http://wechat.doonsec.com/MzkwMzQyMTg5OA.xmlThe latest security articles about WeChat official accountzh-CNSun, 15 Mar 2026 15:00:07 GMTPyRSS2Gen-1.1.0http://blogs.law.harvard.edu/tech/rsshttp://wechat.doonsec.com/http://wechat.doonsec.com/static/front/img/doonsec_bak3.pnghttps://mp.weixin.qq.com/s/aUn-26IBZ-UhtGI-B93vfA概念.Heihu ShareHeihu Share2026-03-14T17:34:50https://mp.weixin.qq.com/s/yrnU8_wjy1cTAc2SzczP_wNTLM \\x26amp; LMHeihu ShareHeihu Share2026-02-26T17:33:51https://mp.weixin.qq.com/s/DebGAh-L0fbaG6I94r_lsAWEB 架构Heihu ShareHeihu Share2026-02-12T10:17:53https://mp.weixin.qq.com/s/6b6sr9FVWdC93QQuq3wHygJNDIHeihu ShareHeihu Share2026-02-03T00:00:04https://mp.weixin.qq.com/s/0qfKrRz8BzR2Pe91-6CeWw...Heihu ShareHeihu Share2026-01-10T12:51:34https://mp.weixin.qq.com/s/Zzgu-QgZyaekt3mkwX4ZggVelocity 使用与安全分析Heihu ShareHeihu Share2026-01-03T18:08:54https://mp.weixin.qq.com/s/qe0BXf-Nqy0jON-PlMA9jAarthas 使用总结Heihu ShareHeihu Share2025-12-28T20:58:07https://mp.weixin.qq.com/s/-yg2sAzB1XxU_gxfmCSaYA跟队形。Heihu ShareHeihu Share2025-12-24T00:04:29https://mp.weixin.qq.com/s/9suYWPA0XdnYoeT1pOhqTg刷个 root 玩玩Heihu ShareHeihu Share2025-12-19T19:02:45https://mp.weixin.qq.com/s/M1RtvPjEvwcX9UzO8XHv3Qjsrpc 注入微信小程序Heihu ShareHeihu Share2025-12-11T01:08:41https://mp.weixin.qq.com/s/Otxk_g2EjflbTvBp718y0Q手梭 Valve 内存马.Heihu ShareHeihu Share2025-12-05T00:54:12https://mp.weixin.qq.com/s/K6M508rJ65_b3gHBILgQVg覆盖 charsets.jar 打内存马脚本Heihu ShareHeihu Share2025-11-28T21:33:58https://mp.weixin.qq.com/s/Jw-TQd2u64_BmNISvNgUug利用链更新。Heihu ShareHeihu Share2025-11-15T12:15:36https://mp.weixin.qq.com/s/mK1r17sB4VLMM2K0UAhNAw漏洞说明该漏洞允许攻击者通过 /v1/tools/run 接口，利用精心构造的 payload 在目标服务器上Heihu ShareHeihu Share2025-11-07T11:51:30https://mp.weixin.qq.com/s/CCwWUrRa0K_hcBYEaAe8xQ聊一聊 CodeQL 基础之过河问题故事背景前置知识绑定 or 推导？Heihu ShareHeihu Share2025-11-01T18:26:25https://mp.weixin.qq.com/s/3T4YBsjFDCf5KruWJxxyeA一次 order by 注入 left join 绕过Heihu ShareHeihu Share2025-10-31T20:20:09https://mp.weixin.qq.com/s/DrUUAJaLig_RtXZWaAm1IQbypass 核心原理？Heihu ShareHeihu Share2025-09-26T10:49:26https://mp.weixin.qq.com/s/PDo9MRUnKCdtDNwxUytzNA临时文件保留。Heihu ShareHeihu Share2025-09-25T11:33:29https://mp.weixin.qq.com/s/r-Z_uTju_LAPfhYJtl0EFw来保存个 nday？