Aggregator

境外僵尸网络攻击溯源与样本分析分享学习，切勿用作它途。

恶意代码检测技术简述恶意代码检测技术目前主流的有特征码扫描技术、基于签名的扫描技术、启发式扫描技术等。

引言在信息化时代，网络已成为我们生活中不可或缺的一部分。它为我们提供了快速沟通和便捷服务的渠道，使我们能够高效地办理业务、完成工作和享受娱乐。然而，随着网络的普及和信息化程度的加深，我们在享受便利的同

0x00 前言本文是关于“2024高校网络安全管理运维赛”的详细题解，主要针对Web、Pwn、Re、Misc以及Algorithm等多方向题目的解题过程，包含但不限于钓鱼邮件识别、流量分析、SQLite文件解析、ssrf、xxe等等。如有错误，欢迎指正。0x01 Misc签到给了一个gif，直接在线

第一部分：初始谜题这一部分算是开胃菜，形式也更像平时见到的CTF题目，三个题目都是python加密的，做出其中任意一个就可以进入第二部分，也就是一个更类似真实情境的大型密码渗透系统。但每个初始谜题都是有分数的，所以就算开了第二部分也当然要接着做。每个题目也都有前三血的加成，一血5%，二血3%，三血1

Rspamd is an open-source spam filtering and email processing framework designed to evaluate messages based on a wide range of rules, including regular expressions, statistical analysis, and integrations with custom services like URL blacklists. The system analyzes each message and assigns a verdict, which the MTA can use to take further actions, such as rejecting the message or adding a spam indicator header. Additionally, Rspamd provides valuable information like potential DKIM signatures and suggested message … More →

The post Rspamd: Open-source spam filtering system appeared first on Help Net Security.

Security operations center (SOC) practitioners believe they are losing the battle detecting and prioritizing real threats – due to too many siloed tools and a lack of accurate attack signal, according to Vectra AI. They cite a growing distrust in vendors, believing their tools can be more of a hindrance than help in spotting real attacks. This is at odds with growing confidence in their teams’ abilities and a sense of optimism around the promise … More →

The post SOC teams are frustrated with their security tools appeared first on Help Net Security.

Quickpost: The Electric Energy Consumption Of LLMs Filed under: Quickpost — Didier Steve

You can’t fulfill your end of the shared responsibility model if you don’t emphasize secure configurations. Depending on the cloud services you’re using, you’re responsible for configuring different things. Once you figure out those responsibilities, you then need to perform the hardening. Our guidance helps simplify the process. It explains how you can use the CIS Foundations Benchmarks to get started with identity and access management (IAM), logging and monitoring, and networking on the cloud … More →

The post Meet the shared responsibility model with new CIS resources appeared first on Help Net Security.

一些WordPress用户的部分主题在上传svg、ico、webp文件时出现“ ”的提示，意思是这类图片格式不允许上传，今天这个教程能解决这个问题 WordPr […]

SHELLSILO SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the process of constructing and utilizing structures, assigning variables, and making system calls. With this...

The post SHELLSILO: Simplifying Syscall Assembly and Shellcode Creation appeared first on Penetration Testing Tools.

BPF Compiler Collection (BCC) BCC is a toolkit for creating efficient kernel tracing and manipulation programs and includes several useful tools and examples. It makes use of extended BPF (Berkeley Packet Filters), formally known...

The post BPF Compiler Collection: BPF-based Linux IO analysis, networking, monitoring, and more appeared first on Penetration Testing Tools.

SharpDPAPI SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi‘s Mimikatz project. The SharpChrome subproject is an adaptation of work from @gentilkiwi and @djhohnstein, specifically his SharpChrome project. However, this version of SharpChrome uses a different version of the C# SQL library that...

The post SharpDPAPI: C# port of some Mimikatz DPAPI functionality appeared first on Penetration Testing Tools.

WEB题目：Sanic's revenge解题步骤首先看到给出的附件:from sanic import Sanicimport osfrom sanic.response import text, htmlimport sysimport randomimport pydash# pydash==

一、数据安全解题赛1、ds_0602解题思路题目让我们获取加密文件中的原始数据，解密后提交第六行第二列数据，下载附件，发现里面有两个文件，其中一个是“.enc”结尾，那这里我们得先简单了解一下“.enc”结尾的是什么类型的文件。简单来说“.enc”结尾的文件通常是经过加密的文件。具体来说，文件扩展名