unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
浅谈几种绕过流量检测的方法
近几年做渗透测试的时候总是遇到流量特征太明显而被拦截甚至封IP的情况,每次都要耗半天劲去想办法,甚至尝试过改造蚁剑的编码器,奈何NodeJS的功底太差(甚者可以说不会)写到一半就烂尾了。于是就开始自己...
2024-2-26 14:0:34 | 阅读: 43 |
收藏
|
Sec-News 安全文摘 - govuln.com
加密
x1d
x15
payload
x17
Apache Solr Backup/Restore APIs RCE (CVE-2023-50386)分析及挖掘思路
2024-2-24 16:5:53 | 阅读: 19 |
收藏
|
Sec-News 安全文摘 - govuln.com
Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities
Update 2024-02-23: Full technical details added.Key Information Sonar’s Vulnerability Research T...
2024-2-24 02:17:57 | 阅读: 28 |
收藏
|
Sec-News 安全文摘 - govuln.com
php
joomla
strpos
UTF-8 Overlong Encoding导致的安全问题
「代码审计」知识星球中@1ue 发表了一篇有趣的文章《探索Java反序列化绕WAF新姿势》,深入研究了一下其中的原理,我发现这是一...
2024-2-23 20:45:33 | 阅读: 11 |
收藏
|
Sec-News 安全文摘 - govuln.com
xc1
overlong
10xxxxxx
漏洞
攻击
yakit CVE-2023-40023漏洞分析
2024-2-22 10:32:21 | 阅读: 24 |
收藏
|
Sec-News 安全文摘 - govuln.com
CVE-2023-5480: Chrome new XSS Vector
The article is informative and intended for security specialists conducting testing within the scope...
2024-2-21 19:2:40 | 阅读: 24 |
收藏
|
Sec-News 安全文摘 - govuln.com
download
chromium
slonser
chrome
attacker
Jython Gadgets Chain 利用分析
2024-2-21 01:9:22 | 阅读: 11 |
收藏
|
Sec-News 安全文摘 - govuln.com
零基础从0到1掌握Java内存马
首页 会员介绍...
2024-2-21 01:6:58 | 阅读: 23 |
收藏
|
Sec-News 安全文摘 - govuln.com
icp
20012251
审计
零基础从 0 到 1 掌握 Java 内存马(上篇)
error code: 521...
2024-2-21 00:28:24 | 阅读: 9 |
收藏
|
Sec-News 安全文摘 - govuln.com
521
can I speak to your manager? hacking root EPP servers to take control of zones
Over the last few decades, the internet has been built upon specificat...
2024-2-20 22:53:8 | 阅读: 8 |
收藏
|
Sec-News 安全文摘 - govuln.com
epp
cities
software
cocca
urn
Cookie Crumbles: Breaking and Fixing Web Session Integrity
Authors: Marco Squarcina, TU Wien; Pedro Adão, Instituto Superior Técnico, ULisboa, Instituto de Tel...
2024-2-20 22:52:46 | 阅读: 7 |
收藏
|
Sec-News 安全文摘 - govuln.com
security
protections
exposing
instituto
From Akamai to F5 to NTLM... with love.
Offensive Security...
2024-2-20 22:51:41 | 阅读: 7 |
收藏
|
Sec-News 安全文摘 - govuln.com
smuggle
tld
akamai
poisoning
burp
How I Hacked Microsoft Teams and got $150,000 in Pwn2Own
Transcript...
2024-2-20 22:51:23 | 阅读: 9 |
收藏
|
Sec-News 安全文摘 - govuln.com
remote
angularjs
pluginhost
renderer
slimcore
HTTP Request Splitting vulnerabilities exploitation
%PDF-1.7%âãÏÓ1741 0 obj<>endobj 1750 0 obj<>/Filter/FlateDecode/ID[<4FBB5194E27BB54...
2024-2-20 22:51:7 | 阅读: 6 |
收藏
|
Sec-News 安全文摘 - govuln.com
qe
Šj
endobj
endstream
Šz
PHP filter chains: file read from error-based oracle
The possibilities allowed by filter chains will never stop amazing us. Last time we saw that using t...
2024-2-20 22:44:47 | 阅读: 4 |
收藏
|
Sec-News 安全文摘 - govuln.com
php
ucs
iconv
930
conversions
SMTP Smuggling - Spoofing E-Mails Worldwide
18.12.2023 Introducing a novel technique for e-mail spoofingIn...
2024-2-20 22:39:51 | 阅读: 5 |
收藏
|
Sec-News 安全文摘 - govuln.com
lf
spf
ip4
cr
inbound
Exploiting Hardened .NET Deserialization: New Exploitation ldeas and Abuse of Insecure Serialization
2024-2-20 22:39:20 | 阅读: 4 |
收藏
|
Sec-News 安全文摘 - govuln.com
github
stories
trending
instant
Smashing the state machine: the true potential of web race conditions
Published: 09 August 2023 at 18:00 UTC...
2024-2-20 22:37:42 | 阅读: 5 |
收藏
|
Sec-News 安全文摘 - govuln.com
gitlab
database
devise
Top 10 web hacking techniques of 2023
Published: 19 February 2024 at 14:31 UTC...
2024-2-20 22:37:21 | 阅读: 6 |
收藏
|
Sec-News 安全文摘 - govuln.com
php
security
nominations
splitting
ChatGPT Account Takeover - Wildcard Web Cache Deception
IntroHere’s how I was able to take over your account in ChatGPT.Last...
2024-2-9 15:35:4 | 阅读: 14 |
收藏
|
Sec-News 安全文摘 - govuln.com
openai
chatgpt
confusion
2fapi
attacker
Previous
4
5
6
7
8
9
10
11
Next