Tools of the Trade 专业工具
Many of the module sections require tools such as open-source scripts or precompiled binaries. These can be found in the C:\Tools directory on the Win
CRTO note
CRTO note A large part of it lacks details; some of them are unnecessary, and some I was too lazy to write. I might fill them in later when I have tim
OPSEC
OPSEC Critical Information Identification Client information that your team has learned. It's unacceptable to share client specific information such a
Active Directory 证书服务 (AD CS) 攻击链完整指南
🔥 AD CS 攻击链:从菜鸟到大佬的完整Freestyle指南 🔥 这是什么鬼? 🎤 相关视频链接:https://www.bilibili.com/video/BV1niNfzhEka?spm_id_from=333.788.videopod.sections&vd_source=cfdf
博客重启-Outlaw挖矿僵尸网络排查
前言 说来也是惭愧,vps被黑产爆破进来挖矿并且还对外扫描导致服务器被封,然后排查干净了才重新开启,兄弟们,安全意识要做好啊。 背景 事故背景为某日正在睡觉,突然被手机的邮件提醒打断,定眼一看,我勒个去,怎么服务器又被封了?还是爆破他人ssh?这可把我急了,立马上线和客服摆头,好在最后客服给我恢复了
Linux Privilege Escalation
相关视频:https://www.bilibili.com/video/BV1paNfzPErh/?spm_id_from=333.1387.homepage.video_card.click Enumeration - System Enumeration hostname uname -a ca
人工智能(AI)模型的安全挑战:多方面的风险剖析
摘要 在探讨人工智能(AI)模型的诸多安全挑战时,我们不得不提及数据安全问题。近日,一份来自[aiss.nsfocus.com](https://aiss.nsfocus.com)的详细报告揭示了AI模型在训练和部署阶段面临的多重风险。该报告指出,训练环境缺少认证授权、过度权限分配、插件权限管控设计