Categories

Certifications

• HTB CPTS

Java

• JNDI
• RMI
• CommonsCollections
• CC3
• CC6
• CC1-LazyMap
• CC1-TransformedMap
• URLDNS
• Java反序列化-WebGoat
• Java反序列化原理
• Java反射&动态代理
• Java基础

Javascript

• JavaScript Prototype Pollution

Others

• IP Spoofing

Pentest

• Active Directory Enumeration & Attacks
• Windows Privilege Escalation
• Linux Privilege Escalation
• Command Injections
• File Upload
• Cross-Site Scripting (XSS)
• File Inclusion
• Attacking Common Services
• File Transfer
• Shells
• XML External Entity (XXE)
• JavaScript Deobfuscation
• HTTP Verb Tampering
• Server-Side Request Forgery (SSRF)
• MySQL UDF
• Mysql Injections

Php

• Php Unserialize
• Php Hash Compare

Python

• Python Prototype Pollution

Tools

• ligolo-ng
• hydra
• medusa
• ffuf
• nmap
• gobuster
• sqlmap
• curl

Vuln

• Fastjson 远程命令执行漏洞(CVE-2017-18349)
• Log4j2 lookup JNDI注入(CVE-2021-44228)
• Shiro 1.2.4反序列化漏洞(CVE-2016-4437)

Writeup

• HTB Runner
• HTB SolarLab
• HTB IClean
• HTB TwoMillion
• HTB PermX
• HTB Cap
• 2024CISCN初赛
• HTB BoardLight
• HTB Lame
• HTB Perfection
• HTB Headless
• 2023CISCN初赛