本文介绍了如何利用Proxifier将APP流量转发到Burp Suite进行抓包，绕过挂代理检测。适合安全测试人员学习使用。

本文探讨了如何从JS文件入手进行渗透测试，揭示了路径泄露、敏感信息暴露等高风险漏洞，并提供了具体案例。

Discover how a team conducted a simulated cyber attack on a famous local hospital during summer. Key steps include WiFi network scanning, social engineering, an

本文总结了针对站库分离类型站点的渗透思路，详细介绍了从Web和数据库两个入口点进行渗透的具体方法及策略。

Explore the detailed process of a successful penetration test by Ironhead, covering information gathering, webshell exploitation, and internal network penetrati

Explore advanced domain penetration techniques including using Nbtscan for host scanning, MSF with routing for internal network exploitation, and Cobalt Strike

Explore the basics of workgroups and domains in a Windows network environment. Understand key concepts like domain controllers and Active Directory for secure n

Learn about internal network penetration techniques using proxy forwarding. Explore concepts like forward and reverse proxies, understand the role of Socks prot

Learn how to use Metasploit's built-in tools for conducting TCP, SYN, and XMAS scans to discover open ports. This guide covers the process of identifying vulner

本文详细介绍如何通过敏感文件泄露，进行.NET平台的渗透测试，包括未授权文件上传和代码审计。

本文详细介绍了通过JBoss的CVE漏洞进入目标系统并横向渗透到域控制器的过程，包括Mimikatz工具的使用和CobaltStrike的上线。

Explore the mechanisms of QR code-based phishing attacks and understand how attackers can exploit these systems. This article provides insights into different l