红日攻防实验室

红日攻防实验室



专注Web及移动安全[红日安全29期]

渗透测试,web安全动态
home-bg1_meitu_6.jpg


  • 安全文章
  • 安全漏洞
  • 移动安全
  • 代码审计

标签:安全动态 安全技能 资源与工具分享

安全动态

  • [Security_week] 信息安全漏洞周报(2018年第6期)--CNNVD安全动态

https://mp.weixin.qq.com/s/h0BTNFiaicv6O9NJah1cgg

  • [Security_week] CNNVD最新漏洞(2018-02-11) --CNNVD安全动态

https://mp.weixin.qq.com/s/BHz7TAEU0KJVYaAGj5ZvRQ

  • [Security_week] 20180212-今日网络安全热点 --CNNVD安全动态

https://mp.weixin.qq.com/s/6P-ow3e0GMPXa00w0xQfJg

  • [Security_week] 每日安全动态推送(02-12) --腾讯玄武实验室

https://mp.weixin.qq.com/s/FaPvtXbh0cmLlNq7BwjPHQ

  • [Security_week] 20180220 -今日网络安全热点 --安全字典

https://mp.weixin.qq.com/s/7R3eWhdDP-Qf-T8jM4asXA

  • [Security_week] 每日安全动态推送(02-26)及春节合集.上(02-13—02-17)

https://mp.weixin.qq.com/s/eMu4F6_Qbj3Fgvfj-giV4g

  • [Security_week] Apache Tomcat绕过漏洞预警

https://mp.weixin.qq.com/s/hbva4kkRGFMC__i34fxukg

  • [Security_week] CNNVD最新漏洞(2018-02-26) --CNNVD安全动态

https://mp.weixin.qq.com/s/fF1wRps6GD1SYOCAZQb_Pg

  • [Security_week] 【国内外技术分享-2018.2.28】 --SAINTSEC

https://mp.weixin.qq.com/s/PzGauWIHfZnCtj9jxx5DRA

  • [Security_week] CNNVD最新漏洞(2018-02-28) --CNNVD安全动态

https://mp.weixin.qq.com/s/b6YS-6PVtQB8F4_zRa48gA



安全技能

[Security_technology]

  • [Security_technology] TinyShop缓存文件获取WebShell之0day

https://mp.weixin.qq.com/s/mZW4U3u1Cd9ycrJtWZ_2Hg

  • [Security_technology] Adobe Flash零日漏洞(cve-2018-4878)在野攻击完全分析报告

https://mp.weixin.qq.com/s/-88BZHfMUixMqFaTHX0P0Q

  • [Security_technology] 逆向必备工具分析小技巧

https://mp.weixin.qq.com/s/hIYli6T-e6zbdlvjFVkwcg

  • [Security_technology] 打造属于自己的渗透神器

https://mp.weixin.qq.com/s/prcJJWUKW3-76k3MYtQiUA

  • [Security_technology] 就一加手机支付漏洞讨论在线支付中的安全风险

https://mp.weixin.qq.com/s/_JbpHqy1CvcH3KLPDACQtA

  • [Security_technology] 又一波神操作:横向渗透中的 SSH 劫持技巧

https://mp.weixin.qq.com/s/d_sCHqLcD-8MkSXJzjYxTg

  • [Security_technology] Key的黑客日常:日了沙盒的表兄

https://mp.weixin.qq.com/s/1p65hKO9Ne7v2W9Po_rO1g

  • [Security_technology] HackTheBox Writeup (上)