Heihu ShareHeihu Share2025-09-21T16:39:10https://mp.weixin.qq.com/s/oqhD7rd_sOZ-ZrZb2BB8sA一次 emo 导致的 rceHeihu ShareHeihu Share2025-09-15T15:57:01https://mp.weixin.qq.com/s/CschgGZzi-utjWn991zTrQ差异对比工具Heihu ShareHeihu Share2025-09-04T00:37:49https://mp.weixin.qq.com/s/r62hd7fsJTt39gRX07Z0PA炒个冷饭.Heihu ShareHeihu Share2025-09-02T05:03:08https://mp.weixin.qq.com/s/tm6u1ACnLQa-en50ZGNwWgJDK 17 强封装.Heihu ShareHeihu Share2025-09-01T09:24:35https://mp.weixin.qq.com/s/YsZrhL2VQOrC_kFbhhsrMQJDK 9 的 模块化 \\x26amp; jmod \\x26amp; 反射 \\x26amp; ClassLoader \\x26amp; JShellHeihu ShareHeihu Share2025-08-30T11:30:24https://mp.weixin.qq.com/s/80-ilSN2jVqVvxROafegzA一个机制.Heihu ShareHeihu Share2025-08-16T16:43:48https://mp.weixin.qq.com/s/w0dJrFijLDZjYw0XT2r4WA还是 SnakeYaml.Heihu ShareHeihu Share2025-08-12T20:04:46https://mp.weixin.qq.com/s/gvqKnyEu0Jt17x2BpkqgYQ又一个细节问题.Heihu ShareHeihu Share2025-08-11T18:23:33https://mp.weixin.qq.com/s/y0ylDwnn85q6Pkeyo_Si4Q一个小细节问题。Heihu ShareHeihu Share2025-08-10T16:14:18https://mp.weixin.qq.com/s/_e2XHDRxa_OotR6UK9XbLw来条新链尝尝.Heihu ShareHeihu Share2025-08-02T14:54:27https://mp.weixin.qq.com/s/7Cao6r4RrreHLImW4wY6Kg文件包含又爆 trick...Heihu ShareHeihu Share2025-07-30T22:37:55https://mp.weixin.qq.com/s/xoV736X6PzxpjFxj7Gu9Og花式 trick 你确定不要？Heihu ShareHeihu Share2025-07-26T12:05:38https://mp.weixin.qq.com/s/M7QESfUBPjo7B3hw6C_vvQJS 加密 API 调用.Heihu ShareHeihu Share2025-07-16T05:33:31https://mp.weixin.qq.com/s/l-C4sK3k0l7rBglQRQmRiQTips~Heihu ShareHeihu Share2025-06-27T00:00:51https://mp.weixin.qq.com/s/d7xBQ6BMek7EGIxGg6V0BA再来两条。Heihu ShareHeihu Share2025-06-26T12:26:59https://mp.weixin.qq.com/s/CYdsavfANP-w1AF_9wnVzA渗透测试 | 跟最新爆出的Chrome窃取令牌姿势前言漏洞复现原漏洞 POC 分析Link 是什么？Heihu ShareHeihu Share2025-06-25T21:48:54https://mp.weixin.qq.com/s/1AlCr2RAUrOffN1dBcU6zw特性.Heihu ShareHeihu Share2025-06-24T21:09:52https://mp.weixin.qq.com/s/v7NC-qCGExEAlkZxK8RQ5QDocker 基本使用总结Heihu ShareHeihu Share2025-06-22T20:28:38https://mp.weixin.qq.com/s/oYMjTmJtQTec44ebxEEg5ABurpSuite + MitmProxyHeihu ShareHeihu Share2025-06-20T00:01:13https://mp.weixin.qq.com/s/4cY78UC-vRJ_vCVlCeMl8wHibernate 1~2Heihu ShareHeihu Share2025-06-19T12:50:17https://mp.weixin.qq.com/s/UA_pLAB_Bfm2-to19O3eTwSign 签名Heihu ShareHeihu Share2025-06-18T09:46:58https://mp.weixin.qq.com/s/uYZ3ULU7TMzijnw5V9g9fASign 签名Heihu ShareHeihu Share2025-06-18T00:01:08https://mp.weixin.qq.com/s/JYbOJ25Qsv1JPrqV8dfdnAgroovyHeihu ShareHeihu Share2025-06-17T21:09:21https://mp.weixin.qq.com/s/u_EdN2C0CQAYHNszfxAjPw一条链子。Heihu ShareHeihu Share2025-06-11T12:17:49https://mp.weixin.qq.com/s/SJIpEOny3FHbSkTq-ydgvw再来一条 gadget.Heihu ShareHeihu Share2025-06-09T20:30:13https://mp.weixin.qq.com/s/AirZ8grWIZMTNnRTHEkGagJava 沙箱~Heihu ShareHeihu Share2025-06-07T15:40:21https://mp.weixin.qq.com/s/mtGtNZr2h8SbLyf8o6o1nA安卓抓包原生版Heihu ShareHeihu Share2025-05-21T20:41:38https://mp.weixin.qq.com/s/fflbVvciVqzbnOtGpDro7ATOP10审计Heihu ShareHeihu Share2025-05-17T18:31:26https://mp.weixin.qq.com/s/enjuujlSuM0wAWuxQgr2xA如何让 CORS 攻击变的不那么水？