本文记录了一次针对E-Office v9系统任意文件上传漏洞的WAF绕过技术，介绍了如何通过伪造文件后缀进行攻击。

了解如何通过检查端口、进程以及启动项等关键位置确保Windows系统的安全性。本文详细介绍了排查方法和技巧，帮助您维护网络安全。

This article discusses the security testing process for mini programs, focusing on data encryption methods like SM2 encryption. It provides a detailed guide on

This article discusses the red team assessment of a university's cybersecurity by identifying vulnerabilities in their network. It covers techniques such as inf

本文详细记录了从获取Shell到反弹MSF Shell、Mimikatz抓取密码以及登录域控等操作。适用于网络安全和渗透测试学习者，提供实战经验分享。

本文详细介绍了如何进行企业钓鱼演练，通过使用Gophish平台和搭建邮件服务器来模拟真实的钓鱼攻击场景。了解钓鱼攻击的全流程，并掌握实战技巧。

Discover key techniques for internal network information gathering, including methods to detect live hosts, collect service software and antivirus details, and

本文详细介绍了在某款App中发现的0元购漏洞，通过积分打卡和兑换机制实现无代价购物。文章分享了漏洞挖掘的具体过程以及使用的工具和技术手段，适合网络安全和开发人员学习参考。

Explore the techniques for exploiting coupon vulnerabilities in e-commerce systems, including coupon ID traversal, concurrent issuance, and more. Understand how

This article summarizes post-penetration techniques and internal network exploration methods. It covers PHP disable_functions bypass using tools like AntSword,

本文总结了参加VNCTF 2023的代码审计经验，分享解题过程和学习心得。从签到题入手，深入探讨Go语言源码分析技巧，为网络安全爱好者提供实战指导。

This article details the process of identifying and removing cryptocurrency mining malware from a server. Learn about the steps taken to secure systems and prev