PHP SSRF Techniques PHP Dawg by Fabricio Rosa MarquesHow to bypass filter_var(), preg_match() and parse_url()A few days... 2018-3-1 15:53:31 | 阅读: 7 | 收藏 | Stories by theMiddle on Medium - medium.com php ssrf bypass comma ends

Command and control server in social media (Twitter, Instagram, Youtube Telegram) TL;DRAs a proof of concept, I wrote script which abuses social media in order to send commands to in... 2018-02-15 08:32:43 | 阅读: 392 | 收藏 | medium.com tweet ly youtube bots letter

詳談Heap Exploit 初探－運氣流RCE以及神奇的check_action關於heap exploit常見體位在這裡就不多做說明了，這個網站把常見的招數都介紹了一遍，有興趣可以到這邊了解，現在想來談談這些攻擊在實戰中的細節... 2018-01-26 00:28:15 | 阅读: 13 | 收藏 | medium.com nextsize 一個 位址 這個 printerr

Web Application Firewall (WAF) Evasion Techniques #2 2018-1-3 16:46:31 | 阅读: 2 | 收藏 | Stories by theMiddle on Medium - medium.com

Web Application Firewall (WAF) Evasion Techniques #2 String concatenation in a Remote Command Execution payload makes you able to bypass firewall rules (... 2018-1-3 16:46:31 | 阅读: 6 | 收藏 | Stories by theMiddle on Medium - medium.com sucuri zzz php passwd bypass

Detecting human users: Is there a way to block enumeration, fuzz or web scan? 2017-12-27 17:32:55 | 阅读: 1 | 收藏 | Stories by theMiddle on Medium - medium.com

Detecting human users: Is there a way to block enumeration, fuzz or web scan? Frankenbot by Ben BelyNo, you won’t be able to totally block them, but you would be surprised how st... 2017-12-27 17:32:55 | 阅读: 8 | 收藏 | Stories by theMiddle on Medium - medium.com nikto botbuster wfuzz lua bots

Web Application Firewall (WAF) Evasion Techniques 2017-12-8 08:18:44 | 阅读: 1 | 收藏 | Stories by theMiddle on Medium - medium.com

Web Application Firewall (WAF) Evasion Techniques I can read your passwd file with: “/???/??t /???/??ss??”. Having fun with Sucuri WAF, ModSecurity, P... 2017-12-8 08:18:44 | 阅读: 7 | 收藏 | Stories by theMiddle on Medium - medium.com paranoia modsecurity wildcard sucuri passwd

ModSecurity + Elasticsearch + Kibana How to store ModSecurity Audit Logs in Elasticsearch and how to make searches and reports using Kiba... 2017-11-15 01:22:58 | 阅读: 5 | 收藏 | Stories by theMiddle on Medium - medium.com modsecurity python modsec auditlog

Heap Exploit 學習筆記 最近了解了一點有關Linux上malloc()的知識，懂得在基於Doug Lea Malloc的malloc實作上如何利用overflow來做到Heap Exploit，在此做個筆記整理。以下是一個存... 2017-07-23 16:28:41 | 阅读: 14 | 收藏 | medium.com inuse 一個 consolidate nextchunk fwd

緩衝區溢位攻擊之二(Buffer Overflow) 我們寫Shellcode的目的就是為了在Buffer Overflow中不只是執行現有代碼，而是執行任意代碼(Shellcode)，但現在寫完了、之後呢？原理很簡單，我們不是能控制程式流程、讓他跳到任... 2017-04-04 00:28:15 | 阅读: 15 | 收藏 | medium.com shellcode 位址 我們 執行 程式

緩衝區溢位攻擊之一(Buffer Overflow) 什麼是Buffer Overflow？wiki的描述如下：a buffer overflow, or buffer overrun, is an anomaly where a program, wh... 2017-03-30 21:24:02 | 阅读: 19 | 收藏 | medium.com 我們 執行 程式 位址 空間