脆弱性診æ–å“¡ã«æƒ…å ±åŽé›†æ–¹æ³•ã‚„活用方法をèžã„ã¦ã¿ãŸ - ラック・セã‚ュリティã”ã£ãŸç…®ãƒ–ãƒã‚°
デジタルペンテスト部ã®ã¿ã‚„ã‘ã§ã™ã€‚Webアプリケーションã®è„†å¼±æ€§è¨ºæ–å“¡ã¨ãªã£ã¦ä¸€ä½™å¹´ã€ã‚»ã‚ュリティã®ãƒ—ãƒãƒ•ã‚§ãƒƒã‚·ãƒ§ãƒŠãƒ«ã‚’åä¹—ã‚‹ãŸã‚ã«çŸ¥è¦‹ã‚’広ã’ãŸã„ã¨æ€ã†ä»Šæ—¥ã“ã®é ƒã€‚知見を広ã’ã‚‹ã¨ãªã‚Œã°ã‚„ã¯ã‚Šæƒ…å ±åŽé›†ã‹ã¨è€ƒãˆã¦ã„ãŸã¨ã“ã‚ã€æ˜¨å¹´ã®å°±æ´»ã‚¤ãƒ™ãƒ³ãƒˆã§å°±æ´»ç”Ÿã‹ã‚‰ã€Œæƒ…å ±åŽé›†ã¯ã©ã‚“ãªã“ã¨ã‚’ã•ã‚Œã¦ã„ã¾ã™ã‹ï¼Ÿã€ã¨ã„ã†è³ªå•ã‚’ã„ãŸã ã„ãŸã“ã¨æ€ã„出ã—ã¾ã—ãŸã€‚ç§è‡ªèº«ã‚‚ä»–ã®äººã®æƒ…å ±åŽé›†ã«ã¤ã„ã¦ã¯æ°—ã«ãªã‚Šã¾ã™ã—ã€ãれを今後ã©ã†æ´»ã‹ã—ã¦ã„ã‘ã°ã„ã„ã®ã‹ã‚’èžã„ã¦ã¿ãŸã„。ãã“ã§ã€ã‚»ã‚ュリティã«ã¤ã„ã¦çŸ¥è¦‹ã‚’広ã’ãŸã„ã€ã“ã‚Œã‹ã‚‰ã‚»ã‚ュリティをå¦ã³ãŸã„ã¨è€ƒãˆã¦ã„ã‚‹ã¿ãªã•ã‚“ã®å‚考ã«ã‚‚ãªã‚Œã°ã¨ã€Webアプリケーションã¨ãƒ—ラットフォームã®è„†å¼±æ€§è¨ºæ–å“¡ã«æƒ…å ±åŽé›†ã«ã¤ã„ã¦ã®ã‚¢ãƒ³ã‚±ãƒ¼ãƒˆã‚’実施ã—ã¦ã¿ã¾ã—ãŸã€‚ ç§ã®ã‚ˆã†ã«ä¿®è¡Œä¸ã®è¨ºæ–å“¡ã‹ã‚‰é•·å¹´è¨ºæ–ã«æºã‚る猛者ã¾ã§ç´„30åã«å›žç”ã„ãŸã ã„ãŸã®ã§ã€ãã®çµæžœã‚’ã”紹介ã—ã¾ã™ï¼ ã¾ãšã¯ã€æƒ…å ±åŽé›†ã®ã€Œæ–¹æ³•ã€ã‚’èžã„ã¦ã¿
ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£å¯¾ç– Lab-ã‚»ã‚ュリティã®ãƒ‹ãƒ¥ãƒ¼ã‚¹ã¨å¯¾ç–を解説
Apache Struts 2ã«é‡å¤§ãªè„†å¼±æ€§(CVE-2025-68493) ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ‹ãƒ¥ãƒ¼ã‚¹æƒ…å ±ã‚»ã‚ュリティ脆弱性ã®ãƒ‹ãƒ¥ãƒ¼ã‚¹ Javaå‘ã‘Webアプリケーションフレームワークã¨ã—ã¦åºƒã利用ã•ã‚Œã¦ã„ã‚‹ Apache Struts ã«ãŠã„ã¦ã€XMLè¨å®šã®å‡¦ç†ã«èµ·å› ã™ã‚‹é‡è¦ãªè„†å¼±æ€§ãŒæ˜Žã‚‰ã‹ã«...
