├── .DS_Store
├── .gitattributes
├── README.assets
    ├── canvas.png
    ├── image-20210213215741850.png
    ├── image-20210215004417447.png
    └── image-20210215004711681.png
└── README.md


/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstxq17/SecurityArticleLogger/27f352d012ad6e4be449bf19349f20338307a72d/.DS_Store


--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | # Auto detect text files and perform LF normalization
2 | * text=auto
3 | 


--------------------------------------------------------------------------------
/README.assets/canvas.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstxq17/SecurityArticleLogger/27f352d012ad6e4be449bf19349f20338307a72d/README.assets/canvas.png


--------------------------------------------------------------------------------
/README.assets/image-20210213215741850.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstxq17/SecurityArticleLogger/27f352d012ad6e4be449bf19349f20338307a72d/README.assets/image-20210213215741850.png


--------------------------------------------------------------------------------
/README.assets/image-20210215004417447.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstxq17/SecurityArticleLogger/27f352d012ad6e4be449bf19349f20338307a72d/README.assets/image-20210215004417447.png


--------------------------------------------------------------------------------
/README.assets/image-20210215004711681.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mstxq17/SecurityArticleLogger/27f352d012ad6e4be449bf19349f20338307a72d/README.assets/image-20210215004711681.png


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # SecurityArticleLogger
  2 |  分类和整理自己看过的所有文章，方便知识体系的建立和查漏补缺
  3 | 
  4 | >PS.内容存档后面我放在了印象笔记的剪藏
  5 | 
  6 | 
  7 | 
  8 | ## 红队与域渗透相关
  9 | 
 10 | 1.[2021.2.13-域渗透之滥用SPN mappings](https://mp.weixin.qq.com/s/AI0DoMTWAsEypPLS3wUWsw)   [内容图片存档](https://github.com/mstxq17/SecurityArticleLogger/blob/main/README.assets/canvas.png)
 11 | 
 12 | 2.[攻击者如何使用Kerberos Silver Ticket来利用系统 ](https://adsecurity.org/?p=2011)  [内容图片存档](https://github.com/mstxq17/SecurityArticleLogger/blob/main/README.assets/image-20210213215741850.png)
 13 | 
 14 | 3.[红队技巧：基于反向代理的水坑攻击](https://payloads.online/archivers/2021-02-16/1)
 15 | 
 16 | 4.[一文理解 Windows 身份验证原理](https://mp.weixin.qq.com/s/3wY0K9yH71UzqOWtGucbOg)
 17 | 
 18 | 5.[红队之浅谈基于Windows telemetry的权限维持](https://mp.weixin.qq.com/s/-1nM1PotbfHPXtdXxq7JxQ)
 19 | 
 20 | 6.[域用户密码爆破研究](https://mp.weixin.qq.com/s/sLdFOjmgiDQ5RK2XN4X8wQ)
 21 | 
 22 | 7.[红队技巧-网络钓鱼 ](https://mp.weixin.qq.com/s/DIY-Q4GhCVRm0Cp4r3BPkw)
 23 | 
 24 | 8.[域渗透-SID History权限维持及域信任攻击](https://mp.weixin.qq.com/s/bo79i7cZ80Dolas7teQD2g)
 25 | 
 26 | 9.[Windows内网协议学习LDAP篇之组策略 ](https://mp.weixin.qq.com/s/51o055_T-PFyg6cjofCkBA)
 27 | 
 28 | 10.[Tailoring Cobalt Strike on Target](https://blog.xpnsec.com/tailoring-cobalt-strike-on-target/)
 29 | 
 30 | 11.[魔改CobaltStrike：二开及后门生成分析](https://mp.weixin.qq.com/s/C3cu6bNWtxsi95I0wMCCyQ)
 31 | 
 32 | 12.[红队策略：隐藏Windows服务](https://mp.weixin.qq.com/s/lbeW71mNdZy0a9qcVrmnTw)
 33 | 
 34 | 13.[ Bypass cobaltstrike beacon config scan](https://mp.weixin.qq.com/s/fhcTTWV4Ddz4h9KxHVRcnw)
 35 | 
 36 | 14.[红队之浅谈基于Windows telemetry的权限维持](https://mp.weixin.qq.com/s/-1nM1PotbfHPXtdXxq7JxQ)
 37 | 
 38 | 15.[利用GPO(组策略对象)批量控制域内主机 ](https://mp.weixin.qq.com/s/inf_wl_qay2ftZxAR3gQng)
 39 | 
 40 | 16.[windows域环境下认证和攻击初识](https://mp.weixin.qq.com/s/fKFN3WovkifmiPRrP4sSJg)
 41 | 
 42 | 17.[RIFT: Analysing a Lazarus Shellcode Execution Method](https://research.nccgroup.com/2021/01/23/rift-analysing-a-lazarus-shellcode-execution-method/)
 43 | 
 44 | 18.[Alaris | A Protective Loader](https://sevrosecurity.com/2020/10/14/alaris-a-protective-loader/)
 45 | 
 46 | 19.[一种后渗透阶段权限维持方法](https://mp.weixin.qq.com/s/J1QhojkW7dGwMlYPxj0f6Q)
 47 | 
 48 | 20.[渗透基础——利用IMAP协议读取邮件](https://mp.weixin.qq.com/s/XwA6nffBlQmgGGFqC2DERQ)
 49 | 
 50 | 21.[红蓝对抗中的云原生漏洞挖掘及利用实录](https://mp.weixin.qq.com/s/Aq8RrH34PTkmF8lKzdY38g)
 51 | 
 52 | 22.[域渗透-Kerberos委派学习](https://mp.weixin.qq.com/s/3WPGSEnjMf8yELcMV4zstw)
 53 | 
 54 | 23.[域渗透-基于委派的权限维持](https://mp.weixin.qq.com/s/SARxAvL4u1Yn2hMDFdoH7A)
 55 | 
 56 | 24.[记一次大型且细小的域渗透实战](https://mp.weixin.qq.com/s/bDH5LYjSPRtxUi1aGNpgSw)
 57 | 
