 程序

https://mp.weixin.qq.com/s/K7QiPPTpYIhEFk-BD2LYaA

[Security_technology] 从一道高质量的ctf题中看渗透测试

https://www.anquanke.com/post/id/97567

[Security_technology] 基于机器学习的 Webshell 发现技术探索

https://mp.weixin.qq.com/s/5wJbvuG0IUOX4jdFtYNnkg

[Security_technology] 从 Ajax 聊一聊 Jsonp 点击劫持

https://mp.weixin.qq.com/s/0rTTpt0GtBDgdjVl0dDl8Q

[Security_technology] 渗透测试之cisco路由器在渗透中的利用

https://mp.weixin.qq.com/s/9_n_TdkeREdbLkfpldrRtA

[Security_technology] Metasploitable2 漏洞评估详解

https://mp.weixin.qq.com/s/ueTT8-DLgTJ-WVjf-7PRlg

[Security_technology] 思科ASA安全设备远程代码执行和拒绝服务漏洞(CVE-2018-0101)预警更新

https://mp.weixin.qq.com/s/62Mwyr-O6CfC1VN7N8scxw

[Security_technology] CTF逆向--.NET与Python篇

https://mp.weixin.qq.com/s/Rs7opbwM2qp38QpQXREYfA

[Security_technology] 挖洞经验之代理不当日进内网

https://mp.weixin.qq.com/s/EtUmfMxxJjYNl7nIOKkRmA

[Security_technology] 任意用户密码重置(三):用户混淆

https://mp.weixin.qq.com/s/zU69T_L3q14LJ8bjnvT6Dw

[Security_technology] HITCTF2018-web全题解

https://mp.weixin.qq.com/s/K9XYMAazQ3vwv2L8yFtx1w

[Security_technology] 4道与CVE结合web题目

https://mp.weixin.qq.com/s/eAgw1ABhi_fZXuYLuZF3Nw

[Security_technology] 三道有趣的web题

https://mp.weixin.qq.com/s/xs7jTrRRzkt4dZ5grcYHnQ

[Security_technology] CTF逆向题——IgniteMe

https://mp.weixin.qq.com/s/rleXE3xD4nZrTpvgi4uEKQ

[Security_technology] 汇编指令级混淆器的实现

https://mp.weixin.qq.com/s/dONVbZ4v4cbwpLd3qve2Cw

[Security_technology] BurpSuite基于SS抓取流量

https://mp.weixin.qq.com/s/4R9NDYM3WhlhBKo9WiBCdA


工具与资源

[Security_tools] 漏洞银行技能书

https://skills.bugbank.cn/

[Security_tools] MS17-010攻击脚本与开发模块

https://github.com/rapid7/metasploit-framework/pull/9473

[Security_tools] 华盟网:2017年最优秀黑客工具大合集

https://www.77169.com/html/194249.html

[Security_tools] Linux SSH密码暴力破解技术及攻击实战

http://blog.51cto.com/simeon/2066269?wx=

[Security_tools] CNNVD最新漏洞(2018-02-07)

https://mp.weixin.qq.com/s/rk9tShKhFOUGM-7hBeGMKQ

[Security_tools] CNNVD最新漏洞(2018-02-06)

https://mp.weixin.qq.com/s/_fu90lXZF-kB6p_1Ex47EQ

[Security_tools] 新手Python黑客工具入门

https://mp.weixin.qq.com/s/ZiqBUop9nLTCmxIDlrXqdA

[Security_tools] pentestdb 架构详解

https://mp.weixin.qq.com/s/b4cpUQf5K9oz2b3ka6dNgQ

[Security_tools] 工具| PocSuite 使用介绍

https://mp.weixin.qq.com/s/uTGff7wZI2-2e2vXp_OQvA

 标签: none

作者  :  sysyz



关于我

about me

sysyz

联系我