http://wechat.doonsec.com/MzkzNjEwNzU2OA.xmlThe latest security articles about WeChat official accountzh-CNThu, 20 Mar 2025 20:22:05 GMTPyRSS2Gen-1.1.0http://blogs.law.harvard.edu/tech/rsshttp://wechat.doonsec.com/http://wechat.doonsec.com/static/front/img/doonsec_bak3.pnghttps://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483789&idx=1&sn=5859a64579307321cb5793ab98183f46OneBlog \\x26lt;=v2.3.6 存在模板注入漏洞CVE原创(CVE-2024-54954 )hack boyhack boy2025-03-20T17:16:14https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483773&idx=1&sn=79f9152f7b9f769985605ba216f9fbb2hack boyhack boy2024-12-23T17:37:02https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483763&idx=1&sn=990038107b5e65c4284d56b5a802cbd4hack boyhack boy2024-12-10T11:17:03https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483754&idx=1&sn=f66f2384b2be00ac9426f9e78137951bSpiderFlow平台命令执行漏洞(CVE-2024-0195)hack boyhack boy2024-10-31T11:08:20https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483738&idx=1&sn=7cc7a3f786972a4f8c10f9dccc41ba82java代码审计-JDBC数据库连接方式的sql注入hack boyhack boy2023-07-05T23:18:35https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483728&idx=1&sn=f753316aaf54f62c3cca5529b3ba695d前言随着微信pc端可以点击进入小程序以及公众号，给我们抓包带来了极大的便利，以下主要讲解微信小程序的抓包以及hack boyhack boy2022-05-05T14:04:45https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483713&idx=1&sn=2a96b559ef0003e3d5bc0e1c4f49a72dweblogic总结hack boyhack boy2022-04-29T17:11:40https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483690&idx=1&sn=033d541b5296cb256e14c9a7a1b44c23python运算符hack boyhack boy2020-09-28T23:40:10https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483686&idx=1&sn=308078520634f4e848e37fc0382e76d0目录f1.文件写入12.input()内置函数1三．注释符号：#单行注释23.3代码的缩进33.4 编码规范hack boyhack boy2020-09-26T23:12:05https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483682&idx=1&sn=2d33810b90d802cc6364236aff91dcee病毒分析1.熊猫烧香病毒：查杀病毒。hack boyhack boy2020-09-23T21:06:22https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483678&idx=1&sn=d38d2d94097bd334091012e8ef43603a目录一．Sqlmap的使用（补充）1二． 在线解asscll码网站：1三． burp suite 的Spidhack boyhack boy2020-09-22T21:39:06https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483674&idx=1&sn=cc375cf53e7cc1cb5cbd668cea73c214nmap参数详解：\\x0a\\x0a 弱口令工具：\\x0a\\x0a可能会造成任意命令注入的函数（php）\\x0a安装PentestDB模块与环境依赖（社工字典生成）\\x0a文件包含漏洞\\x0aburp suite\\x0a七文件上传:hack boyhack boy2020-09-21T22:21:52https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483666&idx=1&sn=7e809906860db05e0cf73dc82388752dwmic命令：关于：wmic和cmd一样存在所有的Windows版本中。wmic与现有的shell和使用程序hack boyhack boy2020-09-01T18:02:30https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483661&idx=1&sn=d5e55be41db15a21d75e3dcc55b8a240内网渗透之信息收集（小部分总结）hack boyhack boy2020-08-31T15:19:55https://mp.weixin.qq.com/s?__biz=MzkzNjEwNzU2OA==&mid=2247483654&idx=1&sn=0b6409165c48e04f4fbddac831e83fb7php序列化与反序列化了解hack boyhack boy2020-08-28T11:19:29