 58 | 25.[Bypass趋势杀毒一步步打穿内网拿下域控](https://mp.weixin.qq.com/s/qVUZsOHqEpkptN3IviErLA)
 59 | 
 60 | 26.[非约束委派和约束委派攻击](https://mp.weixin.qq.com/s/NfN_6wdzjZv5oDzoTkqEDw)
 61 | 
 62 | 27.[Kerberos Bronze Bit Attack 绕过约束委派限制](https://mp.weixin.qq.com/s/CSxqXSMCpDRL1UA1yACIxw)
 63 | 
 64 | 28.[恶意代码分析之反射型DLL注入](https://mp.weixin.qq.com/s/-YycM3OFhYBVJxJU7RL1oA)
 65 | 
 66 | 29.[域内窃取哈希一些技术,类似钓鱼的操作](https://mp.weixin.qq.com/s/y1ehsvJEBkZ-qynNrOlAuA)
 67 | 
 68 | 30.[Finding Metasploit & Cobalt Strike URLs](https://videos.didierstevens.com/2021/03/21/finding-metasploit-cobalt-strike-urls/)
 69 | 
 70 | 31.[CobaltStrike 上线自动权限维持插件](https://mp.weixin.qq.com/s/GTldV9PG26i9Vdv51FOfwg)
 71 | 
 72 | 32.[投稿 | 2021最新免杀入门混淆加密方法揭秘（附视频）](https://mp.weixin.qq.com/s/sw9j638CWkubPIg4FiqQIw)
 73 | 
 74 | 33.[没有不上钩的鱼儿(上)_常用钓鱼手法](https://mp.weixin.qq.com/s/n-4QODrD9YlNmnQIM4mT7w)
 75 | 
 76 | 34.[Shellcode 隐写到像素 RGB 免杀上线到 CobaltStrike](https://mp.weixin.qq.com/s/SwzgK6P-ActQ8n0NqOmDlg)
 77 | 
 78 | 35.[Detecting Cobalt Strike Default Modules via Named Pipe Analysis](https://labs.f-secure.com/blog/detecting-cobalt-strike-default-modules-via-named-pipe-analysis/)
 79 | 
 80 | 36.[in-memory-shellcode-decoding-to-evade-avs/](https://shells.systems/in-memory-shellcode-decoding-to-evade-avs/)
 81 | 
 82 | 37.[A deep dive into specifics around cobalt strike malleable c2 profiles and key information that is new in cobalt strike 4.4](https://blog.zsec.uk/cobalt-strike-profiles/)
 83 | 
 84 | 38.[搭建大型域环境（父域控制器、子域控制器、辅域控制器、域内主机）](https://mp.weixin.qq.com/s/2GKMFKmjCF_vht8hKl4iFw)
 85 | 
 86 | 39.[SleepyCrypt: Encrypting a running PE image while it sleeps](https://www.solomonsklash.io/SleepyCrypt-shellcode-to-encrypt-a-running-image.html)
 87 | 
 88 | 40.[CobaltStrike Stager Utilizing Floating Point Math](https://medium.com/walmartglobaltech/cobaltstrike-stager-utilizing-floating-point-math-9bc13f9b9718)
 89 | 
 90 | 41.[域安全｜非约束委派攻击 & Exchange 2013的安装](https://mp.weixin.qq.com/s/3woYDMdqqldLDWiq3dsXnw)
 91 | 
 92 | 42.[域内最新提权漏洞原理深入分析](https://mp.weixin.qq.com/s/L_wSDyryEG6-9XydwitH2w)
 93 | 
 94 | 43.[域管与域控定位思路合集](https://mp.weixin.qq.com/s/HqICoJYsdL2kNz8xr17cgw)
 95 | 
 96 | 44.[记一次实战红队行动「下」域渗透篇](https://mp.weixin.qq.com/s/S3StFGbls-b3D3NuiGD-oQ)
 97 | 
 98 | 45.[一文读懂Kerberos认证流程](https://mp.weixin.qq.com/s/tXqKHbygwyE-TgVLWkYQjw)
 99 | 
100 | 46.[【干货】CS4.4绕过vultr特征检测修改checksum8算法，超详细过程小白理解](https://mp.weixin.qq.com/s/YeLCMPKpkwE_IW9KoMUnaA)
101 | 
102 | 47.[红蓝对抗 | 企业级攻防演练钓鱼行动解决方案(下)](https://mp.weixin.qq.com/s/f93VbwkxnEMb6zZDuSd84w)
103 | 
104 | 48.[一次域渗透测试过程](https://mp.weixin.qq.com/s/EdA30Vc-p1IjBwuyEASUIw)
105 | 
106 | 49.[利用资源约束委派进行的提权攻击分析](https://mp.weixin.qq.com/s/wSoGj28gNpzHp-xeJGYqCQ)
107 | 
108 | 50.[Windows委派](https://mp.weixin.qq.com/s/EZKnta_09x2WHeU2ZPV6xw)
109 | 
110 | 51.[利用OpenSSL对反弹shell进行流量加密](https://mp.weixin.qq.com/s/fQ6zczaQGsN9b_SP3Gr6lg)
111 | 
112 | 52.[记一次从linux打进域控](https://xz.aliyun.com/t/12193)
113 | 
114 | 
115 | 
116 | ## 内网渗透相关
117 | 
118 | [【VK技术分享】frp安全实践](https://mp.weixin.qq.com/s/upUhAFEGWX5Dj1gwuE_mAA)
119 | 
120 | [悄然上线的爆破与未授权检测](https://mp.weixin.qq.com/s/R8CFnsGRmwyM1K8uCQl0tg)
121 | 
122 | [黑客断网攻击与监听演示！](https://mp.weixin.qq.com/s/k1_pheBhsg3Ml0TnzKDsDA)
123 | 
124 | [一次完整的渗透测试](https://mp.weixin.qq.com/s/9V9tLP7DE-vVMMu5xNOnNw)
125 | 
126 | [从公有云到渗透进内网漫游](https://mp.weixin.qq.com/s/Gu-JyWwMdHFiGvv4ySz8QQ)
127 | 
128 | [记一次实战通过CVE-2021-21972拿下内网](https://mp.weixin.qq.com/s/Uo726o7bm-jPE1cHDx2jFw)
129 | 
130 | [记一次金融行业的攻防演练](https://mp.weixin.qq.com/s/esENbfayjJ9nEnwkzIe5ew)
131 | 
132 | [内网渗透 | 横向移动中MSTSC的密码获取](https://mp.weixin.qq.com/s/lxNifPgvZPyfjObo1iYRZg)
133 | 
134 | [红蓝对抗之隐蔽通信应用及防御](https://mp.weixin.qq.com/s/vvvPQweC0TZRFootoJPQbA)
135 | 
136 | 
137 | 
138 | 
139 | 
140 | 
141 | ## 蓝队相关
142 | 
143 | [零信任，绝情得令人窒息！](https://mp.weixin.qq.com/s/eCyzciBa4ZUZQvPGp5RnaA)
144 | 
145 | [【热剩饭】获取代理池背后攻击者的真实IP](https://mp.weixin.qq.com/s/qEEO-1lyFbYS7Saa2L-n0A)
146 | 
147 | 
148 | 
149 | ## Java相关
150 | 
151 | [Apache Shiro 两种姿势绕过认证分析（CVE-2020-17523](https://mp.weixin.qq.com/s/MEoqMjGkifnIn4MedluCHw)  [内容存档](https://static.app.yinxiang.com/embedded-web/profile/#/join?guid=64810ac0-851f-4397-87f0-b0904063eb77&channel=copylink&shardId=s14&ownerId=18477792)
152 | 
153 | [Spring Security 实战干货：OAuth2登录获取Token的核心逻辑](https://mp.weixin.qq.com/s/zdTBdSVunqwVGx-spHjLjw)
