本文详细介绍了如何通过WebLogic、Tomcat、JBoss、Jonas和Websphere等中间件后台进行Shell上传的技术细节，包括默认用户名密码及具体操作步骤。

Discover how to build covert channels for internal networks and break through security restrictions. Learn about various methods including shell反弹, port forward

Explore the mechanisms of QR code-based phishing attacks and understand how attackers can exploit these systems. This article provides insights into different l

本文详细介绍了通过JBoss的CVE漏洞进入目标系统并横向渗透到域控制器的过程，包括Mimikatz工具的使用和CobaltStrike的上线。

本文详细介绍如何通过敏感文件泄露，进行.NET平台的渗透测试，包括未授权文件上传和代码审计。

Learn how to use Metasploit's built-in tools for conducting TCP, SYN, and XMAS scans to discover open ports. This guide covers the process of identifying vulner

Learn about internal network penetration techniques using proxy forwarding. Explore concepts like forward and reverse proxies, understand the role of Socks prot

Explore the basics of workgroups and domains in a Windows network environment. Understand key concepts like domain controllers and Active Directory for secure n

Explore advanced domain penetration techniques including using Nbtscan for host scanning, MSF with routing for internal network exploitation, and Cobalt Strike

Explore the detailed process of a successful penetration test by Ironhead, covering information gathering, webshell exploitation, and internal network penetrati

本文总结了针对站库分离类型站点的渗透思路，详细介绍了从Web和数据库两个入口点进行渗透的具体方法及策略。

Discover how a team conducted a simulated cyber attack on a famous local hospital during summer. Key steps include WiFi network scanning, social engineering, an