|
https://hacktricks.wiki/zh/index.html
|
https://hacktricks.wiki/zh/index.html
|
合集
|
网安知识合集,包括各种黑盒探测和绕过技巧,细节描述也很到位。
|
|
Needle in the haystack: LLMs for vulnerability research
|
https://devansh.bearblog.dev/needle-in-t...
|
llm
|
提出"极简威胁建模+分薄片审计+对抗性Prompt引导+自动化验证"的LLM漏洞挖掘方法论,可大幅降低长上下文"腐烂"带来的信号丢失问题,高效找到可利用的真实漏洞.
|
|
Cloudflare Pages, part 1: The fellowship of the secret
|
https://www.assetnote.io/resources/resea...
|
rce
|
路径拼接RCE、二进制文件可写RCE、没有使用bash绝对路径导致的RCE
|
|
Never Trust the Output: Data Pollution in AI Agents and MCP
|
https://blog.slonser.info/posts/smugglle...
|
mcp
agent
|
使用不可回显字符,<ERROR>等欺骗AI输出,导致信息泄露
|
|
Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463
|
https://jhalon.github.io/chrome-browser-...
|
v8
|
chrome v8 漏洞学习 part 3
|
|
Chrome Browser Exploitation, Part 2: Introduction to Ignition, Sparkplug and JIT Compilation via TurboFan
|
https://jhalon.github.io/chrome-browser-...
|
v8
|
chrome v8 漏洞学习 part 2
|
|
Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals
|
https://jhalon.github.io/chrome-browser-...
|
v8
|
chrome v8 漏洞学习 part 1
|
|
We Hacked Apple for 3 Months: Here’s What We Found
|
https://samcurry.net/hacking-apple
|
案例
|
apple漏洞案例
|
|
XSS深度解析
|
https://aszx87410.github.io/beyond-xss/
|
xss
|
xss全系列讲解
|
|
Make Self-XSS Great Again
|
https://blog.slonser.info/posts/make-sel...
|
self-xss
|
self-xss的利用
|
