http://wechat.doonsec.com/Mzg5NjY4NDg1Nw.xmlThe latest security articles about WeChat official accountzh-CNThu, 31 Jul 2025 17:59:10 GMTPyRSS2Gen-1.1.0http://blogs.law.harvard.edu/tech/rsshttp://wechat.doonsec.com/http://wechat.doonsec.com/static/front/img/doonsec_bak3.pnghttps://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483979&idx=1&sn=6a2c1f2109595a27d133f417dd31991b有趣的文件读取漏洞小肥羊安全小肥羊安全2025-07-31T15:03:32https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483968&idx=1&sn=399699a5578bab86cf7acb03a2a168e3内推|江苏某运营商安全岗招聘小肥羊安全小肥羊安全2025-03-12T12:53:35https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483961&idx=1&sn=7295e8413f46fb72d93820ac0fcbecac🚀探索DeepSeek：公众号智能化的新纪元！🚀小肥羊安全小肥羊安全2025-02-19T09:25:02https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483948&idx=1&sn=c78c4f6b64f4e732bb3fcbe3684d3819抖音一堆人声称“红客联盟”，打着爱国的名义圈流量。\\x0a其实一看不是做安全的，只是群为了流量装13的小孩。小肥羊安全小肥羊安全2025-01-30T10:20:47https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483941&idx=1&sn=efaa292f8cff392bda854d11b79bff12“遵纪守法”小肥羊安全小肥羊安全2025-01-29T20:51:18https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483918&idx=1&sn=3f545e8664083850f43da076087b61cc使用豆包和deepseek生成的新年贺词！小肥羊安全小肥羊安全2025-01-28T19:58:49https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483914&idx=1&sn=efada6fd45a7603f4396c3045970f331谨防诈骗！小肥羊安全小肥羊安全2025-01-03T16:42:00https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483907&idx=1&sn=e64a7eb7fb8ecb4ffba0df92f7de2cb0兵者,诡道也,故能而示之不能,用而示之不用小肥羊安全小肥羊安全2025-01-02T15:02:29https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483898&idx=1&sn=faf604fbed1a477f573cf05c3308415a小肥羊安全小肥羊安全2024-12-26T16:34:03https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483892&idx=1&sn=2aa79eff9b3fa8b19e760a7e18390051我是补蛋老人，今晚我会给每一个研究生（第四声）宝宝补个蛋。小肥羊安全小肥羊安全2024-12-24T22:56:12https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483873&idx=1&sn=7322b31c4a8c3c8c5ad7bd49a9eccdde[fscan2.0] fscan更新！小肥羊安全小肥羊安全2024-12-20T17:00:07https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483861&idx=1&sn=5c201134f7e14bd55bdd5d4923f0a60c标题dang：fscan存在命令注入漏洞[doge][doge]小肥羊安全小肥羊安全2024-12-16T17:36:19https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483857&idx=1&sn=746d9af2c466c45b93d6ce5075adb01a迅雷的bypass应用小肥羊安全小肥羊安全2024-10-17T19:06:14https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483843&idx=1&sn=92f2567c652423f47920d3293c95330e小肥羊安全小肥羊安全2024-10-15T16:25:08https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483832&idx=1&sn=8f011f9f73ac2a7ade90caf39922cc78惊觉！我发现网络安全是少见的需要我贴钱上班的职业。小肥羊安全小肥羊安全2024-10-14T17:32:41https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483822&idx=1&sn=163df58243c093b88fb41e0a339be8d0VNC的爆破插件小肥羊安全小肥羊安全2024-10-10T09:56:39https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483811&idx=1&sn=ec466b22fe5a5de529685ef3ba55169fU8Cloud-ReleaseRepMngAction接口的SQL注入问题审计分析小肥羊安全小肥羊安全2024-07-22T17:08:20https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483798&idx=1&sn=9ed5d502ce57ea28243ccae6a96252ef看到用友官方的一则通告，还是个0day。小肥羊安全小肥羊安全2024-07-18T21:10:41https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483769&idx=1&sn=f74d95256210b48ee992a2bca985b92b用友nc存在文件上传漏洞，攻击者可通过上传jsp文件获取服务器权限。小肥羊安全小肥羊安全2024-03-25T10:57:21https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483762&idx=1&sn=53f9399bb7effc80ed8f9d631e14b11eyonyou-nc-saveXXXXXServlet-upload-file小肥羊安全小肥羊安全2024-03-22T23:22:22https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483747&idx=1&sn=e8c2744815aba1b9fabdd323f1391521《0day》yonyou-uap-lfw_chart-xxe小肥羊安全小肥羊安全2024-03-20T14:58:50https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483736&idx=1&sn=03dfe08f3233624a5f69f347a9a0ebecOSSFinder - 本地文件的Findomething小肥羊安全小肥羊安全2024-02-22T17:31:07https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483724&idx=1&sn=44ecb6a1152d9e24abca99365d5acd52Nacosplay（nacos配置一键获取工具_我爱说实话）小肥羊安全小肥羊安全2024-02-06T21:47:03https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483716&idx=1&sn=bd23ee7a7233e7fc0968bb17d669881f从goby中找了用友的CC6和CC7的生成规则。结合用友的反序列化路径可以执行无回显命令。小肥羊安全小肥羊安全2024-01-24T14:08:09https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483709&idx=1&sn=ac13126faf15021bce3f099c9193df39Webshell免杀+阿里云waf绕过实战小肥羊安全小肥羊安全2023-09-19T17:01:42https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483690&idx=1&sn=7b05fe0afce0251554d574b1ae0ab661省护这一天的东西小肥羊安全小肥羊安全2023-09-12T21:29:06https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483681&idx=1&sn=5f59447a8946bfe76b25a3ff4b78d132OSSFinder内网专用版！全盘查找OSS凭据！资产自查/红蓝攻防小肥羊安全小肥羊安全2023-09-03T03:02:03https://mp.weixin.qq.com/s?__biz=Mzg5NjY4NDg1Nw==&mid=2247483673&idx=1&sn=2de7b140eacf81e4ce33f2db317f45c2在渗透测试的过程中，经常会遇到一些云上资产。寻找类似AK/SK这样的凭证可以快速控制云上存储/ECS等资产。小肥羊安全小肥羊安全2023-09-02T23:11:54