2024

• 02 Jun ShowDoc Sql Injection and Remote Code Execution
• 26 Apr Zentao Authentication Bypass
• 17 Apr IP-guard Authentication Bypass
• 10 Jan CVE-2024-21650 XWiki RCE

2022

• 05 Apr HTB Catch Walkthrough

2021

• 13 Aug HTB Writer Walkthrough
• 12 Aug Preparation before analysing Cobalt Strike.
• 21 Jun An analysis of CobaltStrike phishing site detection (chinese)
• 15 Apr Analysis of CobaltStrike Team Server Scanning (chinese)
• 17 Jan Analysis of open source honeypot identification and network-wide mapping (chinese)

2020

• 14 Dec TLS server-side tagging using JARM fingerprinting (chinese)
• 14 Dec Analysis of CobaltStrike Beacon Staging Server Scanning (chinese)
• 09 Aug ZeroShell Linux Router 3.9.3 OS Command Injection vulnerability(CVE-2020-29390)
• 09 Aug Artica Web Proxy 4.30 Authentication Bypass & OS Command Injection
• 08 Aug HTB October Walkthrough
• 28 Feb CVE-2020-15894 D-Link DIR-816L信息泄露漏洞
• 10 Jan CVE-2019-19781 Citrix Application DC & Citrix Gateway RCE

2019

• 08 Dec 网络空间测绘设计与实现-指纹库篇
• 08 Oct 网络空间测绘到底是个啥？
• 08 Oct vBulletin5 RCE