150亿美元的王朝过客,从Symantec的前世今生谈起
严格来说,这其实是Symantec的第二次被并购。大马华裔陈福阳带领的Broadcom传出150亿美元价格并
Aggregator
150亿美元的王朝过客,从Symantec的前世今生谈起
6 years 9 months ago
严格来说,这其实是Symantec的第二次被并购。大马华裔陈福阳带领的Broadcom传出150亿美元价格并
150亿美元的王朝过客,从Symantec的前世今生谈起
6 years 9 months ago
严格来说,这其实是Symantec的第二次被并购。大马华裔陈福阳带领的Broadcom传出150亿美元价格并
世界的模样——毕业总结
6 years 9 months ago
关于成电的季节里,我最喜欢的便是夏天。那是我初入校
世界的模样——毕业总结
6 years 9 months ago
关于成电的季节里,我最喜欢的便是夏天。那是我初入校
190705 安卓-对抗AndResGuard的重打包
6 years 9 months ago
换了一个apk实验后
apktool b -f -p. xxx也不行,仍然报资源错误
看了一下可能是鹅厂出的AndResGuard工具,会将资源文件夹/Res/xxx重命名为/r/x类的目录,导致资源解析出错
针对这个混淆有shakaApktool来对抗,但由于太久没有更新所以已经失修了
于是无奈回归apktool -r不解析资源文件、原样打包的思路
对于AndroidManifest.xml的二...
whklhhhh
Fiddler如何自动修改请求和响应包 - bamb00
6 years 9 months ago
Charles的Map功能可以将某个请求进行重定向,用重定向的内容响应请求的内容。这个功能非常方便。在抓包过程当中,有时候为了调试方便,需要将线上的服务定位到内网。比如我们线上的服务器域名为 api.example.com,而内网的用于调试的服务器域名为 test.neiwang.com,那么就需要
bamb00
BashSpray - Simple Password Spray Bash Script
6 years 9 months ago
One thing every red team should attempt early on and regularly is to perform some password spray testing across their organization to identify and help remediate usage of weak passwords.
In the past I have done this on Windows a lot, but now I built a simple version for it for Bash to run it also from a Mac.
Check it out: Bash Spray
Ideally, a script like bashspray.sh is integrated into your response pipelines, and SOC, Blue Team as well as account owner get notified - so they change their password right away, and any SOC investigation can be performed if necessary.
What To Do When Your Company Tells You They're Making a Mobile App, Part 3
6 years 9 months ago
In the final part of our mobile app series, we cover the DevSecOps components related to mobile app security: rolling out requirements, training, testing, and operational practices.
What To Do When Your Company Tells You They're Making a Mobile App, Part 3
6 years 9 months ago
In the final part of our mobile app series, we cover the DevSecOps components related to mobile app security: rolling out requirements, training, testing, and operational practices.
What To Do When Your Company Tells You They're Making a Mobile App, Part 3
6 years 9 months ago
In the final part of our mobile app series, we cover the DevSecOps components related to mobile app security: rolling out requirements, training, testing, and operational practices.
彦宏获水、廉价热搜、417.74亿的某度与2块的某宝
6 years 9 months ago
认真点,我是来看热闹的~
彦宏获水、廉价热搜、417.74亿的某度与2块的某宝
6 years 9 months ago
认真点,我是来看热闹的~
彦宏获水、廉价热搜、417.74亿的某度与2块的某宝
6 years 9 months ago
认真点,我是来看热闹的~
New Golang Malware is Spreading via Multiple Exploits to Mine Monero
6 years 9 months ago
A newcomer to the malware scene, Golang-based malware has been seen installing cryptominers specifically targeting Moreno cryptocurrency.
New Golang Malware is Spreading via Multiple Exploits to Mine Monero
6 years 9 months ago
A newcomer to the malware scene, Golang-based malware has been seen installing cryptominers specifically targeting Moreno cryptocurrency.
New Golang Malware is Spreading via Multiple Exploits to Mine Monero
6 years 9 months ago
A newcomer to the malware scene, Golang-based malware has been seen installing cryptominers specifically targeting Moreno cryptocurrency.
190702 安卓-Frida-gadget
6 years 9 months ago
开始鹅厂实习的社畜搬砖生活(°∀°)ノ
frida-gadget的优势在于通过对应用重打包,加入gadget.so的调用,从而实现frida的hook
这种途径避免了注入所需要的root权限
发现了一个现成的脚本,但测了一下似乎有一些问题,明天修一下看看
以下是手动流程
解包
apktool d xxx.apk
-r选项可以使得不解析资源,但AndroidManifest.xml也不会解析,此时无...
whklhhhh
献给三体迷一则短文
6 years 9 months ago
2017年8月19日,中国贵州射电望远镜“天眼”接收到一个来自外太空4光年外的可疑信号。2017年8月19日
献给三体迷一则短文
6 years 9 months ago
2017年8月19日,中国贵州射电望远镜“天眼”接收到一个来自外太空4光年外的可疑信号。2017年8月19日