Heihu ShareHeihu Share2025-05-15T01:10:52https://mp.weixin.qq.com/s/VBwa4Xm4YgxfLNRaphdTSQDruid \\x26amp; Swagger 未授权访问简单配置Heihu ShareHeihu Share2025-05-11T17:55:44https://mp.weixin.qq.com/s/81mRzCf8PbYh7pTu7iQRhg更新链Heihu ShareHeihu Share2025-05-05T01:46:01https://mp.weixin.qq.com/s/5SzGW1IpHs-7hPnBBS13Kw更新链子Heihu ShareHeihu Share2025-05-03T23:32:34https://mp.weixin.qq.com/s/hIohwfZfesx4Ole4uxY4gwJDK 7u21 原生链Heihu ShareHeihu Share2025-04-30T13:48:22https://mp.weixin.qq.com/s/zc7grAdxulFir0Q4qUT3wwThinkPHP8 链Heihu ShareHeihu Share2025-04-25T20:53:34https://mp.weixin.qq.com/s/Y7fIy6sNTh2j3v9KeDjZKw写文件Heihu ShareHeihu Share2025-04-10T23:11:19https://mp.weixin.qq.com/s/WrqcoxLW7jv35sdwDe2DywSpringCloud 基本使用Heihu ShareHeihu Share2025-04-04T16:06:49https://mp.weixin.qq.com/s/kuQDqsrwE1V0dRzM-IS7JAC3P0 反序列化链 \\x26amp; 不出网利用Heihu ShareHeihu Share2025-03-17T02:52:57https://mp.weixin.qq.com/s/6Xygn_gorNEmMv0084ACjAJS 逆向简单 DEMO \\x26amp; 流程Heihu ShareHeihu Share2025-03-09T10:20:39https://mp.weixin.qq.com/s/o_MpRFomtZsEOBj0d8na7w实习内推~Heihu ShareHeihu Share2025-02-14T11:40:10https://mp.weixin.qq.com/s/e0VoZ63GqIEtAeGp_lfLpwJSP 下注入 Spring 内存马 \\x26amp; Spring Hack 无条件的一种方法Heihu ShareHeihu Share2025-02-12T11:49:29https://mp.weixin.qq.com/s/mCh2-OXzHkj3kynbKN8bjANodejs replace 函数特性 \\x26amp; CURL 执行 SHHeihu ShareHeihu Share2025-01-19T11:31:35https://mp.weixin.qq.com/s/uJfYlfLH5K9sjrQvem__Zg超帅的红包封面领取Heihu ShareHeihu Share2025-01-17T12:24:51https://mp.weixin.qq.com/s/QLN8B3HZH1B8iIaebp9SnAHeihu ShareHeihu Share2025-01-02T17:33:04https://mp.weixin.qq.com/s/uYvcm4dAHEgSWXzYDbYcuA新年快乐！祝2025一路发发发！！！Heihu ShareHeihu Share2025-01-01T20:26:02https://mp.weixin.qq.com/s/IwwThh7c9-MuGjTqt-ZNpQ本次记载 Thymeleaf 版本 \\x26lt;= 3.0.14 下的攻击手法, 当然 3.0.15 也有洞, 但利用方式变了, 故不记载.Heihu ShareHeihu Share2024-12-29T12:26:54https://mp.weixin.qq.com/s/GTMf4VPdJa8h0o9V1qyAgA关于 __wakeup 方法中的 exit 挡不住 __destruct, 以及一种情况如何绕过？Heihu ShareHeihu Share2024-12-24T16:15:43https://mp.weixin.qq.com/s/E830RGSbL__kOWNAHm0UjA再也不用一张一张上传图片了！公众号想发就发！Heihu ShareHeihu Share2024-12-15T15:59:19https://mp.weixin.qq.com/s/2FB_ZY2-ePBwwQ2bKhJELgXDebug 无错配置 + 代替phpStudy的另一种集成工具Heihu ShareHeihu Share2024-12-13T18:32:18https://mp.weixin.qq.com/s/g8X55Gp5_R61aXClmqlxrAShiro 基本使用 \\x26amp; 底层原理 \\x26amp; 漏洞分析Heihu ShareHeihu Share2024-12-06T20:25:51https://mp.weixin.qq.com/s/htLPgrr0394SA8fbaZ4t-gShiro 基本使用 \\x26amp; 底层原理 \\x26amp; 漏洞分析Heihu ShareHeihu Share2024-12-02T23:23:33https://mp.weixin.qq.com/s/Kkzv0ZXis3psl-Qe1EFumgHeihu