Cloud Security

To protect the data security of Apple Mac computers, you can use built-in system tools. When your beloved Apple Computer suffers theft or illegal computer account intrusion, is there a way to prevent data from being stolen on the computer? In this

The essence of Security Vulnerabilities0x00 Preface Fuzzing is a popular and efficient method for discovering vulnerabilities. Of course, it also takes some time to write the Fuzzing program. However, not all things need to write Fuzzing programs,

How can I check whether my computer has been hacked by Trojans? When using a computer, you may encounter the following situation: the computer suddenly crashes and sometimes restarts automatically. Some files are missing from the unprovoked terminal,

ElasticSearch Groovy script Remote Code Execution Vulnerability (CVE-2015-1427) 0x00 Preface ElasticSearch is a JAVA-developed search and analysis engine. 2014, once exposed a Remote Code Execution Vulnerability (CVE-2014-3120), the vulnerability

Test network security with Cortana SoftwarePreface Generally, most companies or enterprises deploy an IDS intrusion detection system to monitor network security. When an attack occurs on the network, IDS automatically generates an alarm. Although

10 methods used by hackers to crack passwords   Brute force cracking Brute-force password cracking is also known as brute-force password cracking. If the hacker knows the account number in advance, such as the email account, QQ user account, and

Anti-virus attack and defense research: Add a section to implement code ImplantationI. Preface The method discussed in this article is to add a section, which can achieve the effect of private customization. The size of this section is determined by

Anti-Virus Attack and Defense Research: Using gaps to implant codeI. PrefaceNowadays, many websites provide download of various types of software, which provides a good opportunity for hackers to implant viruses and Trojans. Hackers can implant

Anti-Virus Defense Research: using Inline HOOK for active defenseI. Preface The methods discussed in the previous article about how to deal with malicious programs are very passive. That is, only when a malicious program is executed can remedial

Malicious Software hidden in jpg exif header information The backdoor program is divided into two parts. The first part is the combination of the exif_read_data function of the image header to be read and some preg_replaCe functions to execute the

Cheap and insurmountable TCP tunnel Encryption I haven't written anything for a long time, so I plan to write something. I used to perform penetration tests for a customer, so I have been planning to publish some of my findings. On an application

The great god-level password setting method is easy to remember and have no solution! Today, I will share with you a simple and secure password setting method. I believe many people like to use their birthdays as their passwords, for example, 1990052

PSTAR-Electronic Service Platform SQL Injection Vulnerability System name: PSTAR-Electronic Service Platform System development vendor: Shanghai pan-star computer system Co., Ltd.System Architecture: aspx + mssqlVulnerability file: custom/qcustoms.

Scan to view unauthorized access to Mongodb on the Application website 61.155.238.71       * 0 */{ "_id" : "jinglun.domain.003-1404112062383", "hostname" : "jinglun.domain.003", "startTime" : ISODate("2014-06-30T07:07:42Z"), "startTimeLocal" :

Considerations and testing methods for DDOS Security Products in the Internet cloud ecosystem (2)The early DDOS defense of traditional solutions is detected and implemented through firewalls and routers. Such a solution has a certain protective

Fckeditor asp/aspx There are several fckeditors in the past two days, and browser.htmlor test.html is not included in the final result. Here we will provide several url

Database hit attacks due to improper configuration of tiandixing Interface Let's talk about a security logic problem that is not close to this vulnerability. To prevent unauthorized users from having a key, the key and user name will be

Use Cortana software to diagnose rogue software VVisitFault description Yesterday, the company's network was very slow, and my colleagues simply browsed web pages. We decided to take a look at the Network Analysis System with corai. The procedure

Security Analysis of HTML5 cross-origin message sending HTML5 is the next-generation Web application. It has many new features and is a new technology that is widely used in mobile applications. But it is precisely because of the emergence of some

YYjia cms front-end filtering is lax, resulting in injection #2 YYjia cms front-end filtering is lax, resulting in injection #2I looked at this file and found that there are still vulnerabilities: Elseif ($ caozuo = "delapp") {$ uploadid = $ _ GET