Recently Updated Pages
Claude需求文档案例
CTF/靶场配方交易平台 - 产品设计文档 V3.0 1. 项目概述 1.1 产品定位 一个去中心化的网络安全训练资源市场,填补现有平台(如Hack The Box、TryHackMe)与...
ChatGPT需求文档案例
网络安全靶场交易平台 - 产品设计文档 1. 项目概述 1.1 产品定位 一个去中心化的网络安全训练资源(靶机)交易市场,填补现有平台(如Hack The Box、TryHackMe)和自...
简要
定位 这是一个去中心化的网络安全训练资源(靶机)市场,这填补了现有平台(如HTB、TryHackMe)和自建环境之间的空白。对于网络安全人员,无论是红队还是蓝队,都需要一个安全且仿真的虚拟环境...
My Mac App Vulnerability Journey: Strategies and Precision Hunting Techniques
Background Today, I would like to share my journey in macOS application vulnerability research...
AlDente-Charge-Limiter <1.30 Unauthorized Privileged Hardware Operations
Description The AlDente-Charge-Limiter application is vulnerable to unauthorized privileged ha...
Stats < v2.11.22 Local Privilege Escalation
Description The Stats application is vulnerable to a local privilege escalation due to the insec...
Adobe-Downloader <=1.3.1 Local Privilege Escalation
XPC Local Privilege Escalation Description The Adobe-Downloader application is vulnerable to a ...
Offsec OSMR Course and Exam Review
Hello, in the past few months, I haven't been very active in the cyber security community because...
Offsec OSMR课程以及认证心得分享
大家好,最近几个月以来我在网络安全社区不是很活跃,因为我在学习 Offsec 的 OSMR 课程。这是一门有关 Mac OS 内部原理,以及漏洞利用开发的课程。课程的体量十分庞大,远远超出了我的...
Reuniting with a Childhood Friend Lost for 8 Years Using OSINT
OSINT, or Open Source Intelligence, is a crucial skill in the field of cybersecurity. It is wid...
用OSINT技术找回失联8年的童年伙伴
OSINT,即开源情报,是网络安全领域中一项重要的技能。不仅是网络安全,情报界也广泛使用。对于网络安全人员,无论从事红队,还是蓝队,还是威胁狩猎/情报等,OSINT 都能发挥不同的作用。对于...
SEC660/GXPN Review And The Comparison With OSED
Hi folks, it's been quite a while since I last wrote review on training courses and certification...
SAN660以及GXPN感受与心得,以及与OSED的对比
说起来,已经挺久没有写关于培训课程与认证的心得了,即便是通过 OSCE3 之后。在过去几天,我通过了 SEC660 课程所对应的认证 GXPN 的考试,因为我也是第一次接触 SANS 的课程与 ...
CKAN Authenticated SSRF <= 2.9.11/2.10.4
Vulnerability Information Product: Ckan Vendor: https://github.com/ckan Affected Version(s)...
EDRPrison: Borrow a Legitimate Driver to Mute EDR Agent
Hey friends, today I will share a technique that can be used to evade EDR products. I hesitate to...
MutationGate
Background Motivation Considering inline hook is a major detection utilized by EDR products, ...
ReflectiveLoading And InflativeLoading
CobaltStrike's Beacon is essentially a DLL. The raw format payload is a patched DLL file. Through...
[Backup] How Did I Take Over CobaltStrike Servers
Hi folks, today I would like to share how I take over some Cobalt Strike TeamServerswith Quake an...
Use Searching Engines to Hunt For Threat Actors
Background Hi folks, today, I’d like to discuss how to leverage search engines to identify vulne...
Bypass AMSI On Windows 11
Motivation In this article, I want to break down AMSI (Anti-Malware Scan Interface) and its bypa...