专注Web及移动安全[红日安全99期] – 作者:Setup

专注Web及移动安全[红日安全99期]

渗透测试，web安全动态

---

-安全文章

-安全漏洞

-Web安全

-代码审计

---

标签：安全动态 Web安全 渗透测试 安全工具

安全动态

[Security_week] 我眼中的红队

https://mp.weixin.qq.com/s/D8sMba9L8TMnuKQJyBQ1-w

[Security_week] Linux部分常用命令学习记录

https://mp.weixin.qq.com/s/O0yVykqApF9gawkeHDKlPw

[Security_week] CVE-2019-16097:Harbor 权限提升漏洞预警

https://mp.weixin.qq.com/s/JOB2tFd-VJTVGm_IEmmHNw

[Security_week] CVE-2019-4505: WebSphere 任意文件读取漏洞预警

https://mp.weixin.qq.com/s/oLUTIjh8m7U25zF9i2yT6w

[Security_week] 泛微e-cology OA 远程代码执行漏洞预警

https://mp.weixin.qq.com/s/wnolWreeVtr6nTwBZKgTTg

[Security_week] 利用PhpStudy软件植入后门的恶意程序预警

https://mp.weixin.qq.com/s/2hqdH7Ajj3oa_1lsm-wTVw

[Security_week] Kali Linux 渗透测试相关汇总

https://mp.weixin.qq.com/s/C0irVH82DZDfwhfrERvd9A

[Security_week] 网络安全测评相关汇总

https://mp.weixin.qq.com/s/**xqeEVW6btiLZUGF-f7-Q

[Security_week] 网络安全之密码相关汇总

https://mp.weixin.qq.com/s/derIg56qjo-Ca-rupDtz6g

---

---

Web安全

[Web_Security] 关于我所了解的SQL注入

https://mp.weixin.qq.com/s/fyzpo1RcnFvhUQr-QxXS0g

[Web_Security] 蝉知 CMS5.6 反射型 XSS 审计复现过程分享

https://mp.weixin.qq.com/s/RTuWGGgssE5vOr8i7cARPA

[Web_Security] 使用BurpSuite宏获取CSRF-TOKEN

https://mp.weixin.qq.com/s/2qe1Sx3IV2LHwomMSTacdg

[Web_Security] XXE之利用本地DTD进行文件读取

https://mp.weixin.qq.com/s/DlAQInDITCmORxCuhVH6YA

[Web_Security] PbootCMS-XSS(stored)漏洞分析

https://mp.weixin.qq.com/s/QiH5DWm1xeNyuaykJgpRrQ

[Web_Security] 通过HTTP头利用漏洞

https://mp.weixin.qq.com/s/R22RIY3btW_-32CbEc7IJQ

[Web_Security] 利用HTTP参数污染

https://mp.weixin.qq.com/s/wp4f1K_s_dvthlp2m7bdOw

---

---

渗透测试

[Penetration_test] 解决 Vps 上 Ssh 掉线

https://mp.weixin.qq.com/s/8jpjbG5Xb8ORDN7eKfq9dw

[Penetration_test] Bitsadmin 一句话下载 Payload

https://mp.weixin.qq.com/s/H5CObTdOeen-mTG_p0mRSw

[Penetration_test] Certutil 一句话下载 Payload

https://mp.weixin.qq.com/s/GTZXc8LLtJ0K2Zw5qndgEw

[Penetration_test] 记一次某XX远程接访系统漏洞后台getshell

https://mp.weixin.qq.com/s/Gb1a30wkC3Z9vEGgOYnm7Q

[Penetration_test] 攻击MSSQL–PowerUpSQL介绍

https://mp.weixin.qq.com/s/V9YYMBUlhuTEXF2p050kCg

[Penetration_test] 网络协议arp学习和网络扫描

https://mp.weixin.qq.com/s/QokBQI4jpSJ2XZVHuobVEg

[Penetration_test] 关于msf反弹后门的免杀Tips

https://mp.weixin.qq.com/s/JnUIJHy1LljkRdQ_pgpfFg

[Penetration_test] 登陆口js前端加密绕过

https://mp.weixin.qq.com/s/6DN-okCW0ra5oYmBFWUuaA

[Penetration_test] phpStudy隐藏后门预警

https://mp.weixin.qq.com/s/dTzWfYGdkNqEl0vd72oC2w

[Penetration_test] phpStudy隐藏后门预警

https://mp.weixin.qq.com/s/VuaJhp7vRkzEiE_8-6ecqA

---

---

安全工具

[Security_tools] 基于 Netbios 发现内网存活主机

https://mp.weixin.qq.com/s/NykMQY0EIT2avdqRb-bwMQ

[Security_tools] OneForAll，一款强大的子域名收集工具

https://mp.weixin.qq.com/s/qWI0xsJQ8-**ewpB-o7Rxg

[Security_tools] Websnort 一款分析pcap文件suricata工具

https://mp.weixin.qq.com/s/nsN3AFB_Mx8Xn08wUlMGWw

[Security_tools] passpie 一款多平台命令行密码管理工具

https://mp.weixin.qq.com/s/i5_i9JuAtbbpHhB2v-luHg

[Security_tools] 用Windows打造自己精简便捷的渗透工具集

https://mp.weixin.qq.com/s/F7ogtG3NfBbDVDHzbbPUZA

[Security_tools] Xray：一款功能强大的Web安全评估工具

https://mp.weixin.qq.com/s/F5tkC-l9VSxOa-2fyGB7SQ

[Security_tools] BurpSuite插件：MarkINFO敏感信息高亮标记

https://mp.weixin.qq.com/s/Mpv3ibD42Dyi4DGgdtbAXw

来源：freebuf.com 2019-09-25 13:54:03 by: Setup