This article details a penetration test exercise targeting a foreign website's Weblogic server and subsequent domain control machine. It covers initial reconnai

Discover effective techniques for information gathering during penetration testing. This article shares a detailed process with real case studies, including dir

Discover the value of subdomain fuzzing with a real-world example that led to a $35k bounty. Learn about Auth Bypass, RCE and SQLI techniques in this detailed c

Discover the detailed process of a penetration test against a car manufacturer during an advanced cybersecurity competition. Learn about information collection

本文详细解析了ysoserial CB1反序列化利用链，探讨其在Shiro中的应用与环境搭建。了解如何利用此工具进行安全测试和防御。

了解如何判断和利用MSSQL注入点，掌握从基础到高级的操作方法及数据库提权、操作系统提权等高级技术。

最强渗透集成环境 V 5.0 基于Windows10 Workstation打造，包含Kali Linux、WSL2、多种渗透测试工具及逆向分析软件。适用于安全研究与实战演练。

了解HW流量告警分析中的常见问题及解决方案，掌握安全威胁事件的详细分析方法。本文探讨了DDOS、SQL注入和XSS攻击等安全挑战，并提供了实用的安全设备配置与策略优化建议。

Learn how a recent 5500 USD bounty reward was achieved by bypassing 2FA in a payment application. Discover the steps to edit user details without 2FA access and

本文详细介绍了微信数据库的最新解密方式，包括使用C++代码进行解密的方法，并解释了常见的解密错误原因。

WatchVuln 是一个专注于抓取和推送高价值漏洞信息的项目，支持多种推送方式如钉钉、微信企业版等。该项目能够帮助用户及时关注重要安全威胁情报，避免被大量无意义编号淹没。

本文详细介绍了利用GoToHTTP、Todesk和RustDesk进行横向移动的技术方法，涵盖配置文件替换与远程连接等内容。