• Hacker Magic: using shell script to cover up the operation trace on Linux server


    Using shell script to control, destroy or get anything on Linux server, hackers may gain great value through some ingenious attack methods, but most attacks also leave traces. Of course, these traces can also be hidden by shell scripts and other methods. Looking for evidence of an attack starts with the traces left by the […]

  • How to prevent DNS hackers from invading dappy


    4 6 3 2 4; MSO font charset: 0; MSO generic font family y:roman; mso-font-pitch:variable; mso-font-signature:-1610611985 1107304683 0 0 159 0;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-520092929 1073786111 9 0 415 0;} @font-face {font-family:inherit; panose-1:0 0 0 0 0 0 0 0 0 0; mso-f […]

  • Stealing cookies in XSS attacks


    Translator:The blog 10 years ago seemed a little old, butXSS attackThe threat is still there. We have to guard against it. Original: XSS – steaming cookies 101 Translator: fundebug This article adopts free translation and the copyright belongs to the original author stealCookieIt’s very simple, so don’t easily believe the identity declared by the client. […]

  • Summary of MySQL hacked and security measures


    Situation overview Today, I log in to the MySQL database built on Tencent ECs and find that the database has been hacked. The hacker‘s prompt is very obvious. There are only two databases left in mysql, one isinformation_schema, the other is created by hackersPLEASE_READ, one of theminfoTable, contents as follows: Info: Your DB is Backed […]

  • Why don’t big companies like to use third-party frameworks? Is it because


    Recently, there are more and more database explosion events. Both individual developers and business owners are faced with slight risks. Many people have not specific security awareness, which gives hackers a chance to take advantage of. For enterprises, it may be a money disaster. Even if some enterprises are attacked by malicious servers, they are […]

  • Blog website blackmailed by hackers for bitcoin


    Preface Recently, my blog site was targeted by hackers, all data of the site was encrypted, and I was threatened to pay for bitcoin. My blog site, just for personal summary and sharing, has no popularity, nor any commercial use. It was noticed by hackers, a little surprised. Think about it carefully. The security level […]

  • Webapp security risk and protection class begins!


    This article was created and launched by the technical team of grape City Reprint please indicate the source: grapevine official website, grapevine provides professional development tools, solutions and services for developers, enabling developers.   2018 network security accidents occur frequently, from data leakage, information theft, to DDoS attacks and extortion viruses, not only the total […]

  • Every engineer has to learn the security test. The boss doesn’t have to worry about the server being hacked any more


    This article is published by cloud + community This article contains a detailed introduction to XSS vulnerability attack and defense, including vulnerability basis, XSS basis, coding basis, XSS payload and XSS attack defense. Part I: basic knowledge of vulnerability attack and defense XSS belongs to vulnerability attack and defense. If we want to study XSS, […]

  • How to Prevent Server Intrusion


    Vitaliy Kolesov, original, authorized LeanCloud translation. Reinforcing servers is not difficult, but there are many routine operations that may be forgotten. In my case, the server I just bought was invaded in two weeks. One morning I received several emails from third parties saying that something was trying to break into their servers on my […]

  • Creating a Secure Web Server under FreeBSD


    Preface Installation of System and Service Procedures1. System Installation2. Service Installation II. System Security Settings1. User Control2. File access control3. System Services and Port Control4. Log management and control5. File Fingerprint Detection6. System Fingerprint Leakage and Prevention7. System Kernel Security8. System security optimization 3. Security Settings of Service Procedures1. Apache security settings2. PHP security settings3. […]

  • How Hackers Attack Block Chain 51% (Double Attack or Double Cost)


    Fifty-one percent of attacks or double attacks are attempts by miners or groups of miners in the block chain to spend two digitally encrypted currencies on the block chain. They try to “double cost” and get the name. The purpose of this is not always to double the cost of digitally encrypted currency, but more […]

  • New Book Recommendation | Windows Hacker Programming Technology Explanation


    Windows Hacker Programming Technology Explanation is aimed at readers who are interested in computer system security development, or want to improve the level of security development, as well as security personnel engaged in malicious code analysis and research. Theory and technology complement each other and highlight “Dao and Shu” Analysis of Windows User Layer and […]