154 | 
155 | [VMware vCenter RCE (CVE-2021-21972) 漏洞复现与 Exp 编写](https://mp.weixin.qq.com/s/2pvaQborwMM8UHnWS_CeXA)
156 | 
157 | [Java 中 RMI、JNDI、LDAP、JRMP、JMX、JMS那些事儿（上）](https://paper.seebug.org/1091/)
158 | 
159 | [weblogic cve漏洞捡漏指南](https://mp.weixin.qq.com/s/HlG_Jd8zu0dR4rQw25hfDg)
160 | 
161 | [某weblogic的T3反序列化0day分析](https://mp.weixin.qq.com/s/OxeYufM-ZX_SdbV5zjWV7A)
162 | 
163 | [java执行shellcode的几种方法](https://mp.weixin.qq.com/s/p74WQwOfkSSZlsuRDke8jw)
164 | 
165 | [漫画:AOP 面试造火箭事件始末](https://mp.weixin.qq.com/s/8p1aUh-AMJLANpdkVkdBfg)
166 | 
167 | [在命令行下运行swing图形化应用](https://mp.weixin.qq.com/s/AfQIivDqk9F1NVQjzEbrFQ)
168 | 
169 | [最新X远OA系列漏洞分析](https://mp.weixin.qq.com/s/0AqdfTrZUVrwTMbKEKresg)
170 | 
171 | [工作四年，分享50个让你代码更好的小建议](https://mp.weixin.qq.com/s/GLRtkP-Jrv3yCaVfqET6dw)
172 | 
173 | [通过代码执行修改Shiro密钥](https://mp.weixin.qq.com/s/E6eVw6uItS-iT2OOR5bkhA)
174 | 
175 | [java-socket长连接demo体验](https://mp.weixin.qq.com/s/Xpo5b6t1JvxkzoV-zLGNZw)
176 | 
177 | [你见过哪些目瞪口呆的 Java 代码技巧？](https://mp.weixin.qq.com/s/3q4vXMIcmk0-BMPx4QiWIA)
178 | 
179 | [红队第2篇：区分Spring与Struts2框架的几种新方法](https://mp.weixin.qq.com/s/cmkTMw_QS8o1wMsRd0E0XQ)
180 | 
181 | [构造java探测class反序列化gadget](https://mp.weixin.qq.com/s/KncxkSIZ7HVXZ0iNAX8xPA)
182 | 
183 | [IDEA高效使用教程，一劳永逸！](https://mp.weixin.qq.com/s/ieg0U-M2T-ekrr0miSwuTQ)
184 | 
185 | 
186 | 
187 | ## PHP相关
188 | 
189 | [Yii框架反序列化RCE利用链分析](https://mp.weixin.qq.com/s/dZNkPToBaU1BcrFjqNZOGA)
190 | 
191 | [Laravel8反序列化POP链分析挖掘](https://www.anquanke.com/post/id/231079)
192 | 
193 | [CVE-2021-3129：Laravel远程代码执行复现分析](https://mp.weixin.qq.com/s/pXcdaW62VaUd16DIXqvauQ)
194 | 
195 | [Laravel Debug RCE| ftp 被动模式攻击fastcgi复现](https://mp.weixin.qq.com/s/NSqgDoI4GTG-PSeNTREabA)
196 | 
197 | [记一次从源代码泄漏到后台获取webshell的过程](https://mp.weixin.qq.com/s/dZtvAYwBSX-abpjl5XWb3Q)
198 | 
199 | [通达 OA 11.7 有条件的任意命令执行](https://paper.seebug.org/1492/)
200 | 
201 | [锐捷SSL VPN 越权访问漏洞复现](https://mp.weixin.qq.com/s/WElrjPnCNNA79COFtPX0vQ)
202 | 
203 | [代码审计之eyouCMS最新版getshell漏洞](https://mp.weixin.qq.com/s/JBzQ9xz7kVOm0Ll3yT-IRQ)
204 | 
205 | [Yii反序列化漏洞复现到新利用链发现](https://mp.weixin.qq.com/s/KCGGMBxmW5LSIey5nN7BDg)
206 | 
207 | 
208 | 
209 | 
210 | 
211 | ## Python相关
212 | 
213 | [用 Python 写出这样的进度条，刷新了我对进度条的认知 ](https://mp.weixin.qq.com/s/JKuyPR6LoOq3RSyfdKJePQ)
214 | 
215 | [Python 爬虫：单线程、多线程和协程的爬虫性能对比](https://mp.weixin.qq.com/s/LdP9GfYViWdrLGuBMQ-9rw)
216 | 
217 | [漏洞组合拳 - 攻击分布式节点](https://rickgray.me/2016/09/22/attacking-distributed-nodes-by-message-queue-injection/)
218 | 
219 | [一个已经存在 10 年，却被严重低估的库](https://mp.weixin.qq.com/s/uL0Ij2DNBR778ls75r8UfQ)
220 | 
221 | [一小段Python代码，破解加密zip文件的密码](https://mp.weixin.qq.com/s/2db4JBWamaH2EtxRVn_6iA)
222 | 
223 | [卧槽，一个牛逼的Python 可视化库：PyG2Plot](https://mp.weixin.qq.com/s/RWiTX-6-f29jPXG_nK0eXA)
224 | 
225 | [总结90条写Python程序的建议](https://mp.weixin.qq.com/s/EcKfC-QnPc1wmsE2RmQNbg)
226 | 
227 | [5 分钟，带你快速入门 Django 文件上传下载](https://mp.weixin.qq.com/s/1Q0H4ryCeQ-bHBuma7sdyw)
228 | 
229 | [python flask 内存马](https://mp.weixin.qq.com/s/GRwEBS1UqsWA3MBvukypNg)
230 | 
231 | [一日一技：Python多线程的事件监控](https://mp.weixin.qq.com/s/po6wGCF_Ww8xDJKgEywZ0g)
232 | 
233 | [太好了！最全的Python面向对象入门教程了，来了！](https://mp.weixin.qq.com/s/1SleQyubgdpI1sfZ5f-zhg)
234 | 
235 | [在 Linux 中限制Python程序所能使用的最大内存](https://mp.weixin.qq.com/s/RDgQE3SvllMJ7jYO8O9w-w)
236 | 
237 | [CVE-2021-29921 – python stdlib “ipaddress” – Improper Input Validation of octal literals in python 3.8.0 thru v3.10 results in indeterminate SSRF & RFI vulnerabilities. — “ipaddress leading zeros in IPv4 address”](https://sick.codes/sick-2021-014/)
238 | 
239 | [自动化工作之watchdog](https://wwj718.github.io/post/%E5%B7%A5%E5%85%B7/rpa-watchdog/#%E5%92%8Cwatchmedo)
240 | 
241 | [扫描性能分析案例(二)](https://mp.weixin.qq.com/s/iSUTEr0J3sJe9Gmi__Z5Xw)
242 | 
243 | [利用Python去除图片水印，太神奇了！](https://mp.weixin.qq.com/s/kSZKKyesJFNumxy4Bdzycw)
244 | 
245 | [50条有趣的Python一行代码，建议收藏！](https://mp.weixin.qq.com/s/xkqwgd1Xl-eWD3SfNjpMNQ)
246 | 
247 | [使用 for 循环遍历 Python 字典的 3 种方法 !](https://mp.weixin.qq.com/s/b0fRpF3OHzFZNf1PA1wvsw)
248 | 
249 | [Python 微服务框架 Nameko 初体验](https://mp.weixin.qq.com/s/wE7iMSP_F0A52iiwcGACcw)
250 | 
251 | [如何评价说 Python 是最快的语言？](https://mp.weixin.qq.com/s/ckk1Dfsbfsh9qWvpoNzFfw)
252 | 
