Aggregator

SB恶作剧样本分析

SB恶作剧样本分析

SB恶作剧样本分析

SB恶作剧样本分析

APEX – Azure Post Exploitation Framework An attempt to ease up post ex tasks once we have access to some sort of credentials to an Azure related account. To be honest it is nothing...

The post APEX: Azure Post Exploitation Framework appeared first on Penetration Testing Tools.

从盲SSRF到RCE：如何在Solr服务器上实现数据篡改和代码执行！

从盲SSRF到RCE：如何在Solr服务器上实现数据篡改和代码执行！

从盲SSRF到RCE：如何在Solr服务器上实现数据篡改和代码执行！

从盲SSRF到RCE：如何在Solr服务器上实现数据篡改和代码执行！

从盲SSRF到RCE：如何在Solr服务器上实现数据篡改和代码执行！

从盲SSRF到RCE：如何在Solr服务器上实现数据篡改和代码执行！

Arya – The Reverse YARA Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it as a reverse YARA because it does exactly the opposite...

The post arya: produces pseudo-malicious files meant to trigger YARA rules appeared first on Penetration Testing Tools.

pphack is a CLI tool for scanning websites for client-side prototype pollution vulnerabilities. Feature Fast (concurrent workers) Default payload covers a lot of cases Payload and Javascript customization Proxy-friendly Support output in a file...

The post pphack: The Most Advanced Client-Side Prototype Pollution Scanner appeared first on Penetration Testing Tools.

青海省开出首张网络数据安全“罚单”

青海省开出首张网络数据安全“罚单”

青海省开出首张网络数据安全“罚单”

非常经典的 .NET 二次反序列化漏洞以及 Bypass 黑白名单的思路分析。