红日攻防实验室

红日攻防实验室



专注Web及移动安全[红日安全31期]

渗透测试,web安全动态
home-bg1_meitu_6.jpg


-安全文章

-安全漏洞

-移动安全

-代码审计


标签:安全动态 安全技能 资源与工具分享

安全动态

[Security_week] 每日攻防资讯汇总(03-14)

https://mp.weixin.qq.com/s/NTcthz1bouFQvVlS9nSMVg

[Security_week] CVE-2018-0907 | 微软Office Excel安全特性绕过

https://mp.weixin.qq.com/s/FZwgQJv4XS9A2V-70R3Rhg

[Security_week] Samba CVE-2018-1050和CVE-2018-1057预警

https://mp.weixin.qq.com/s/9kEtvVFcAVqmGZ3k2Vg2Hg

[Security_week] 新的挖矿攻击再次利用“永恒之蓝”漏洞感染服务器

https://mp.weixin.qq.com/s/BZkZRnWyXMFxosLCaeiziw

[Security_week] 中国某军工企业被美、俄两国黑客攻击

https://mp.weixin.qq.com/s/FkhyBVYxjMemSN2fvWp2RA

[Security_week] 阿里 8.6 亿美元再押 ofo,与摩拜合并再无可能?

https://mp.weixin.qq.com/s/MT2BsGc33BMdDd6p4qzwsw

[Security_week] CVE-2018-6376:Joomla!二阶SQL注入漏洞

https://mp.weixin.qq.com/s/IyFDWR9tL-ysAHTpPZ79Mw

[Security_week] CVE-2018-0886:"MS-RDP 逻辑 RCE 漏洞" 初步解读

https://mp.weixin.qq.com/s/7tKZeY23otlNLk7tJv-lfQ

[Security_week] 兜哥的信安之路

https://mp.weixin.qq.com/s/9GTwaNEvWSRBIkdVFtf8Hg



安全技能

[Security_technology] 任意用户密码重置(四):重置凭证未校验

https://mp.weixin.qq.com/s/NKDq53K2L9N0Ype19OTRLg

[Security_technology] 从小白变RSA大神,附常用工具使用方法及CTF中RSA典型例题

https://mp.weixin.qq.com/s/aU3XDBOVbr-nt_FMfTHMGg

[Security_technology] Chaos:Linux后门卷土重来

https://mp.weixin.qq.com/s/2phYAp4taA508BKpNxj_zQ

[Security_technology] CTF Hackplayers 2018 WriteUp 之拿到Jax的权限

https://mp.weixin.qq.com/s/8GI7G5uFGbRMgULUnxmn-w

[Security_technology] 逆向学习手记

https://mp.weixin.qq.com/s/YcQX1rR2Jto6YJzuqH8-DA

[Security_technology] iOS安全基础之钥匙串与哈希

https://mp.weixin.qq.com/s/WWwG_02GvBlXZMMlFXF8GA

[Security_technology] N1CTF2018 APFS&Lipstick题解

https://mp.weixin.qq.com/s/xL-Ec57DswEryUseajjFvQ

[Security_technology] Docker容器构建过程的安全性分析

https://mp.weixin.qq.com/s/AFRk4clsm8wE2cLF6UI4fQ

[Security_technology] zoomeye的简单使用(很恐怖的搜索引擎)

https://mp.weixin.qq.com/s/9vdhotnVebwGuKN9QgfECg

[Security_technology] 人见人爱的vDSO机制,如今也靠不住了

https://mp.weixin.qq.com/s/0e3XjZzqnoPoO3AWkdU77w

[Security_technology] windows下安装docker(纠正报错)+加速下载kali镜像

https://mp.weixin.qq.com/s/12wylLU4ToXUG64yJcmTYA

[Security_technology] 密码窃取软件AGENT TESLA的传播渠道分析

https://mp.weixin.qq.com/s/arirTZ7vau4kN29x2m1Ffw

[Security_technology] 记一次有趣的渗透测试

https://mp.weixin.qq.com/s/w5Dl54oOA7-XYuSIrguy-w

[Security_technology] 混在运维部的安全员说“端口与口令安全”

https://mp.weixin.qq.com/s/eJiNOwS6OpYEg0D5SbMRPA

[Security_technology] 深度解析密码破解程序

https://mp.weixin.qq.com/s/fdb8Qo0Z7pxhVYydUadVvA

[Security_technology] 如何利用Webhooks绕过支付环节

https://mp.weixin.qq.com/s/p5joqegP1dbGtHsmS-3fRQ

[Security_technology] PHP代码/命令注入小结

https://mp.weixin.qq.com/s/e-qNJaXZh-t5H7AJEOBIAQ

[Security_technology] ring3层恶意代码实例汇总

https://mp.weixin.qq.com/s/wY3KnCewAw6WS5bNYlm-2Q

[Security_technology] Java代码审计-铁人下载系统

https://mp.weixin.qq.com/s/8mmj-mixScgOKq7cL2_YcQ

[Security_technology] 关于网络钓鱼的深入讨论

https://mp.weixin.qq.com/s/7Xnv84qtffSjWzRTn--uWA

[Security_technology] 远程桌面协议 CredSSP 存在严重漏洞,影响所有版本的 Windows

https://mp.weixin.qq.com/s/GGUMg8tlJuNB2asN9KLxZA



工具与资源

[Security_tools] Process-Forest-Window进程日志分析工具;python版的BloodHound

https://mp.weixin.qq.com/s/XlyhJDM3MwTBzpWp83Mhsg

[Security_tools] 《轻而易举-黑客攻防入门》扫描版[PDF]

https://mp.weixin.qq.com/s/qTsW8engi0zBAp0pSaay8Q

[Security_tools] 精讲php代码执行与命令执行漏洞

https://mp.weixin.qq.com/s/12hElUJv5PYwK2u19bcFtw
[Security_tools] Powershell And Metasploit(上)

https://mp.weixin.qq.com/s/UV25c70OfMqkkOD69Kzf1Q

 

 标签: none

作者  :  sysyz



关于我

about me

sysyz

联系我