Learn how to detect a second-order SQL injection vulnerability using Burp Suite and custom sqlmap tamper scripts. Understand the limitations of automated scanne

本文详细介绍了在2017年PWN2OWN大赛中长亭安全研究实验室成功利用的Ubuntu 16.10 Desktop本地提权漏洞，该漏洞存在于Linux内核IPSEC框架中的CVE-2017-7184。文章深入剖析了IPSEC协议和xfrm框架...

This article details the process of recovering a password for a Windows 2008 target machine using network scanning and Metasploit. It covers steps such as IP di

Discover how the CVE-2019-11043 vulnerability can be exploited to remotely execute code on Nginx PHP-FPM servers. Learn about affected versions and detailed exp

Discover the details and PoC code for CVE-2018-14847, a remote code execution vulnerability in MikroTik RouterOS. Learn how to identify vulnerable versions usin

本文详细分析了PHPCMS V9.6.1的任意文件下载漏洞，提供了漏洞触发点、利用方法以及官方修复补丁信息。

了解Joomla! 3.9.17之前版本的输入验证错误漏洞，学习CVE-2020-11890的具体利用方法和测试环境配置。

Discover the details of an arbitrary file upload vulnerability in a specific system and understand its potential risks of executing malicious codes. Learn about

深入解析Office高级威胁漏洞CVE-2017-0199在野外的利用情况，包括RTF、PPSX和DOCX版本的攻击方式及最新流行趋势。

Learn about the CVE-2017-9805 vulnerability in Apache Struts 2 and how to exploit it for remote code execution. Explore the attack process and experiment setup

本文详细介绍了Apache Struts 2中CVE-2017-9805远程代码执行漏洞的利用方法，包括实验环境搭建和具体步骤。

This article describes a simple penetration test using the MS12-020 vulnerability on a Windows 2008 R2 system. Learn how to perform an exploit in Metasploit and