253 | [一日一技：如何让自己的工具函数在Python全局可用？](一日一技：如何让自己的工具函数在Python全局可用？)
254 | 
255 | [写 Python 脚本，一定要加上这个！](https://mp.weixin.qq.com/s/Vkr1L6Rs4Jp68iw21QZQvA)
256 | 
257 | [30 段极简 Python 代码，拿来即用！](https://mp.weixin.qq.com/s/LKuMRCowB-jYDN-t617ZzA)
258 | 
259 | [如何让你的 Python 代码经得起时间检验？](https://mp.weixin.qq.com/s/4HN1tWEHWnyYxH4vGu_ULA)
260 | 
261 | [Python 的八个实用的 “无代码” 特性](https://mp.weixin.qq.com/s/BWnDlGHUmICuNwWsxFT-wA)
262 | 
263 | 
264 | 
265 | ## C#相关
266 | 
267 | [使用C#开发IIS模块后门](https://mp.weixin.qq.com/s/yn-rehjJNr-hH2TdbFN9oQ)
268 | 
269 | [Weird Ways to Run Unmanaged Code in .NET](https://blog.xpnsec.com/weird-ways-to-execute-dotnet/)
270 | 
271 | [C# Process Class Primer](https://offensivedefence.co.uk/posts/csharp-process-class/)
272 | 
273 | [DotNet内存马-HttpListener](https://mp.weixin.qq.com/s/zsPPkhCZ8mhiFZ8sAohw6w)
274 | 
275 | [[最近漏洞预警]一步一步教你漏洞挖掘之CVE-2021-34992-C1 CMS Json.Net反序列化漏洞分析与利用链构造](https://mp.weixin.qq.com/s/lA-EFvCFrAX2n0bvAfE7-g)
276 | 
277 | ## Nim 语言相关
278 | 
279 | [OffensiveNim之偏僻语言shellcode加载器](https://mp.weixin.qq.com/s/i5DdVrA0jYUcaDUWqybtFg)
280 | 
281 | 
282 | 
283 | 
284 | 
285 | ## GO 语言相关
286 | 
287 | [writing-network-templates-with-nuclei](https://blog.projectdiscovery.io/writing-network-templates-with-nuclei/)
288 | 
289 | [Go 排查内存占用过高问题](https://mp.weixin.qq.com/s/HgptrNJ-2i5MVMTLTZHjnQ)
290 | 
291 | [为什么 Go 占用那么多的虚拟内存？](https://mp.weixin.qq.com/s/L4CfzuAaBc_z5-uMn6MYwg)
292 | 
293 | [使用 Go 和 Web 技术构建桌面应用程序](https://mp.weixin.qq.com/s/sm9n5ATV72VtzRI-P8ZC5Q)
294 | 
295 | [Golang 常见设计模式之单例模式](https://mp.weixin.qq.com/s/mqFNEyUEYbZjzLtnj1DgXw)
296 | 
297 | [Golang 简洁架构实战](https://mp.weixin.qq.com/s/Xzlt_WcdcfLWhofafY3c6g)
298 | 
299 | 
300 | 
301 | ## 开发运维相关
302 | 
303 | [云化分布式自动化渗透测试平台 - 架构笔记](https://mp.weixin.qq.com/s/HmPLUNDbasuzGHS4K1IG5Q)
304 | 
305 | [Nginx 配置中一个不起眼字符 "/" 的巨大作用，失之毫厘谬以千里](https://mp.weixin.qq.com/s/2F472gXwGK5RDwj1dkDAAA)
306 | 
307 | [Git 不能只会 pull 和 push，试试这5条提高效率的命令吧！](https://mp.weixin.qq.com/s/bNa-f6o3b-YjiNeRW6rCYA)
308 | 
309 | [滚蛋吧，正则表达式！](https://mp.weixin.qq.com/s/MP2a-EXTpuyZ03PpedyA_A)
310 | 
311 | [使用Rsync同步备份两个web服务器文件](https://mp.weixin.qq.com/s/fHJTkZZIdGIOHQN3_Xk_wQ)
312 | 
313 | 
314 | 
315 | ## 免杀及C2相关
316 | 
317 | [“考古”之cs4.2内存特征绕过](https://mp.weixin.qq.com/s/5HYELRGm6XClvJ1ZHBHVKg)
318 | 
319 | [免杀基础教学（下卷）](https://mp.weixin.qq.com/s/5rpMLCDNECW6cg5c8QUGjA)
320 | 
321 | [杀软浅析](https://mp.weixin.qq.com/s/Qp4yL_WCRu68JXwEJb4GCA)
322 | 
323 | [红队技巧-绕过杀软dump-Lsass内存](https://mp.weixin.qq.com/s/QFRCMX14WJwMfM4_AEzpMg)
324 | 
325 | [修改1个字节绕过BeaconEye](https://mp.weixin.qq.com/s/6kRg0_BmXYExy4_-pEAcLw)
326 | 
327 | [利用 WMI and COM 绕过windows defender](https://mp.weixin.qq.com/s/aWaumBrN5JeRhCx7PXLjCw)
328 | 
329 | [干货 | 免杀沙箱调试与反调试实战](https://mp.weixin.qq.com/s/BTfD6hPURSvTkYBz-txJyQ)
330 | 
331 | [免杀杂谈-Golang篇](https://mp.weixin.qq.com/s/XNUQZof-hz512_6B-LFfJg)
332 | 
333 | [使用 Cobalt Strike 的 Beacon 对象文件自定义 DLL 注入](https://mp.weixin.qq.com/s/mYaeVFJ5t-n2DuRko-drUA)
334 | 
335 | [绕过360进程防护执行Powershell](https://mp.weixin.qq.com/s/-BrIKdihKDYbpiJFb4SdFw)
336 | 
337 | [「钓鱼攻击」免杀钓鱼上线捆绑利器](https://mp.weixin.qq.com/s/XZFIv3IOc7U_UVukScTnPw)
338 | 
339 | [使用 avcleaner 对项目进行源码级免杀](https://mp.weixin.qq.com/s/5U4YnWYGrHJnAlnHB0uq6A)
340 | 
341 | [匿名信使：木马隐蔽通信浅谈](https://mp.weixin.qq.com/s/X_qPqmpx6uGAs6Y84rV8Jg)
342 | 
343 | [干货 | 从Certutil下载绕过探究常见杀软的绕过思路](https://mp.weixin.qq.com/s/te1ptC1XaTF4_no1hJ69Sw)
344 | 
345 | [利用DNS A记录执行Shellcode](https://mp.weixin.qq.com/s/9lMV0-xA2hXBIM9vskG3nw)
346 | 
347 | [DNS隧道原理与其流量分析(基础篇)](https://mp.weixin.qq.com/s/Hxf73WjspCUK8IriiK3CWA)
348 | 
349 | [AV/EDR 完全致盲 - 清除6大内核回调实现](https://myzxcg.github.io/2023/10/AV/EDR-%E5%AE%8C%E5%85%A8%E8%87%B4%E7%9B%B2-%E6%B8%85%E9%99%A46%E5%A4%A7%E5%86%85%E6%A0%B8%E5%9B%9E%E8%B0%83%E5%AE%9E%E7%8E%B0/)
350 | 
351 | [白驱动 Kill AV/EDR（下）](https://myzxcg.github.io/2023/10/%E7%99%BD%E9%A9%B1%E5%8A%A8-Kill-AV/EDR%E4%B8%8B/)
352 | 
353 | [白驱动 Kill AV/EDR（上）](https://myzxcg.github.io/2023/09/%E7%99%BD%E9%A9%B1%E5%8A%A8-Kill-AV/EDR%E4%B8%8A/)
354 | 
355 | [纯C重构CS Beacon - 原理详解与开发实现](https://myzxcg.github.io/2023/03/%E7%BA%AFC%E9%87%8D%E6%9E%84CS-Beacon-%E5%8E%9F%E7%90%86%E8%AF%A6%E8%A7%A3%E4%B8%8E%E5%BC%80%E5%8F%91%E5%AE%9E%E7%8E%B0/)
356 | 
357 | 
358 | 
359 | 
360 | 
361 | ## Linux系统相关
362 | 