ShareHeihu Share2024-11-30T23:18:21https://mp.weixin.qq.com/s/synx7l2JjZAtd9UHtXVqng手把手入门反序列化漏洞Heihu ShareHeihu Share2024-11-28T10:29:43https://mp.weixin.qq.com/s/EFbTMflra7jzDPz-ebAt4wSSRF 漏洞 \\x26amp; 发HTTP包Heihu ShareHeihu Share2024-11-27T23:59:00https://mp.weixin.qq.com/s/z_Ui5FPPUVYJQ9KFm2ZACwAgent 内存马Heihu ShareHeihu Share2024-11-22T20:29:49https://mp.weixin.qq.com/s/YGe4UWUN1rmm4e7Ryr2aGQ踩坑记录, 学习 ing...Heihu ShareHeihu Share2024-11-19T19:51:16https://mp.weixin.qq.com/s/Jj-LIeyde5syLHw-06rikgSpELHeihu ShareHeihu Share2024-11-16T17:59:09https://mp.weixin.qq.com/s/DCV5B8NgJ2mi3l0ZdlRcwAJava 打包方式总结Heihu ShareHeihu Share2024-11-09T20:48:51https://mp.weixin.qq.com/s/3Zy6P3lB9CpJ6Y0EICP0Lg从0到1理解 JavaAgent \\x26amp; JavassistHeihu ShareHeihu Share2024-11-08T15:12:10https://mp.weixin.qq.com/s/Mfmg7UsL4i9xbm3V3e5HMA强网杯部分 WEB 题Heihu ShareHeihu Share2024-11-04T10:08:42https://mp.weixin.qq.com/s/PZoQs2ZiUXag1bb58lxspQ内存马三件套核心原理。Heihu ShareHeihu Share2024-10-13T14:58:07https://mp.weixin.qq.com/s/tX61BlcS54nXBBAjfwYIDgHeihu ShareHeihu Share2024-10-11T11:07:00https://mp.weixin.qq.com/s/91ymJO_dsoQI0R3lg9qCOAHeihu ShareHeihu Share2024-10-10T18:05:31https://mp.weixin.qq.com/s/MFeQJeSdnktnNXL_6_PH-wClassLoader 一文通.Heihu ShareHeihu Share2024-10-04T13:28:32https://mp.weixin.qq.com/s/8q4XMhoWL9bqNNp83j6-HAHeihu ShareHeihu Share2024-09-21T16:42:17https://mp.weixin.qq.com/s/oziQu9h7hwakTwoTtHbRkAHeihu ShareHeihu Share2024-09-11T22:08:54https://mp.weixin.qq.com/s/UDM4dWkW9aMRYHVgghVnvAHeihu ShareHeihu Share2024-08-30T21:53:35https://mp.weixin.qq.com/s/dZeLk1uyFi4OlesVqVf29AHeihu ShareHeihu Share2024-08-28T15:29:22https://mp.weixin.qq.com/s/JG46mIEjSvLxDgns8bz4GwHeihu ShareHeihu Share2024-08-11T11:59:33https://mp.weixin.qq.com/s/SKwEvELP1_x-_bLkKQ_kpAHeihu ShareHeihu Share2024-08-03T20:49:37https://mp.weixin.qq.com/s/FFGZh0dOL1oWD6qo2YuFcwHeihu ShareHeihu Share2024-07-28T11:22:30https://mp.weixin.qq.com/s/6AnC8I6w_X6aeQu2YEMY1QHeihu ShareHeihu Share2024-07-23T12:33:50https://mp.weixin.qq.com/s/D7p5XAZZrS6QcIOzQPKh_g0x00 前言在CTF比赛中，Python的题目种类也越来越多。Heihu ShareHeihu Share2024-07-16T10:03:02https://mp.weixin.qq.com/s/bCL9M4a5VD0lWNWiuzWX8QHeihu ShareHeihu Share2024-07-05T12:28:22https://mp.weixin.qq.com/s/WwgIjBxao7TjGanVaZaHYA《JavaWEB复习笔记》:https://www.yuque.com/heihu577/uqc3u5/zsiHeihu ShareHeihu Share2024-06-21T15:25:33https://mp.weixin.qq.com/s/CHFTtO2JAmAGkR4UfmWyXAHeihu ShareHeihu Share2024-06-20T09:49:23https://mp.weixin.qq.com/s/uGKfB6Nzr6lYE3gyRgLPDQHeihu ShareHeihu Share2024-06-11T23:09:45