https://mp.weixin.qq.com/s/JgW3-NRVCO8t_dAcgy8u3Q

  • [Security_technology] 浅谈文件包含漏洞

https://mp.weixin.qq.com/s/0GfdES4P5IjJDxrkk9XhDw

  • [Security_technology] Moctf-web题解

https://mp.weixin.qq.com/s/zUhS-Wr13qr8wYaWykRvuQ

  • [Security_technology] CVE-2018-0802简单利用

https://mp.weixin.qq.com/s/Q0beRSGD12Q7w6_Jp_h80g

  • [Security_technology] linux缓冲区溢出漏洞简介

https://mp.weixin.qq.com/s/-m8tLKcqC96IdPfx8PborA

  • [Security_technology] 利用XSS维持网站后台权限

https://mp.weixin.qq.com/s/EBrdO-k0fbazlV_oRJOqMw

  • [Security_technology] 技术解析 | Web缓存欺骗测试

https://mp.weixin.qq.com/s/Acl6Bzx7V1ntB1_zv3tOPw

  • [Security_technology] CTF中RSA题型解题思路及技巧,附小白福利

https://mp.weixin.qq.com/s/vJ0WWQPzznT0tTJGBJ_eJA

  • [Security_technology] 从漏洞复现到代码审计,深入学习csrf漏洞原理

https://mp.weixin.qq.com/s/ZJrpqmpZelKeUGQ78a2R6A

  • [Security_technology] 突破封闭 Web 系统的技巧之正面冲锋

https://mp.weixin.qq.com/s/Fl0-5t3WPuWTjBT2u_Ay3A

  • [Security_technology] writeup | 应该不是 XSS

https://mp.weixin.qq.com/s/Pyl6XVdj0ti77uKQU5cmVg

  • [Security_technology] 从代码讲常用文件上传漏洞原理分析

https://mp.weixin.qq.com/s/W8EvPPr-ZKN-weg1wCU0eg

  • [Security_technology] Win提权思路,方法,工具(小总结)

https://mp.weixin.qq.com/s/vewoJGM1j4m38XPhHX8ldw

  • [Security_technology] *nux 提权思路,方法,工具(小总结)

https://mp.weixin.qq.com/s/WAjJuLD8jLtL_GUcx_3z9g

  • [Security_technology] Web Service 和 Web API渗透测试指南(一)

https://mp.weixin.qq.com/s/Px5JO2IPjbHmDXlAp6gAvw

  • [Security_technology] 渗透技巧——利用Masterkey离线导出Chrome浏览器中保存的密码

https://mp.weixin.qq.com/s/e4G4VqdxVOSjlgaXNPRUuQ

  • [Security_technology] IAT 三连之什么是 IAT?

https://mp.weixin.qq.com/s/NYL-9lOBoOXEJF1x3Lp4NA

  • [Security_technology] MS14-058 提权演示

https://mp.weixin.qq.com/s/PyZakgPGnuWGPILwRVfcFw

  • [Security_technology] 一个渗透实例

https://mp.weixin.qq.com/s/OK-mf_VK4Nrm0WaZ-1b_rA

  • [Security_technology] 渗透技巧——获取Windows系统下DPAPI中的MasterKey

https://mp.weixin.qq.com/s/yLRNJT2MUkTVF3wVc6Zbaw

  • [Security_technology] shellcode快捷编写工具,可针对多种常见系统指令编写;POT:Twitter钓鱼,全自动模仿给好友发钓鱼链接

https://mp.weixin.qq.com/s/84v3i4xwXAty4Wsq4iBLzA


工具与资源

[Security_tools]

  • [Security_tools] 一款好用的php webshell检测工具

https://mp.weixin.qq.com/s/cI486aDedi-rLtV8pii0IA

  • [Security_tools] 新手Python黑客工具入门(续)

https://mp.weixin.qq.com/s/nYNHPoOmNH4-8aZ2CTexgA

  • [Security_tools] InterWorx 弱口令批量检测

https://mp.weixin.qq.com/s/59b-Wg3Umr_94WwwGEtN4A

  • [Security_tools] Altdns:运用置换扫描技术的子域发现工具

https://mp.weixin.qq.com/s/_HQNSjfkuReygS2S1WcnIw

  • [Security_tools] 端口ping检测工具

https://mp.weixin.qq.com/s/pQTQP1pwBKqg7tfOdWoigg

  • [Security_tools] 轻松理解什么是 webshell

https://mp.weixin.qq.com/s/x2Tw3ukaTFDJvZ0YCuZBog

  • [Security_tools] 公开课 | web常见攻击之信息收集

https://mp.weixin.qq.com/s/005eguPJs4ZqRkg82NUzOA

  • [Security_tools] 高效与争议并存:大规模自动化渗透工具AutoSploit

https://mp.weixin.qq.com/s/X-1onhR4QUbmMm8V7AdF4A

  • [Security_tools] Python 资源大全中文版

https://github.com/jobbole/awesome-python-cn

  • [Security_tools] python算法教程

https://github.com/qiwsir/algorithm

  • [Security_tools] python面试题之基础知识

https://github.com/taizilongxu/interview_python

  • [Security_tools] AutoSploit--MSF自动化攻击脚本

https://github.com/RootUp/AutoSploit

  • [Security_tools] 安全思维导图集合

https://github.com/SecWiki/sec-chart

  • [Security_tools] MongoDB 渗透测试工具

https://github.com/stampery/mongoaudit

 标签: none

作者  :  sysyz



关于我

about me

sysyz

联系我