363 | [Linux PAM后门：窃取ssh密码及自定义密码登录](https://mp.weixin.qq.com/s/M8chPphMprAK56-ScTQ-Qg)
364 | 
365 | [Linux反弹shell解决乱码问题 ](https://mp.weixin.qq.com/s/dJxZ0o0ArplybNaX3ffNNA)
366 | 
367 | [CVE-2021-3156 Sudo溢出漏洞 复现](https://mp.weixin.qq.com/s/v7mot0nCvTmsCqJhBBncuQ)
368 | 
369 | [用了这么多年 curl，竟然不知道还有这种用法？！](https://mp.weixin.qq.com/s/LGrar4EwaQ_VvgzWtWeGZA)
370 | 
371 | [奇技淫巧  无需覆写实现Centos计划任务RCE](https://wx.zsxq.com/mweb/views/topicdetail/topicdetail.html?topic_id=418451118544158&inviter_id=51114888284544&share_from=ShareToWechat&keyword=JURJmEQ)
372 | 
373 | [Linux 环境变量配置的 6 种方法，建议收藏！](https://mp.weixin.qq.com/s/-A74NUbDm5Qi4TjKSNLN-g)
374 | 
375 | [干货 | Linux下权限维持实战](https://mp.weixin.qq.com/s/Pn0hUjRoAxV8SPBGgh0gGA)
376 | 
377 | [Linux服务器上监控网络带宽的18个常用命令](https://mp.weixin.qq.com/s/HmO-f2QoJqe835xOhzJTcQ)
378 | 
379 | 
380 | 
381 | 
382 | 
383 | ## Window系统相关
384 | 
385 | [干货 | 如何快速完成DLL劫持，实现权限维持，重启上线 ](https://mp.weixin.qq.com/s/W5ouifHLu-S6CFU-on5fXg)  [内容图片存档](https://github.com/mstxq17/SecurityArticleLogger/blob/main/README.assets/image-20210215004417447.png)
386 | 
387 | [权限维持之DLL劫持](https://mp.weixin.qq.com/s/P0Vsa5ydTMHWl5NNbxIWUw)
388 | 
389 | [D/Invoke Syscall](https://mp.weixin.qq.com/s/tSy6yNS26Lw9LmJZzmxt4g)
390 | 
391 | [X86 Shellcode Obfuscation - Part 1](https://breakdev.org/x86-shellcode-obfuscation-part-1/)
392 | 
393 | [DLL代理加载shellcod用于免杀，维权等等](https://mp.weixin.qq.com/s/XFppenDlXcEp-FDuIwzWRA)
394 | 
395 | [常见的windows下无文件落地攻击手法](https://mp.weixin.qq.com/s/LD_I0yovRO8MIwjhEe488g)
396 | 
397 | [利用SilentProcessExit机制dump内存](https://mp.weixin.qq.com/s/izadSHbzvOPYODHfXEWI2Q)
398 | 
399 | [Cobalt Strike Powershell 过360+Defender等杀软上线](https://mp.weixin.qq.com/s/TtKEnmUbtVMSqBCgrSj2Qw)
400 | 
401 | [远控木马白加黑劫持 dll反射注入分析 ](https://mp.weixin.qq.com/s/SINCH29WtWg9mAmsr7fTiQ)
402 | 
403 | [免杀简述1(花指令/改特征码/shellcode加载器)](https://mp.weixin.qq.com/s/voELmW6KpQa3mC9O7cAQvA)
404 | 
405 | [对一篇反沙箱文章的分析学习小记](https://mp.weixin.qq.com/s/-o1OKRDoa0E8PKe3y3x-dQ)
406 | 
407 | [利用命名管道进行权限提升](https://mp.weixin.qq.com/s/604GdD9Z9y9Ms7eu1gN0Yg)
408 | 
409 | [测试免杀过卡巴斯基和window defender ](https://mp.weixin.qq.com/s/EYNGBMHmSptXRxMBMjEgdw)
410 | 
411 | [免杀360全家桶测试 ](https://mp.weixin.qq.com/s/jwP4XcaHQv4r-vnU-MSpXQ)
412 | 
413 | [how to kill the defender](https://mp.weixin.qq.com/s/LEuCvuUU-kX3VjoZd1275g)
414 | 
415 | [超详细之dll劫持+打包钓鱼详细教程](https://mp.weixin.qq.com/s/ZgNpP2olfVgSx9dP41XJng)
416 | 
417 | [突破SESSION 0隔离进行远线程注入](https://mp.weixin.qq.com/s/LNVE4urxR3iS0Bn5KLbXlA)
418 | 
419 | [利用SilentProcessExit机制dump内存](https://mp.weixin.qq.com/s/izadSHbzvOPYODHfXEWI2Q)
420 | 
421 | [ShellCode生成框架](https://mp.weixin.qq.com/s/REpgSMXFgOdUX8I-_gejHg)
422 | 
423 | [DLL劫持右键菜单实现持久化](https://mp.weixin.qq.com/s/BAWRgXllmM7ZkfzG_t1rHA)
424 | 
425 | [Windows 单行命令获取shell](https://mp.weixin.qq.com/s/Uo5XgrBFA9igYNUDpRGeTQ?from=timeline&isappinstalled=0&scene=2&clicktime=1614952743&enterid=1614952743)
426 | 
427 | [srclient-dll-hijacking](https://blog.vonahi.io/srclient-dll-hijacking/)
428 | 
429 | [early-bird-apc-queue-code-injection](https://www.ired.team/offensive-security/code-injection-process-injection/early-bird-apc-queue-code-injection)
430 | 
431 | [DLL Hijacking via URL files](https://insert-script.blogspot.com/2018/05/dll-hijacking-via-url-files.html)
432 | 
433 | [bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams](https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams/)
434 | 
435 | [从XP源码泄露看nopac漏洞](https://mp.weixin.qq.com/s/Ar8u_gXh2i3GEcqdhOD8wA)
436 | 
437 | [Windows内核驱动~进程隐藏实现](https://mp.weixin.qq.com/s/q_RLxbs_BU1SKglFvNnvQg)
438 | 
439 | 
440 | 
441 | ## 漏洞复现相关
442 | 
443 | [和信下一代云桌面远程代码执行漏洞复现](https://mp.weixin.qq.com/s/k2izoeQjDnMLSj5eP0R9XQ)
444 | 
445 | [收藏 | 2021某大型活动期间爆出漏洞自查清单](https://mp.weixin.qq.com/s/L9ZZfk8BMRhWTC63oMNMdg)
446 | 
447 | [X友 NCCloud FS文件管理SQL注入](https://mp.weixin.qq.com/s/jb7XeLGvdyNrF1xQFsXDjA)
448 | 
449 | [微信(Chrome)漏洞复现与简单分析小结](https://mp.weixin.qq.com/s/VpQ6VknuB-QOTEG6c5mRVQ)
450 | 
451 | [佑友防火墙 后台命令执行漏洞 (重新开放文库啦~)](https://mp.weixin.qq.com/s/lryCPv3zDops5lVuKsYYZw)
452 | 
453 | [XX星辰 天X汉马USG防火墙 逻辑缺陷漏洞 CNVD-2021-12793](https://mp.weixin.qq.com/s/un1SdjBpjhzQmgL_tpFeXQ)
454 | 
455 | [飞鱼星 家用智能路由 cookie.cgi 权限绕过](https://mp.weixin.qq.com/s/ARCZIR2C40KSu8SjLMYHSw)
456 | 
