Explore effective penetration testing techniques in this article. Discover how to identify vulnerabilities and exploit them on PHP-based websites. Learn from re

本文详细介绍了针对ThinkPHP 3.2.3版本的供应链源码审计过程，重点探讨了SQL注入和缓存利用技术。通过实际案例展示了如何发现并利用这些漏洞进行渗透测试。

本文介绍了反沙箱分析的关键思路和技术，包括硬件检测法和BIOS检测法等方法，以帮助红队开发出能够抵御云沙箱动态分析的payload。

Discover how a hacker exploited vulnerabilities in the BayBay website's eip-plus system. Learn about the steps taken to gain access and the challenges faced dur

Discover how a supply chain attack was used to breach a game control panel by exploiting API documentation and IP whitelists. Learn about the critical informati

了解并实践CVE-2024-45507漏洞，深入分析Apache OFBiz中的SSRF漏洞，并掌握自动化检测工具的应用。

This article details the process of capturing over 30 machines within a domain environment through webshell and DNS tunneling. It covers the steps for informati

了解如何利用Chrome DevTools Protocol（CDP）进行远程调试，提升安全研究和渗透测试效率。本文详细介绍了CDP的基本概念、启动方法及实际应用案例。

Learn how to use nslookup and Shodan for school intranet penetration testing. Discover IP addresses and potential vulnerabilities with practical examples.

This article explores the reverse engineering and security measures implemented in a travel application, including custom encryption techniques, data compressio

本文分享了一次针对hw活动目标网站的WAF绕过案例，详细记录了如何通过Y函数绕过某云WAF，并成功注入。

Explore advanced network phishing methods including VBA code, Excel injection, and more. Understand the tactics used to deceive targets into downloading malicio