Preface
This article is a summary of excellent blog posts. Sometimes when you see a good article and put it in the browser's favorites, it is easy to be ashamed. Therefore, I have summarized some articles that I saw this year that are worth my study. , To facilitate the development of learning plans, but also to facilitate subsequent review
Article summary
JAVA security
This column contains content related to java security, including java basics, spring/struts2 framework basics, etc.
-
Java RMI remote deserialization of arbitrary classes and remote code execution analysis (CVE-2017-3241)
This vulnerability is quite interesting -
Weblogic IIOP deserialization vulnerability (CVE-2020-2551) Vulnerability analysis
PHP audit
php code audit related
Safe development
Security development content, various excellent open source scanner addresses, automatic vulnerability scanning implementation ideas, etc.
Intranet penetration
Penetration testing related, intranet
Web Security Fundamentals
Web security, xss\sql and other vulnerabilities mining skills, bypass, defense methods