Recently, I am going to spend a little time, reorganize my technology stack, I can't let the experiments I did before, I have forgotten it, I recently interviewed several AI security interdisciplinary researchers, and the model of multi-field flowering is indeed very innovative and eye-catching, but I found that some CTF award-winning job seekers, obviously less than 2 years have passed, and they don't remember what they have done at all, leaving only the resume on the previous information security capture the flag competition x prize, as an ordinary person, it is indeed a very difficult thing to make achievements in the cross-field, and I can finally empathize with it at this time。
AILX10
Excellent answerer in cybersecurity
Master's in Cybersecurity
Go to consult
Manual SQL injection: error injection, Boolean injection, Union injection, and blind betting
Automatic SQL injection: The use of SQLMap
- ailx10:萌新の入:Web Security Lab Class-4(sql injection)
- ailx10: [Web-CST CTF] Web-CTF Beginner Day 3
- ailx10: [Web-CST CTF] Web-CTF Introductory Day 6
- ailx10:sqlmap探瓜001
- ailx10: Step-by-step to learn SQLMAP
- ailx10: Getting Started with SQLMap: Infiltrating the Range
Manual XSS injection: reflective and storage pop-ups
Automatic XSS injection: The use of the BeEF framework
- ailx10:萌新の入:Web Security Lab Class-2(xss & csrf)
- ailx10:【前端黑客】XSS入门
- ailx10: Reflective XSS
BurpSuite fiddler (agent intercepts packets)
- ailx10:手把手带你学习BurpSuite
- ailx10:手机抓包改包神器Fiddler简介
Online brute-force attack on Hydra Medisa (Weak password brute-force attack successful)
- Get started with web security
Offline brute-force attack fcrackzip join (Weak password brute-force attack successful)
- ailx10: ZIP encrypted file cracker: introduction to fcrackzip
- ailx10:ZIP加密文件破解:john简介
Denial of Service LOIC AnonymousDoser Slowloris rudy (Test Single Point of Denial of Service)
- ailx10: LOIC low-orbit ion denial of service attack
- ailx10: Rudy slow HTTP denial of service attack
- ailx10: DDoS Testing Tool Research-1
漏扫 AWVS nessus nikto zgrab (测试漏洞扫描工具)
- ailx10: AWVS13 out-of-the-box experience
- ailx10: Nessus Missed Scan Software Installation
- ailx10: Introduction to Nikto vulnerability scanning tools
- AILx10: A simple application of ZGRAB scanning artifact
Webshell Chinese Kitchen Knife Ant Sword (Test Connection Webshell)
- ailx10: PHP semantic engine design
- AILx10: Webshell Ant Sword User Experience
蜜罐 HFish Glastopf (搭建蜜罐)
- ailx10: HFish open-source honeypot framework system
- ailx10:手把手搭建Web蜜罐Glass Pot
In the end, I also tried it gently, and a little achievement in the hole mining slowly refueled~
Submit one vulnerability on the Sky Patching Vulnerability platform:
- XSS vulnerability in a Zhihu community: QTVA-2018-867959 (Medium Risk)
Submit 2 vulnerabilities on the vulnerability box platform:
- 合肥 乡倁-H3C 弱口令 可 导致断网:vulbox-2019-0200423(Song危)
- Remote Desktop Protocol RDP Access Denied Vulnerability (MS12-020): vulbox-2019-0191084 (high-risk)