Aggregator

框架只是帮助你搭建一套逻辑，但用在哪儿，怎么用，还要结合各公司实际情况。

Unfortunately, today's sophisticated web application threats have gained some advantages over typical WAFs: Favorable odds -- WAFs must correctly identify attacks 100% of the time, whereas attackers have the luxury of only needing to find a single bypass or evasion Temporary fixes -- Many WAFs use a "whack-a-mole" response tactic by only denying the individual attack request, allowing the attacker to make repeated attempts Persistence -- If left unimpeded, attackers may eventually find some type of payload obfuscation that minimizes detection effectiveness The confluence of these advantages should concern WAF customers. Let's take a closer look at the typical web attacker methodology to see why.

我就是想吐槽下国内的SolarWinds事件分析。其实对于供应链类的安全攻击，并不是说被攻击者完全束手无策，这个事件正好可以让我们学习下一流攻击者的手法，然后落地成我们自己的检测逻辑

这篇文字来自 heige 投稿，我好像很久都没打理本懒号了，突然感觉也挺对得起本懒号的名字...

本报告部分引自Week in OSINT栏目，每周推荐好玩实用的工具，站点，技巧，文章等，适用于任何领域的研究人员，分析测试人员。

教你如何在CTF大赛中快速的解出安卓破解类题目

在以往的攻防对抗中，我们关注的更多的是主机，但当我们把目光投向数据，以数据为核心防护资产时，我们该如何对数据安全建立纵深防御机制呢？

这几个月来，发生了很多事情，也就耽误了些思考和总结的时间。现在，收拾收拾重新出发。

“我与我周旋久，宁作我” - 《世说新语·品藻》

FART脱壳机理论上来讲能脱大多数壳，但是仍有例外，需要自行摸索

本文分享了VIPKID安全团队在内网穿透反向代理软件frp的部分安全实践，希望可以抛砖引玉，欢迎各位安全小伙伴一起讨论学习。

The presence of public "over-the-top" DNS resolution alternatives is a strong motivator for internet service providers (ISPs) to invest in making their DNS resolution infrastructure the best that it can be. Resolvers are the glue that binds subscribers to their fixed and mobile broadband services.

2020 has shown both record-busting bps and pps attacks and the most prolific DDoS extortion campaign recorded by Akamai.

我司洋仔对SPA的分析，说实话，我俩对SPA都不咋看好，有点隔靴搔痒的感觉。

By Gal Bitensky, Executive Summary Link scanners are a critical component in multiple classes of security products including email security suites, websites that suggest direct inspection of a suspicious link, and others. Behind the scenes, these services use web clients...

一大早朋友圈就炸了，鱼哥、猪猪侠、何艺等一众大佬都在谈论这事儿赶紧去FireEye官网了解下具体发生了什么。

漏洞本身有趣的成因和触发条件，在利用时无需明文密码，只要具备NTHash即可成功，在利用方式上会相对更加灵活。同时，存在漏洞的功能点本身具备持久化功能，利用成功后将直接进行持久化行为，在不修复漏洞的情况下将永远存在。

Today FireEye shared that they were victim of a cyberattack and internal red teaming tooling was accessed by adversaries. More details in this NYT article. This reminded me that I wanted to do a post on actively protecting pen testers and pen testing assets for a while. Against persistent adversaries it is only a matter of time when they succeed, not if they will succeed. The big question is do you know when an adversary starts poking around, and when they succeed?

We explore the three general job roles and skill sets in cybersecurity: engineering defenses, testing security, and responding to cyberattacks.

人望山，鱼窥荷