Aggregator

原理

当获得root权限之后，可对fakesh设置suid标志位

之后就可以用fakesh在低权限下获得root权限

Recently I’m confused by my research. I need to p […]

Summary The ICS-CERT has published an advisory that affects Rockwell Automation's FactoryTalk AssetCentre. Threat Type Vulnerability Overview The ICS-CERT has published an advisory that affects Rockwell Automation's FactoryTalk AssetCentre. Further information is available from the advisory which is summarized below. ICS Advisory ICSA-21-091-01 - Rockwell Automation FactoryTalk AssetCentre CVE-2021-27462 - A deserialization vulnerability exists in how the AosService.rem service in FactoryTalk AssetCentre ve

Criminals love tax season. The stress and urgency surrounding this time of year makes the victim pool highly vulnerable to various types of schemes.

钓鱼演练踩坑笔记

钓鱼演练踩坑笔记

钓鱼演练踩坑笔记

钓鱼演练踩坑笔记

钓鱼演练踩坑笔记

Summary Proofpoint Threat Research discovered in late 2020 a new credential phishing campaign named BadBlood, carried out by threat group TA453, aka Charming Kitten. The campaign targets senior medical professionals who specialize in genetic, neurology, and oncology research in the United States and Israel. These targets are not the traditional targets for TA453, however, the tactics and techniques observed in BadBlood continue to mirror those used in historic TA453 campaigns. Threat Type Malware, Phishing,

antSword 后渗透模块，一个你不能错过的插件。本文将介绍 v1.2 更新内容，并介绍该插件目前已有的功能。

antSword 后渗透模块，一个你不能错过的插件。本文将介绍 v1.2 更新内容，并介绍该插件目前已有的功能。

黑客已在可公开访问的网络犯罪论坛上发布了估计5.33亿Facebook用户的电话号码和帐户详细信息，约占整个

得补 java 基础。很多 java 特性之前没有碰到过的。

Java Agent 从入门到内存马（下）