自定义博客皮肤VIP专享

*博客头图:

格式为PNG、JPG,宽度*高度大于1920*100像素,不超过2MB,主视觉建议放在右侧,请参照线上博客头图

请上传大于1920*100像素的图片!

博客底图:

图片格式为PNG、JPG,不超过1MB,可上下左右平铺至整个背景

栏目图:

图片格式为PNG、JPG,图片宽度*高度为300*38像素,不超过0.5MB

主标题颜色:

RGB颜色,例如:#AFAFAF

Hover:

RGB颜色,例如:#AFAFAF

副标题颜色:

RGB颜色,例如:#AFAFAF

自定义博客皮肤

-+

cnbird's blog

cnbird's blog

  • 博客(41)
  • 资源 (2)
  • 收藏
  • 关注

原创 测谎招数

(来源该剧 仅供娱乐)  1.撒谎者不像惯常理解的那样会回避对方的眼神,反而更需要用眼神交流来判断对方是否相信他说的话。  2.“你去过她家吗?”“不,我没有去过她家。”对问题的生硬重复是典型的撒谎。  3.男性摸鼻子代表想要掩饰某些真相。  4.手放在眉骨附近表示说话者很羞愧。  5.如果一个人按顺序描述了今晚他所做的事,让他倒叙一下,能否顺利地倒叙是判断对方是否说谎的标准之

2009-03-27 18:49:00 759

原创 XSS视频

http://www.boobooke.com/v/bbk2337/

2009-03-24 20:22:00 717

转载 Javascript的调试利器:Firebug使用详解

http://blog.csdn.net/tianxiaode/archive/2007/09/02/1769152.aspxFirebug入门指南http://www.ruanyifeng.com/blog/2008/06/firebug_tutorial.html

2009-03-24 12:58:00 759

原创 xss工具

http://huaidan.org/archives/769.htmlhttp://www.anqn.com/article/b/kuazhan/2008-04-10/a0994591.shtmlhttp://xss-proxy.sourceforge.net/Advanced_XSS_Control.txt

2009-03-24 12:28:00 1122

原创 Marathon Tool

 http://www.codeplex.com/marathontool

2009-03-23 22:36:00 752

原创 Defcon Media Archives

http://www.defcon.org/html/links/defcon-media-archives.html

2009-03-23 22:36:00 596

原创 sqlinjectionfinder

http://www.codeplex.com/WSUS/Release/ProjectReleases.aspx?ReleaseId=13436

2009-03-23 22:18:00 612

原创 bill Ajax Security

 http://www.youtube.com/watch?v=hKrvY42dw1A&eurl=http%3A%2F%2Fhuaidan%2Eorg%2Farchives%2F2259%2Ehtml&feature=player_embedded

2009-03-23 18:01:00 552

原创 javascript 变形工具集

http://ftp.andrew.cmu.edu/pub/mpack/http://www.cha88.cn/http://www.malwareguru.org/mediawiki/index.php/Collection_of_tools_for_javascript_encryption_%28javascript_packers%29http://www.yellowpipe

2009-03-23 17:54:00 613

原创 Browser Security Handbook

http://code.google.com/p/browsersec/wiki/Part1

2009-03-22 22:37:00 4790 2

转载 美國駭客年會 Black Hat 2008 觀察--第二天

http://huaidan.org/archives/2259.html

2009-03-22 20:21:00 640 1

原创 Using a hacked Wordpress site to pwn the web server

http://blog.banditdefense.com/2009/03/09/using-a-hacked-wordpress-site-to-pwn-the-web-server/

2009-03-22 18:52:00 606

原创 Video: Making money on the Web the black hat way

http://www.youtube.com/watch?v=SIMF8bp5-qg&eurl=http%3A%2F%2Fwww%2Enet%2Dsecurity%2Eorg%2Fsecworld%2Ephp%3Fid%3D7177&feature=player_embedded

2009-03-22 18:46:00 637

原创 epicwebhoneypot

http://sourceforge.net/projects/epicwebhoneypotThe Epic Web Honeypot Project aims to lure attackers using various types of web vulnerability scanners by tricking them into believing that they have f

2009-03-22 16:12:00 560

原创 Video: The 15-Minute Network Pen Test

http://www.ethicalhacker.net/content/view/227/24/

2009-03-22 13:50:00 538

原创 MySpace worm explanation

Technical explanation of The MySpace WormAlso called the "Samy worm" or "JS.Spacehero worm" Click here to read the entertaining story of the development, release, and ensued hilarity of The MySpace

2009-03-21 22:48:00 1150

原创 Reverse proxy pen testing

 http://www.owasp.org/index.php/OWASP_Testing_Guide_v3_Table_of_ContentsThe following resources may be of interest:http://www.owasp.org/index.php/Testing_for_infrastructure_configuration_managemen

2009-03-21 22:32:00 809

原创 UCSniff

http://ucsniff.sourceforge.net/UCSniff is a VoIP/UC Sniffer / Assessment / Pentest tool with some useful new features, such as IP Video Sniffing. UCSniff is a Proof of Concept tool to demonstrate th

2009-03-21 22:31:00 940

原创 New Version of dnsmap out

http://www.gnucitizen.org/static/blog/2009/03/dnsmap-0222tar.gzOriginally released in 2006, dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infr

2009-03-21 22:27:00 999

原创 Linux local root

 http://hba.by.ru/localroot/

2009-03-15 23:05:00 980

转载 MySpace Exploit found By Smokey & MX

Ok basically what this exploit does, it uses an active XSS vuln to automaticly post a buddy bulletin from whomever views your site. ExampleUser A visits our siteUser A has now sent out a Buddy Bulleti