457 | [Coremail邮箱系统漏洞复现](https://mp.weixin.qq.com/s/FA8CXdMkUBqJeQ0xPCuWNA)
458 | 
459 | [漏洞复现 | （通用0day）金和C6协同OA管理平台后台存在水平越权漏洞](https://mp.weixin.qq.com/s/gwHQVIZeMWfT8a5lBX_4WA)
460 | 
461 | [FastAdmin最新RCE漏洞复现](https://mp.weixin.qq.com/s/otrH75ZjCHBQbRB7g5DdWg)
462 | 
463 | [漏洞复现 | 某系统通用（0day）](https://mp.weixin.qq.com/s/TnFPPyoGr8AWlKbf0_cdDQ)
464 | 
465 | ## WAF 绕过相关
466 | 
467 | [Evading All Web-Application Firewalls XSS Filters](https://mazinahmed.net/blog/evading-all-web-application-firewalls/)
468 | 
469 | [Using HTML Attribute Separators for Bypassing WAF XSS Filters](https://mazinahmed.net/blog/html-attribute-separators/)
470 | 
471 | [URL confusion vulnerabilities in the wild: Exploring parser inconsistencies](https://snyk.io/blog/url-confusion-vulnerabilities/?utm_campaign=Blog&utm_medium=Social&utm_source=Twitter-Organic&utm_content=url-confusion-vulnerabilities)
472 | 
473 | [干货|基于HTTP协议的WAF绕过技巧](https://mp.weixin.qq.com/s/OcIaKAgZquQnf7_-TnTcwQ)
474 | 
475 | [Upload Bypass BT WAF](https://mp.weixin.qq.com/s/Xuh_oDb1STmgoPeKYeF3fQ)
476 | 
477 | [某锁/某神/某狗的计算机名认证绕过](https://mp.weixin.qq.com/s/YyNeLRXgspuC4R_dNY4pCA)
478 | 
479 | [阿里云入侵检测挑战赛writeup](https://mp.weixin.qq.com/s/GoChb6VIM8Knh3Dm7Iyknw)
480 | 
481 | [网络层绕过IDS/IPS的一些探索](https://mp.weixin.qq.com/s/QJeW7K-KThYHggWtJ-Fh3w)
482 | 
483 | 
484 | 
485 | ## 漏洞挖掘相关
486 | 
487 | [浅谈如何入门游戏漏洞挖掘](https://mp.weixin.qq.com/s/tRQVxGtKdR169Ieq95VoQw)
488 | 
489 | [记一次逻辑漏洞挖掘](https://xz.aliyun.com/t/9189)
490 | 
491 | [SRC资产收集的方法总结](https://nosec.org/home/detail/4456.html)
492 | 
493 | [Burp插件 | 未授权检测/敏感参数/信息提取](https://mp.weixin.qq.com/s/ajB1zXQ2nmIA_E7DINKa0Q)
494 | 
495 | [快速判断sql注入点是否支持load_file ](https://mp.weixin.qq.com/s/Zlq5t3d4ItHeL9Psb1sohw)
496 | 
497 | [实战 ｜ 某开大学的漏洞挖掘之旅](https://mp.weixin.qq.com/s/rdO_R0eJYqZY6iUK59gz7A)
498 | 
499 | [SSRF安全指北](https://mp.weixin.qq.com/s/EYVFHgNClgNGrk_92PZ90A)
500 | 
501 | [JS敏感信息泄露](https://mp.weixin.qq.com/s/XcZsAm6MWbSv6syjE2VwzA)
502 | 
503 | [小鱼儿markzh：目标资产收集的进阶之路](https://mp.weixin.qq.com/s/QN0yWmTkirN--mWkaRvaeg)
504 | 
505 | [业务漏洞挖掘笔记](https://mp.weixin.qq.com/s/Gk6z5vDIsSFqp4W860BidQ)
506 | 
507 | [反射XSS和CORS漏洞组合拳](https://mp.weixin.qq.com/s/peCWN4bi0YOL5t1LINNKwQ)
508 | 
509 | [云服务器 AccessKey 密钥泄露](https://mp.weixin.qq.com/s/RkQ7x6vcP9DVvyQ1jv5Akg)
510 | 
511 | [RCE in Google Cloud Deployment Manager](https://www.ezequiel.tech/2020/05/rce-in-cloud-dm.html)
512 | 
513 | [github-actions-write-access](https://blog.teddykatz.com/2021/03/17/github-actions-write-access.html)
514 | 
515 | [How I made it to Google HOF?](https://infosecwriteups.com/how-i-made-it-to-google-hof-f1cec85fdb1b)
516 | 
517 | [Facebook account takeover due to a bypass of allowed callback URLs in the OAuth flow](https://ysamm.com/?p=646)
518 | 
519 | [Facebook account takeover due to a wide platform bug in ajaxpipe responses](https://ysamm.com/?p=654)
520 | 
521 | [大力出奇迹之js文件爆破](https://mp.weixin.qq.com/s/7xkvDf1ijgIQa-V43HzwUg)
522 | 
523 | [利用Github Actions自动化检测子域名劫持漏洞](https://mp.weixin.qq.com/s/rWBPPcfjhXE0dZ0Gzx05GQ)
524 | 
525 | [高版本JDK下的Jolokia Realm JNDI RCE小记](https://mp.weixin.qq.com/s/Z3qP6xW504tuIQ5CJdDSPQ)
526 | 
527 | [如何利用hosts碰撞技术遨游内网web系统](https://mp.weixin.qq.com/s/Yc8LahaJJP77no527nFtiA)
528 | 
529 | [挖洞经验 | self-xss的进化之路](https://mp.weixin.qq.com/s/Umgyl_jOQ5PhMQZGV9eDUw)
530 | 
531 | [利用火器DNS数据集进行hosts碰撞, 发现某厂商严重漏洞](https://mp.weixin.qq.com/s/bZUHmUmc9J5BHL28zY2LWw)
532 | 
533 | [记一次0day挖掘](https://mp.weixin.qq.com/s/jCTCqlfEL0sX4E_4iHGzog)
534 | 
535 | [挖洞经验 诡异位置的存储XSS](https://mp.weixin.qq.com/s/9CYDkd0eaOVXbsTeFqd_5g)
536 | 
537 | [当你用 Dash 在阅读文档的时候，文档也正在看着你……（已修复）](https://mp.weixin.qq.com/s/vfPxiLqOVZWhFde_2fKf1Q)
538 | 
539 | [一个低危CSRF漏洞的逆袭](https://mp.weixin.qq.com/s/w6V6ZdpfLJBTm9rIsxY40Q)
540 | 
541 | [记一次文件上传的曲折经历](https://mp.weixin.qq.com/s/gzXVg7nvX5aWQ5gSHXdUxA)
542 | 
543 | [万物皆可fuzz之Log中的敏感信息](https://mp.weixin.qq.com/s/vQfNwWaouyWBa40nHnGCMg)
544 | 
545 | [Automating xss identification with Dalfox & Paramspider](https://infosecwriteups.com/automating-xss-identification-with-dalfox-paramspider-e14283bb7916)
546 | 
547 | [Hacking a company and accessing the back-end files leading to RCE and a 4-digit bounty](http://taha.run/posts/1/)
548 | 