アクセスã§ããªã„「ã¯ã¦ãªãƒ–ãƒã‚°ã€ã®èªè€…を辞ã‚る方法 - ã“ã†ã‹ã®é›‘記
「ã¯ã¦ãªãƒ–ãƒã‚°ã€ã®èªè€…リストã‹ã‚‰ãƒ–ãƒã‚°ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ã¿ã‚‹ã¨ https://******.hatenablog.com/ ã¯éžå…¬é–‹ã«è¨å®šã•ã‚Œã¦ã„ã¾ã™ã€‚ ã¨è¡¨ç¤ºã•ã‚Œã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®å ´åˆã¯ãƒ–ãƒã‚°ã¯å˜åœ¨ã—ã¾ã™ãŒéžå…¬é–‹ã«è¨å®šã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’æ„味ã—ã¦ãŠã‚Šã€ãƒ–ãƒã‚°ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“。 ã¾ãŸæœ¬å½“ã«ãƒ–ãƒã‚°ãŒæ¶ˆã•ã‚Œã¦ã„ã¦ã‚¢ã‚¯ã‚»ã‚¹å‡ºæ¥ãªã„å ´åˆã‚‚ã‚ã‚Šã¾ã™ã€‚ ã„ãšã‚Œã®å ´åˆã‚‚ã“れらã®ãƒ–ãƒã‚°ã®èªè€…を辞ã‚ãŸãã¦ã‚‚ã€æ™®é€šã«ã¯ãƒ–ãƒã‚°ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ããªã„ã®ã§è¾žã‚ã‚‹ã“ã¨ãŒã§ãã¾ã›ã‚“。 ã—ã‹ã—ã€æ¬¡ã®æ–¹æ³•ã«ã‚ˆã‚Šã€èªè€…を辞ã‚ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ éžå…¬é–‹ãƒ–ãƒã‚°ã®èªè€…を辞ã‚ã‚‹ 該当ã®ãƒ–ãƒã‚°ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã¨ "https://xxxxxx.hatenablog.com/ "ã¯éžå…¬é–‹ã«è¨å®šã•ã‚Œã¦ã„ã¾ã™ã€‚ ã¨è¡¨ç¤ºã•ã‚Œã¾ã™ã€‚ "xxxxxx"部分ã¯ç›¸æ‰‹ãƒ¦ãƒ¼ã‚¶ãƒ¼IDã§ã€"xxxxxx.hatenablog.com"部分ãŒç›¸æ‰‹ãƒ‘スã«ãª
ASEC
The Underground ransomware gang is launching continuous ransomware attacks against companies in various countries and industries, including South Korea. This post describes the analysis and characteristics of the Underground ransomware.  1. Overview 1.1 Team Underground The ransomware strain operated by the group known as Underground was first identified in early July 2023. Afterward, their […] A
痞客邦PIXNET-掌æ¡æœ€æ–°ç†±é–€è©±é¡Œè²¼æ–‡ã€çŸå½±éŸ³ï¼Œè®“生活充滿éˆæ„Ÿ!
