Aggregator
提醒⚠️近日有大量快递信息泄露,涉及几乎每一个人,请各位提醒家人及朋友谨慎防范陌生来电各种理由的诈骗、推销。
2 years 1 month ago
提醒⚠️近日有大量快递信息泄露,涉及几乎每一个人,请各位提醒家人及朋友谨慎防范陌生来电各种理由的诈骗、推销。
安全产品终将成为服务
2 years 1 month ago
觉醒
HackTheBox Response [Msf Meterpreter 流量解密] + [破碎ssh key 复原]
2 years 1 month ago
简述
这两个部分是insane难度的HTB Response机器的root部分,其中msf meterpreter流量解密是此box的特色,和最难的部分,为了blog美观。所以顺带把破碎ssh key 复原的部分也加进来了,主要参考HTB response writeup from 0xdf’s blog记录这篇博客加深记忆和理解,及供后续时间充足在做深入研究查阅,备忘。
253
ChatGPT展示的是一种能力
2 years 1 month ago
1、OpenAI的起源据说OpenAI起源于2015年一场由Altman(OpenAI CEO)攒的一场饭局
Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report, OpenSSL gets patched, and Reddit admits phishing hack
2 years 1 month ago
Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news
OAuth ‘masterclass’ crowned top web hacking technique of 2022
2 years 1 month ago
Single sign-on and request smuggling to the fore in another stellar year for web security research
Managing Hype Events to Delight Customers, Not Bot Operators
2 years 1 month ago
Learn how to prepare for your hype event so you ensure your goods are available for your loyal customers ? and not bots.
David S�n�cal
Radio silence from DMS vendor quartet over XSS zero-days
2 years 1 month ago
No response or patch yet forthcoming from providers of vulnerable document management systems
Firefly平台使用常见问题说明
2 years 1 month ago
前言平台的功能都是在工作之余来设计和完成的,由于时间有限,部分功能从设计到开发可能中间间隔了较长一段时间,导
关于E5573Cs-322产品存在拒绝服务漏洞的声明
2 years 1 month ago
汽车APP产品分析-亿盾反作弊
2 years 1 month ago
有流量的地方就有作弊,渠道可以通过批量机器或模拟器模拟下载,以及通过人工或者技术手段修改设备信息、破解反作弊SDK方式发送虚拟信息、模拟下载激活APP等等
New XSS Hunter host Truffle Security faces privacy backlash
2 years 1 month ago
Anonymized numbers of bug discoveries swiftly deleted after pushback
JD-GUI 反序列化 XSS
2 years 1 month ago
上周和Y4tacker师傅交流学习,偶然间发现 JD-GUI 在开启某项配置的情况下,会监听端口并反序列化任
Akamai Recognized as a 2023 Gartner� Peer Insights? Customers' Choice for Cloud WAAP
2 years 1 month ago
Customers rate Akamai as a 2023 Customers' Choice for Cloud WAAP for the fourth consecutive year on Gartner� Peer Insights.?
Danielle Walter
Episode 001 - Diana Kelley
2 years 1 month ago
Books, start-ups, cyber emergencies or podcasts? Diana Kelley has done it all. With more than 30 years of experience in the cyber field, she has seen a lot and is excited to share some interesting moments of her path.
As an expert in the industry, Diana realizes the importance of helping young people and women enter the cyber field. She is currently the Chief Strategy Officer of Cybrize, founded by her and Valmiki Mukherjee, and serves on the board of Cyber Future Foundation, WiCyS, and Executive Women’s Forum.
Check our Episode #1 with Diana Kelley, and find her and the projects she’s working on here:
玩转安全架构:从安全治理到安全验证
2 years 1 month ago
瞎琢磨,总结下安全架构的搬砖套路。
Firefly平台SRC资产信息收集功能正式开放
2 years 1 month ago
前言Firefly是一个集资产管理、信息收集和漏洞扫描的综合平台,目前主要用于日常的自动化挖洞。之前有说会逐
Second UK Computer Misuse Act consultation reflects ‘very little progress’
2 years 1 month ago
Campaigner bemoans glacial progress of review and urges government to set clear timetable
DOM XSS vulnerability in Gartner Peer Insights widget patched
2 years 1 month ago
Web attack vector closed after failed fix