549 | [OAuth 2.0 Hacking Simplified — Part 1 — Understanding Basics](https://infosecwriteups.com/oauth-2-0-hacking-simplified-part-1-understanding-basics-ad323cb4a05c)
550 | 
551 | [How to Test Blind SQLi With Burp Suite — Practical Example](https://systemweakness.com/how-to-test-for-blind-sqli-with-burp-suite-practical-example-311b67e6574f)
552 | 
553 | [Digging Deep Into Dom XSS](https://thexssrat.medium.com/digging-deep-into-dom-xss-9ed172876477)
554 | 
555 | [Source code disclosure via exposed .git folder](https://medium.com/@roshancp/source-code-disclosure-via-exposed-git-folder-d22919c590a2)
556 | 
557 | [mXSS in support.mozilla.org](https://gccybermonks.com/posts/mxss/)
558 | 
559 | [fofa之cnvd之5000w通用产品的收集](https://www.freebuf.com/articles/web/292788.html)
560 | 
561 | [利用两个开源工具批量刷edusrc](https://www.bugku.com/thread-3810-1-1.htm)
562 | 
563 | [对象存储桶配置不当可查看桶列表漏洞解析](https://mp.weixin.qq.com/s/LsXSgbpKXqsrPpN-siE0JA)
564 | 
565 | [安卓免ROOT抓包HTTPS](https://mp.weixin.qq.com/s/Eo2lLg8HfMHI5AsZo6xBAw)
566 | 
567 | [使用burp插件captcha-killer识别图片验证码(跳坑记)](https://mp.weixin.qq.com/s/FraR2wmGeWjX2KoNc1H2YA)
568 | 
569 | [信息收集之“骚”姿势](https://mp.weixin.qq.com/s/JTv4UVhInvcYqQWbT3OKCg)
570 | 
571 | [SQL注入点检测-文本内容相似度](https://mp.weixin.qq.com/s/iX8_C53QKGCL0XjqdrqbPQ)
572 | 
573 | [一次任意密码重置漏洞挖洞剖析](https://mp.weixin.qq.com/s/-Zovtp2JRjoEXqRyn-klQA)
574 | 
575 | [记一次不平凡的企业SRC任意用户注册](https://mp.weixin.qq.com/s/xNcW_59UFYyBavOdCOjXxA)
576 | 
577 | [印象笔记 价值 5000$的SSRF 案例分析](https://mp.weixin.qq.com/s/TFCh4vR5Zoh_1l5zDf5FFg)
578 | 
579 | [GPT都解决不了的Burp无用流量过滤问题](https://mp.weixin.qq.com/s/tNi2XfQ99uK7cKhwVOp6FQ)
580 | 
581 | [PDF解析器html/XSS 实现SSRF](https://zone.huoxian.cn/d/550-pdfhtmlxss-ssrf)
582 | 
583 | ## 神器工具相关
584 | 
585 | [李姐姐开源DNSLog工具eyes.sh](https://mp.weixin.qq.com/s/7aRmPMBA0C22osttGYYxnQ)
586 | 
587 | 
588 | 
589 | ## 溯源相关
590 | 
591 | [论如何防溯源连接WebShell](https://mp.weixin.qq.com/s/nq5b4J0Y9TsiC4wQH-MPTg)
592 | 
593 | [记一次反制追踪溯本求源](https://mp.weixin.qq.com/s/xW2u4s8xCTnLCkpDoK5Yzw)
594 | 
595 | [渗透中快速搭建代理池](https://mp.weixin.qq.com/s/WPtgncwcG0VuROxitnThRg)
596 | 
597 | [劳动节 | 说说代理池](https://mp.weixin.qq.com/s/ERU3L2WIMiPNNdTTX164Og)
598 | 
599 | [利用云函数搭建免费代理池](https://mp.weixin.qq.com/s/p9rsbBTQxd0ieqW8HE8hqw)
600 | 
601 | [浅谈云函数的利用面](https://mp.weixin.qq.com/s/VrGZFJR33Uu9WEYukVjmNQ)
602 | 
603 | [反序列化小子捕获器-反制ysoserial](https://mp.weixin.qq.com/s/Ww_IxNLXI0KWZYERGwu3bg)
604 | 
605 | [云函数的三种常见利用](https://mp.weixin.qq.com/s/Ec6J-2zCi18UJLftzS5VBw)
606 | 
607 | [网络攻防｜如何让自己的CobaltStrike服务器隐匿（一）](https://mp.weixin.qq.com/s/1QgqG8VFMtj8Tw6_F3lDkQ)
608 | 
609 | [端内钓鱼，反制蚁剑](https://mp.weixin.qq.com/s/WNv9nPWvKudwimtYTd1zDQ)
610 | 
611 | 
612 | 
613 | ## 取证相关
614 | 
615 | [「王老师实操课」三种思路巧妙破解Bitlocker加密](https://xlysoft.net/detail/7-314-2889.html)
616 | 
617 | 
618 | 
619 | 
620 | 
621 | ## 逆向破解相关
622 | 
623 | [0基础手把手入坑CTF逆向(2)——静态分析学习](https://mp.weixin.qq.com/s/SIxzUPuiazi7fBo1wwBnZw)
624 | 
625 | [通过CreckMe学习IDA使用的一些技巧](https://mp.weixin.qq.com/s/oVU_glvzh7xK1G2E0owwUQ)
626 | 
627 | [Cobalt Strike4.0远控木马分析](https://mp.weixin.qq.com/s/Sv0lR4G2eQf4_L8W4CqRYw)
628 | 
629 | [某APP逆向分析与通讯解密](https://mp.weixin.qq.com/s/ndP9n0I6nFgGi0xSOwBb-Q)
630 | 
631 | [破解某色情APP付费，为教育行业添砖加瓦](https://mp.weixin.qq.com/s/MZknrH3GASOHCxVHZbFuMw)
632 | 
633 | [小试牛刀 | 记录一次对Confluence插件的破解](https://mp.weixin.qq.com/s/67php7jsv9hsotew6Ol6VQ)
634 | 
635 | [Ghidra Basics - Identifying, Decoding and Fixing Encrypted Strings](https://embee-research.ghost.io/ghidra-basics-identifying-and-decoding-encrypted-strings/)
636 | 
637 | 
638 | 
639 | ## 渗透测试相关
640 | 
641 | [渗透测试中常见的小TIPS总结和整理](https://mp.weixin.qq.com/s/grhxGsTNtQt0gVjycoUk7g)
642 | 
643 | [记一次面试bypass宝塔+安全狗的手注](https://mp.weixin.qq.com/s/f97ib9vYhpH7ho4Pij8U2w)
644 | 
645 | [针对某C/S架构系统的渗透测试](https://mp.weixin.qq.com/s/w5872kxzkoYo97pZ5S6e2A)
646 | 
647 | [分析一次对某招聘网站的实战渗透测试流程](https://mp.weixin.qq.com/s/xWw1Dmees5ajwVej3aU6Yw)
648 | 
649 | [记一次攻防演习渗透过程](https://mp.weixin.qq.com/s/SYQYntzD0EI_TDUMg-kOgA)
650 | 
651 | [记一次渗透测试，外部打点到内网](https://mp.weixin.qq.com/s/MU8PFq9MnmJSSnL3DjmpNw)
652 | 
653 | [别致的上传思路导致getshell的案例](https://mp.weixin.qq.com/s/FAjD4tAYwm5s3EcmutktjA)
654 | 
655 | [记一次代码审计的APP渗透](https://mp.weixin.qq.com/s/8m2-_vcRAeYAV_38MHm-pg)
656 | 
657 | [记一次从企业微信到内网遨游](https://mp.weixin.qq.com/s/oTClFIvzHMLmyrkGO6wrVw)
658 | 