ç´¯ç©æµé‡è¶…éŽ1400è¬çš„資深部è½å®¢ã€‚涉çµæ™‚å°šã€ç¾Žå¦ã€æ—…éŠèˆ‡ç¾Žé£Ÿï¼Œå¾žé›²æž—商圈一日éŠåˆ°æ²™å¨éš†æ½”身液開箱,內容包羅è¬è±¡ä¸”實用。
Easily Identify Malicious Servers on the Internet with JARM - Salesforce Engineering Blog
TL;DR JARM is an active Transport Layer Security (TLS) server fingerprinting tool. Scanning with JARM provides the ability to identify and group malicious servers on the Internet. JARM is available here: https://github.com/salesforce/jarm JARM fingerprints can be used to: Quickly verify that all servers in a group have the same TLS configuration.Group disparate servers on the internet by configura
cocoda
400+ DESIGN behindsCocodaã¯ã€ãƒ‡ã‚¶ã‚¤ãƒ³ã®è£å´ã‚’ã¾ã¨ã‚ãŸäº‹ä¾‹é›†ã§ã™ã€‚ 日本を代表ã™ã‚‹ãƒ‡ã‚¶ã‚¤ãƒ³çµ„ç¹”ã‹ã‚‰ã€400以上ã®äº‹ä¾‹ãŒå…¬é–‹ã•ã‚Œã¦ã„ã¾ã™ã€‚ CONTENTS デザインã®è£å´ã‚’ã¾ã¨ã‚㟠400以上ã®äº‹ä¾‹ãƒ–ランドã‹ã‚‰ã€ãƒ—ãƒãƒ€ã‚¯ãƒˆè¨è¨ˆã€ãƒ‡ã‚¶ã‚¤ãƒ³çµ„ç¹”ã®ç«‹ã¡ä¸Šã’...。様々ãªãƒ‡ã‚¶ã‚¤ãƒ³é ˜åŸŸã®æ·±ã„事例ãŒã€æ—¥æœ¬ã§æœ€é«˜å³°ã®ãƒ‡ã‚¶ã‚¤ãƒ³çµ„ç¹”ã«ã‚ˆã£ã¦æŽ²è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚ RECOMMEND ã‚ãªãŸã®èˆˆå‘³ã«åˆã‚ã›ã¦ デザイン事例をãŠã™ã™ã‚ã‚ãªãŸã®èˆˆå‘³ã«åˆã‚ã›ã¦ã€è±Šå¯Œãªãƒ‡ã‚¶ã‚¤ãƒ³äº‹ä¾‹ã®ä¸ã‹ã‚‰ ピッタリãªã‚³ãƒ³ãƒ†ãƒ³ãƒ„ã‚’ãŠã™ã™ã‚ã—ã¾ã™ã€‚ MY LIST 自分好ã¿ã®ãƒªã‚¹ãƒˆã« ã¾ã¨ã‚るコンテンツã®ä¸ã§ã´ã£ãŸã‚Šãªã‚‚ã®ã‚’見ã¤ã‘ãŸã‚‰ã€ã‚ãªãŸã ã‘ã®ãƒªã‚¹ãƒˆã‚’作ã£ã¦ã€ã„ã¤ã§ã‚‚見返ã™ã“ã¨ãŒã§ãã¾ã™ã€‚ GET STARTED ã•ã£ããã¯ã˜ã‚ã‚‹
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
GreyNoise Intelligence | Cybersecurity Blog
Blog
CVE Analysis
liancc' infos blog
Blog
notes/docs/General/æ¼æ´žæƒ…报/独眼情报书ç¾.md at main · jadensalas469466/notes
Hunts AI: Making AI acessible for everyone
GitHub - timqian/chinese-independent-blogs: ä¸æ–‡ç‹¬ç«‹åšå®¢åˆ—表
ã€ç‰©è”网识别】nmap && zgrab2扫æ网络-CSDNåšå®¢
GitHub - bittentech/Bug-Bounty-Beginner-Roadmap: This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.
Blog – Red Alert
ì´ìŠ¤íŠ¸ì‹œí리티 알약 블로그
wikiprot/docs/10_eventos/readme.md at 0c4a57ddd1ec6c842295c7bcaefd8b02b6755740 · ProtAAPP/wikiprot
{{#tags}}- {{label}}
{{/tags}}