安全博客 - 第 52 | CN-SEC 中文网

A command similar to wget in Windows: Invoke-WebRequest

0x00 TL;DRLinux can use wget command to download files. In this article, we will introduce the power...

08月14日安全博客12 views评论

阅读全文

Use AWS SSM(Systems Manager) execute remote script file at EC2 instance

0x00 TL;DRThis article documents how to use AWS SSM to execute remote script files at EC2 instances....

08月14日安全博客10 views评论

阅读全文

AWS VPC DHCP Options Set change Effective immediately

0x00 TL;DRUsually, after the DHCP Options Set changes, it takes several hours for the EC2 instance i...

08月14日安全博客8 views评论

阅读全文

How do I set the S3 bucket policy so that it can only be accessed by the specified IP

0x00 TL;DRThis document records how to set up the S3 bucket policy so that it can only be accessed b...

08月14日安全博客11 views评论

阅读全文

How Winodws Escalation Privilege from administrator privilege to system privilege

0x00 TL;DRRecord how Winodws Escalation Privilege from administrator privilege to system privilege.U...

08月14日安全博客15 views评论

阅读全文

Gogs RCE Vulnerability Analysis

OthersThe article was first published in:https://www.anquanke.com/post/id/163575 - source:tonghuaroo...

08月14日安全博客14 views评论

阅读全文

Enterprise Cyber security build of Windows lateral movement attacks detection

OthersThe article was first published in:https://www.4hou.com/technology/10430.html - source:tonghua...

08月14日安全博客14 views评论

阅读全文

Flask debug mode PIN code generation mechanism security research notes

OthersThe article was first published in:https://zhuanlan.zhihu.com/p/32336971 - source:tonghuaroot....

08月14日安全博客10 views评论

阅读全文

An example of network security problems in the IoT era

OthersThe article was first published in:https://www.anquanke.com/post/id/84774 - source:tonghuaroot...

08月14日安全博客11 views评论

阅读全文

Google 是如何落地静态代码分析的

原文发在了我的公众号上，链接为：https://mp.weixin.qq.com/s/9iJNZCQfHg0VbWSFRgwVJg - source:tonghuaroot.com

08月14日安全博客9 views评论

阅读全文

安全博客

为 CodeQL 自定义规则编写测试文件

为 CodeQL 自定义查询规则编写测试文件0x00 前言最近花了点时间研究 CodeQL，写了几个查询规则，效果还凑活。在翻 CodeQL 的官方库的时候里头有一些 test 文件啥的，这对我理解官...

08月14日13 views评论

阅读全文

安全博客

AWS S3 subdomain takeover

浅析 AWS S3 子域名接管漏洞 0x00 前言哈喽，大家好，我是童话。前段时间和 @鶇师傅讨论了一个特殊场景下的子域名接管漏洞，蛮 trick 的一个利用方法。我们见到有白帽子确实利用成功了，...

08月14日12 views评论

阅读全文

A command similar to wget in Windows: Invoke-WebRequest

Use AWS SSM(Systems Manager) execute remote script file at EC2 instance

AWS VPC DHCP Options Set change Effective immediately

How do I set the S3 bucket policy so that it can only be accessed by the specified IP

How Winodws Escalation Privilege from administrator privilege to system privilege

Gogs RCE Vulnerability Analysis

Enterprise Cyber security build of Windows lateral movement attacks detection

Flask debug mode PIN code generation mechanism security research notes

An example of network security problems in the IoT era

Google 是如何落地静态代码分析的

为 CodeQL 自定义规则编写测试文件

AWS S3 subdomain takeover

在线咨询

微信