2009-03-15 23:03:00 633

原创 Unlimited Rapidshare Downloads

Its very easy to fool Rapid Share server if your IP address is assigned by your ISP. Just follow these simple steps:clean up Firefox or IE cookie( In this case the one that belong to rapidshare websit

2009-03-15 23:01:00 620

原创 xss poc

Ajax Worm - Proof of Concept http://myappsecurity.blogspot.com/2006/12/ajax-worm-proof-of-concept.html Ajax Sniffer - Prrof of concept http://myappsecurity.blogspot.com/2007/01/ajax-sniffer-pr

2009-03-15 19:51:00 775 1

原创 Advanced XSS exploitation with AJAX

http://forum.darkc0de.com/index.php?action=vthread&forum=19&topic=5178

2009-03-15 12:36:00 478

原创 xss-proxy

http://sourceforge.net/projects/xss-proxy

2009-03-14 16:45:00 984

原创 ajax PDF

http://www.codepub.com/software/view-software-8932.html

2009-03-13 20:23:00 596

原创 XSS相关

https://developer.mozilla.org/En/HTTP_access_controlhttps://forum.eviloctal.com/thread-31011-1-13.htmlhttp://ha.ckers.org/xss.html

2009-03-12 21:03:00 506

转载 Slax - your pocket operating system

http://www.slax.org/

2009-03-11 20:17:00 515

原创 犯罪现场调查

http://www.youku.com/playlist_show/id_281293.html

2009-03-10 09:03:00 626

转载 基于Sphinx+MySQL的千万级数据全文检索(搜索引擎)架构设计

http://blog.s135.com/post/360/http://www.sphinxsearch.com/wiki/doku.php?id=sphinx_chinese_tutorial官方wiki

2009-03-10 08:04:00 848

转载 将Firefox变成黑客工具的七个插件(已经更新)

1. Add N Edit Cookies 查看和修改本地的Cookie,Cookie欺骗必备。 下载:http://code.google.com/p/editcookie/downloads/list 2. User Agent Switcher 修改浏览器的User Agent,可以用来XSS。 下载:https://addons.mozilla.org/zh-CN/firefox/addo

2009-03-07 23:03:00 2633

原创 burp proxy

Burp Proxy is an interactive HTTP/S proxy server for attacking and testing web applications. It operates as a man-in-the-middle between the end browser and the target web server, and allows the user t

2009-03-07 20:41:00 1259

原创 JavaScript语言参考手册

http://www.itlearner.com/code/js_ref/contents.htmDOM组件http://www.w3school.com.cn/htmldom/htmldom_reference.asphttp://www.tudou.com/playlist/id/1786477/javascripthttp://you.video.sina.com.cn/

2009-03-07 10:36:00 713

原创 ext2hide

ext2hide allows users and administrators to utilize the reserved space of the ext2/3 superblocks to store hidden data on their filesystems, rendering it inaccessible to any normal viewing, yet still r

2009-03-06 18:14:00 462

原创 PHP cURL 'safe mode' Security Bypass Vulnerability

The following proof-of-concept PHP code is available:var_dump(curl_exec(curl_init("file://safe_mode_bypass/x00".__FILE__)));

2009-03-06 11:54:00 613

转载 php5 特性漏洞

利用是PHP5,是因为_SERVER的变量不受引号的限制,即便是开启了转义漏洞出在User-Agent第二:insert into的多个数据插入文中构造的地方就是insert INTO {$db_prefix}sessions (hash,uid,groupid,ipaddress,agent,lastactivity) VALUES ($hash, ".$user[userid]

2009-03-05 22:18:00 828

转载 关于preg_replace函数的问题讲解

http://www.jb51.net/article/8676.htm请问下那此句语句的作用。给我解释一下其中的“?”,“e","i","s"符号分别是什么意思,和它们起到了什么作用。还有就是除了"/eis”外还有其他什么模式了吗? 如果有相关的学习资料可以给我吗?谢谢,各位的帮助!谢谢。 $post=preg_replace("//[html/](.+?)/[//html/]/eis","

2009-03-05 22:02:00 7716 2

原创 ajax视频教程

http://v.youku.com/v_show/id_XNzUxMTk0OTY=.htmlhttp://www.youku.com/playlist_show/id_1724562.htmlhttp://so.youku.com/search_playlist/q_ajax http://learning.artech.cn/20080621.mastering-javascrip

2009-03-05 12:12:00 1443

转载 WEB暴力破解--我用wvs fuzzer

http://huaidan.org/archives/1897.htmlhttp://www.governmentsecurity.org/SecurityHackingNews/Tutorial_on_how_to_test_for_Broken_Authentication_using_Acunetix_WVS_toolshttp://www.darknet.org.uk/2007/

2009-03-01 17:19:00 1802

转载 Dshield Web Honeypot

http://netsecurity.51cto.com/art/200902/111734.htm1) Dshield Web Honeypot:SQL注入、XSS、密码拆解等攻击手段是互联网网站经常面临的威胁,然而因为传统的IDS和防火墙并不能检查来自Web上的攻击数据,网站管理员很难及时发现攻击行动的存在,往往在黑客攻击成功乃至很长时间之后,才发现已经遭受攻击。Dshield是一个开源的

2009-03-01 17:14:00 768

附件2 金融行业信息系统信息安全等级保护测评指南(报批稿)

附件2 金融行业信息系统信息安全等级保护测评指南(报批稿)

2013-06-21

ISO 27000中文系列

ISO 27000中文系列主要是包括iso 27001 ISO 27002实施指南 iso 27003风险评估指南

2010-07-04

空空如也

TA创建的收藏夹 TA关注的收藏夹

TA关注的人

提示
确定要删除当前文章?
取消 删除