Aggregator

2023年10月7日，对以色列国防史而言，是一个不堪回首却必须正视的日子。

战场通信革命正在悄然发生。在一场关乎欧亚大陆命运的硝烟中，一项本为民用的技术成为扭转战局的关键因素。Spac

2023年10月7日，对以色列国防史而言，是一个不堪回首却必须正视的日子。

文章剖析Tomcat内存马，涵盖Listener、Filter、Servlet和Valve的编写与分析，介绍通过JSP编写及反射操作动态加载恶意代码的方法，同时探讨反序列化注入内存马的实践，总结经验并展望未来研究。

文章剖析Tomcat内存马，涵盖Listener、Filter、Servlet和Valve的编写与分析，介绍通过JSP编写及反射操作动态加载恶意代码的方法，同时探讨反序列化注入内存马的实践，总结经验并展望未来研究。

Name: CTF@CIT 2025 (an CTF@CIT event.)
Date: April 25, 2025, 9 p.m. — 27 April 2025, 19:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.cyber-cit.club/
Rating weight: 24.57
Event organizers: HACK@CIT

Name: UMDCTF 2025 (an UMDCTF event.)
Date: April 25, 2025, 10 p.m. — 27 April 2025, 22:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://umdctf.io/
Rating weight: 70.86
Event organizers: UMDCSEC

Name: BSidesSF 2025 CTF (an BSidesSF CTF event.)
Date: April 25, 2025, 11 p.m. — 27 April 2025, 23:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Location: San Francisco, CA
Offical URL: https://ctf.bsidessf.net/
Rating weight: 25.00
Event organizers: BSidesSF

在网络安全领域，安全团队面临着大量警报、过时报告的困扰，并且常常缺乏对新兴威胁的实时可见性。这种传统的漏洞管理 […]

新闻速览 •工信部CSTIS提醒：防范WinRAR安全绕过漏洞的风险 •第一季度159个CVE遭到野外利用，近 […]

fuzzuf fuzzuf (fuzzing unification framework) is a fuzzing framework with its own DSL to describe a fuzzing loop by constructing building blocks of fuzzing primitives. Why use fuzzuf? fuzzuf enables a flexible definition of a fuzzing loop...

The post fuzzuf: Fuzzing Unification Framework appeared first on Penetration Testing Tools.

CuddlePhish Weaponized multi-user browser-in-the-middle (BitM) for penetration testers. This attack can be used to bypass multi-factor authentication on many high-value web applications. It even works for applications that do not use session tokens, and...

The post cuddlephish: Weaponized multi-user browser-in-the-middle (BitM) for penetration testers appeared first on Penetration Testing Tools.

远控锁屏恶意软件样本分析

远控锁屏恶意软件样本分析

A vulnerability has been found in Apple macOS and classified as critical. Affected by this vulnerability is an unknown functionality of the component Vim. The manipulation leads to use after free. This vulnerability is known as CVE-2022-3705. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.