fierce! Avoid killing any EXE

Gongzong No.: black palm A blogger who focuses on sharing network security, hot spots in the hacker circle and hacker tool technology area! PE file Brief description of PE documents The full name of PE file is Portable Executable, which means Portable Executable file. Common exe, DLL, OCX, SYS and COM are PE files. PE file is a program fil ...

Added by jane on Thu, 20 Jan 2022 23:03:16 +0200

Source code analysis of several niche web fingerprint identification tools

Gongzong No.: black palm A blogger who focuses on sharing network security, hot spots in the hacker circle and hacker tool technology area! Webfinger brief introduction This is a very small tool, written by Python 2, using Fofa's fingerprint library Github address: https://github.com/se55i0n/Webfinger Please refer to the official screensh ...

Added by avianrand on Wed, 19 Jan 2022 17:28:18 +0200

Some people say that SQL injection has been eliminated. Can you beat him???

Last time I wrote an article about SQL injection, someone said that SQL injection is outdated!!! preface: This time, four interesting practical cases are used: Hard - common getshell Fast - fast error injection Quasi - injected under the limit of character length 100 Around – around a university safety dog Although there are only four ...

Added by lukemedway on Tue, 18 Jan 2022 00:14:13 +0200

Information security | analysis of malicious document samples using oletools Python

preface After learning oletools python, you can perform basic analysis on malicious document samples. What is oletools Python Oletools Python tool is used to analyze MS OLE2 files (structured storage, composite file binary format) and MS Office documents for malware analysis, forensics and debugging. Download and install Linux,Mac: sudo ...

Added by shaymol on Sun, 02 Jan 2022 20:50:42 +0200

CTF_Web: deserialization details CTF classic test questions from shallow to deep

0x00 deserialization problem in CTF In this kind of problems, we mainly use deserialization to bypass or call various magic methods, so as to construct qualified serialized strings and complete specific functions. At this point, we should be very clear about the execution process of the whole code segment. Let's start with the simplest. 0x01 ...

Added by kemper on Wed, 29 Dec 2021 21:49:17 +0200

Analysis of arbitrary file upload vulnerability of security vulnerability

preface The front desk arbitrary file upload vulnerability of X micro e-office has been exposed for some time, and the related vulnerability exploitation scripts or even vulnerability batch exploitation scripts There are also many. Here, analyze this vulnerability point according to the system code and POC. Locate vulnerability points Accor ...

Added by Absorbator on Wed, 22 Dec 2021 17:04:23 +0200

vulnhub DC9 range practice

preface The target for this exercise is the 9th and last DC series target under vulnhub platform. The download address is https://www.vulnhub.com/entry/dc-9,412/ . The ultimate goal of challenging the target is to obtain root permission and then read the unique flag. The difficulty of this target is medium. The key point is to know the knockd ...

Added by rsassine on Wed, 15 Dec 2021 21:15:04 +0200

Design and implementation of simple network early warning system

The course design of this course in intrusion prevention technology and application hopes to help your course design or project 1, Topic content 1.1 Problem Description: Based on network sniffing, a simple network early warning system is designed and implemented to decode / decode and detect the characteristics of the captured packet ...

Added by Karpathos on Mon, 13 Sep 2021 06:25:06 +0300

[XD Learning Note 11]: Knowledge Point for SQL Injection

Preface This chapter will explain the types of vulnerabilities on various levels of WEB, the level of harm of the inherent vulnerabilities, and take a brief impact range test as an example. The vulnerabilities in the mind map are also the various knowledge points we will learn later. In this chapter, how to discover and use the vulnerabilities ...

Added by DiceyJono on Sun, 12 Sep 2021 20:45:44 +0300