http://wechat.doonsec.com/MzkzODgwNzczMw.xmlThe latest security articles about WeChat official accountzh-CNTue, 19 Nov 2024 14:58:23 GMTPyRSS2Gen-1.1.0http://blogs.law.harvard.edu/tech/rsshttp://wechat.doonsec.com/http://wechat.doonsec.com/static/front/img/doonsec_bak3.pnghttps://mp.weixin.qq.com/s?__biz=MzkzODgwNzczMw==&mid=2247483766&idx=1&sn=4b0cd039df6bf9db2204cb02472692bf风奕安全风奕安全2024-11-19T10:26:49https://mp.weixin.qq.com/s?__biz=MzkzODgwNzczMw==&mid=2247483756&idx=1&sn=1e294c47ee90d120b904b4aa2f93943fLinux进程伪装demo，实现进程名、命令行、环境变量、进程树的伪装，有一定的自适应性。风奕安全风奕安全2024-11-06T17:09:21https://mp.weixin.qq.com/s?__biz=MzkzODgwNzczMw==&mid=2247483750&idx=1&sn=a466f7b89ae63f63efd2d05aa68a7f1d风奕安全风奕安全2024-11-04T14:25:37https://mp.weixin.qq.com/s?__biz=MzkzODgwNzczMw==&mid=2247483731&idx=1&sn=76a6fad310cb5e392a472cb697614e56你还在用ctime作为恶意样本的创建时间吗？本文告诉你Linux下如何正确获取文件的创建时间。风奕安全风奕安全2024-10-30T19:58:03https://mp.weixin.qq.com/s?__biz=MzkzODgwNzczMw==&mid=2247483726&idx=1&sn=898767ffb25eb4ffd50b0a943474c9e4一条命令修改Linux文件ctime风奕安全风奕安全2024-10-29T16:41:11https://mp.weixin.qq.com/s?__biz=MzkzODgwNzczMw==&mid=2247483721&idx=1&sn=a380dc5a01b9e3ec3bb269e965e85774检测Linux中伪装的内核线程风奕安全风奕安全2024-10-28T15:32:46https://mp.weixin.qq.com/s?__biz=MzkzODgwNzczMw==&mid=2247483711&idx=1&sn=6640f32ceb1ab9326059cde1d468c047如何通过内核模块修改文件ctime风奕安全风奕安全2024-10-21T16:21:23https://mp.weixin.qq.com/s?__biz=MzkzODgwNzczMw==&mid=2247483702&idx=1&sn=a79d9bd91750ae8937ffff88c943c141风奕安全风奕安全2024-10-17T14:09:05https://mp.weixin.qq.com/s?__biz=MzkzODgwNzczMw==&mid=2247483697&idx=1&sn=a9a07866a7bc6d33a88ba4e6ad9d3f57一文告诉你Linux应急响应如何恢复恶意进程删除的样本文件以及底层原理风奕安全风奕安全2024-10-16T09:29:00