CVE-2020-2551 简单分析
感觉又该重温 JNDI 了。。。
Aggregator
Pwnable.kr 之 Toddler's Bottle
5 years 7 months ago
好久没更新,菜鸡学 pwn
Sariel.D
Weblogic T3 协议学习
5 years 7 months ago
Docker with Weblogic 12.2.1.4.0
Sariel.D
漏洞复现|F5 BIG-IP TMUI(CVE-2020-5902)
5 years 7 months ago
F5 BIG-IP 是美国 F5 公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。近日,F5官方公布流量管理用户界面(TMUI)使用程序的特定页面中存在一处远程代码执行漏洞(CVE-2020-5902)
Fintech学习资料 - Afant1
5 years 7 months ago
该文被密码保护。
Afant1
关于一次智能手表的探索
5 years 7 months ago
最近网上智能手表非常的火,于是在闲鱼上淘了一个30块的智能手表,经过一番折腾后。。
关于一次智能手表的探索
5 years 7 months ago
最近网上智能手表非常的火,于是在闲鱼上淘了一个30块的智能手表,经过一番折腾后。。
关于一次智能手表的探索
5 years 7 months ago
最近网上智能手表非常的火,于是在闲鱼上淘了一个30块的智能手表,经过一番折腾后。。
BIG IP CVE-2020-5902 漏洞检测和利用
5 years 7 months ago
解决OSSEC Agent 3.6.0 无法注册问题
5 years 7 months ago
解决OSSEC Agent 3.6.0 无法注册问题
解决OSSEC Agent 3.6.0 无法注册问题
5 years 7 months ago
解决OSSEC Agent 3.6.0 无法注册问题
Cybersecurity Myths That Are Harming Your Business
5 years 7 months ago
Cybersecurity experts are falling prey to seven myths in the effort to protect their business. Shape's Daniel Woods writes for Forbes, explaining where these myths have led us astray, and how to keep the useful bits while discarding the chaff.
Technical Controls for a Secure Open Banking Initiative
5 years 7 months ago
Learn about the technical controls that leading regulators around the world endorse for an effective and secure Open Banking initiative.
Technical Controls for a Secure Open Banking Initiative
5 years 7 months ago
Learn about the technical controls that leading regulators around the world endorse for an effective and secure Open Banking initiative.
2020 Firefox 安全、隐私、实用扩展指南
5 years 7 months ago
本篇文章将会介绍一些我目前使用的安全、隐私和实用相关的 Firefox 扩展。
Taking a Human Approach to a Global Crisis
5 years 7 months ago
Since March, the COVID crisis has caused massive disruption to every area of life and work. It has tested us, as individuals and as a business. Akamai has taken a very human-centric approach during the pandemic. Our guiding principle has been to do what is right for the health and safety of employees, customers and partners. I feel proud of this, because when I think about what I'm grateful for, it really does come down to people. I'm grateful to be working for a company that is keeping people connected to the world through technology. I'm grateful to be among smart, immensely resilient colleagues. And I'm grateful to have friends and family who are sticking together. Ultimately, it's the humanity that matters.
Prasad Mandava
Blast from the past: Cross Site Scripting on the AWS Console
5 years 7 months ago
Amazon Bug Bounty!
Great news: Amazon is now offering bounties via a security vulnerabiltiy research program
Bad news: AWS is out of scope!
When I read this I remembered that a few years ago I found persistent Cross-Site-Scripting on the AWS Console.
This post is a write up on how I found the XSS back then, techniques I used and how they evolved over the years and Amazon’s response.
AWS Console and Cross Site ScriptingThe story is that I had just created an AWS account and started using the service.
Feedspot ranked 'Embrace the Red' one of the top 15 pentest blogs
5 years 7 months ago
I’m excited that Feedspot ranked this blog (Embrace the Red) the number #10 pentest blog out there.
Subscribe and check-in regularly for new content related to offensive security engineering, penetration testing and red teaming.
You can also follow me on Twitter @wunderwuzzi23.
Cheers.
TCTF 2020 Web Writeup partial
5 years 7 months ago
To begin with
今年 TCTF Web 题目比原来要多,但还是那么强(做不出来
easyphp这道题被非预期了,正确解法也是在看到一叶飘零的
xmsec
欢迎各位关注我的视频号,会有一些好玩的AI产品和不一样的分享。
5 years 7 months ago
欢迎各位关注我的视频号,会有一些好玩的AI产品和不一样的分享。