Aggregator

文字来自本人实战经历（已修复）

海量IP地址字符串转码生成shellcode、Beacon木马伪造Referer请求头为10086官网

从受限JavaScript沙箱到宿主Java环境的完整攻击链构造与纵深防御

通过构造恶意的中转站来劫持 opencode，claudecode，openclaw 从而实现命令执行，乃至于上线 c2

LLM 能帮一个安全工程师干些什么

Agentic / Context

面向大模型隐私推理的安全协议-MPC与ZK的角色分工

从客户端加密配置到伪造签名：一次支付金额篡改漏洞的挖掘实录

分享一次在某市攻防演练中的实战记录，通过一个普通的登录页面，最终拿下多个后台系统权限。

Apache Camel JMS 反序列化(CVE-2026-40860)漏洞分析漏洞概述Apache Camel 的核心目标是把各种不同的系统、协议和数据格式“粘合”在一起。它实现了著名的企业集成模式（Enterprise Integration Patterns, EIP），比如拆分消息、聚合消息、动态路由等。受影响版本中，JmsBinding.extractBodyFromJms() 方法在

The inaugural beta of Python 3.15 has been unveiled. With the final release slated for October 1, the

The post Python 3.15 Beta: Faster Startups, Stable Free-Threading, and the New Tachyon Profiler appeared first on Penetration Testing Tools.

最近ActiveMQ出了两个有关Jolokia的新漏洞，之前都没看过ActiveMQ，借此机会分析一下，顺带把之前的几个重点漏洞也简单分析一遍。

红队基础设施建设--重定向器

通过精心构造 php://filter 链，在不写入任何文件的前提下，将一个普通的本地文件包含（LFI）漏洞直接升级为远程代码执行（RCE）。

A security researcher has demonstrated an unconventional method to paralyze Windows file servers without resorting to data encryption

The post GhostLock: The No-Encryption “Ransomware” That Can Paralyze Windows File Servers in Minutes appeared first on Penetration Testing Tools.

阅读： 5凌晨时分，你疲惫地点下几万条告警中的第N条；面对堆砌的安全工具，却找不到一个真正贯通的中控枢纽；专家经验难以复制，团队在“踩坑”

A vulnerability described as problematic has been identified in Google Android up to 7.1. Impacted is an unknown function of the component Audioserver. Such manipulation leads to information disclosure. This vulnerability is documented as CVE-2017-0398. The attack needs to be performed locally. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Google Android up to 7.1. The affected element is an unknown function of the component Audioserver. Performing a manipulation results in information disclosure. This vulnerability is reported as CVE-2017-0398. The attack requires a local approach. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Google Android up to 7.1. The impacted element is an unknown function of the component Audioserver. Executing a manipulation can lead to information disclosure. This vulnerability appears as CVE-2017-0398. The attack requires local access. There is no available exploit. Upgrading the affected component is advised.

A vulnerability marked as problematic has been reported in Liferay Portal up to 6.2.10. Impacted is an unknown function of the component Velocity Template Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2010-5327. It is possible to initiate the attack remotely. There is no exploit available.