Discover how attackers can exploit the seamless single sign-on (SSO) feature of Microsoft Entra to perform brute force attacks. Learn about the vulnerabilities

This article details an out-of-network penetration test on a vulnerable confluence service with CVE-2022-26134. Techniques used include suo5 and vshell for shel

Explore the 'generating-utilization' exploit technique and its application in testing the security of large language models. This method focuses on red team tes

本文详细记录了一次针对WordPress站点的渗透测试过程，包括端口扫描、目录备份文件扫描、压缩包爆破、数据库连接与绕过等关键步骤。适合网络安全专业人士学习参考。

本篇文章介绍了如何使用微软的Procmon工具通过内核驱动任意读写功能，对Windows Defender的关键文件MsMpEng.exe进行修改，从而破坏其防御能力。了解技术原理和完整流程，适用于网络安全研究和技...

文章介绍了对某事业单位软件供应商系统的安全测试过程，揭示了使用VUE框架和WebPack打包后发现的上传接口0day漏洞。通过技术手段成功利用该漏洞进行渗透测试，提升网络安全防护水平。

本文深入探讨了JEEWMS系统的安全问题，包括文件上传、SQL注入和任意文件读取等关键漏洞。了解这些安全隐患，提升系统安全性。

本文详细记录了一次针对魔改若依系统的渗透测试过程，发现了短信轰炸、信息泄露和存储型XSS等多个重要漏洞。

深入剖析内网中vCenter集群的攻击过程，包括RCE漏洞利用、权限提升及域控管理技术。了解详细的操作步骤和实战技巧。

Explore the detailed process of a company's penetration skills assessment. Learn about port scanning, directory and backup file scanning, password cracking, dat

Discover advanced network phishing methods including high-quality fish hooks and malware deployment. Learn about various attack vectors like macros, Excel injec

Explore the 'generation-exploitation' attack technique that manipulates system prompts to bypass alignment methods in large models. Understand how this approach