659 | [实战 | 记一次站库分离的内网渗透](https://mp.weixin.qq.com/s/0SP8UjSWlek3DKjlSLIJcw)
660 | 
661 | [实战 | 一次简单的信息收集到getshell的过程](https://mp.weixin.qq.com/s/NozsxJhSPS9q0Pg6fujXdA)
662 | 
663 | [【实战】杀猪盘SSRF到getshell](https://mp.weixin.qq.com/s/awMf1D8Hw6tRwPYuWmO4cw)
664 | 
665 | [渗透大型菠菜网站鸭脖](https://mp.weixin.qq.com/s/sJAyhQQvGqG-SliSGbhJNA)
666 | 
667 | [某java客服系统后续代码审计 ](https://mp.weixin.qq.com/s/Alj6MQmJv9ekGzcUNiIdeg)
668 | 
669 | [记一次从任意文件下载到getshell](https://mp.weixin.qq.com/s/Sc3mT1vjgKv8PCwEXx2FFw)
670 | 
671 | [对某 DedeCMS 二开系统全局变量追加漏洞利用](https://mp.weixin.qq.com/s/wE5df1CvuA4tvXYDxQPgjQ)
672 | 
673 | [校园内网平台的一次授权渗透测试](https://mp.weixin.qq.com/s/LarDe1a18j87eQVV8j7Z3w)
674 | 
675 | [Webshell不能执行命令常见原因](https://mp.weixin.qq.com/s/SDyLYYaGE8P2ZZVWH8RCjg)
676 | 
677 | [记一次卑微的渗透测试](https://mp.weixin.qq.com/s/D-dFxBDxQ0y9uCkJUWp2IQ)
678 | 
679 | [实战 | 实战一次完整的BC网站渗透测试](https://mp.weixin.qq.com/s/wuuXuCfutisYRUxNvcoAJg)
680 | 
681 | [从一个App到getshell的一次经历 | 技术精选0138](https://mp.weixin.qq.com/s/QJW13hj08R57-AM0ZpRz1g)
682 | 
683 | [从弱口令到内网生产区](https://mp.weixin.qq.com/s/eiTDy5VVujnPk-4-ErYrMg)
684 | 
685 | [记一次色情app代理平台一次打草惊蛇](https://mp.weixin.qq.com/s/_zNj6vGO7n_5-rGjmrZ3tA)
686 | 
687 | [实战 | 记一次SSRF攻击内网的实战案例](https://mp.weixin.qq.com/s/Tvv-hAfL_nOq02ZPDJqO4g)
688 | 
689 | [记录又一次实战GetShell](https://mp.weixin.qq.com/s/9KCA0XVYJ7QreWa0Ow3q5w)
690 | 
691 | [记一次相当曲折的渗透经历](https://mp.weixin.qq.com/s/Vqxa9cTFuXRnNiZC3UBRBw)
692 | 
693 | [实战 | 某集团渗透项目的“以洞打洞”](https://mp.weixin.qq.com/s/w9UxFT2vS23B2gU-wpJxxg)
694 | 
695 | 
696 | 
697 | ## Bypass 相关
698 | 
699 | [Fun sql injection — mod_security bypass](https://infosecwriteups.com/fun-sql-injection-mod-security-bypass-644b54b0c445)
700 | 
701 | 
702 | 
703 | ## 工作流相关
704 | 
705 | [比虚拟机更轻量，比 Docker 和 WSL 更简单的 Linux 环境](https://mp.weixin.qq.com/s/613UN5mOFQBMIPsf_jQXmg)
706 | 
707 | [两小时入门 Docker](https://mp.weixin.qq.com/s/J530g6GhVbwYTbwcl6Q-kg)
708 | 
709 | [一日一技：5分钟掌握 Makefile](https://mp.weixin.qq.com/s/O2_q-anE6amGBPNQGyNlcQ)
710 | 
711 | [Using tmux for automating interactive reverse shells](https://infosecwriteups.com/using-tmux-for-automating-interactive-reverse-shells-630260740af3)
712 | 
713 | [Docker：网络模式详解](https://outmanzzq.github.io/2019/10/22/docker-network/)
714 | 
715 | 
716 | 
717 | ## 算法相关
718 | 
719 | [用三国杀讲分布式算法，舒适了吧？](https://mp.weixin.qq.com/s/hZWZXQVTJZDPbDDyAcnDCg)
720 | 
721 | 
722 | 
723 | ## 面试相关
724 | 
725 | [阿里面试官的”说一下从url输入到返回请求的过程“问的难度就是不一样！](https://mp.weixin.qq.com/s/wFtlHf3yUAfSeXcP8BEWuw)
726 | 
727 | [全面了解DNS：原理与过程](https://mp.weixin.qq.com/s/EdZo1ddAyPEN61xwunaKLQ)
728 | 
729 | [如何选择适合的公共 DNS](https://mp.weixin.qq.com/s/79KIavy5hQhCAGft5u7P1g)
730 | 
731 | [EDNS用时空换取精准制导](https://mp.weixin.qq.com/s/HywnYfCqDT5wD-VgE0Hmxg)
732 | 
733 | 
734 | 
735 | ## 自动化代码审计相关
736 | 
737 | [GitHub官方代码扫描工具初体验—你好，CodeQL ](https://mp.weixin.qq.com/s/sgBNNJfs5eAxHJfQUVh5dg)
738 | 
739 | [Apache Dubbo: All roads lead to RCE](https://securitylab.github.com/research/apache-dubbo/)
740 | 
741 | [利用CodeQL分析并挖掘Log4j漏洞](https://mp.weixin.qq.com/s/JYco8DysQNszMohH6zJEGw)
742 | 
743 | [log4j2的codeql规则](https://mp.weixin.qq.com/s/nn8v3s-G7R8l3xF4NF3jYw)
744 | 
745 | 
746 | 
747 | 
748 | 
749 | ## 计算机历史与趣谈相关
750 | 
751 | [计算机科学界至今未解决的四大难题](https://mp.weixin.qq.com/s/mAeX2f11xPfVP1aOnStPew)
752 | 
753 | 
754 | 
755 | ## 书籍相关
756 | 
757 | [Windows 2012 Server Network Security](https://www.sciencedirect.com/book/9781597499583/windows-2012-server-network-security#book-description)
758 | 
759 | 
760 | 
761 | ## 会议论文相关
762 | 
763 | [bh-eu-13-XML-data-osipov-slides -XXE漏洞利用详解](https://paper.bobylive.com/Meeting_Papers/BlackHat/Europe-2013/bh-eu-13-XML-data-osipov-slides.pdf)
764 | 
765 | 
766 | 
767 | ## CTF相关
768 | 
769 | [红明谷&2021虎符线上WP](https://mp.weixin.qq.com/s/6wbW1eP4tk9IJtB4Whrr4Q)
770 | 
771 | [2021年全国大学生网络安全邀请赛暨第七届“东华杯“上海市大学生网络安全大赛Writeup](https://www.shangmayuan.com/a/c8953bdafb9b4b3797843df0.html)
772 | 
773 | [CTF | 2021 东华杯 大学生网络安全邀请赛 WriteUp](https://miaotony.xyz/2021/11/02/CTF_2021donghua/)
774 | 
775 | [Actuator 未授权访问之heapdump利用](http://www.pingtaimeng.com/article/detail/id/1869452)
776 | 
777 | [那些年一起打过的CTF - Laravel 任意用户登陆Tricks分析](https://mp.weixin.qq.com/s/iC_g-_kxXhkrrekDDTcS9w)
778 | 
779 | 


--------------------------------------------------------------------------------